Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/qMq5ZnpGemid2H5wSgcuIQPlDbY.roa
File: qMq5ZnpGemid2H5wSgcuIQPlDbY.roa (raw, json)
Hash identifier: Kq+OL4/w6N4PVi3N4vW5zfrZTy11EzvAOxE5ydtoLNI=
Subject key identifier: A8:CA:B9:66:7A:46:7A:68:9D:D8:7E:70:4A:07:2E:21:03:E5:0D:B6
Certificate issuer: /CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Certificate serial: 018631A0821C142278CEB7D084476991420A
Authority key identifier: 5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/qMq5ZnpGemid2H5wSgcuIQPlDbY.roa
Signing time: Wed 08 Feb 2023 15:24:08 +0000
ROA not before: Wed 08 Feb 2023 15:24:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 193.8.236.0/24 maxlen: 24
193.8.236.0/23 maxlen: 23
193.8.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 16:23:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:a0:82:1c:14:22:78:ce:b7:d0:84:47:69:91:42:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Validity
Not Before: Feb 8 15:24:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8cab9667a467a689dd87e704a072e2103e50db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e5:cb:38:ec:45:a2:4a:f3:ac:6d:aa:ea:3d:
8e:16:6c:53:58:d8:f5:3d:f8:4c:4f:4b:11:cc:29:
10:83:39:97:04:11:bd:4d:38:f0:b6:46:53:10:de:
cb:c5:62:6f:8b:a1:73:af:a4:57:9c:02:1e:70:62:
48:1b:d4:40:96:b9:65:bd:cc:85:2e:b4:ab:c5:88:
17:5f:f2:51:93:2b:d4:d1:c8:e4:3f:1c:a5:33:da:
7f:d8:3e:74:43:04:41:de:73:dc:5f:19:31:fa:e6:
1a:c0:35:97:2d:26:9a:69:d8:59:b6:aa:9c:92:75:
f9:a4:7d:0f:5d:5f:2a:63:68:b1:d3:58:94:21:7e:
53:ff:b4:04:9c:7a:a6:ee:a0:9b:54:a8:18:03:ac:
e1:4b:52:56:72:0e:a8:ee:45:b9:d4:55:dd:02:d9:
13:7c:c5:43:e8:f6:18:f9:9a:78:a2:05:7e:54:65:
0b:7b:ac:56:86:b3:66:09:e1:bb:6a:d2:95:20:d2:
b9:25:01:15:1d:5c:4d:29:d6:b7:ec:c6:20:37:47:
e2:76:4b:e1:69:a7:37:b2:33:64:9e:3d:23:bf:be:
58:88:b4:f2:d1:00:47:11:23:5d:6c:f9:84:2a:3e:
d4:2e:09:15:25:e4:b2:a5:30:b2:b1:ad:87:5a:81:
2a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CA:B9:66:7A:46:7A:68:9D:D8:7E:70:4A:07:2E:21:03:E5:0D:B6
X509v3 Authority Key Identifier:
keyid:5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/qMq5ZnpGemid2H5wSgcuIQPlDbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.236.0/23
Signature Algorithm: sha256WithRSAEncryption
17:f0:e2:34:b0:54:21:71:3b:c8:d2:5d:f5:87:f6:b9:85:bf:
31:36:53:bc:5c:b6:b1:6c:76:e9:c9:db:10:64:3d:4d:c1:06:
f9:90:10:3f:e7:ee:2b:d3:3d:55:7d:cf:06:74:10:bc:fe:93:
8f:00:9f:06:72:4c:0b:35:55:a1:c7:5c:3c:67:90:ee:c3:fc:
bc:75:9c:d3:c2:9c:7e:63:fd:ef:a1:83:6a:27:fe:d3:9e:5a:
a5:e8:48:3c:4c:99:58:54:f3:3f:9a:85:ff:49:f2:c5:54:2c:
e7:11:52:fd:b9:3a:7b:98:aa:06:ee:c7:6f:d6:d7:9b:3c:f8:
c7:17:1a:66:3b:d4:5e:68:60:bc:ad:b4:97:03:03:ce:7d:5f:
e2:fa:08:cd:da:5d:07:e4:7f:bb:0b:ae:ed:c8:18:a5:56:f4:
54:51:1a:d2:4c:53:d3:5c:31:31:2a:df:96:49:ab:93:01:3f:
37:5e:a9:8c:0b:e9:e7:37:e5:61:68:32:7e:22:cb:91:8c:46:
89:85:74:61:8d:e3:4b:72:b6:66:bf:3e:89:5e:ff:59:5c:5c:
16:69:4e:fc:1b:b3:6b:18:44:29:73:0d:25:68:dd:45:3d:89:
6c:97:23:1e:c5:16:d6:55:66:7b:c1:a4:00:9c:b3:69:c2:9b:
c9:34:28:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYxoIIcFCJ4zrfQhEdpkUIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWYyMTNiOGM3OTJiN2UwMTNmYTUwNDFmNWI4OTk3MWU2
ZjYyZDYwHhcNMjMwMjA4MTUyNDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNhYjk2NjdhNDY3YTY4OWRkODdlNzA0YTA3MmUyMTAzZTUwZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOXLOOxFokrzrG2q6j2OFmxTWNj1
PfhMT0sRzCkQgzmXBBG9TTjwtkZTEN7LxWJvi6Fzr6RXnAIecGJIG9RAlrllvcyF
LrSrxYgXX/JRkyvU0cjkPxylM9p/2D50QwRB3nPcXxkx+uYawDWXLSaaadhZtqqc
knX5pH0PXV8qY2ix01iUIX5T/7QEnHqm7qCbVKgYA6zhS1JWcg6o7kW51FXdAtkT
fMVD6PYY+Zp4ogV+VGULe6xWhrNmCeG7atKVINK5JQEVHVxNKda37MYgN0fidkvh
aac3sjNknj0jv75YiLTy0QBHESNdbPmEKj7ULgkVJeSypTCysa2HWoEqHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjKuWZ6Rnpondh+cEoHLiED5Q22MB8GA1UdIwQY
MBaAFF8fITuMeSt+AT+lBB9biZceb2LWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDct
NDAyMjM4NjM4ZWEzLzEvcU1xNVpucEdlbWlkMkg1d1NnY3VJUVBsRGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDctNDAyMjM4NjM4ZWEz
LzEvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwQjsMA0G
CSqGSIb3DQEBCwUAA4IBAQAX8OI0sFQhcTvI0l31h/a5hb8xNlO8XLaxbHbpydsQ
ZD1NwQb5kBA/5+4r0z1Vfc8GdBC8/pOPAJ8GckwLNVWhx1w8Z5Duw/y8dZzTwpx+
Y/3voYNqJ/7Tnlql6Eg8TJlYVPM/moX/SfLFVCznEVL9uTp7mKoG7sdv1tebPPjH
FxpmO9ReaGC8rbSXAwPOfV/i+gjN2l0H5H+7C67tyBilVvRUURrSTFPTXDExKt+W
SauTAT83XqmMC+nnN+VhaDJ+IsuRjEaJhXRhjeNLcrZmvz6JXv9ZXFwWaU78G7Nr
GEQpcw0laN1FPYlslyMexRbWVWZ7waQAnLNpwpvJNCgC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:29 2024 by rpki-client on console-fra.rpki-client.org