Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/qs4YbkQfq02vRIIu0DdmKGhNwZE.roa
File: qs4YbkQfq02vRIIu0DdmKGhNwZE.roa (raw, json)
Hash identifier: rZV2JCxypBjZRnPLmNsVkH9MDmcRVtW9qSLKEE6oi6U=
Subject key identifier: AA:CE:18:6E:44:1F:AB:4D:AF:44:82:2E:D0:37:66:28:68:4D:C1:91
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 01856DCAFF973D7357212DE7129B14FAC602
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/qs4YbkQfq02vRIIu0DdmKGhNwZE.roa
Signing time: Sun 01 Jan 2023 14:44:58 +0000
ROA not before: Sun 01 Jan 2023 14:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212249
IP address blocks: 185.174.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ff:97:3d:73:57:21:2d:e7:12:9b:14:fa:c6:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Jan 1 14:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aace186e441fab4daf44822ed0376628684dc191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7b:c7:11:8c:d4:4e:96:e3:b3:c2:81:47:2c:
ce:45:06:ac:7e:75:67:c0:fb:f6:b7:b1:a1:f9:d7:
11:ed:6b:6d:5d:48:65:df:51:38:59:91:73:1e:ef:
ae:5c:5b:d4:51:bc:41:31:4a:15:41:c3:c2:af:92:
fc:0f:a8:23:5a:f1:59:fa:06:95:81:56:f1:dc:39:
fa:76:eb:22:bd:eb:79:c1:77:1f:8b:9f:27:03:84:
24:d5:b7:97:2e:df:83:a4:6d:07:d1:02:4e:4d:01:
66:7e:df:df:74:5e:d4:2d:ad:f3:36:19:42:ae:28:
80:b4:e8:da:7b:7c:f7:a3:6a:c4:6d:01:89:e9:9c:
c0:3f:1e:12:58:6a:9a:17:09:cc:52:91:bd:86:6e:
f1:57:df:07:96:aa:5a:bc:2a:fb:99:ee:16:11:50:
4d:c0:59:9d:d1:20:b6:92:62:02:95:68:b8:87:f7:
52:0c:fc:b9:05:67:aa:2e:02:eb:76:f0:52:e6:b2:
5b:f9:ea:b7:b3:22:fe:38:d8:d1:6a:e6:5f:f9:61:
a6:6d:ad:9f:1d:17:8c:51:cb:c3:86:01:6a:35:73:
f1:c3:e2:b7:7b:18:24:22:fd:4d:5b:29:ec:40:fa:
71:4e:11:e9:3d:48:24:dd:27:a2:de:7e:ae:2e:0b:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CE:18:6E:44:1F:AB:4D:AF:44:82:2E:D0:37:66:28:68:4D:C1:91
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/qs4YbkQfq02vRIIu0DdmKGhNwZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.71.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:a8:92:cb:3d:b0:46:bc:2b:67:40:7d:b2:01:39:62:b6:46:
23:5e:50:5b:54:7c:b4:ea:d0:8f:9d:0c:70:0a:98:d3:68:09:
a5:f3:3e:3e:04:9d:05:c6:48:1a:5e:e8:1b:65:d3:7d:b2:bf:
1a:c2:42:37:d9:c0:89:e1:54:02:6a:ea:7c:b4:a8:21:04:78:
dc:ae:f1:9b:fd:0b:0b:7b:d5:9a:9c:05:3a:0a:a6:da:5b:6e:
92:44:3d:99:0b:02:70:9e:e6:3e:c1:61:cd:ef:4a:87:3b:91:
25:1e:a7:0b:18:92:dc:36:31:26:fd:05:5c:7a:9e:f8:fb:ea:
15:bc:f4:08:0f:90:82:88:66:0a:30:73:d1:f9:3c:d1:f5:48:
8f:d3:9b:29:6b:1a:a3:8c:05:1c:3b:9b:5b:84:7c:94:9a:01:
22:56:5b:1c:6b:e2:94:ed:2d:3d:75:13:c0:0d:d6:d2:c3:4d:
f4:14:a4:e6:6a:f1:3a:59:2d:a8:bf:db:f7:2b:b7:0a:0c:10:
b6:8f:5e:e6:3e:ad:03:0e:f0:34:ca:87:17:dc:55:f4:48:f9:
61:57:8f:25:c0:6a:b5:e5:c0:c0:d3:a9:30:c5:17:eb:76:c9:
ad:fd:62:84:27:4e:d0:d6:8f:2a:3c:c0:88:e9:b5:db:a7:b3:
42:ac:9f:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyv+XPXNXIS3nEpsU+sYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjMwMTAxMTQ0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNlMTg2ZTQ0MWZhYjRkYWY0NDgyMmVkMDM3NjYyODY4NGRjMTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHvHEYzUTpbjs8KBRyzORQasfnVn
wPv2t7Gh+dcR7WttXUhl31E4WZFzHu+uXFvUUbxBMUoVQcPCr5L8D6gjWvFZ+gaV
gVbx3Dn6dusivet5wXcfi58nA4Qk1beXLt+DpG0H0QJOTQFmft/fdF7ULa3zNhlC
riiAtOjae3z3o2rEbQGJ6ZzAPx4SWGqaFwnMUpG9hm7xV98HlqpavCr7me4WEVBN
wFmd0SC2kmIClWi4h/dSDPy5BWeqLgLrdvBS5rJb+eq3syL+ONjRauZf+WGmba2f
HReMUcvDhgFqNXPxw+K3exgkIv1NWynsQPpxThHpPUgk3Sei3n6uLguqlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrOGG5EH6tNr0SCLtA3ZihoTcGRMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvcXM0WWJrUWZxMDJ2UklJdTBEZG1LR2hOd1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua5HMA0G
CSqGSIb3DQEBCwUAA4IBAQBvqJLLPbBGvCtnQH2yATlitkYjXlBbVHy06tCPnQxw
CpjTaAml8z4+BJ0FxkgaXugbZdN9sr8awkI32cCJ4VQCaup8tKghBHjcrvGb/QsL
e9WanAU6CqbaW26SRD2ZCwJwnuY+wWHN70qHO5ElHqcLGJLcNjEm/QVcep74++oV
vPQID5CCiGYKMHPR+TzR9UiP05spaxqjjAUcO5tbhHyUmgEiVlsca+KU7S09dRPA
DdbSw030FKTmavE6WS2ov9v3K7cKDBC2j17mPq0DDvA0yocX3FX0SPlhV48lwGq1
5cDA06kwxRfrdsmt/WKEJ07Q1o8qPMCI6bXbp7NCrJ9h
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:05 2024 by rpki-client on console-fra.rpki-client.org