Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/qDHV7ncL95PxGV4bSwUna9YGaFk.roa
File: qDHV7ncL95PxGV4bSwUna9YGaFk.roa (raw, json)
Hash identifier: jjpN/sTXTT2/oXrXHIbHcIy51CBq1ogqa5x0AuNlSCI=
Subject key identifier: A8:31:D5:EE:77:0B:F7:93:F1:19:5E:1B:4B:05:27:6B:D6:06:68:59
Certificate issuer: /CN=d3540b518d75fbefd616bfd94cf05fd25ba488b6
Certificate serial: 0185732815104BA2B8A11235FFA489A87095
Authority key identifier: D3:54:0B:51:8D:75:FB:EF:D6:16:BF:D9:4C:F0:5F:D2:5B:A4:88:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01QLUY11--_WFr_ZTPBf0lukiLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/qDHV7ncL95PxGV4bSwUna9YGaFk.roa
Signing time: Mon 02 Jan 2023 15:44:44 +0000
ROA not before: Mon 02 Jan 2023 15:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49524
IP address blocks: 46.141.0.0/17 maxlen: 17
46.141.128.0/17 maxlen: 17
109.237.160.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:15:10:4b:a2:b8:a1:12:35:ff:a4:89:a8:70:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3540b518d75fbefd616bfd94cf05fd25ba488b6
Validity
Not Before: Jan 2 15:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a831d5ee770bf793f1195e1b4b05276bd6066859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4b:9d:87:09:ab:d4:7e:74:c1:30:4a:b1:31:
5c:a2:81:c5:c8:59:78:97:a9:1d:cb:76:77:8f:d2:
60:9a:6f:09:7f:f8:6e:a2:10:6a:12:2a:dd:de:10:
e4:c7:66:1f:df:ee:3e:4e:8e:7d:7c:3b:6d:98:72:
eb:ec:e9:89:7a:41:4e:07:fd:54:61:f6:5e:f0:45:
c8:d1:0d:7f:90:d5:b4:98:99:22:7f:1c:c6:65:dc:
d0:83:b4:f6:ab:a1:90:13:c6:69:a5:03:0e:0a:35:
9c:2e:42:87:cc:f6:2a:97:55:0a:b8:bc:40:e1:86:
7b:1d:e7:62:50:8f:79:d1:99:79:f8:cf:60:ad:86:
b2:50:43:51:31:78:a1:07:8f:e5:b4:9d:7b:b0:f0:
e6:31:48:91:d3:94:6f:24:3a:18:81:a2:4f:2f:b6:
00:e9:90:99:37:0e:d8:90:38:fc:3f:d3:07:9d:a3:
c8:04:a9:c5:2a:f6:e4:b4:7b:fc:32:f5:52:cd:c3:
bb:8b:06:57:bf:d8:3d:88:13:a5:4d:e8:93:19:a9:
9a:bb:93:db:17:fa:62:e3:1d:8a:46:bd:e6:80:72:
8b:f1:87:92:27:86:85:a1:eb:da:e0:79:e7:7b:7d:
02:f2:ae:74:0b:d5:50:29:31:65:5c:0d:08:26:65:
a7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:31:D5:EE:77:0B:F7:93:F1:19:5E:1B:4B:05:27:6B:D6:06:68:59
X509v3 Authority Key Identifier:
keyid:D3:54:0B:51:8D:75:FB:EF:D6:16:BF:D9:4C:F0:5F:D2:5B:A4:88:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01QLUY11--_WFr_ZTPBf0lukiLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/qDHV7ncL95PxGV4bSwUna9YGaFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/01QLUY11--_WFr_ZTPBf0lukiLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.141.0.0/16
109.237.160.0/20
