Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/322450-21ca-41af-9b65-cbe084872174/1/qOSAp9itqn-r-7NPP1H7PlPRXCE.roa
File: qOSAp9itqn-r-7NPP1H7PlPRXCE.roa (raw, json)
Hash identifier: Bycr4ujMpMz9Prs0MM0Pnd9dL1Zn+DWi5fxrf80uKhs=
Subject key identifier: A8:E4:80:A7:D8:AD:AA:7F:AB:FB:B3:4F:3F:51:FB:3E:53:D1:5C:21
Certificate issuer: /CN=4a7cfe881168b615a0bd411cc314bd040a4d27f6
Certificate serial: 01856E142AF14C0BD5123279D99417ACE8FB
Authority key identifier: 4A:7C:FE:88:11:68:B6:15:A0:BD:41:1C:C3:14:BD:04:0A:4D:27:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Snz-iBFothWgvUEcwxS9BApNJ_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/322450-21ca-41af-9b65-cbe084872174/1/qOSAp9itqn-r-7NPP1H7PlPRXCE.roa
Signing time: Sun 01 Jan 2023 16:04:53 +0000
ROA not before: Sun 01 Jan 2023 16:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39250
IP address blocks: 109.68.152.0/21 maxlen: 21
2a00:1d68::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:2a:f1:4c:0b:d5:12:32:79:d9:94:17:ac:e8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7cfe881168b615a0bd411cc314bd040a4d27f6
Validity
Not Before: Jan 1 16:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8e480a7d8adaa7fabfbb34f3f51fb3e53d15c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c1:04:ce:f2:f1:1f:19:2d:22:d3:e5:4c:c0:
5c:87:f9:54:05:3b:2c:6d:0b:84:34:31:4b:7e:f5:
ff:2a:e3:fb:98:89:e3:9f:27:67:3c:49:61:a4:2a:
60:a5:8a:13:1b:cb:35:e5:dd:d5:11:49:76:42:a0:
5d:b5:c0:85:b8:51:7b:82:25:c7:fb:be:a7:3f:b5:
98:9a:f7:f1:01:76:7e:ed:78:4e:b6:48:ce:a3:ab:
91:88:ba:fd:46:06:93:a3:7a:be:7a:94:28:13:ad:
e4:d8:01:ba:c0:96:5c:d5:29:07:72:3a:6c:6e:69:
96:22:df:09:aa:ec:7e:8e:2e:99:b1:be:0e:fc:41:
45:8c:7e:10:77:1e:16:4b:f9:a7:84:b7:ea:9f:b5:
29:bb:df:88:91:bf:81:cb:3c:2c:11:3a:4b:df:03:
7a:f6:4e:75:66:0b:b6:45:8c:7b:49:c1:07:f1:14:
e6:9a:f8:18:d8:31:ac:d8:f7:e5:01:e3:41:73:7e:
a2:a3:8a:1a:8e:d0:3b:47:3b:7c:06:14:95:d7:82:
a3:1e:14:32:47:bd:5b:f9:5c:59:de:48:78:76:b4:
1a:10:6a:84:28:04:ac:16:0d:4a:02:55:52:99:fb:
ac:8a:a8:0e:c8:2d:b3:13:d7:fe:0d:55:2b:39:56:
49:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E4:80:A7:D8:AD:AA:7F:AB:FB:B3:4F:3F:51:FB:3E:53:D1:5C:21
X509v3 Authority Key Identifier:
keyid:4A:7C:FE:88:11:68:B6:15:A0:BD:41:1C:C3:14:BD:04:0A:4D:27:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Snz-iBFothWgvUEcwxS9BApNJ_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/322450-21ca-41af-9b65-cbe084872174/1/qOSAp9itqn-r-7NPP1H7PlPRXCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/322450-21ca-41af-9b65-cbe084872174/1/Snz-iBFothWgvUEcwxS9BApNJ_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.152.0/21
