Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/52da35-26cb-4fea-bcd8-d3a38c76ad4d/1/qVhZymGlIiqxzFEB0fxv58zpNFE.roa
File: qVhZymGlIiqxzFEB0fxv58zpNFE.roa (raw, json)
Hash identifier: bvo+Fo5PGx6+hSbzovHEQu3XPJWDiTM2P8gVSkmEeyU=
Subject key identifier: A9:58:59:CA:61:A5:22:2A:B1:CC:51:01:D1:FC:6F:E7:CC:E9:34:51
Certificate issuer: /CN=e84cbf6ee0fbcabf79eb74bc6248f396cf0aeae4
Certificate serial: 0187314EA046B4B21792B3E25832F9C98AE8
Authority key identifier: E8:4C:BF:6E:E0:FB:CA:BF:79:EB:74:BC:62:48:F3:96:CF:0A:EA:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Ey_buD7yr9563S8Ykjzls8K6uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/52da35-26cb-4fea-bcd8-d3a38c76ad4d/1/qVhZymGlIiqxzFEB0fxv58zpNFE.roa
Signing time: Thu 30 Mar 2023 06:57:29 +0000
ROA not before: Thu 30 Mar 2023 06:57:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202714
IP address blocks: 185.150.4.0/22 maxlen: 22
2a0d:1e40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:31:4e:a0:46:b4:b2:17:92:b3:e2:58:32:f9:c9:8a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84cbf6ee0fbcabf79eb74bc6248f396cf0aeae4
Validity
Not Before: Mar 30 06:57:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a95859ca61a5222ab1cc5101d1fc6fe7cce93451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:06:1a:29:52:22:cd:1f:a2:f8:2c:4a:da:49:
45:85:e8:05:09:e3:bd:95:b7:2e:a6:63:2c:9e:47:
44:c9:13:5e:66:97:31:f9:61:50:6a:5c:12:34:20:
a4:2a:19:84:d5:ef:4c:35:9b:4f:03:9c:a3:c5:b4:
9b:7b:6a:ee:f8:76:86:c7:3c:6f:30:26:e6:4b:83:
58:4b:ea:7e:c5:56:ec:52:a6:1e:d9:80:4a:ed:20:
6d:19:2f:a8:2b:c5:04:d9:d8:a0:1f:65:50:7a:0f:
50:50:0e:3c:ec:ab:36:2c:9c:a1:3a:b9:c5:7c:78:
88:66:e2:60:3b:d1:d4:16:85:ac:53:51:11:21:c1:
25:98:39:6d:b8:2d:f2:95:b9:0a:81:66:7e:87:8d:
1a:f8:07:79:19:ef:28:ac:8a:6c:e2:63:8e:bd:0c:
be:7c:86:4b:a6:1e:d9:60:84:27:e8:df:6c:44:fa:
a4:6a:8e:d3:7a:06:e9:75:b1:bc:27:a2:36:f6:89:
e1:0f:40:f1:90:73:71:b9:a2:ad:4d:b8:13:6b:7b:
1f:37:38:18:3b:05:d9:ed:6f:b5:05:9d:1a:7f:f7:
0a:38:48:18:70:4d:39:b6:7c:f6:4f:8a:5e:c1:4c:
da:f7:3f:03:37:61:d4:d4:d0:75:ce:10:d1:7d:86:
0c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:58:59:CA:61:A5:22:2A:B1:CC:51:01:D1:FC:6F:E7:CC:E9:34:51
X509v3 Authority Key Identifier:
keyid:E8:4C:BF:6E:E0:FB:CA:BF:79:EB:74:BC:62:48:F3:96:CF:0A:EA:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ey_buD7yr9563S8Ykjzls8K6uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/52da35-26cb-4fea-bcd8-d3a38c76ad4d/1/qVhZymGlIiqxzFEB0fxv58zpNFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/52da35-26cb-4fea-bcd8-d3a38c76ad4d/1/6Ey_buD7yr9563S8Ykjzls8K6uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.4.0/22
