Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/12e905-7854-473c-950b-cf4bd4f3f29d/1/qESRv9Pr215nOKkgxBy_SSknN5s.roa
File: qESRv9Pr215nOKkgxBy_SSknN5s.roa (raw, json)
Hash identifier: bQlDk34MmUVA2rLVEI46t3quSnctc5JPRmsqpgsmIhI=
Subject key identifier: A8:44:91:BF:D3:EB:DB:5E:67:38:A9:20:C4:1C:BF:49:29:27:37:9B
Certificate issuer: /CN=e204a1c2ca4a4db033375e360de323790ba6a5b9
Certificate serial: 01856D5D0E936607AA7866B70B583527A854
Authority key identifier: E2:04:A1:C2:CA:4A:4D:B0:33:37:5E:36:0D:E3:23:79:0B:A6:A5:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gShwspKTbAzN142DeMjeQumpbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/12e905-7854-473c-950b-cf4bd4f3f29d/1/qESRv9Pr215nOKkgxBy_SSknN5s.roa
Signing time: Sun 01 Jan 2023 12:44:53 +0000
ROA not before: Sun 01 Jan 2023 12:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8412
IP address blocks: 193.84.112.0/24 maxlen: 24
195.248.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:0e:93:66:07:aa:78:66:b7:0b:58:35:27:a8:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e204a1c2ca4a4db033375e360de323790ba6a5b9
Validity
Not Before: Jan 1 12:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a84491bfd3ebdb5e6738a920c41cbf492927379b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a1:18:87:ce:81:aa:fe:88:52:b9:de:db:50:
af:14:c8:30:65:cc:28:b3:ca:49:da:ac:c0:55:27:
2e:ce:0c:cf:d3:1c:70:7a:9c:0f:6b:38:6e:77:9e:
67:ba:3e:3a:78:48:7f:76:af:08:2f:81:24:69:df:
c3:44:55:f3:f3:a9:5e:ec:48:19:74:3d:1b:26:48:
48:97:f6:45:0b:3e:ba:bf:69:23:fc:25:e9:57:bf:
a9:ca:3a:8a:4f:9b:ca:72:fb:68:17:61:89:ca:87:
9f:55:a5:04:fc:fe:95:ad:eb:30:04:97:49:db:b0:
58:bd:89:23:df:4a:d4:a3:50:7a:87:4e:3c:e9:cb:
bd:47:82:97:9c:04:b2:06:29:97:25:f7:27:97:d0:
3e:37:cb:df:e8:90:cc:5d:50:dd:af:1d:b7:13:99:
10:59:10:24:3f:ec:83:90:76:fd:2d:a5:70:cd:00:
8d:b7:8f:51:1a:77:5c:53:73:98:c7:11:1b:63:ad:
80:68:21:c4:86:94:27:50:0b:03:46:92:25:b4:91:
89:66:b7:aa:d3:85:dd:5d:a5:43:65:91:1e:8c:42:
34:10:ea:a8:fc:3e:e5:b7:c8:c8:e7:dc:1f:cc:00:
5f:a5:d2:f5:3f:cc:d6:db:ca:4f:7e:e9:1a:33:38:
36:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:44:91:BF:D3:EB:DB:5E:67:38:A9:20:C4:1C:BF:49:29:27:37:9B
X509v3 Authority Key Identifier:
keyid:E2:04:A1:C2:CA:4A:4D:B0:33:37:5E:36:0D:E3:23:79:0B:A6:A5:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gShwspKTbAzN142DeMjeQumpbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/12e905-7854-473c-950b-cf4bd4f3f29d/1/qESRv9Pr215nOKkgxBy_SSknN5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/12e905-7854-473c-950b-cf4bd4f3f29d/1/4gShwspKTbAzN142DeMjeQumpbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.112.0/24
