Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Q3cgiHqjWL2uoyxUBL09petc73I.roa
File: Q3cgiHqjWL2uoyxUBL09petc73I.roa (raw, json)
Hash identifier: xT+EyC4FOnbRzxvSjOGaA1YZmX8cny8rrfGvbmgA8Bk=
Subject key identifier: 43:77:20:88:7A:A3:58:BD:AE:A3:2C:54:04:BD:3D:A5:EB:5C:EF:72
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0185730CD40C0B108B38E6DDBAD8899228C9
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Q3cgiHqjWL2uoyxUBL09petc73I.roa
Signing time: Mon 02 Jan 2023 15:14:58 +0000
ROA not before: Mon 02 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205577
IP address blocks: 147.234.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:d4:0c:0b:10:8b:38:e6:dd:ba:d8:89:92:28:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=437720887aa358bdaea32c5404bd3da5eb5cef72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1c:f9:4d:2c:e0:a7:af:19:7f:a4:51:26:18:
3d:88:ac:69:e1:b1:d2:d6:bc:8c:b9:6a:4f:f0:94:
e5:f5:94:2b:fa:56:dd:e5:de:95:cf:c7:04:1a:fd:
f7:08:53:b8:09:d0:f9:5f:cd:e8:63:08:e4:d8:3c:
c7:73:88:31:53:e8:04:9f:da:7e:f6:d4:2b:d2:0e:
a1:7f:a6:54:58:78:50:a1:b2:47:34:4a:ca:c5:96:
eb:30:ef:f6:a1:97:69:31:0d:dd:d5:06:91:a5:c1:
91:09:51:ff:6f:a4:f1:77:21:73:d7:30:67:88:20:
78:34:1f:a9:3f:be:52:f3:05:b1:5a:22:70:c0:a0:
16:5c:42:81:b2:ef:e5:fb:3e:cb:4f:ea:08:9c:1d:
ea:82:28:8e:aa:5d:00:38:29:0d:c5:4c:17:08:82:
8d:b0:61:da:89:2d:88:63:e0:81:e4:da:73:8d:f4:
67:ce:e5:63:46:60:16:76:41:de:ed:39:bb:a8:c5:
5e:7e:2e:43:fb:ea:4d:a0:ef:62:3c:1d:66:fa:c3:
e0:e8:3d:d8:36:b9:10:5f:d3:d2:21:09:d0:40:a4:
c5:d8:27:9e:4b:8a:2b:f1:41:45:0e:67:57:a7:a9:
ab:e3:bf:ca:5a:b1:f8:f2:18:40:71:b2:0d:5f:79:
61:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:77:20:88:7A:A3:58:BD:AE:A3:2C:54:04:BD:3D:A5:EB:5C:EF:72
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Q3cgiHqjWL2uoyxUBL09petc73I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.20.0/24
Signature Algorithm: sha256WithRSAEncryption
17:bc:9d:b4:f7:17:82:99:55:91:91:69:fd:ed:e4:d8:05:e8:
55:63:cc:8a:53:da:34:22:b2:8b:bd:71:fc:97:86:b8:88:9c:
0f:a0:56:cf:19:e4:82:65:6f:45:e3:59:9c:ff:40:4d:6d:dc:
8a:10:43:5a:dd:50:b3:f5:23:24:1c:5e:d4:ba:ff:d4:c1:d3:
1a:69:b6:14:82:ed:52:ce:26:ce:4e:7f:9d:56:fb:76:ed:20:
0f:a5:33:a3:96:8b:7c:04:f7:fe:8d:4f:7f:f5:df:fa:d9:71:
5a:8f:78:45:e9:a3:1c:6b:e7:9d:a6:1d:98:df:c8:ba:98:4a:
45:41:1f:33:c5:24:b1:48:09:57:59:cf:a6:d2:01:77:d9:12:
ea:d6:63:b5:e3:97:8d:c7:dc:53:50:04:e7:69:30:87:17:cc:
48:71:34:1a:ed:2c:4d:05:e9:1c:d5:1f:b5:a2:22:5b:94:df:
a4:07:b6:98:ce:5b:ab:16:84:80:97:4c:33:2c:d7:fe:0c:0f:
ed:d8:5b:ab:21:20:ae:f7:14:cc:83:6c:7b:fb:74:c3:d9:6c:
50:4f:37:c7:e2:1b:27:43:90:a3:c9:6e:86:b2:ae:fd:33:2c:
00:1e:d7:3d:80:7b:e1:26:e2:f0:13:00:14:83:d5:b4:56:4b:
f3:e4:0e:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDNQMCxCLOObdutiJkijJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAyMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzc3MjA4ODdhYTM1OGJkYWVhMzJjNTQwNGJkM2RhNWViNWNlZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxz5TSzgp68Zf6RRJhg9iKxp4bHS
1ryMuWpP8JTl9ZQr+lbd5d6Vz8cEGv33CFO4CdD5X83oYwjk2DzHc4gxU+gEn9p+
9tQr0g6hf6ZUWHhQobJHNErKxZbrMO/2oZdpMQ3d1QaRpcGRCVH/b6TxdyFz1zBn
iCB4NB+pP75S8wWxWiJwwKAWXEKBsu/l+z7LT+oInB3qgiiOql0AOCkNxUwXCIKN
sGHaiS2IY+CB5NpzjfRnzuVjRmAWdkHe7Tm7qMVefi5D++pNoO9iPB1m+sPg6D3Y
NrkQX9PSIQnQQKTF2CeeS4or8UFFDmdXp6mr47/KWrH48hhAcbINX3lhFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEN3IIh6o1i9rqMsVAS9PaXrXO9yMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvUTNjZ2lIcWpXTDJ1b3l4VUJMMDlwZXRjNzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+oUMA0G
CSqGSIb3DQEBCwUAA4IBAQAXvJ209xeCmVWRkWn97eTYBehVY8yKU9o0IrKLvXH8
l4a4iJwPoFbPGeSCZW9F41mc/0BNbdyKEENa3VCz9SMkHF7Uuv/UwdMaabYUgu1S
zibOTn+dVvt27SAPpTOjlot8BPf+jU9/9d/62XFaj3hF6aMca+edph2Y38i6mEpF
QR8zxSSxSAlXWc+m0gF32RLq1mO145eNx9xTUATnaTCHF8xIcTQa7SxNBekc1R+1
oiJblN+kB7aYzlurFoSAl0wzLNf+DA/t2FurISCu9xTMg2x7+3TD2WxQTzfH4hsn
Q5CjyW6Gsq79MywAHtc9gHvhJuLwEwAUg9W0Vkvz5A6v
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:32 2024 by rpki-client on console-fra.rpki-client.org