Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/qSA7CQdxb11t2TbeYNHkNTMgXR8.roa
File: qSA7CQdxb11t2TbeYNHkNTMgXR8.roa (raw, json)
Hash identifier: GkI/Jff8WzhwMoaSg4BJKjl8YwFG9cxb0VC/D79aaD8=
Subject key identifier: A9:20:3B:09:07:71:6F:5D:6D:D9:36:DE:60:D1:E4:35:33:20:5D:1F
Certificate issuer: /CN=038af86795417a3584d616375209a72efee2462b
Certificate serial: 018573438EDDD91BD6C46D5A4AB47D2D19E3
Authority key identifier: 03:8A:F8:67:95:41:7A:35:84:D6:16:37:52:09:A7:2E:FE:E2:46:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A4r4Z5VBejWE1hY3UgmnLv7iRis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/qSA7CQdxb11t2TbeYNHkNTMgXR8.roa
Signing time: Mon 02 Jan 2023 16:14:45 +0000
ROA not before: Mon 02 Jan 2023 16:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5400
IP address blocks: 91.142.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:8e:dd:d9:1b:d6:c4:6d:5a:4a:b4:7d:2d:19:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=038af86795417a3584d616375209a72efee2462b
Validity
Not Before: Jan 2 16:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9203b0907716f5d6dd936de60d1e43533205d1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:25:d1:62:fa:8c:67:0f:a7:66:2f:5c:a0:55:
2b:19:c0:c0:47:4d:27:65:83:1d:95:d8:e8:f4:ad:
a1:cc:6b:98:78:f5:d9:93:a3:a7:af:6f:4e:7d:a6:
80:02:f4:c8:da:23:b6:de:37:25:e3:6f:69:01:07:
9f:00:65:d3:03:20:b6:43:39:f1:30:d4:90:ef:30:
4f:cd:a1:33:73:3e:8e:58:b8:24:cb:fc:c9:8f:bf:
b0:f9:b6:50:de:f2:ca:3a:69:54:d8:7a:42:74:3f:
5b:6b:ab:67:f6:84:88:67:9d:e8:3c:99:d0:72:bd:
46:2b:79:1a:a7:99:bf:57:0b:db:cb:dd:5c:f8:5b:
b8:c2:1a:2c:a1:3d:de:f3:c0:87:27:12:be:48:6f:
fa:a6:e1:6d:ae:eb:c5:4f:72:e9:55:48:d3:0c:33:
f5:a5:9b:03:8e:17:a7:ed:44:99:57:b7:cf:37:15:
de:e7:1f:76:7e:7a:a4:ca:7f:29:4b:d1:eb:9e:25:
59:de:07:e4:f6:18:cf:11:a8:ae:64:29:e9:fd:46:
c7:0b:4c:b3:da:34:a7:4b:91:3c:f0:97:71:25:72:
de:f0:0b:c6:98:e2:de:5f:b1:52:75:ab:de:c0:03:
84:01:26:74:cf:eb:78:6a:72:f1:ca:3c:a0:04:e7:
fc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:20:3B:09:07:71:6F:5D:6D:D9:36:DE:60:D1:E4:35:33:20:5D:1F
X509v3 Authority Key Identifier:
keyid:03:8A:F8:67:95:41:7A:35:84:D6:16:37:52:09:A7:2E:FE:E2:46:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4r4Z5VBejWE1hY3UgmnLv7iRis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/qSA7CQdxb11t2TbeYNHkNTMgXR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/57e419-42f4-4d8c-b6b4-431f27a62ed8/1/A4r4Z5VBejWE1hY3UgmnLv7iRis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.128.0/24
