Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/qAgg3jArBthIOQWMm6AcZ65N3HE.roa
File: qAgg3jArBthIOQWMm6AcZ65N3HE.roa (raw, json)
Hash identifier: pNGv5a15ZdrRAaImZZTrcxpKDi+zrwnzSFr2WNzgTv0=
Subject key identifier: A8:08:20:DE:30:2B:06:D8:48:39:05:8C:9B:A0:1C:67:AE:4D:DC:71
Certificate issuer: /CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
Certificate serial: 01856D94005C465703BA3932397FF778F973
Authority key identifier: 18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/qAgg3jArBthIOQWMm6AcZ65N3HE.roa
Signing time: Sun 01 Jan 2023 13:44:54 +0000
ROA not before: Sun 01 Jan 2023 13:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15466
IP address blocks: 45.150.28.0/22 maxlen: 22
217.169.224.0/20 maxlen: 20
2a04:8f80:2000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:00:5c:46:57:03:ba:39:32:39:7f:f7:78:f9:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1830e603e9ca8c05d4c1bc62b0b76e7bd9d18909
Validity
Not Before: Jan 1 13:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a80820de302b06d84839058c9ba01c67ae4ddc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:81:00:9e:a4:02:cc:07:d8:de:08:6f:b8:2c:
64:d0:e5:5a:df:a3:2a:ba:9d:4d:16:1e:31:58:b8:
96:17:1d:f9:80:0e:18:db:0b:02:4f:7c:06:f5:b6:
08:fb:a7:4d:da:13:00:c2:de:5c:ea:5a:46:ce:88:
8d:61:d3:66:09:ee:cd:59:82:28:72:9b:ad:2b:f6:
c8:e8:c2:d0:e8:e1:e1:84:d5:05:a1:d3:5f:b0:72:
8c:4f:c2:bd:7c:d9:86:89:e3:2c:09:51:53:7d:2b:
e7:6f:0e:d6:c2:2e:ac:e5:3f:94:f2:ea:c9:16:36:
f1:87:47:9b:4d:f0:0a:0d:b7:2e:07:3f:83:3e:ab:
84:2d:2c:c6:ba:85:6e:01:f4:c9:7b:43:60:6d:6a:
dc:99:05:63:36:64:47:b1:3a:ee:8f:d0:2d:c4:9c:
59:d4:7c:13:c7:f5:ef:92:8d:57:8a:96:4e:10:c6:
ac:b2:44:c4:10:ef:fc:80:55:eb:a2:d8:42:f5:b1:
a1:6c:75:53:a8:ee:64:01:cd:e9:79:2a:b0:0b:a1:
b9:e1:24:fb:d3:2f:94:2a:e0:b5:9f:73:df:a9:ed:
fd:11:ff:19:a0:2b:5b:63:82:86:db:98:31:54:d4:
67:03:cd:4a:95:6d:87:dd:9b:f2:31:78:75:40:1d:
37:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:08:20:DE:30:2B:06:D8:48:39:05:8C:9B:A0:1C:67:AE:4D:DC:71
X509v3 Authority Key Identifier:
keyid:18:30:E6:03:E9:CA:8C:05:D4:C1:BC:62:B0:B7:6E:7B:D9:D1:89:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GDDmA-nKjAXUwbxisLdue9nRiQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/qAgg3jArBthIOQWMm6AcZ65N3HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/2191d7-fda0-4b07-8a8f-1789e64d3210/1/GDDmA-nKjAXUwbxisLdue9nRiQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.28.0/22
217.169.224.0/20
IPv6:
2a04:8f80:2000::/36
Signature Algorithm: sha256WithRSAEncryption
14:53:03:b4:44:5a:60:7e:2e:74:96:0a:6c:64:12:58:37:d3:
be:a9:98:96:55:3f:ca:ae:61:c1:33:e8:5d:2d:b1:54:fb:44:
b6:a6:c9:21:4a:90:2b:1a:1b:2a:ef:87:28:9d:eb:98:75:aa:
70:65:a6:69:68:73:6d:83:0d:3c:6e:60:0d:d3:f3:ff:a7:49:
cd:a8:ca:64:83:ee:25:95:fc:00:38:08:88:85:19:8e:36:46:
0a:42:ab:04:fc:58:68:82:38:66:48:cb:32:b5:61:95:16:b5:
18:f2:2e:4e:f6:9b:45:d7:fa:ce:70:8e:6f:fa:6d:fb:2e:91:
b6:58:f2:0e:18:4e:53:ce:ce:06:11:0b:52:17:ab:67:0e:8a:
46:59:da:53:4c:13:d6:03:e9:14:17:a0:80:02:cc:8e:ba:01:
2b:ec:eb:22:68:d5:b7:a0:b4:2e:3e:d0:b2:9e:6c:64:ab:17:
86:3f:fe:50:74:61:5f:7d:7e:19:aa:33:7f:a3:f8:e6:5c:b4:
d3:e1:60:3b:0e:6a:fc:c0:58:d7:0b:c0:8d:a4:15:47:1b:99:
63:bd:5a:71:d0:8a:2e:51:e5:45:80:b7:a4:80:a4:a8:8d:9f:
f3:78:98:a0:04:68:d0:c7:f4:ff:a9:cd:d1:19:7e:de:0e:9a:
84:b7:96:4c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVtlABcRlcDujkyOX/3ePlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MzBlNjAzZTljYThjMDVkNGMxYmM2MmIwYjc2ZTdiZDlk
MTg5MDkwHhcNMjMwMTAxMTM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA4MjBkZTMwMmIwNmQ4NDgzOTA1OGM5YmEwMWM2N2FlNGRkYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIEAnqQCzAfY3ghvuCxk0OVa36Mq
up1NFh4xWLiWFx35gA4Y2wsCT3wG9bYI+6dN2hMAwt5c6lpGzoiNYdNmCe7NWYIo
cputK/bI6MLQ6OHhhNUFodNfsHKMT8K9fNmGieMsCVFTfSvnbw7Wwi6s5T+U8urJ
Fjbxh0ebTfAKDbcuBz+DPquELSzGuoVuAfTJe0NgbWrcmQVjNmRHsTruj9AtxJxZ
1HwTx/Xvko1XipZOEMasskTEEO/8gFXrothC9bGhbHVTqO5kAc3peSqwC6G54ST7
0y+UKuC1n3Pfqe39Ef8ZoCtbY4KG25gxVNRnA81KlW2H3ZvyMXh1QB035wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKgIIN4wKwbYSDkFjJugHGeuTdxxMB8GA1UdIwQY
MBaAFBgw5gPpyowF1MG8YrC3bnvZ0YkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYt
MTc4OWU2NGQzMjEwLzEvcUFnZzNqQXJCdGhJT1FXTW02QWNaNjVOM0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8yMTkxZDctZmRhMC00YjA3LThhOGYtMTc4OWU2NGQzMjEw
LzEvR0REbUEtbktqQVhVd2J4aXNMZHVlOW5SaVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCLZYcAwQE
2angMA4EAgACMAgDBgQqBI+AIDANBgkqhkiG9w0BAQsFAAOCAQEAFFMDtERaYH4u
dJYKbGQSWDfTvqmYllU/yq5hwTPoXS2xVPtEtqbJIUqQKxobKu+HKJ3rmHWqcGWm
aWhzbYMNPG5gDdPz/6dJzajKZIPuJZX8ADgIiIUZjjZGCkKrBPxYaII4ZkjLMrVh
lRa1GPIuTvabRdf6znCOb/pt+y6RtljyDhhOU87OBhELUherZw6KRlnaU0wT1gPp
FBeggALMjroBK+zrImjVt6C0Lj7Qsp5sZKsXhj/+UHRhX31+Gaozf6P45ly00+Fg
Ow5q/MBY1wvAjaQVRxuZY71acdCKLlHlRYC3pICkqI2f83iYoARo0Mf0/6nN0Rl+
3g6ahLeWTA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:18 2024 by rpki-client on console-ams.rpki-client.org