IPv6:
2a00:1d68::/32
Signature Algorithm: sha256WithRSAEncryption
a9:04:6e:45:1b:3e:b6:6f:ef:7a:73:f1:3d:8b:39:51:52:7e:
e0:2b:96:2a:4c:88:54:86:a2:e0:59:25:1e:60:6a:49:b1:3f:
c7:86:37:24:4d:b6:56:61:d0:e0:a7:f8:ae:8c:0c:d8:4d:c8:
b9:fb:00:1f:6b:30:c5:d3:80:2e:41:bf:e9:8c:65:37:37:8d:
9a:62:d0:95:30:09:36:14:56:4b:35:84:be:fd:d1:ed:29:58:
cf:90:2b:75:9c:b9:a3:c7:e3:7b:17:9e:9d:75:d8:62:b9:0c:
d8:4c:30:a6:bc:e5:93:88:c3:54:f5:30:fb:cd:ac:b7:3e:9b:
e8:27:9b:31:98:58:db:8a:0f:a1:1d:cc:34:1c:ad:ea:73:15:
6c:37:42:88:3c:27:58:b4:61:2a:99:da:d7:fa:53:ea:9a:49:
e6:3e:78:f8:ca:4f:f7:f8:fd:ca:74:a8:6d:88:9c:6a:69:58:
db:d0:8c:09:94:36:8e:50:d1:b7:2d:40:7d:dd:bf:5b:1c:7b:
81:36:97:fc:22:a6:74:0a:77:f7:71:f8:a6:63:fd:63:ac:31:
0a:a5:b7:f9:6d:5f:cf:ac:58:f3:5c:83:02:51:57:6a:4a:a5:
f5:df:be:d2:3e:17:c1:73:2c:4f:b0:29:fe:5e:5c:39:9f:01:
f1:de:53:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuFCrxTAvVEjJ52ZQXrOj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2NmZTg4MTE2OGI2MTVhMGJkNDExY2MzMTRiZDA0MGE0
ZDI3ZjYwHhcNMjMwMTAxMTYwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU0ODBhN2Q4YWRhYTdmYWJmYmIzNGYzZjUxZmIzZTUzZDE1YzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMEEzvLxHxktItPlTMBch/lUBTss
bQuENDFLfvX/KuP7mInjnydnPElhpCpgpYoTG8s15d3VEUl2QqBdtcCFuFF7giXH
+76nP7WYmvfxAXZ+7XhOtkjOo6uRiLr9RgaTo3q+epQoE63k2AG6wJZc1SkHcjps
bmmWIt8Jqux+ji6Zsb4O/EFFjH4Qdx4WS/mnhLfqn7Upu9+Ikb+ByzwsETpL3wN6
9k51Zgu2RYx7ScEH8RTmmvgY2DGs2PflAeNBc36io4oajtA7Rzt8BhSV14KjHhQy
R71b+VxZ3kh4drQaEGqEKASsFg1KAlVSmfusiqgOyC2zE9f+DVUrOVZJtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKjkgKfYrap/q/uzTz9R+z5T0VwhMB8GA1UdIwQY
MBaAFEp8/ogRaLYVoL1BHMMUvQQKTSf2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU256LWlCRm90aFdndlVFY3d4UzlCQXBOSl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8zMjI0NTAtMjFjYS00MWFmLTliNjUt
Y2JlMDg0ODcyMTc0LzEvcU9TQXA5aXRxbi1yLTdOUFAxSDdQbFBSWENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8zMjI0NTAtMjFjYS00MWFmLTliNjUtY2JlMDg0ODcyMTc0
LzEvU256LWlCRm90aFdndlVFY3d4UzlCQXBOSl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbUSYMA0E
AgACMAcDBQAqAB1oMA0GCSqGSIb3DQEBCwUAA4IBAQCpBG5FGz62b+96c/E9izlR
Un7gK5YqTIhUhqLgWSUeYGpJsT/HhjckTbZWYdDgp/iujAzYTci5+wAfazDF04Au
Qb/pjGU3N42aYtCVMAk2FFZLNYS+/dHtKVjPkCt1nLmjx+N7F56dddhiuQzYTDCm
vOWTiMNU9TD7zay3PpvoJ5sxmFjbig+hHcw0HK3qcxVsN0KIPCdYtGEqmdrX+lPq
mknmPnj4yk/3+P3KdKhtiJxqaVjb0IwJlDaOUNG3LUB93b9bHHuBNpf8IqZ0Cnf3
cfimY/1jrDEKpbf5bV/PrFjzXIMCUVdqSqX1377SPhfBcyxPsCn+Xlw5nwHx3lOn
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:09 2024 by rpki-client on console-ams.rpki-client.org