Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/qY6FcUnqbR2ogPm715lIXfgktk4.roa
File: qY6FcUnqbR2ogPm715lIXfgktk4.roa (raw, json)
Hash identifier: 4ppRW9loCKKYVXtQvR5NYnWEdnXaHQPtkeZhEXDCQ1k=
Subject key identifier: A9:8E:85:71:49:EA:6D:1D:A8:80:F9:BB:D7:99:48:5D:F8:24:B6:4E
Certificate issuer: /CN=6dbd51576b4a93460a465af35e6bf550f5548894
Certificate serial: 01856D81AD4D81F7264535BDB258F41A8709
Authority key identifier: 6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/qY6FcUnqbR2ogPm715lIXfgktk4.roa
Signing time: Sun 01 Jan 2023 13:24:53 +0000
ROA not before: Sun 01 Jan 2023 13:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207103
IP address blocks: 79.172.16.0/21 maxlen: 24
185.5.140.0/24 maxlen: 24
185.5.141.0/24 maxlen: 24
188.68.88.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:ad:4d:81:f7:26:45:35:bd:b2:58:f4:1a:87:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dbd51576b4a93460a465af35e6bf550f5548894
Validity
Not Before: Jan 1 13:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a98e857149ea6d1da880f9bbd799485df824b64e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:c8:f0:e0:04:0d:86:1d:9f:25:60:62:99:b8:
30:a2:4c:eb:66:7a:72:3d:bb:20:70:ae:60:b0:58:
d1:bd:3e:17:21:02:de:90:23:76:52:8e:f0:79:f2:
48:0b:9a:2c:86:d6:3d:b8:4b:32:1c:f6:b4:eb:b1:
45:0e:57:9c:12:7e:0c:6f:00:00:c7:12:a4:9b:7c:
ed:73:14:61:16:8c:34:6a:5f:af:45:6e:1b:f0:43:
ae:35:2e:c6:7a:8d:2d:72:9f:b3:70:47:ee:6d:1f:
4b:00:e1:06:79:78:27:fc:7c:33:56:e5:a7:af:6f:
e7:61:a0:a2:66:67:f7:1e:45:c9:13:d6:b6:99:94:
5f:2b:2e:9e:4b:95:e0:c4:7e:3e:88:a2:f1:e1:c4:
07:0f:26:d5:c9:cb:9a:4a:44:33:79:ca:a7:61:81:
0b:ad:1c:9e:d5:d4:66:ec:33:e0:66:f4:a6:b3:58:
36:a5:22:b1:3e:66:07:2c:f7:8b:58:af:94:77:31:
13:a8:f3:99:8e:af:c5:3c:90:f0:1d:35:85:7e:c6:
e3:2e:6b:f7:41:0f:95:be:06:8e:2e:2e:9d:b8:d8:
4a:ba:b1:bb:a7:79:a5:b6:68:68:23:01:06:e7:ee:
df:28:d0:ba:9e:17:91:f9:e1:63:bf:62:cb:69:9f:
f9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8E:85:71:49:EA:6D:1D:A8:80:F9:BB:D7:99:48:5D:F8:24:B6:4E
X509v3 Authority Key Identifier:
keyid:6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/qY6FcUnqbR2ogPm715lIXfgktk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.16.0/21
185.5.140.0/23
188.68.88.0/23
Signature Algorithm: sha256WithRSAEncryption
20:39:c8:8f:d9:a0:8c:c7:de:b5:a4:53:82:c4:0c:15:ab:82:
62:9a:f9:a4:90:de:a8:81:c2:e9:13:43:63:df:15:b0:fb:9d:
b7:c1:24:7e:9c:45:25:12:0a:f4:b2:96:13:ed:ac:54:ea:15:
86:ac:4f:9a:bc:67:3f:b8:c5:92:8a:ad:ba:aa:d7:bd:0b:a3:
b0:dd:13:17:23:94:49:4c:19:1b:08:ec:7d:6d:0b:bd:c6:6d:
41:04:8d:9f:82:29:9c:c1:4f:b2:0c:fa:a6:8d:41:07:fa:99:
79:02:87:d4:70:e0:68:ce:8e:fa:e4:f9:48:9e:93:b9:ba:b8:
52:b3:6a:bf:ba:16:06:a9:a6:17:a5:31:d0:be:07:66:af:0e:
4e:9b:6e:c5:38:4d:0a:79:d0:56:d4:5f:3e:9b:6a:42:97:a9:
70:22:76:76:c1:0c:50:bb:65:04:c4:72:dc:62:ee:92:69:83:
b0:85:bf:75:a3:71:9f:f0:d6:27:68:c6:9b:15:6d:1c:a2:cb:
18:61:18:12:4e:11:ce:44:1a:de:c2:5f:a4:31:4a:b9:40:da:
13:b7:df:51:19:08:b2:70:99:5c:fb:fd:4b:d7:1f:21:b1:31:
3d:aa:ed:e7:82:fd:7e:48:f7:c4:d1:60:b7:a1:1c:6e:93:a2:
c3:64:31:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtga1NgfcmRTW9slj0GocJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYmQ1MTU3NmI0YTkzNDYwYTQ2NWFmMzVlNmJmNTUwZjU1
NDg4OTQwHhcNMjMwMTAxMTMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThlODU3MTQ5ZWE2ZDFkYTg4MGY5YmJkNzk5NDg1ZGY4MjRiNjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA78jw4AQNhh2fJWBimbgwokzrZnpy
PbsgcK5gsFjRvT4XIQLekCN2Uo7wefJIC5oshtY9uEsyHPa067FFDlecEn4MbwAA
xxKkm3ztcxRhFow0al+vRW4b8EOuNS7Geo0tcp+zcEfubR9LAOEGeXgn/HwzVuWn
r2/nYaCiZmf3HkXJE9a2mZRfKy6eS5XgxH4+iKLx4cQHDybVycuaSkQzecqnYYEL
rRye1dRm7DPgZvSms1g2pSKxPmYHLPeLWK+UdzETqPOZjq/FPJDwHTWFfsbjLmv3
QQ+VvgaOLi6duNhKurG7p3mltmhoIwEG5+7fKNC6nheR+eFjv2LLaZ/5uQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKmOhXFJ6m0dqID5u9eZSF34JLZOMB8GA1UdIwQY
MBaAFG29UVdrSpNGCkZa815r9VD1VIiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUt
MWVmN2VmMTdmYTQzLzEvcVk2RmNVbnFiUjJvZ1BtNzE1bElYZmdrdGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUtMWVmN2VmMTdmYTQz
LzEvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDT6wQAwQB
uQWMAwQBvERYMA0GCSqGSIb3DQEBCwUAA4IBAQAgOciP2aCMx961pFOCxAwVq4Ji
mvmkkN6ogcLpE0Nj3xWw+523wSR+nEUlEgr0spYT7axU6hWGrE+avGc/uMWSiq26
qte9C6Ow3RMXI5RJTBkbCOx9bQu9xm1BBI2fgimcwU+yDPqmjUEH+pl5AofUcOBo
zo765PlInpO5urhSs2q/uhYGqaYXpTHQvgdmrw5Om27FOE0KedBW1F8+m2pCl6lw
InZ2wQxQu2UExHLcYu6SaYOwhb91o3Gf8NYnaMabFW0cossYYRgSThHORBrewl+k
MUq5QNoTt99RGQiycJlc+/1L1x8hsTE9qu3ngv1+SPfE0WC3oRxuk6LDZDGS
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:12 2024 by rpki-client on console-ams.rpki-client.org