Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/_QAYZJjdSQeu0wo2E19kGrJPv2g.roa
File: _QAYZJjdSQeu0wo2E19kGrJPv2g.roa (raw, json)
Hash identifier: Fpp2e7ZPs4qy3HDGYZVZ3qqEYNYS+h7Ln9yKpv7DYfE=
Subject key identifier: FD:00:18:64:98:DD:49:07:AE:D3:0A:36:13:5F:64:1A:B2:4F:BF:68
Certificate issuer: /CN=29f9670ee2a30eac8c0a39dc47ff7a8cd2473b00
Certificate serial: 018C1BC457ADA68F923D5923047426F45E78
Authority key identifier: 29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KflnDuKjDqyMCjncR_96jNJHOwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/_QAYZJjdSQeu0wo2E19kGrJPv2g.roa
Signing time: Wed 29 Nov 2023 15:48:21 +0000
ROA not before: Wed 29 Nov 2023 15:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209114
IP address blocks: 193.33.120.0/24 maxlen: 24
212.56.58.0/23 maxlen: 24
194.31.130.0/24 maxlen: 24
2a12:6e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:c4:57:ad:a6:8f:92:3d:59:23:04:74:26:f4:5e:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f9670ee2a30eac8c0a39dc47ff7a8cd2473b00
Validity
Not Before: Nov 29 15:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd00186498dd4907aed30a36135f641ab24fbf68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:9a:1b:b3:cd:d6:bc:0f:4e:1a:5f:9e:29:
48:26:43:7c:d0:fa:2c:14:2d:c8:ee:80:7c:48:8f:
24:a9:c2:50:f6:28:23:7a:77:43:27:5c:c9:d0:0d:
56:ab:c9:b9:65:b7:83:59:d2:a7:00:3d:f1:33:ef:
8e:7f:c9:ef:cc:11:9f:8f:d9:db:5f:5a:bc:3f:2b:
1b:ad:0c:b0:b9:36:2f:93:13:22:50:90:44:5d:40:
13:e6:9f:21:0e:27:0b:bb:b2:12:7b:67:21:e7:22:
7a:49:75:29:4e:15:1b:87:04:6f:7d:a2:db:f9:56:
3a:89:52:ba:1d:25:83:01:f7:6a:e3:68:4c:59:76:
e8:05:57:8b:f2:17:8e:01:d1:d6:c1:da:91:b9:19:
47:d7:70:92:df:71:7c:4c:8b:ff:ff:44:12:82:73:
37:5e:b5:2d:3d:b0:76:de:e5:b9:a7:cb:a7:a6:3c:
51:45:43:dc:d2:ff:ff:8e:9c:86:3e:34:b4:7d:ab:
2f:d4:c6:96:87:60:b7:15:12:dc:59:74:2d:85:56:
0c:92:e9:b0:03:51:82:52:3a:d1:96:9c:f3:34:94:
3d:5a:c0:6a:85:fd:ca:08:eb:2c:ce:48:4c:49:77:
a8:8e:85:a1:11:36:97:bb:0e:03:a5:61:92:54:5f:
a7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:00:18:64:98:DD:49:07:AE:D3:0A:36:13:5F:64:1A:B2:4F:BF:68
X509v3 Authority Key Identifier:
keyid:29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KflnDuKjDqyMCjncR_96jNJHOwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/_QAYZJjdSQeu0wo2E19kGrJPv2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/KflnDuKjDqyMCjncR_96jNJHOwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.120.0/24
194.31.130.0/24
212.56.58.0/23
IPv6:
2a12:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
