Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/qiRZ5pYaQlDQJtLhS--0OEkR5v0.roa
File: qiRZ5pYaQlDQJtLhS--0OEkR5v0.roa (raw, json)
Hash identifier: MyhP9WdCqAiSTe9dV3vkEVc2fILrKRCyTmkIMl1ynik=
Subject key identifier: AA:24:59:E6:96:1A:42:50:D0:26:D2:E1:4B:EF:B4:38:49:11:E6:FD
Certificate issuer: /CN=2532a5cf2ba18c753edc95ee20b666293df02d5b
Certificate serial: 018571B0F9836556267181A49FEEDD13C077
Authority key identifier: 25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/qiRZ5pYaQlDQJtLhS--0OEkR5v0.roa
Signing time: Mon 02 Jan 2023 08:55:01 +0000
ROA not before: Mon 02 Jan 2023 08:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35030
IP address blocks: 91.221.83.0/24 maxlen: 24
91.221.82.0/24 maxlen: 24
77.32.227.0/24 maxlen: 24
195.211.13.0/24 maxlen: 24
195.211.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:f9:83:65:56:26:71:81:a4:9f:ee:dd:13:c0:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2532a5cf2ba18c753edc95ee20b666293df02d5b
Validity
Not Before: Jan 2 08:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa2459e6961a4250d026d2e14befb4384911e6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8f:b1:8c:3c:98:cb:f1:af:29:fb:e1:a9:00:
30:f7:fd:11:1f:86:01:d7:ad:3a:e2:b6:3d:92:d6:
fd:57:74:c8:cb:83:9c:e1:ed:c3:b1:d0:a8:05:2c:
eb:3f:8d:e1:d9:d5:73:a9:52:4f:d6:93:aa:69:8f:
dd:71:0c:50:28:71:9b:48:7b:77:b5:42:81:3e:e6:
26:65:6d:17:d4:cd:10:99:36:a1:cb:1f:3a:d7:e5:
98:f9:cf:89:4a:c2:d8:da:14:f5:bc:2d:86:d0:44:
d1:38:bc:04:70:ef:c4:eb:1f:d8:97:9a:f9:99:f4:
10:6d:b9:4f:8e:64:8f:9d:5c:a5:b2:8c:19:40:27:
d9:07:22:19:e2:ad:fd:ee:b1:9f:36:f5:d9:b4:4e:
c9:a6:1e:0a:28:44:2e:4d:49:29:16:7a:d9:57:3e:
17:38:cb:71:9f:c8:81:d0:9d:dd:af:b6:bd:61:a6:
a4:ff:70:cc:3a:8e:5b:73:9e:42:9a:ed:d2:de:3a:
30:cf:27:65:b0:e6:b8:71:25:83:96:e2:c5:62:e4:
1a:9d:9f:82:bb:9a:66:9e:3c:41:53:b3:21:e1:74:
b6:a3:c3:5b:4c:4b:b3:3f:ac:b5:40:6c:8f:ad:67:
75:ed:28:c1:9e:38:42:00:d8:3d:09:ee:1e:df:7e:
fa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:24:59:E6:96:1A:42:50:D0:26:D2:E1:4B:EF:B4:38:49:11:E6:FD
X509v3 Authority Key Identifier:
keyid:25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/qiRZ5pYaQlDQJtLhS--0OEkR5v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/JTKlzyuhjHU-3JXuILZmKT3wLVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.32.227.0/24
91.221.82.0/23