Signature Algorithm: sha256WithRSAEncryption
50:85:75:e1:28:76:08:cc:b3:81:2f:d0:df:9f:82:00:ef:57:
66:6b:d5:0d:e7:57:17:22:71:3c:68:2f:5a:2c:f9:07:d7:95:
63:4f:11:6e:c7:a3:1a:92:8b:62:37:59:4e:52:45:25:7e:80:
f9:9b:38:32:bd:3f:68:f9:de:0c:52:0f:fb:91:0c:f8:23:39:
cc:36:11:ea:e9:52:81:60:55:a1:78:e6:67:e0:1f:a7:c9:7e:
1f:7c:bd:3f:6e:2e:51:4a:e8:70:c8:87:e4:e2:fa:fc:42:dd:
8f:79:f4:5e:7d:2f:e2:ab:c1:53:77:e7:6c:37:14:e6:97:88:
9e:70:f9:c3:2f:31:02:fb:87:c3:bc:fb:85:c9:d6:4a:ae:d1:
96:41:7d:8e:e6:8e:85:df:f5:d4:0a:1c:23:df:36:bf:12:ba:
e0:40:a4:2e:2d:94:0c:e2:e1:51:c0:da:d6:00:fe:05:2d:f9:
51:52:52:93:d6:cd:fc:a9:22:4b:44:bf:5b:44:4c:83:15:3c:
75:17:d4:a9:dd:64:79:a5:cd:3e:0d:59:c2:e6:64:56:5a:73:
b7:37:45:7b:ec:c3:47:57:6e:03:99:2d:dd:72:60:0b:84:04:
ad:da:18:9f:ac:8b:43:27:2d:ac:d0:a4:75:4b:51:9f:ab:f8:
5b:89:0e:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzQ47d2RvWxG1aSrR9LRnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzOGFmODY3OTU0MTdhMzU4NGQ2MTYzNzUyMDlhNzJlZmVl
MjQ2MmIwHhcNMjMwMTAyMTYxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIwM2IwOTA3NzE2ZjVkNmRkOTM2ZGU2MGQxZTQzNTMzMjA1ZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiXRYvqMZw+nZi9coFUrGcDAR00n
ZYMdldjo9K2hzGuYePXZk6Onr29OfaaAAvTI2iO23jcl429pAQefAGXTAyC2Qznx
MNSQ7zBPzaEzcz6OWLgky/zJj7+w+bZQ3vLKOmlU2HpCdD9ba6tn9oSIZ53oPJnQ
cr1GK3kap5m/Vwvby91c+Fu4whosoT3e88CHJxK+SG/6puFtruvFT3LpVUjTDDP1
pZsDjhen7USZV7fPNxXe5x92fnqkyn8pS9HrniVZ3gfk9hjPEaiuZCnp/UbHC0yz
2jSnS5E88JdxJXLe8AvGmOLeX7FSdavewAOEASZ0z+t4anLxyjygBOf8ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKkgOwkHcW9dbdk23mDR5DUzIF0fMB8GA1UdIwQY
MBaAFAOK+GeVQXo1hNYWN1IJpy7+4kYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTRyNFo1VkJlaldFMWhZM1VnbW5MdjdpUmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81N2U0MTktNDJmNC00ZDhjLWI2YjQt
NDMxZjI3YTYyZWQ4LzEvcVNBN0NRZHhiMTF0MlRiZVlOSGtOVE1nWFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81N2U0MTktNDJmNC00ZDhjLWI2YjQtNDMxZjI3YTYyZWQ4
LzEvQTRyNFo1VkJlaldFMWhZM1VnbW5MdjdpUmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW46AMA0G
CSqGSIb3DQEBCwUAA4IBAQBQhXXhKHYIzLOBL9Dfn4IA71dma9UN51cXInE8aC9a
LPkH15VjTxFux6MakotiN1lOUkUlfoD5mzgyvT9o+d4MUg/7kQz4IznMNhHq6VKB
YFWheOZn4B+nyX4ffL0/bi5RSuhwyIfk4vr8Qt2PefRefS/iq8FTd+dsNxTml4ie
cPnDLzEC+4fDvPuFydZKrtGWQX2O5o6F3/XUChwj3za/ErrgQKQuLZQM4uFRwNrW
AP4FLflRUlKT1s38qSJLRL9bREyDFTx1F9Sp3WR5pc0+DVnC5mRWWnO3N0V77MNH
V24DmS3dcmALhASt2hifrItDJy2s0KR1S1Gfq/hbiQ6f
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:53 2024 by rpki-client on console-fra.rpki-client.org