195.248.73.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:76:ee:de:51:2b:6a:71:96:6a:ed:c5:9d:05:1f:6b:79:14:
43:ad:45:08:89:50:94:77:32:e0:1d:87:1c:90:78:98:7f:be:
a6:f6:9c:9c:f9:fb:ee:3e:b9:02:97:f1:b8:90:66:f9:99:d6:
a4:a9:e9:7d:4f:da:5e:39:77:9e:71:95:90:f8:29:73:d8:2a:
50:d5:09:11:97:c1:8c:e1:ad:e1:58:41:0b:d9:a9:38:7c:67:
49:9f:ac:92:58:3e:7d:7a:e0:7e:53:78:dd:dc:d2:d3:39:8a:
5f:f5:99:6d:94:84:6c:c0:ca:2f:12:54:da:3e:40:5f:f2:d6:
d5:28:26:b9:94:e5:2d:0f:9e:92:0d:74:bc:c0:9e:d9:67:c7:
76:d3:b7:57:4d:43:10:27:6a:e5:b0:20:31:61:b2:95:d1:37:
07:71:f2:3e:0b:52:70:a7:09:8d:1b:bf:27:11:cf:96:95:8c:
54:fc:0e:2c:34:1c:ea:01:05:2b:ba:e8:f4:44:25:ab:a3:af:
a2:2a:12:8b:96:92:de:30:26:d8:6c:b5:f9:a1:b2:dd:a9:79:
e4:b1:15:f0:04:d0:0a:f2:6f:09:c5:1f:5b:4f:7b:ab:f2:bf:
65:aa:d9:8f:01:bd:58:61:c4:91:69:f6:b5:4a:28:e9:f6:0c:
ca:b8:17:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtXQ6TZgeqeGa3C1g1J6hUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMDRhMWMyY2E0YTRkYjAzMzM3NWUzNjBkZTMyMzc5MGJh
NmE1YjkwHhcNMjMwMTAxMTI0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQ0OTFiZmQzZWJkYjVlNjczOGE5MjBjNDFjYmY0OTI5MjczNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KEYh86Bqv6IUrne21CvFMgwZcwo
s8pJ2qzAVScuzgzP0xxwepwPazhud55nuj46eEh/dq8IL4Ekad/DRFXz86le7EgZ
dD0bJkhIl/ZFCz66v2kj/CXpV7+pyjqKT5vKcvtoF2GJyoefVaUE/P6VreswBJdJ
27BYvYkj30rUo1B6h0486cu9R4KXnASyBimXJfcnl9A+N8vf6JDMXVDdrx23E5kQ
WRAkP+yDkHb9LaVwzQCNt49RGndcU3OYxxEbY62AaCHEhpQnUAsDRpIltJGJZreq
04XdXaVDZZEejEI0EOqo/D7lt8jI59wfzABfpdL1P8zW28pPfukaMzg2JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKhEkb/T69teZzipIMQcv0kpJzebMB8GA1UdIwQY
MBaAFOIEocLKSk2wMzdeNg3jI3kLpqW5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGdTaHdzcEtUYkF6TjE0MkRlTWplUXVtcGJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xMmU5MDUtNzg1NC00NzNjLTk1MGIt
Y2Y0YmQ0ZjNmMjlkLzEvcUVTUnY5UHIyMTVuT0trZ3hCeV9TU2tuTjVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xMmU5MDUtNzg1NC00NzNjLTk1MGItY2Y0YmQ0ZjNmMjlk
LzEvNGdTaHdzcEtUYkF6TjE0MkRlTWplUXVtcGJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwVRwAwQA
w/hJMA0GCSqGSIb3DQEBCwUAA4IBAQB+du7eUStqcZZq7cWdBR9reRRDrUUIiVCU
dzLgHYcckHiYf76m9pyc+fvuPrkCl/G4kGb5mdakqel9T9peOXeecZWQ+Clz2CpQ
1QkRl8GM4a3hWEEL2ak4fGdJn6ySWD59euB+U3jd3NLTOYpf9ZltlIRswMovElTa
PkBf8tbVKCa5lOUtD56SDXS8wJ7ZZ8d207dXTUMQJ2rlsCAxYbKV0TcHcfI+C1Jw
pwmNG78nEc+WlYxU/A4sNBzqAQUruuj0RCWro6+iKhKLlpLeMCbYbLX5obLdqXnk
sRXwBNAK8m8JxR9bT3ur8r9lqtmPAb1YYcSRafa1Sijp9gzKuBcj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:28 2024 by rpki-client on console-fra.rpki-client.org