Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/qe9lX5vFcyedpNehtwYGjqhFRzU.roa
File: qe9lX5vFcyedpNehtwYGjqhFRzU.roa (raw, json)
Hash identifier: pheH9rsqOjWv205r0ipj+fdpuqD2UYXI+TBEOoDpZsg=
Subject key identifier: A9:EF:65:5F:9B:C5:73:27:9D:A4:D7:A1:B7:06:06:8E:A8:45:47:35
Certificate issuer: /CN=c032495b89dce81b0c7f886ddfc3604bde06d8a6
Certificate serial: 01856D6F6EEDA5A9C68DFC03A21830E22271
Authority key identifier: C0:32:49:5B:89:DC:E8:1B:0C:7F:88:6D:DF:C3:60:4B:DE:06:D8:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wDJJW4nc6BsMf4ht38NgS94G2KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/qe9lX5vFcyedpNehtwYGjqhFRzU.roa
Signing time: Sun 01 Jan 2023 13:04:57 +0000
ROA not before: Sun 01 Jan 2023 13:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41785
IP address blocks: 193.161.140.0/24 maxlen: 24
2a0c:9f40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:6e:ed:a5:a9:c6:8d:fc:03:a2:18:30:e2:22:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c032495b89dce81b0c7f886ddfc3604bde06d8a6
Validity
Not Before: Jan 1 13:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9ef655f9bc573279da4d7a1b706068ea8454735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c0:8d:ae:65:40:c9:8d:92:69:26:12:9b:9b:
c9:80:7f:27:fe:83:bc:d5:71:8b:89:bb:4f:a3:db:
88:08:38:2f:8f:ae:af:ae:3e:77:6a:4f:74:de:9a:
bd:d0:6a:e4:fa:55:ba:e7:bc:26:22:e3:1a:ed:d2:
24:5f:29:c0:61:35:d2:b4:b1:e4:88:92:37:e7:e3:
d9:e7:10:03:07:6c:6a:ed:39:f7:3e:60:6b:c8:99:
c3:f2:c8:62:13:6f:90:4a:5a:13:dc:67:2d:bd:f4:
dc:3b:c2:d5:16:2a:9c:6a:8f:43:ea:4c:88:14:90:
93:54:3d:2d:99:9c:0a:3b:97:34:8e:74:ab:1f:c6:
4b:e7:ee:62:70:0e:c2:7d:1a:ca:d4:70:36:b7:35:
21:35:bc:31:ea:e1:03:9e:aa:a8:60:d6:10:55:d6:
c8:63:f9:a2:f7:33:dd:93:e5:31:c2:75:07:13:32:
f2:f9:16:b5:74:99:b6:3e:0b:66:d0:f9:dc:77:40:
8f:17:12:ee:13:30:52:c4:a9:2a:79:72:9a:8d:4a:
8b:4d:4e:4f:6c:17:33:1b:f2:5f:62:d8:6e:ce:30:
30:15:ac:c5:5d:24:d7:84:7d:c8:17:00:4f:4b:6c:
f4:79:ea:47:d3:c4:e0:38:a5:c4:e1:61:5c:cb:6e:
df:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:EF:65:5F:9B:C5:73:27:9D:A4:D7:A1:B7:06:06:8E:A8:45:47:35
X509v3 Authority Key Identifier:
keyid:C0:32:49:5B:89:DC:E8:1B:0C:7F:88:6D:DF:C3:60:4B:DE:06:D8:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wDJJW4nc6BsMf4ht38NgS94G2KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/qe9lX5vFcyedpNehtwYGjqhFRzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/12dd2c-4d0c-420a-98a5-02e6422c4181/1/wDJJW4nc6BsMf4ht38NgS94G2KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.161.140.0/24
IPv6:
2a0c:9f40::/32
