Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/02q6SoaY6X9P1DNyd2PjcyT5fTU.roa
File: 02q6SoaY6X9P1DNyd2PjcyT5fTU.roa (raw, json)
Hash identifier: hkXjE8hRPF5JB4zyQ+KaYwvLkIn2f+SrGQ+7PlRDGM4=
Subject key identifier: D3:6A:BA:4A:86:98:E9:7F:4F:D4:33:72:77:63:E3:73:24:F9:7D:35
Certificate issuer: /CN=ca34b13387fab1dcf8b67f16a0a437608600c4c2
Certificate serial: 01868D0069569DA673B9BD95747D285EC33C
Authority key identifier: CA:34:B1:33:87:FA:B1:DC:F8:B6:7F:16:A0:A4:37:60:86:00:C4:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/02q6SoaY6X9P1DNyd2PjcyT5fTU.roa
Signing time: Sun 26 Feb 2023 09:14:19 +0000
ROA not before: Sun 26 Feb 2023 09:14:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9092
IP address blocks: 213.156.224.0/20 maxlen: 20
213.156.240.0/21 maxlen: 21
2a00:db0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8d:00:69:56:9d:a6:73:b9:bd:95:74:7d:28:5e:c3:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca34b13387fab1dcf8b67f16a0a437608600c4c2
Validity
Not Before: Feb 26 09:14:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d36aba4a8698e97f4fd433727763e37324f97d35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:97:4d:a1:55:4e:d3:6b:a9:5c:cd:8d:30:7e:
e6:e5:ed:e2:41:c7:26:d5:29:d6:d6:04:b7:d6:97:
fd:63:6a:7c:29:dd:45:f0:bb:0a:ef:3c:eb:0a:17:
44:82:94:3b:0a:8a:15:ff:d0:37:25:67:f2:cd:99:
22:dd:90:6e:d3:16:7f:0b:7d:53:8c:7c:1b:b3:5d:
02:79:71:7a:fb:0c:24:e0:e6:a3:a9:59:24:3c:87:
4c:b6:af:f1:e3:d1:b4:06:fa:30:b4:f3:c8:cd:ab:
76:6a:46:3d:be:28:0f:5c:d3:34:c9:9d:cd:d6:4d:
6f:33:6f:91:a1:ed:2f:bd:4f:b1:c8:88:53:42:08:
47:b4:4b:e6:22:d6:f0:3f:86:87:e0:bd:93:ad:0e:
88:73:d6:71:02:70:01:51:9d:48:de:05:57:a7:ff:
4f:9e:9e:7d:b9:48:63:26:66:0e:86:06:2e:72:23:
96:ef:53:9c:df:cd:59:1c:f3:2f:89:10:39:e9:87:
0b:5b:73:b4:b1:c4:49:b9:2f:d5:9f:cd:68:df:73:
61:2e:1f:1a:d9:fa:88:74:01:ae:a0:41:9c:d3:05:
f2:11:33:ce:91:9f:f2:05:08:38:1d:a7:c4:95:37:
dc:34:a5:67:fe:25:54:cd:ce:58:00:28:6e:1a:99:
29:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:6A:BA:4A:86:98:E9:7F:4F:D4:33:72:77:63:E3:73:24:F9:7D:35
X509v3 Authority Key Identifier:
keyid:CA:34:B1:33:87:FA:B1:DC:F8:B6:7F:16:A0:A4:37:60:86:00:C4:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/02q6SoaY6X9P1DNyd2PjcyT5fTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.156.224.0-213.156.247.255
IPv6:
2a00:db0::/32
Signature Algorithm: sha256WithRSAEncryption
10:0c:ca:cf:0d:15:40:44:82:da:08:cf:f7:d0:7a:d1:5b:d9:
c6:23:b5:9d:99:dc:2a:67:ee:a4:a7:9c:77:0f:c9:60:f8:92:
9b:ba:c5:39:06:e4:bc:11:f5:c0:10:b5:78:38:74:5d:d9:67:
d7:bf:30:d1:49:6b:d7:cc:03:71:0f:ad:4b:9f:83:7c:2f:1e:
c6:7e:48:20:04:6c:00:51:f3:3e:ad:21:7d:9b:ee:1b:f3:cd:
7d:4a:71:1b:74:d6:4c:4f:db:e6:30:ef:f3:ec:a1:1a:07:5e:
de:c4:ae:7e:a6:9e:6c:5a:71:0b:45:2b:86:52:9d:8e:7b:cb:
e5:bf:46:30:57:c3:7a:5c:86:ed:11:24:98:d2:43:cb:d8:4f:
8a:2d:5e:d0:4f:32:9a:8a:82:44:a2:57:01:d3:5b:e5:78:24:
c2:22:23:e2:f3:50:96:ae:6d:6f:55:60:b8:ef:f2:04:a4:ee:
ee:51:0e:72:f0:fb:e5:de:98:11:77:2e:02:e2:b2:f1:7f:55:
45:db:d4:73:6e:13:d1:c5:ca:04:4c:e7:f9:7c:d1:2b:c4:a6:
86:0e:1b:73:4b:ea:02:a2:4c:a5:e2:ec:a6:85:61:7c:9c:a6:
00:e2:ae:16:bb:c6:55:44:52:a8:59:94:38:14:6f:ad:1b:8d:
e6:e9:2c:23
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYaNAGlWnaZzub2VdH0oXsM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzRiMTMzODdmYWIxZGNmOGI2N2YxNmEwYTQzNzYwODYw
MGM0YzIwHhcNMjMwMjI2MDkxNDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzZhYmE0YTg2OThlOTdmNGZkNDMzNzI3NzYzZTM3MzI0Zjk3ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZdNoVVO02upXM2NMH7m5e3iQccm
1SnW1gS31pf9Y2p8Kd1F8LsK7zzrChdEgpQ7CooV/9A3JWfyzZki3ZBu0xZ/C31T
jHwbs10CeXF6+wwk4OajqVkkPIdMtq/x49G0BvowtPPIzat2akY9vigPXNM0yZ3N
1k1vM2+Roe0vvU+xyIhTQghHtEvmItbwP4aH4L2TrQ6Ic9ZxAnABUZ1I3gVXp/9P
np59uUhjJmYOhgYuciOW71Oc381ZHPMviRA56YcLW3O0scRJuS/Vn81o33NhLh8a
2fqIdAGuoEGc0wXyETPOkZ/yBQg4HafElTfcNKVn/iVUzc5YAChuGpkpvQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNNqukqGmOl/T9Qzcndj43Mk+X01MB8GA1UdIwQY
MBaAFMo0sTOH+rHc+LZ/FqCkN2CGAMTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpTeE00ZjZzZHo0dG44V29LUTNZSVlBeE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xMTdjYTMtYjYwMy00ZGI4LTk2MjYt
MDQwNTIzNGFiM2YxLzEvMDJxNlNvYVk2WDlQMUROeWQyUGpjeVQ1ZlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xMTdjYTMtYjYwMy00ZGI4LTk2MjYtMDQwNTIzNGFiM2Yx
LzEveWpTeE00ZjZzZHo0dG44V29LUTNZSVlBeE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAXVnOAD
BAPVnPAwDQQCAAIwBwMFACoADbAwDQYJKoZIhvcNAQELBQADggEBABAMys8NFUBE
gtoIz/fQetFb2cYjtZ2Z3Cpn7qSnnHcPyWD4kpu6xTkG5LwR9cAQtXg4dF3ZZ9e/
MNFJa9fMA3EPrUufg3wvHsZ+SCAEbABR8z6tIX2b7hvzzX1KcRt01kxP2+Yw7/Ps
oRoHXt7Ern6mnmxacQtFK4ZSnY57y+W/RjBXw3pchu0RJJjSQ8vYT4otXtBPMpqK
gkSiVwHTW+V4JMIiI+LzUJaubW9VYLjv8gSk7u5RDnLw++XemBF3LgLisvF/VUXb
1HNuE9HFygRM5/l80SvEpoYOG3NL6gKiTKXi7KaFYXycpgDirha7xlVEUqhZlDgU
b60bjebpLCM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:59 2024 by rpki-client on console-fra.rpki-client.org