Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/qVNhvuflaqbSSAxRBrCaicCNi3k.roa
File: qVNhvuflaqbSSAxRBrCaicCNi3k.roa (raw, json)
Hash identifier: JRiSUc0TW+4SAmxT7ZgK9YGpa7ESj5JOkObczzdrxt0=
Subject key identifier: A9:53:61:BE:E7:E5:6A:A6:D2:48:0C:51:06:B0:9A:89:C0:8D:8B:79
Certificate issuer: /CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Certificate serial: 01877ABE4155E25157AB48EE201E02A13169
Authority key identifier: A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/qVNhvuflaqbSSAxRBrCaicCNi3k.roa
Signing time: Thu 13 Apr 2023 13:11:41 +0000
ROA not before: Thu 13 Apr 2023 13:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201612
IP address blocks: 176.97.158.0/24 maxlen: 24
192.174.68.0/24 maxlen: 24
2001:67c:10b8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:be:41:55:e2:51:57:ab:48:ee:20:1e:02:a1:31:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a52fc60d36e28bb8df145c84acab19cfa53b025a
Validity
Not Before: Apr 13 13:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a95361bee7e56aa6d2480c5106b09a89c08d8b79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:40:0a:e0:98:e9:b4:1b:55:7b:3f:80:4f:a6:
45:26:30:fd:f9:4f:04:12:9d:f4:07:9a:19:73:5c:
50:72:c0:f9:e0:f3:2e:7e:ed:9d:3b:23:5f:da:22:
8f:2b:8a:8f:e4:23:65:1f:01:aa:4a:5d:eb:1f:12:
6d:e3:0b:f6:f1:62:6f:15:9c:c9:b4:e6:5b:3a:c3:
d1:d5:aa:3b:98:a0:2a:ba:91:7e:f2:e4:c0:36:b2:
24:6d:d5:c1:79:3e:a3:23:80:5f:ca:c9:08:13:7d:
8d:03:79:1a:a6:24:1c:40:65:24:55:48:69:e4:83:
10:e5:8d:37:89:b3:f6:55:2a:64:97:86:7c:b4:8b:
39:1d:03:74:bb:95:75:ae:8c:0c:14:34:89:78:ae:
1e:9b:b1:a5:7c:fc:fa:99:8e:75:16:79:2e:a9:98:
a4:ed:c7:5d:80:50:a4:f9:e5:65:e2:97:24:f5:db:
36:63:32:96:8c:8c:25:ef:6b:a6:96:2f:ef:31:01:
e7:65:b8:4e:78:fb:87:09:c6:10:37:b1:25:fa:8f:
c2:c2:3a:e1:fa:ea:89:c4:1d:44:40:cd:89:e3:31:
c7:f3:b4:75:f1:69:cc:51:02:4e:e3:20:3f:ea:a2:
bd:d4:a8:5c:ca:98:92:9b:dd:d9:56:f1:51:2f:c7:
15:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:53:61:BE:E7:E5:6A:A6:D2:48:0C:51:06:B0:9A:89:C0:8D:8B:79
X509v3 Authority Key Identifier:
keyid:A5:2F:C6:0D:36:E2:8B:B8:DF:14:5C:84:AC:AB:19:CF:A5:3B:02:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pS_GDTbii7jfFFyErKsZz6U7Alo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/qVNhvuflaqbSSAxRBrCaicCNi3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/f0b960-86d8-4062-a597-9b4a2d5f3a76/1/pS_GDTbii7jfFFyErKsZz6U7Alo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.158.0/24
192.174.68.0/24
IPv6:
2001:67c:10b8::/48
Signature Algorithm: sha256WithRSAEncryption
43:bf:b3:b9:a5:e8:89:51:80:bd:8c:47:7a:33:76:5b:26:d3:
88:81:35:ce:83:22:6c:d9:ce:68:4e:9e:d4:3c:41:9f:e9:eb:
d6:f7:7a:c3:5e:d2:03:ba:36:09:1c:38:81:56:4f:3b:f1:8f:
d7:00:6e:d8:75:d3:cd:a7:3b:24:cc:5a:13:5f:b5:17:13:5a:
1e:2d:93:0e:2b:bf:3d:61:c0:37:2c:4a:27:d2:94:d0:58:2a:
76:73:c1:26:83:d3:b1:0f:45:de:8a:86:aa:c4:21:b2:93:92:
41:90:c6:33:da:85:92:1e:61:0d:c4:8b:46:59:63:05:c1:6d:
d4:25:51:23:08:6a:04:2a:fd:48:34:82:08:24:aa:4e:7f:ee:
d8:4e:7a:48:64:0e:97:65:de:18:cc:c3:ca:e3:59:0a:a7:39:
93:d6:e1:84:58:6d:cf:ae:cd:01:a1:60:ad:f0:f2:4a:86:93:
e2:0c:5b:fe:8e:ec:42:77:c9:c3:4d:53:d6:b1:2c:b4:60:de:
31:54:36:ef:ef:05:53:01:14:de:9f:20:c1:e3:60:b0:1d:b5:
9b:9a:43:d6:6d:e4:fa:f6:31:1a:91:88:a3:5d:96:d2:57:f2:
cb:f3:3c:3a:0f:0c:91:49:25:47:0d:de:b7:7b:c4:96:12:f0:
92:d7:0c:84
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYd6vkFV4lFXq0juIB4CoTFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MmZjNjBkMzZlMjhiYjhkZjE0NWM4NGFjYWIxOWNmYTUz
YjAyNWEwHhcNMjMwNDEzMTMxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTUzNjFiZWU3ZTU2YWE2ZDI0ODBjNTEwNmIwOWE4OWMwOGQ4Yjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA80AK4JjptBtVez+AT6ZFJjD9+U8E
Ep30B5oZc1xQcsD54PMufu2dOyNf2iKPK4qP5CNlHwGqSl3rHxJt4wv28WJvFZzJ
tOZbOsPR1ao7mKAqupF+8uTANrIkbdXBeT6jI4BfyskIE32NA3kapiQcQGUkVUhp
5IMQ5Y03ibP2VSpkl4Z8tIs5HQN0u5V1rowMFDSJeK4em7GlfPz6mY51FnkuqZik
7cddgFCk+eVl4pck9ds2YzKWjIwl72umli/vMQHnZbhOePuHCcYQN7El+o/Cwjrh
+uqJxB1EQM2J4zHH87R18WnMUQJO4yA/6qK91KhcypiSm93ZVvFRL8cVYwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKlTYb7n5Wqm0kgMUQawmonAjYt5MB8GA1UdIwQY
MBaAFKUvxg024ou43xRchKyrGc+lOwJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTct
OWI0YTJkNWYzYTc2LzEvcVZOaHZ1ZmxhcWJTU0F4UkJyQ2FpY0NOaTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9mMGI5NjAtODZkOC00MDYyLWE1OTctOWI0YTJkNWYzYTc2
LzEvcFNfR0RUYmlpN2pmRkZ5RXJLc1p6NlU3QWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsGGeAwQA
wK5EMA8EAgACMAkDBwAgAQZ8ELgwDQYJKoZIhvcNAQELBQADggEBAEO/s7ml6IlR
gL2MR3ozdlsm04iBNc6DImzZzmhOntQ8QZ/p69b3esNe0gO6NgkcOIFWTzvxj9cA
bth1082nOyTMWhNftRcTWh4tkw4rvz1hwDcsSifSlNBYKnZzwSaD07EPRd6KhqrE
IbKTkkGQxjPahZIeYQ3Ei0ZZYwXBbdQlUSMIagQq/Ug0gggkqk5/7thOekhkDpdl
3hjMw8rjWQqnOZPW4YRYbc+uzQGhYK3w8kqGk+IMW/6O7EJ3ycNNU9axLLRg3jFU
Nu/vBVMBFN6fIMHjYLAdtZuaQ9Zt5Pr2MRqRiKNdltJX8svzPDoPDJFJJUcN3rd7
xJYS8JLXDIQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:39 2024 by rpki-client on console-ams.rpki-client.org