195.211.12.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:a2:26:eb:0a:be:05:d9:17:06:e7:a7:74:9c:e6:70:31:95:
30:60:c2:29:4c:2b:8a:62:63:9f:95:28:05:b7:87:7f:1c:b3:
ff:c9:99:56:f6:0f:c5:e4:aa:27:09:8e:8e:ff:3a:41:ae:1d:
3b:8e:43:2f:cd:7e:cd:81:d2:2e:bf:cf:0c:7b:35:cd:0e:4a:
7c:88:d4:f7:63:1a:35:16:a2:ce:b2:e7:08:ef:bf:4c:03:5b:
42:ec:4c:a2:65:e5:a6:3e:57:90:a7:c5:b0:40:6e:02:45:7c:
dc:ad:5d:3d:af:20:e3:be:eb:da:b7:da:01:d4:92:3a:57:9e:
43:d8:65:67:84:42:ee:19:2d:c6:c2:8f:de:f3:de:11:1c:60:
8a:f9:1c:42:f2:89:99:c9:b3:c6:e3:ed:c0:01:62:0e:9c:6f:
f3:af:f3:d0:4c:c4:6f:43:a6:fd:4c:b4:e8:02:6d:5e:86:d0:
17:11:a5:f5:5a:ef:7c:60:ec:f4:c4:d8:7b:3c:4a:d2:68:93:
76:96:36:11:3c:b0:48:0d:2e:96:b1:84:a9:65:30:8c:89:4a:
f2:c8:e1:0c:98:94:c0:df:b5:8c:ac:3c:53:36:27:32:91:77:
03:0b:94:c9:2d:73:0f:5f:6c:fe:db:ac:69:68:3d:a8:94:c4:
ee:f3:4d:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxsPmDZVYmcYGkn+7dE8B3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MzJhNWNmMmJhMThjNzUzZWRjOTVlZTIwYjY2NjI5M2Rm
MDJkNWIwHhcNMjMwMTAyMDg1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTI0NTllNjk2MWE0MjUwZDAyNmQyZTE0YmVmYjQzODQ5MTFlNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko+xjDyYy/GvKfvhqQAw9/0RH4YB
16064rY9ktb9V3TIy4Oc4e3DsdCoBSzrP43h2dVzqVJP1pOqaY/dcQxQKHGbSHt3
tUKBPuYmZW0X1M0QmTahyx861+WY+c+JSsLY2hT1vC2G0ETROLwEcO/E6x/Yl5r5
mfQQbblPjmSPnVylsowZQCfZByIZ4q397rGfNvXZtE7Jph4KKEQuTUkpFnrZVz4X
OMtxn8iB0J3dr7a9Yaak/3DMOo5bc55Cmu3S3jowzydlsOa4cSWDluLFYuQanZ+C
u5pmnjxBU7Mh4XS2o8NbTEuzP6y1QGyPrWd17SjBnjhCANg9Ce4e3376iwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKokWeaWGkJQ0CbS4UvvtDhJEeb9MB8GA1UdIwQY
MBaAFCUypc8roYx1PtyV7iC2Zik98C1bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjIt
MTUxY2Y2MWRlODNlLzEvcWlSWjVwWWFRbERRSnRMaFMtLTBPRWtSNXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjItMTUxY2Y2MWRlODNl
LzEvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATSDjAwQB
W91SAwQBw9MMMA0GCSqGSIb3DQEBCwUAA4IBAQCaoibrCr4F2RcG56d0nOZwMZUw
YMIpTCuKYmOflSgFt4d/HLP/yZlW9g/F5KonCY6O/zpBrh07jkMvzX7NgdIuv88M
ezXNDkp8iNT3Yxo1FqLOsucI779MA1tC7EyiZeWmPleQp8WwQG4CRXzcrV09ryDj
vuvat9oB1JI6V55D2GVnhELuGS3Gwo/e894RHGCK+RxC8omZybPG4+3AAWIOnG/z
r/PQTMRvQ6b9TLToAm1ehtAXEaX1Wu98YOz0xNh7PErSaJN2ljYRPLBIDS6WsYSp
ZTCMiUryyOEMmJTA37WMrDxTNicykXcDC5TJLXMPX2z+26xpaD2olMTu801m
Generated at Mon Aug 14 17:13:27 2023 by rpki-client on console-fra.rpki-client.org