Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/qmpUcB248BqzoGOnMoB7_VdH-FI.roa
File: qmpUcB248BqzoGOnMoB7_VdH-FI.roa (raw, json)
Hash identifier: SY8+Cfoku9vklIMqjuQMxdcliPe3j9wq7wwxJyI6R+w=
Subject key identifier: AA:6A:54:70:1D:B8:F0:1A:B3:A0:63:A7:32:80:7B:FD:57:47:F8:52
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 0185701EE05579205C17CD7A48AE204EAD7E
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/qmpUcB248BqzoGOnMoB7_VdH-FI.roa
Signing time: Mon 02 Jan 2023 01:35:49 +0000
ROA not before: Mon 02 Jan 2023 01:35:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 193.25.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:e0:55:79:20:5c:17:cd:7a:48:ae:20:4e:ad:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 2 01:35:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa6a54701db8f01ab3a063a732807bfd5747f852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:59:a2:9b:c6:35:65:e7:fe:18:d7:e2:68:e1:
5d:01:d7:be:e0:ce:fe:03:60:59:bc:a6:ea:a8:f6:
fa:84:be:de:ee:ed:75:dd:b7:9e:bd:00:97:22:31:
46:1e:e2:9f:84:bd:ca:cd:8b:15:1e:6f:ec:1e:34:
14:ab:c9:ba:35:94:c4:c6:0d:b7:64:90:75:44:3b:
da:bc:73:ca:0e:11:25:6f:8e:01:18:16:9f:9f:04:
bf:e2:c4:5e:ff:04:99:fb:f4:e0:e2:1e:67:92:67:
a2:b9:a7:0f:a3:60:25:fb:61:ca:3a:f3:48:0a:9d:
5f:2e:ee:b1:70:65:95:75:2b:91:25:e8:c5:17:05:
78:8a:c0:ab:44:14:5c:1c:87:90:7c:4c:4e:32:30:
f4:00:7d:6a:ac:c8:42:4a:a0:2a:2f:43:08:e1:e2:
29:a0:83:67:8a:e4:47:ba:0d:1a:a3:9d:d5:fb:6a:
d7:e6:e8:8b:09:90:0c:ad:cf:7d:eb:94:33:a3:10:
5c:58:11:f1:72:04:0a:60:11:d2:c5:ba:91:8e:b3:
19:c4:db:cc:3e:80:7e:1c:04:60:e6:f1:12:8b:c4:
a2:e6:6c:a7:01:b4:97:f2:91:99:3c:2b:56:b8:58:
0b:b0:bf:40:50:54:44:be:30:0b:01:0c:6a:06:13:
b6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6A:54:70:1D:B8:F0:1A:B3:A0:63:A7:32:80:7B:FD:57:47:F8:52
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/qmpUcB248BqzoGOnMoB7_VdH-FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.201.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:35:15:83:72:b6:77:59:a5:c1:f3:f5:03:f5:a3:1c:c1:1e:
69:2f:bb:f6:cc:26:78:e8:82:6e:05:9c:b0:d0:58:97:d0:ba:
31:75:36:81:13:a8:89:52:ba:08:4d:a9:15:5f:37:89:e6:d4:
5a:e5:92:fc:ab:cd:02:d0:9a:cb:07:2b:36:c6:e6:46:05:4a:
10:03:50:42:05:30:4a:df:6e:f1:15:29:11:4a:95:fd:41:75:
7b:3f:87:68:48:43:e2:9a:00:ac:f1:fe:cc:b2:02:4e:ee:85:
e3:c6:6f:7f:ad:ca:27:92:12:38:66:a4:ae:3a:d9:74:0b:ee:
f6:10:e5:95:36:37:10:fd:da:1e:97:ea:34:43:cb:4f:63:ae:
18:51:fd:2d:e3:f4:94:44:ea:64:1c:f0:bc:4b:9f:3b:1a:0e:
a0:01:9b:45:65:9d:ea:78:d8:e8:5b:d4:72:14:2a:78:0a:d1:
d1:58:b2:6f:3a:d6:ac:31:c4:03:dd:0c:dd:37:d2:cf:ef:c9:
2a:8f:ee:26:d3:2c:57:b0:79:ff:db:09:0d:bb:40:36:a9:e5:
26:7c:01:2f:66:1c:46:e5:45:86:04:ff:8c:95:fc:df:77:20:
58:39:50:57:13:da:09:8c:51:e5:4a:98:17:26:94:13:eb:35:
3b:0f:72:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwHuBVeSBcF816SK4gTq1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjMwMTAyMDEzNTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTZhNTQ3MDFkYjhmMDFhYjNhMDYzYTczMjgwN2JmZDU3NDdmODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVmim8Y1Zef+GNfiaOFdAde+4M7+
A2BZvKbqqPb6hL7e7u113beevQCXIjFGHuKfhL3KzYsVHm/sHjQUq8m6NZTExg23
ZJB1RDvavHPKDhElb44BGBafnwS/4sRe/wSZ+/Tg4h5nkmeiuacPo2Al+2HKOvNI
Cp1fLu6xcGWVdSuRJejFFwV4isCrRBRcHIeQfExOMjD0AH1qrMhCSqAqL0MI4eIp
oINniuRHug0ao53V+2rX5uiLCZAMrc9965QzoxBcWBHxcgQKYBHSxbqRjrMZxNvM
PoB+HARg5vESi8Si5mynAbSX8pGZPCtWuFgLsL9AUFREvjALAQxqBhO27wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpqVHAduPAas6BjpzKAe/1XR/hSMB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvcW1wVWNCMjQ4QnF6b0dPbk1vQjdfVmRILUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRnJMA0G
CSqGSIb3DQEBCwUAA4IBAQBtNRWDcrZ3WaXB8/UD9aMcwR5pL7v2zCZ46IJuBZyw
0FiX0LoxdTaBE6iJUroITakVXzeJ5tRa5ZL8q80C0JrLBys2xuZGBUoQA1BCBTBK
327xFSkRSpX9QXV7P4doSEPimgCs8f7MsgJO7oXjxm9/rconkhI4ZqSuOtl0C+72
EOWVNjcQ/doel+o0Q8tPY64YUf0t4/SUROpkHPC8S587Gg6gAZtFZZ3qeNjoW9Ry
FCp4CtHRWLJvOtasMcQD3QzdN9LP78kqj+4m0yxXsHn/2wkNu0A2qeUmfAEvZhxG
5UWGBP+MlfzfdyBYOVBXE9oJjFHlSpgXJpQT6zU7D3Jj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:07 2024 by rpki-client on console-fra.rpki-client.org