Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/qY4SQZwfrp7NwwPMDFTbgilSANA.roa
File: qY4SQZwfrp7NwwPMDFTbgilSANA.roa (raw, json)
Hash identifier: eLyql7RQzOd9JKo2UocCVh5+B38a9O14W0gcKWrr12c=
Subject key identifier: A9:8E:12:41:9C:1F:AE:9E:CD:C3:03:CC:0C:54:DB:82:29:52:00:D0
Certificate issuer: /CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Certificate serial: 018573220574DCB1729FB290E393BA464679
Authority key identifier: B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/qY4SQZwfrp7NwwPMDFTbgilSANA.roa
Signing time: Mon 02 Jan 2023 15:38:07 +0000
ROA not before: Mon 02 Jan 2023 15:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29099
IP address blocks: 185.99.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:05:74:dc:b1:72:9f:b2:90:e3:93:ba:46:46:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Validity
Not Before: Jan 2 15:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a98e12419c1fae9ecdc303cc0c54db82295200d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5a:ff:8e:2d:82:d1:14:06:fc:f2:56:39:71:
7a:b9:b1:c3:fb:92:2c:39:77:28:0d:14:c6:c5:69:
1e:a5:27:eb:e3:59:03:de:dd:74:8f:37:bb:63:f8:
6e:f5:09:90:2a:8a:81:03:cd:0e:0d:81:78:2f:60:
7c:32:5d:82:2b:3c:0f:b2:75:f0:35:22:56:c7:8c:
48:cb:c1:83:79:5a:f7:b0:7c:33:d9:b8:ed:89:39:
dd:ee:5f:4e:53:15:a7:2c:87:55:63:73:de:a0:c7:
54:98:07:90:15:29:15:d6:5a:63:37:c4:a4:52:25:
6f:d7:b0:25:cf:12:6d:90:22:e0:74:8d:2e:e0:ea:
94:3d:63:83:cc:7e:31:a1:3c:c0:88:3b:61:9f:6b:
b2:64:56:6c:51:41:dc:89:e0:af:f8:f2:ba:10:b1:
aa:de:77:dc:ae:7d:50:86:dd:21:ab:25:9e:51:8c:
2a:7b:fc:90:53:f5:74:1f:c7:d3:ec:a1:08:58:3f:
47:b6:38:2b:74:4b:f0:7b:76:7c:ad:41:ed:08:55:
e3:08:dd:2a:d3:cd:a0:b8:f5:1e:6c:af:78:73:2e:
66:a3:a5:ce:49:fa:fb:b7:66:1f:8a:57:9a:ff:3a:
d9:0a:d3:90:e3:26:44:fe:dd:d8:52:be:04:5c:cd:
42:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8E:12:41:9C:1F:AE:9E:CD:C3:03:CC:0C:54:DB:82:29:52:00:D0
X509v3 Authority Key Identifier:
keyid:B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/qY4SQZwfrp7NwwPMDFTbgilSANA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.34.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:e7:90:8e:d7:29:6f:a8:35:7d:12:85:2a:1d:20:42:5c:2d:
11:6f:d5:b1:b9:bc:6b:1f:30:4c:1c:02:d2:aa:fb:da:65:8b:
92:9b:da:b9:7b:f2:b7:03:21:04:c3:d5:69:c1:50:76:2f:a2:
b9:de:ce:dc:ed:6c:0e:a4:4b:2b:4d:0d:16:32:29:98:d6:b7:
81:ec:b2:a8:62:8b:17:b0:3d:c1:64:df:b4:dc:ff:25:8f:15:
6a:64:61:d4:6c:a4:9c:eb:54:4e:ae:93:18:61:c2:05:71:41:
05:69:7a:29:33:ce:df:8b:5e:d7:ce:00:7e:38:ad:a1:7e:e9:
f0:67:c8:86:53:29:f0:49:4b:7b:b2:02:d2:e9:be:5c:8b:5d:
98:b8:ef:33:bb:76:ae:dd:dd:94:a6:b4:4b:45:54:55:fd:6d:
6a:5b:53:cd:a0:bb:b4:ac:6f:23:39:ee:99:1b:c1:38:3d:96:
9b:0a:5a:32:db:e5:1f:a0:e6:be:f0:b4:1a:6d:92:b2:32:40:
c4:bc:bd:d7:77:08:40:94:47:d6:fb:2b:22:79:69:2d:c3:18:
11:a8:57:3a:c3:34:d9:da:5c:63:e3:91:06:dd:95:b7:d7:d3:
3c:51:eb:ef:12:7b:26:df:11:40:65:50:5e:14:45:e7:e9:18:
42:51:be:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIgV03LFyn7KQ45O6RkZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMzBjOGZkMDIwNWVjZjBlZjZiNTZlMDM3ZDU2MjliMTdi
Mjc1ZWUwHhcNMjMwMTAyMTUzODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThlMTI0MTljMWZhZTllY2RjMzAzY2MwYzU0ZGI4MjI5NTIwMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVr/ji2C0RQG/PJWOXF6ubHD+5Is
OXcoDRTGxWkepSfr41kD3t10jze7Y/hu9QmQKoqBA80ODYF4L2B8Ml2CKzwPsnXw
NSJWx4xIy8GDeVr3sHwz2bjtiTnd7l9OUxWnLIdVY3PeoMdUmAeQFSkV1lpjN8Sk
UiVv17AlzxJtkCLgdI0u4OqUPWODzH4xoTzAiDthn2uyZFZsUUHcieCv+PK6ELGq
3nfcrn1Qht0hqyWeUYwqe/yQU/V0H8fT7KEIWD9HtjgrdEvwe3Z8rUHtCFXjCN0q
082guPUebK94cy5mo6XOSfr7t2Yfilea/zrZCtOQ4yZE/t3YUr4EXM1C0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKmOEkGcH66ezcMDzAxU24IpUgDQMB8GA1UdIwQY
MBaAFLIwyP0CBezw72tW4DfVYpsXsnXuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAt
YzhiNWRmYzVhMTNmLzEvcVk0U1Fad2ZycDdOd3dQTURGVGJnaWxTQU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAtYzhiNWRmYzVhMTNm
LzEvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMiMA0G
CSqGSIb3DQEBCwUAA4IBAQCr55CO1ylvqDV9EoUqHSBCXC0Rb9WxubxrHzBMHALS
qvvaZYuSm9q5e/K3AyEEw9VpwVB2L6K53s7c7WwOpEsrTQ0WMimY1reB7LKoYosX
sD3BZN+03P8ljxVqZGHUbKSc61ROrpMYYcIFcUEFaXopM87fi17XzgB+OK2hfunw
Z8iGUynwSUt7sgLS6b5ci12YuO8zu3au3d2UprRLRVRV/W1qW1PNoLu0rG8jOe6Z
G8E4PZabCloy2+UfoOa+8LQabZKyMkDEvL3XdwhAlEfW+ysieWktwxgRqFc6wzTZ
2lxj45EG3ZW319M8UevvEnsm3xFAZVBeFEXn6RhCUb5D
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:33 2024 by rpki-client on console-fra.rpki-client.org