00:73:84:9c:95:0d:8a:5f:ac:c5:a6:8d:84:6e:19:0b:8e:e4:
eb:1b:14:ed:14:bc:b8:81:4d:a7:9b:50:08:23:0f:a7:fb:18:
f7:95:9a:e9:f9:15:6a:89:ec:5f:de:14:4d:5c:24:3c:35:f8:
b6:89:79:f4:f3:59:2a:52:7b:7c:f9:02:db:33:85:c8:7f:7f:
d6:75:d0:39:c5:bf:5c:ec:4a:a7:5e:0b:2a:9d:bc:c5:32:32:
1f:be:7b:38:74:5d:79:02:90:19:4f:a8:45:b4:e7:98:9a:86:
40:74:7d:65:83:73:14:3c:70:e5:fc:11:8d:67:e0:05:14:d7:
c9:70:ea:66:80:f1:59:d7:34:b8:1b:12:4d:4e:cb:c6:ac:ae:
ce:13:1e:3c:ab:f4:1f:33:d5:37:c4:9e:86:23:be:1f:9d:07:
b2:00:e8:f7:7f:35:8b:a1:1d:db:05:42:04:72:f2:8c:04:6e:
2d:7d:32:cf:c9:c2:d8:a7:8d:92:91:8a:02:bd:40:58:5d:ab:
44:e7:87:c4:2c:d1:59:eb:53:c2:40:2b:9a:3d:1f:5b:e4:16:
e2:2d:ca:21:fc:64:62:97:86:02:6e:24:1b:a8:43:59:44:5f:
95:ab:a3:9a:c7:a4:d5:1b:de:7d:dd:c0:d8:6c:f1:c9:68:6d:
7d:21:18:33
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYwbxFetpo+SPVkjBHQm9F54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Zjk2NzBlZTJhMzBlYWM4YzBhMzlkYzQ3ZmY3YThjZDI0
NzNiMDAwHhcNMjMxMTI5MTU0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAwMTg2NDk4ZGQ0OTA3YWVkMzBhMzYxMzVmNjQxYWIyNGZiZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovaaG7PN1rwPThpfnilIJkN80Pos
FC3I7oB8SI8kqcJQ9igjendDJ1zJ0A1Wq8m5ZbeDWdKnAD3xM++Of8nvzBGfj9nb
X1q8PysbrQywuTYvkxMiUJBEXUAT5p8hDicLu7ISe2ch5yJ6SXUpThUbhwRvfaLb
+VY6iVK6HSWDAfdq42hMWXboBVeL8heOAdHWwdqRuRlH13CS33F8TIv//0QSgnM3
XrUtPbB23uW5p8unpjxRRUPc0v//jpyGPjS0fasv1MaWh2C3FRLcWXQthVYMkumw
A1GCUjrRlpzzNJQ9WsBqhf3KCOsszkhMSXeojoWhETaXuw4DpWGSVF+nhQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFP0AGGSY3UkHrtMKNhNfZBqyT79oMB8GA1UdIwQY
MBaAFCn5Zw7iow6sjAo53Ef/eozSRzsAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZsbkR1S2pEcXlNQ2puY1JfOTZqTkpIT3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yZmY3NmQtZjExNi00NDMwLTg0MDct
NmUyOWVmZGZkNGUzLzEvX1FBWVpKamRTUWV1MHdvMkUxOWtHckpQdjJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8yZmY3NmQtZjExNi00NDMwLTg0MDctNmUyOWVmZGZkNGUz
LzEvS2ZsbkR1S2pEcXlNQ2puY1JfOTZqTkpIT3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwSF4AwQA
wh+CAwQB1Dg6MA0EAgACMAcDBQMqEm5AMA0GCSqGSIb3DQEBCwUAA4IBAQAAc4Sc
lQ2KX6zFpo2EbhkLjuTrGxTtFLy4gU2nm1AIIw+n+xj3lZrp+RVqiexf3hRNXCQ8
Nfi2iXn081kqUnt8+QLbM4XIf3/WddA5xb9c7EqnXgsqnbzFMjIfvns4dF15ApAZ
T6hFtOeYmoZAdH1lg3MUPHDl/BGNZ+AFFNfJcOpmgPFZ1zS4GxJNTsvGrK7OEx48
q/QfM9U3xJ6GI74fnQeyAOj3fzWLoR3bBUIEcvKMBG4tfTLPycLYp42SkYoCvUBY
XatE54fELNFZ61PCQCuaPR9b5BbiLcoh/GRil4YCbiQbqENZRF+Vq6Oax6TVG959
3cDYbPHJaG19IRgz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:30 2024 by rpki-client on console-ams.rpki-client.org