Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/qSDUUQsW53hQA75exPm06_0yoqY.roa
File: qSDUUQsW53hQA75exPm06_0yoqY.roa (raw, json)
Hash identifier: v987RhE92enOhmVjP/ya0Iu0Y2EdlH9AXBr88RmrlxI=
Subject key identifier: A9:20:D4:51:0B:16:E7:78:50:03:BE:5E:C4:F9:B4:EB:FD:32:A2:A6
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 018572CCB58EABB9D08C047CD992F02F000A
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/qSDUUQsW53hQA75exPm06_0yoqY.roa
Signing time: Mon 02 Jan 2023 14:04:56 +0000
ROA not before: Mon 02 Jan 2023 14:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50532
IP address blocks: 85.234.102.0/23 maxlen: 24
85.234.114.0/23 maxlen: 24
2a0a:6f40:2::/47 maxlen: 48
2a0a:6f40:4::/47 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:b5:8e:ab:b9:d0:8c:04:7c:d9:92:f0:2f:00:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Jan 2 14:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a920d4510b16e7785003be5ec4f9b4ebfd32a2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fd:af:83:5a:a2:9a:98:dc:cc:ad:71:8f:ef:
f8:39:80:a3:0a:bf:5b:a7:7d:39:bc:9d:17:f4:6c:
e0:63:cb:59:e0:d7:43:ed:fa:4c:fc:59:9c:5c:a2:
46:6b:cf:b1:34:a4:85:88:5e:c2:de:d3:c7:59:b2:
f6:c0:3f:28:dc:a4:ef:18:f3:ac:01:62:41:01:bb:
bc:34:97:e6:1c:85:e3:32:93:20:04:2b:0c:ca:d8:
1f:cc:2e:a5:b6:fd:30:e4:f0:95:dc:ec:9d:3c:10:
10:55:9b:e3:5c:55:c8:f4:dc:3b:08:a1:7f:cd:c2:
b5:6e:9c:f3:10:56:0b:41:9d:dd:f8:55:e1:73:d3:
f5:b4:33:d7:e0:0e:7d:4d:6b:aa:a5:4a:ac:ac:5b:
f0:75:79:e5:c0:aa:b1:93:c3:c6:ba:fc:42:35:d5:
6d:c9:8e:3b:97:d8:e2:93:d0:d5:70:7d:72:52:63:
26:46:1d:5a:06:1b:1f:e3:fc:b7:f7:f7:29:38:7d:
52:f1:5b:66:6d:da:bc:c8:8e:e5:24:d5:ac:9b:10:
8d:bf:99:96:aa:b3:f9:9b:d6:3b:c5:87:88:76:5e:
64:e2:22:7d:27:d3:3e:ca:fb:ff:55:c9:c3:14:64:
d8:89:40:0a:4f:41:65:66:6a:cb:0f:b9:46:e8:31:
d0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:20:D4:51:0B:16:E7:78:50:03:BE:5E:C4:F9:B4:EB:FD:32:A2:A6
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/qSDUUQsW53hQA75exPm06_0yoqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.102.0/23
85.234.114.0/23
IPv6:
2a0a:6f40:2::-2a0a:6f40:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
13:71:7c:bd:1a:bd:b4:c4:f6:fd:c3:05:c8:8c:d9:b9:25:30:
20:de:06:b3:c8:0e:40:42:2a:3a:79:fd:92:a5:63:77:ba:f9:
eb:a1:e2:35:6b:bd:61:cf:12:43:70:a3:d3:b6:3d:72:3a:92:
fb:c7:20:0d:e5:e5:71:e4:22:a5:0b:1a:1c:48:93:d7:61:da:
33:4a:ba:f9:41:e8:ab:dc:5e:82:50:fe:d4:ad:dd:45:cf:08:
03:01:0c:a5:d3:72:b8:fe:f5:22:8d:db:d2:6e:de:fb:bc:0b:
c6:fb:18:17:11:6f:8b:f9:30:65:05:cf:f4:33:62:01:bf:38:
89:56:11:68:b8:25:0b:53:54:21:0e:97:ba:3c:7f:09:81:8a:
6b:4d:b5:72:03:a2:4c:c0:7a:31:3e:24:2a:b8:46:c4:17:0d:
2a:a9:ee:ee:09:90:6e:41:bd:c9:dc:1b:78:e2:0d:75:b5:e3:
da:df:5d:ff:0a:85:ac:3d:bb:9a:26:b8:00:6d:89:f2:4f:4a:
55:92:ee:3d:80:54:a6:67:e1:d6:98:61:c4:f4:65:55:c2:82:
64:5a:d5:4c:ac:75:5a:ab:b1:6a:4c:1e:7c:7a:a4:ea:79:0b:
fc:cb:42:88:98:22:59:6e:4d:51:ea:51:ac:a7:2a:f8:47:1b:
cc:2d:2d:51
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVyzLWOq7nQjAR82ZLwLwAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjMwMTAyMTQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIwZDQ1MTBiMTZlNzc4NTAwM2JlNWVjNGY5YjRlYmZkMzJhMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP2vg1qimpjczK1xj+/4OYCjCr9b
p305vJ0X9GzgY8tZ4NdD7fpM/FmcXKJGa8+xNKSFiF7C3tPHWbL2wD8o3KTvGPOs
AWJBAbu8NJfmHIXjMpMgBCsMytgfzC6ltv0w5PCV3OydPBAQVZvjXFXI9Nw7CKF/
zcK1bpzzEFYLQZ3d+FXhc9P1tDPX4A59TWuqpUqsrFvwdXnlwKqxk8PGuvxCNdVt
yY47l9jik9DVcH1yUmMmRh1aBhsf4/y39/cpOH1S8Vtmbdq8yI7lJNWsmxCNv5mW
qrP5m9Y7xYeIdl5k4iJ9J9M+yvv/VcnDFGTYiUAKT0FlZmrLD7lG6DHQVwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKkg1FELFud4UAO+XsT5tOv9MqKmMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvcVNEVVVRc1c1M2hRQTc1ZXhQbTA2XzB5b3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQBVepmAwQB
VepyMBoEAgACMBQwEgMHASoKb0AAAgMHASoKb0AABDANBgkqhkiG9w0BAQsFAAOC
AQEAE3F8vRq9tMT2/cMFyIzZuSUwIN4Gs8gOQEIqOnn9kqVjd7r566HiNWu9Yc8S
Q3Cj07Y9cjqS+8cgDeXlceQipQsaHEiT12HaM0q6+UHoq9xeglD+1K3dRc8IAwEM
pdNyuP71Io3b0m7e+7wLxvsYFxFvi/kwZQXP9DNiAb84iVYRaLglC1NUIQ6Xujx/
CYGKa021cgOiTMB6MT4kKrhGxBcNKqnu7gmQbkG9ydwbeOINdbXj2t9d/wqFrD27
mia4AG2J8k9KVZLuPYBUpmfh1phhxPRlVcKCZFrVTKx1WquxakwefHqk6nkL/MtC
iJgiWW5NUepRrKcq+EcbzC0tUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:33 2024 by rpki-client on console-ams.rpki-client.org