Signature Algorithm: sha256WithRSAEncryption
c1:74:f1:bd:fd:44:4e:ce:b6:3d:2b:0b:cd:66:95:ba:40:9a:
91:08:18:02:e8:dc:de:1e:a0:f8:d5:83:b3:b5:53:31:92:bb:
5b:77:d7:0e:fa:e7:f0:fc:4c:db:63:7b:21:3a:04:d9:2d:cd:
82:dc:e3:52:7e:2a:37:af:e6:6a:17:b1:9d:99:2a:33:a1:b3:
21:5b:dc:78:a4:d2:d3:ae:9c:e3:77:86:e7:00:23:e1:1d:f8:
ae:06:2b:0b:02:a6:46:c2:ea:ec:ab:2e:d7:e6:43:b3:fa:6d:
56:c2:04:40:a0:67:4e:77:6d:8e:35:b5:a0:19:3e:fe:99:9a:
c7:c7:a4:c8:0b:a6:f6:dd:ed:6b:0e:00:6d:c0:c6:b0:13:41:
a1:87:8b:9a:8f:86:01:6e:c2:b7:99:7c:bb:f9:02:e5:e5:25:
90:e0:0e:7f:63:76:0c:e2:a8:2a:7c:f9:7c:fc:bd:db:cf:9b:
d8:f6:75:e6:72:bb:e2:8b:5b:23:41:ba:b4:ab:30:ee:82:a5:
9b:8f:fd:4f:7b:67:fb:b8:ec:6d:8a:27:88:bd:21:6d:38:8c:
67:e9:e3:94:49:df:9f:36:a1:00:c2:6c:01:88:cc:e8:75:c7:
87:e2:e4:7a:a7:fc:b7:99:3d:f1:74:25:ea:0f:9d:11:b1:75:
be:9d:a7:02
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVzKBUQS6K4oRI1/6SJqHCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTQwYjUxOGQ3NWZiZWZkNjE2YmZkOTRjZjA1ZmQyNWJh
NDg4YjYwHhcNMjMwMTAyMTU0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODMxZDVlZTc3MGJmNzkzZjExOTVlMWI0YjA1Mjc2YmQ2MDY2ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkudhwmr1H50wTBKsTFcooHFyFl4
l6kdy3Z3j9Jgmm8Jf/huohBqEird3hDkx2Yf3+4+To59fDttmHLr7OmJekFOB/1U
YfZe8EXI0Q1/kNW0mJkifxzGZdzQg7T2q6GQE8ZppQMOCjWcLkKHzPYql1UKuLxA
4YZ7HediUI950Zl5+M9grYayUENRMXihB4/ltJ17sPDmMUiR05RvJDoYgaJPL7YA
6ZCZNw7YkDj8P9MHnaPIBKnFKvbktHv8MvVSzcO7iwZXv9g9iBOlTeiTGamau5Pb
F/pi4x2KRr3mgHKL8YeSJ4aFoeva4Hnne30C8q50C9VQKTFlXA0IJmWncQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFKgx1e53C/eT8RleG0sFJ2vWBmhZMB8GA1UdIwQY
MBaAFNNUC1GNdfvv1ha/2UzwX9JbpIi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFRTFVZMTEtLV9XRnJfWlRQQmYwbHVraUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hY2VlOGUtNzc2MS00MTlmLWI0ODMt
YjMwMTYyZTNjY2MwLzEvcURIVjduY0w5NVB4R1Y0YlN3VW5hOVlHYUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hY2VlOGUtNzc2MS00MTlmLWI0ODMtYjMwMTYyZTNjY2Mw
LzEvMDFRTFVZMTEtLV9XRnJfWlRQQmYwbHVraUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMALo0DBARt
7aAwDQYJKoZIhvcNAQELBQADggEBAMF08b39RE7Otj0rC81mlbpAmpEIGALo3N4e
oPjVg7O1UzGSu1t31w765/D8TNtjeyE6BNktzYLc41J+Kjev5moXsZ2ZKjOhsyFb
3Hik0tOunON3hucAI+Ed+K4GKwsCpkbC6uyrLtfmQ7P6bVbCBECgZ053bY41taAZ
Pv6ZmsfHpMgLpvbd7WsOAG3AxrATQaGHi5qPhgFuwreZfLv5AuXlJZDgDn9jdgzi
qCp8+Xz8vdvPm9j2deZyu+KLWyNBurSrMO6CpZuP/U97Z/u47G2KJ4i9IW04jGfp
45RJ3582oQDCbAGIzOh1x4fi5Hqn/LeZPfF0JeoPnRGxdb6dpwI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:46 2024 by rpki-client on console-fra.rpki-client.org