Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/0QnazjexIma9sW1qQI3I4Z4GTT4.roa
File: 0QnazjexIma9sW1qQI3I4Z4GTT4.roa (raw, json)
Hash identifier: qSqkvbSSJp1CzehOnYpvJFS+iD5ZD8ZinMXsQmbN/iU=
Subject key identifier: D1:09:DA:CE:37:B1:22:66:BD:B1:6D:6A:40:8D:C8:E1:9E:06:4D:3E
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 01856CC177AF464B13EDE37B398997101C8F
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/0QnazjexIma9sW1qQI3I4Z4GTT4.roa
Signing time: Sun 01 Jan 2023 09:54:56 +0000
ROA not before: Sun 01 Jan 2023 09:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34093
IP address blocks: 217.197.144.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:77:af:46:4b:13:ed:e3:7b:39:89:97:10:1c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Jan 1 09:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d109dace37b12266bdb16d6a408dc8e19e064d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e4:1d:ce:db:64:c0:2e:70:b5:c3:b3:39:c3:
2a:f2:01:ca:e4:80:8c:d1:86:bf:9e:7c:52:a9:a1:
21:76:30:0a:17:fb:3c:84:27:ae:ee:5f:e7:f9:8c:
6f:d2:20:e5:38:78:a1:c9:de:d8:d7:da:33:29:12:
8c:70:e0:b2:ed:07:a7:0e:57:71:1b:59:07:56:d0:
d2:27:8f:14:28:9c:6d:44:04:f6:1c:e0:f3:a9:5e:
cb:82:4a:cf:ef:08:82:ae:9b:7a:3f:31:be:9b:ce:
18:d2:ff:c4:04:d7:e9:52:7b:b2:a6:98:18:23:a6:
fc:40:e8:6a:de:ef:6f:56:e3:19:d5:d8:41:b0:2d:
c9:cc:fa:5e:59:d3:df:df:de:65:a9:0b:c8:0e:f6:
5a:f1:56:e9:c5:5d:73:12:f5:5c:43:30:6e:e4:56:
92:1d:4e:32:63:fb:11:51:0d:f9:fe:89:6d:00:73:
b9:43:39:f5:c5:07:aa:45:0b:ed:67:94:59:76:50:
85:24:2d:36:a0:39:fa:d5:f1:9f:d5:23:b2:e2:95:
28:5b:6a:64:bc:04:c1:90:fb:a0:c4:28:11:ee:42:
a9:4f:a3:88:6b:81:a9:44:b1:d2:88:17:1f:c0:87:
fe:77:6a:d0:71:6f:ce:a2:fb:53:5e:5d:c4:52:dd:
b4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:09:DA:CE:37:B1:22:66:BD:B1:6D:6A:40:8D:C8:E1:9E:06:4D:3E
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/0QnazjexIma9sW1qQI3I4Z4GTT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.144.0/20
Signature Algorithm: sha256WithRSAEncryption
04:ef:29:19:1a:33:f7:41:6d:b8:fa:e0:06:22:4d:3f:84:25:
18:c4:a5:88:3f:4f:5b:d3:f9:ee:c0:03:94:e9:f1:ce:66:d2:
0a:e2:1f:15:9d:0d:6f:d8:89:f3:d4:e7:59:4d:88:b0:55:c8:
fd:3b:2a:cf:2d:b6:4d:07:98:3c:29:a1:ce:d0:49:7f:5b:53:
57:61:27:00:ad:2a:a1:9e:80:2b:00:a2:5a:7f:eb:c4:2c:5c:
ae:65:39:6b:23:b2:be:08:63:4f:cd:c7:e3:6b:d4:ff:d1:4b:
1a:7e:8b:f0:f6:74:1c:c2:13:34:66:7a:ff:b2:7a:36:8f:d0:
dc:1a:c8:66:23:b8:f8:8c:a9:95:45:f6:43:b5:b6:08:15:03:
af:47:3d:9b:41:34:62:01:03:f6:16:06:65:ab:2f:f5:dc:79:
5e:62:08:fe:dc:56:09:e7:3e:14:c4:e0:4d:30:82:30:13:19:
e6:a6:3b:6b:bc:9b:35:2a:21:65:c6:a9:de:2d:8b:86:56:bb:
21:8b:c6:8b:55:5a:a0:bd:e2:4f:49:e4:c8:b4:02:1f:a9:ec:
05:62:f5:8d:28:ec:b9:9b:6c:72:5a:24:fb:30:d0:aa:df:e3:
87:d3:c8:e0:cc:db:68:5e:2e:3d:e5:85:6b:08:41:07:9e:08:
c8:bf:50:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswXevRksT7eN7OYmXEByPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjMwMTAxMDk1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA5ZGFjZTM3YjEyMjY2YmRiMTZkNmE0MDhkYzhlMTllMDY0ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOQdzttkwC5wtcOzOcMq8gHK5ICM
0Ya/nnxSqaEhdjAKF/s8hCeu7l/n+Yxv0iDlOHihyd7Y19ozKRKMcOCy7QenDldx
G1kHVtDSJ48UKJxtRAT2HODzqV7LgkrP7wiCrpt6PzG+m84Y0v/EBNfpUnuyppgY
I6b8QOhq3u9vVuMZ1dhBsC3JzPpeWdPf395lqQvIDvZa8VbpxV1zEvVcQzBu5FaS
HU4yY/sRUQ35/oltAHO5Qzn1xQeqRQvtZ5RZdlCFJC02oDn61fGf1SOy4pUoW2pk
vATBkPugxCgR7kKpT6OIa4GpRLHSiBcfwIf+d2rQcW/OovtTXl3EUt20rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEJ2s43sSJmvbFtakCNyOGeBk0+MB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvMFFuYXpqZXhJbWE5c1cxcVFJM0k0WjRHVFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2cWQMA0G
CSqGSIb3DQEBCwUAA4IBAQAE7ykZGjP3QW24+uAGIk0/hCUYxKWIP09b0/nuwAOU
6fHOZtIK4h8VnQ1v2Inz1OdZTYiwVcj9OyrPLbZNB5g8KaHO0El/W1NXYScArSqh
noArAKJaf+vELFyuZTlrI7K+CGNPzcfja9T/0Usafovw9nQcwhM0Znr/sno2j9Dc
GshmI7j4jKmVRfZDtbYIFQOvRz2bQTRiAQP2FgZlqy/13HleYgj+3FYJ5z4UxOBN
MIIwExnmpjtrvJs1KiFlxqneLYuGVrshi8aLVVqgveJPSeTItAIfqewFYvWNKOy5
m2xyWiT7MNCq3+OH08jgzNtoXi495YVrCEEHngjIv1A5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:48 2024 by rpki-client on console-fra.rpki-client.org