IPv6:
2a0d:1e40::/29
Signature Algorithm: sha256WithRSAEncryption
79:d3:83:56:33:87:91:f1:ab:7c:2f:83:0c:41:42:d6:35:dd:
37:95:63:4e:3c:c6:a9:11:a3:5e:0c:9e:63:f4:bc:29:9c:43:
08:3c:1c:17:12:95:c2:01:86:bb:00:56:93:a0:b9:6c:7c:01:
27:5a:d6:4a:d4:a8:43:d3:3f:53:cd:61:60:eb:df:e4:0a:55:
15:d6:6d:fe:b6:65:1c:e4:4e:83:0b:b9:eb:12:45:74:8c:f5:
01:1c:6b:4f:8b:4a:a9:e1:97:0b:cb:98:d2:fd:27:a7:fc:37:
0b:62:3b:b3:6e:e7:7d:b5:4d:36:63:42:11:a9:93:ba:b1:9b:
1a:35:aa:95:bb:12:a9:e0:3b:e6:d4:bb:aa:66:5a:2c:61:32:
bf:94:c9:41:57:82:05:c8:83:e5:67:d4:7c:24:57:30:59:78:
5e:58:3b:8d:fa:81:36:52:40:c5:f9:fe:82:60:8e:f6:7e:29:
8e:17:d5:d1:dd:d7:ee:55:db:8c:62:6b:e1:2a:ab:71:bc:18:
7a:2c:d9:57:88:d0:d5:b2:0b:73:04:1f:9a:d6:ab:6e:9a:57:
46:64:5d:55:b9:cd:db:26:ee:a4:30:9d:62:ec:c6:14:16:b8:
81:29:ae:7a:12:d8:9e:63:e1:c3:50:0f:83:b9:99:00:8c:35:
6c:1f:5a:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYcxTqBGtLIXkrPiWDL5yYroMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGNiZjZlZTBmYmNhYmY3OWViNzRiYzYyNDhmMzk2Y2Yw
YWVhZTQwHhcNMjMwMzMwMDY1NzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTU4NTljYTYxYTUyMjJhYjFjYzUxMDFkMWZjNmZlN2NjZTkzNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQYaKVIizR+i+CxK2klFhegFCeO9
lbcupmMsnkdEyRNeZpcx+WFQalwSNCCkKhmE1e9MNZtPA5yjxbSbe2ru+HaGxzxv
MCbmS4NYS+p+xVbsUqYe2YBK7SBtGS+oK8UE2digH2VQeg9QUA487Ks2LJyhOrnF
fHiIZuJgO9HUFoWsU1ERIcElmDltuC3ylbkKgWZ+h40a+Ad5Ge8orIps4mOOvQy+
fIZLph7ZYIQn6N9sRPqkao7TegbpdbG8J6I29onhD0DxkHNxuaKtTbgTa3sfNzgY
OwXZ7W+1BZ0af/cKOEgYcE05tnz2T4pewUza9z8DN2HU1NB1zhDRfYYMpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKlYWcphpSIqscxRAdH8b+fM6TRRMB8GA1UdIwQY
MBaAFOhMv27g+8q/eet0vGJI85bPCurkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkV5X2J1RDd5cjk1NjNTOFlranpsczhLNnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC81MmRhMzUtMjZjYi00ZmVhLWJjZDgt
ZDNhMzhjNzZhZDRkLzEvcVZoWnltR2xJaXF4ekZFQjBmeHY1OHpwTkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC81MmRhMzUtMjZjYi00ZmVhLWJjZDgtZDNhMzhjNzZhZDRk
LzEvNkV5X2J1RDd5cjk1NjNTOFlranpsczhLNnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZYEMA0E
AgACMAcDBQMqDR5AMA0GCSqGSIb3DQEBCwUAA4IBAQB504NWM4eR8at8L4MMQULW
Nd03lWNOPMapEaNeDJ5j9LwpnEMIPBwXEpXCAYa7AFaToLlsfAEnWtZK1KhD0z9T
zWFg69/kClUV1m3+tmUc5E6DC7nrEkV0jPUBHGtPi0qp4ZcLy5jS/Sen/DcLYjuz
bud9tU02Y0IRqZO6sZsaNaqVuxKp4Dvm1LuqZlosYTK/lMlBV4IFyIPlZ9R8JFcw
WXheWDuN+oE2UkDF+f6CYI72fimOF9XR3dfuVduMYmvhKqtxvBh6LNlXiNDVsgtz
BB+a1qtumldGZF1Vuc3bJu6kMJ1i7MYUFriBKa56EtieY+HDUA+DuZkAjDVsH1rm
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:14 2024 by rpki-client on console-fra.rpki-client.org