Signature Algorithm: sha256WithRSAEncryption
ba:0b:51:0f:e1:0d:f5:76:8f:90:7b:02:c2:eb:3e:d6:49:3d:
2c:a0:c5:79:cb:8e:cc:9b:3b:69:ca:9b:a2:94:5e:51:fe:86:
d7:19:88:3e:36:87:b7:d4:01:eb:01:0b:3a:dc:48:1d:ee:66:
19:bd:f9:43:20:b7:cc:3f:1f:e9:bc:29:b3:b2:aa:a2:e2:32:
29:45:1c:94:38:73:ce:37:63:42:75:38:22:f7:ce:19:ac:01:
cd:ac:3f:b6:04:33:f6:93:ec:ef:d4:51:e5:20:23:fc:62:1f:
e9:34:21:7e:a6:cd:01:73:e5:3d:af:06:e7:95:3a:db:f4:35:
e0:8c:ca:86:5f:47:bb:ee:47:e1:e0:e6:ae:b4:a2:36:da:ce:
c7:f4:df:21:07:0f:10:24:d1:e7:2e:c6:3a:70:76:36:ed:f0:
22:74:d1:b0:ff:0f:4a:56:77:49:1d:ee:65:07:e0:d5:a5:b7:
a3:29:6f:e5:15:d5:df:e0:2f:c4:a7:c9:df:6c:52:91:cf:c2:
c9:3b:91:b4:3c:bd:31:05:c2:90:ff:8f:dc:43:8a:bc:39:45:
ff:45:73:8c:3e:40:b4:0a:0c:33:79:28:c6:a8:4f:79:a2:16:
22:61:5c:ff:14:c8:d8:a9:47:76:dd:bf:d9:4d:56:f1:f3:32:
96:c5:b8:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtb27tpanGjfwDohgw4iJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMzI0OTViODlkY2U4MWIwYzdmODg2ZGRmYzM2MDRiZGUw
NmQ4YTYwHhcNMjMwMTAxMTMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWVmNjU1ZjliYzU3MzI3OWRhNGQ3YTFiNzA2MDY4ZWE4NDU0NzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksCNrmVAyY2SaSYSm5vJgH8n/oO8
1XGLibtPo9uICDgvj66vrj53ak903pq90Grk+lW657wmIuMa7dIkXynAYTXStLHk
iJI35+PZ5xADB2xq7Tn3PmBryJnD8shiE2+QSloT3GctvfTcO8LVFiqcao9D6kyI
FJCTVD0tmZwKO5c0jnSrH8ZL5+5icA7CfRrK1HA2tzUhNbwx6uEDnqqoYNYQVdbI
Y/mi9zPdk+UxwnUHEzLy+Ra1dJm2Pgtm0Pncd0CPFxLuEzBSxKkqeXKajUqLTU5P
bBczG/JfYthuzjAwFazFXSTXhH3IFwBPS2z0eepH08TgOKXE4WFcy27fvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKnvZV+bxXMnnaTXobcGBo6oRUc1MB8GA1UdIwQY
MBaAFMAySVuJ3OgbDH+Ibd/DYEveBtimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0RKSlc0bmM2QnNNZjRodDM4TmdTOTRHMktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8xMmRkMmMtNGQwYy00MjBhLTk4YTUt
MDJlNjQyMmM0MTgxLzEvcWU5bFg1dkZjeWVkcE5laHR3WUdqcWhGUnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8xMmRkMmMtNGQwYy00MjBhLTk4YTUtMDJlNjQyMmM0MTgx
LzEvd0RKSlc0bmM2QnNNZjRodDM4TmdTOTRHMktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaGMMA0E
AgACMAcDBQAqDJ9AMA0GCSqGSIb3DQEBCwUAA4IBAQC6C1EP4Q31do+QewLC6z7W
ST0soMV5y47MmztpypuilF5R/obXGYg+Noe31AHrAQs63Egd7mYZvflDILfMPx/p
vCmzsqqi4jIpRRyUOHPON2NCdTgi984ZrAHNrD+2BDP2k+zv1FHlICP8Yh/pNCF+
ps0Bc+U9rwbnlTrb9DXgjMqGX0e77kfh4OautKI22s7H9N8hBw8QJNHnLsY6cHY2
7fAidNGw/w9KVndJHe5lB+DVpbejKW/lFdXf4C/Ep8nfbFKRz8LJO5G0PL0xBcKQ
/4/cQ4q8OUX/RXOMPkC0CgwzeSjGqE95ohYiYVz/FMjYqUd23b/ZTVbx8zKWxbjh
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:58 2024 by rpki-client on console-ams.rpki-client.org