Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/qoKyL-GniRIxN_5YHTYav_kLsyA.roa
File: qoKyL-GniRIxN_5YHTYav_kLsyA.roa (raw, json)
Hash identifier: 05JTGHJMTFTZGchguof9cUJlfJDG1aC4+/XHRRIz8eI=
Subject key identifier: AA:82:B2:2F:E1:A7:89:12:31:37:FE:58:1D:36:1A:BF:F9:0B:B3:20
Certificate issuer: /CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Certificate serial: 018572BA9418C04BBDA0F5A370DF744F6EBB
Authority key identifier: 3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/qoKyL-GniRIxN_5YHTYav_kLsyA.roa
Signing time: Mon 02 Jan 2023 13:45:08 +0000
ROA not before: Mon 02 Jan 2023 13:45:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204796
IP address blocks: 195.158.252.0/23 maxlen: 23
185.240.0.0/22 maxlen: 22
195.190.11.0/24 maxlen: 24
2001:67c:11f8::/48 maxlen: 48
2a0c:6880::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 27 Dec 2023 14:42:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:94:18:c0:4b:bd:a0:f5:a3:70:df:74:4f:6e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Validity
Not Before: Jan 2 13:45:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa82b22fe1a789123137fe581d361abff90bb320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:66:ca:b8:0c:07:90:c2:54:a6:87:a5:9c:24:
e3:e3:d9:f0:63:c5:1b:9f:c7:53:24:95:10:1e:a5:
cb:09:a7:96:65:18:02:a0:c2:b1:b5:1f:3e:ee:9d:
2e:7a:34:e4:5c:68:9a:19:7c:24:45:84:f4:de:44:
fa:3a:9b:76:61:17:17:03:1f:b1:48:31:58:51:de:
90:6c:44:59:b1:a9:18:e1:c3:b0:80:ea:78:45:97:
32:43:23:f9:98:c2:2d:3b:3b:3b:85:03:f2:9a:bd:
18:86:99:ed:c2:47:32:ca:1c:45:ac:94:7a:5b:d4:
5e:43:f0:8e:1a:18:a7:5d:74:63:0b:48:85:3d:2d:
07:c9:e4:81:2d:9a:e5:7b:9c:d8:da:70:f9:36:3a:
c6:f2:fd:b7:13:72:98:ee:e5:79:d7:e2:f4:82:1f:
ef:ea:ea:ce:c6:14:4b:7b:6f:86:53:7a:09:f2:67:
12:b0:59:46:a2:1c:81:dc:74:8c:b4:ab:6b:3d:da:
f1:07:4a:ef:07:1b:b2:ee:d9:d7:66:91:c4:c0:54:
9f:88:93:34:a9:ed:ab:54:0e:60:4e:90:be:38:3e:
40:32:09:67:2c:ab:96:60:f2:25:cb:54:6f:99:f5:
3e:4a:b0:8b:7f:bf:25:f4:34:fe:72:17:af:b7:7d:
75:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:82:B2:2F:E1:A7:89:12:31:37:FE:58:1D:36:1A:BF:F9:0B:B3:20
X509v3 Authority Key Identifier:
keyid:3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/qoKyL-GniRIxN_5YHTYav_kLsyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.0.0/22
195.158.252.0/23
195.190.11.0/24
IPv6:
2001:67c:11f8::/48
2a0c:6880::/32
Signature Algorithm: sha256WithRSAEncryption
9f:43:9e:4c:38:c1:de:47:a1:53:06:7b:4a:6f:3a:3a:14:98:
9f:7b:d4:6b:25:1a:08:a9:ab:19:c3:53:d5:2c:41:e2:7f:56:
ba:04:70:ec:62:ec:d8:d2:4a:72:19:d1:d6:fa:2a:18:8e:d1:
a1:f1:60:2c:f8:c6:b7:1b:29:13:28:a4:50:b0:08:b2:86:7f:
d8:0e:7b:73:f6:58:2a:5b:fc:d5:57:44:74:85:2c:d6:f2:0e:
74:ae:26:f3:b1:5c:6d:2f:99:99:7f:f6:58:b7:d8:d0:31:d7:
4c:d4:34:d0:28:d0:7b:a6:17:88:83:58:db:8a:e6:69:8f:dc:
00:43:af:dc:f0:a6:60:8f:93:aa:42:b9:69:34:e3:db:d5:63:
b7:78:52:ef:20:11:6b:c0:7c:f0:01:59:0f:0b:03:20:ea:df:
1c:ef:63:e7:31:f8:77:20:91:7c:53:26:c4:45:a0:55:af:fb:
c0:a9:0a:42:45:b7:29:ab:57:4c:61:67:44:84:84:9c:9e:38:
c7:67:10:b4:e1:c0:99:1a:e8:7f:5c:b1:83:aa:3b:3d:ea:00:
6a:10:fa:49:00:06:b3:6c:d6:77:89:ac:89:ca:9e:1f:25:a8:
87:3e:87:53:ca:8b:fa:53:9c:8f:b4:58:bc:e3:68:f3:ac:bd:
f9:5d:99:ef
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVyupQYwEu9oPWjcN90T267MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMGVmNDM1OGFkYjA0MGYzMzNkOTM2MWE0MjYxZWEwZTUw
ZDM4YWIwHhcNMjMwMTAyMTM0NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTgyYjIyZmUxYTc4OTEyMzEzN2ZlNTgxZDM2MWFiZmY5MGJiMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGbKuAwHkMJUpoelnCTj49nwY8Ub
n8dTJJUQHqXLCaeWZRgCoMKxtR8+7p0uejTkXGiaGXwkRYT03kT6Opt2YRcXAx+x
SDFYUd6QbERZsakY4cOwgOp4RZcyQyP5mMItOzs7hQPymr0YhpntwkcyyhxFrJR6
W9ReQ/COGhinXXRjC0iFPS0HyeSBLZrle5zY2nD5NjrG8v23E3KY7uV51+L0gh/v
6urOxhRLe2+GU3oJ8mcSsFlGohyB3HSMtKtrPdrxB0rvBxuy7tnXZpHEwFSfiJM0
qe2rVA5gTpC+OD5AMglnLKuWYPIly1RvmfU+SrCLf78l9DT+chevt3119QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKqCsi/hp4kSMTf+WB02Gr/5C7MgMB8GA1UdIwQY
MBaAFD0O9DWK2wQPMz2TYaQmHqDlDTirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFE3ME5ZcmJCQTh6UFpOaHBDWWVvT1VOT0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9mOTQ2ZWYtOTYxOS00YmRkLTlmNDct
ZDJiYzk2YTk4YTE4LzEvcW9LeUwtR25pUkl4Tl81WUhUWWF2X2tMc3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9mOTQ2ZWYtOTYxOS00YmRkLTlmNDctZDJiYzk2YTk4YTE4
LzEvUFE3ME5ZcmJCQTh6UFpOaHBDWWVvT1VOT0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCufAAAwQB
w578AwQAw74LMBYEAgACMBADBwAgAQZ8EfgDBQAqDGiAMA0GCSqGSIb3DQEBCwUA
A4IBAQCfQ55MOMHeR6FTBntKbzo6FJife9RrJRoIqasZw1PVLEHif1a6BHDsYuzY
0kpyGdHW+ioYjtGh8WAs+Ma3GykTKKRQsAiyhn/YDntz9lgqW/zVV0R0hSzW8g50
ribzsVxtL5mZf/ZYt9jQMddM1DTQKNB7pheIg1jbiuZpj9wAQ6/c8KZgj5OqQrlp
NOPb1WO3eFLvIBFrwHzwAVkPCwMg6t8c72PnMfh3IJF8UybERaBVr/vAqQpCRbcp
q1dMYWdEhIScnjjHZxC04cCZGuh/XLGDqjs96gBqEPpJAAazbNZ3iayJyp4fJaiH
PodTyov6U5yPtFi842jzrL35XZnv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:56 2024 by rpki-client on console-ams.rpki-client.org