Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/q01FE1DsYTjrSaFLNWXlzjOTWoo.roa
File: q01FE1DsYTjrSaFLNWXlzjOTWoo.roa (raw, json)
Hash identifier: cJppZgaUL5v+eqXBlmk1pOywsw7P1Ce4QiWGE7GbW/k=
Subject key identifier: AB:4D:45:13:50:EC:61:38:EB:49:A1:4B:35:65:E5:CE:33:93:5A:8A
Certificate issuer: /CN=42217a2d513a9fb0fce1a1cfc2b3c05c018bd8c1
Certificate serial: 01864AFBF0E722F2DD0DD85AD9802FB0D976
Authority key identifier: 42:21:7A:2D:51:3A:9F:B0:FC:E1:A1:CF:C2:B3:C0:5C:01:8B:D8:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiF6LVE6n7D84aHPwrPAXAGL2ME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/q01FE1DsYTjrSaFLNWXlzjOTWoo.roa
Signing time: Mon 13 Feb 2023 13:34:30 +0000
ROA not before: Mon 13 Feb 2023 13:34:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 193.188.196.0/24 maxlen: 24
2001:67c:b80::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:fb:f0:e7:22:f2:dd:0d:d8:5a:d9:80:2f:b0:d9:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42217a2d513a9fb0fce1a1cfc2b3c05c018bd8c1
Validity
Not Before: Feb 13 13:34:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab4d451350ec6138eb49a14b3565e5ce33935a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:44:ad:8e:1d:d6:bf:9e:9a:a6:72:f4:d1:93:
b1:c9:f0:04:91:7b:5a:fc:b9:91:07:a0:33:79:76:
43:93:04:d2:22:87:87:96:b5:f7:7d:fd:e6:10:9b:
9c:bd:e3:c3:4c:48:6d:a6:bd:f4:c9:86:fc:ce:5a:
53:0b:b4:60:6d:d4:fe:7f:fe:d1:6e:35:9a:92:2b:
7d:ef:02:04:c4:94:73:0b:ba:06:e3:b2:44:71:7e:
bf:db:6e:30:63:59:39:d5:a3:2b:c5:1b:3a:a4:65:
de:d9:9e:2c:6b:e7:7b:33:60:b0:71:75:81:fe:9b:
57:d5:d3:0b:3a:88:3d:de:fb:18:7c:1d:d7:26:8a:
4a:f7:b2:8e:77:87:97:9a:80:0f:d5:5a:ae:7a:64:
62:ad:1e:95:fa:8b:76:d9:a3:0a:99:4b:64:8b:c1:
61:ca:5b:fd:b5:ef:d5:65:9c:33:75:b2:a1:a7:ec:
8d:9b:98:e8:fc:29:b1:a3:24:c0:80:5c:88:62:21:
7b:0a:24:44:04:3b:12:20:0e:ae:5d:fb:32:fd:ec:
2b:99:d1:ca:f0:70:e4:37:db:6a:c6:ec:bb:39:e8:
97:33:35:3e:fc:c8:ba:f9:71:d1:45:08:bd:83:0e:
fa:fb:83:73:3b:7e:18:f1:8e:fe:f1:44:29:47:44:
09:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4D:45:13:50:EC:61:38:EB:49:A1:4B:35:65:E5:CE:33:93:5A:8A
X509v3 Authority Key Identifier:
keyid:42:21:7A:2D:51:3A:9F:B0:FC:E1:A1:CF:C2:B3:C0:5C:01:8B:D8:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiF6LVE6n7D84aHPwrPAXAGL2ME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/q01FE1DsYTjrSaFLNWXlzjOTWoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/QiF6LVE6n7D84aHPwrPAXAGL2ME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.196.0/24
IPv6:
2001:67c:b80::/48
Signature Algorithm: sha256WithRSAEncryption
8f:c5:48:d2:69:cb:9c:45:d2:c0:88:2b:b1:93:a6:77:c0:68:
e6:e7:ad:07:79:66:27:a8:49:22:c3:5c:b5:ce:be:08:d1:3c:
e4:4e:3f:3a:7a:83:71:bb:8a:f1:4d:0c:a5:0a:9e:32:30:c2:
de:34:a9:ce:62:7c:3e:36:17:ad:00:f7:b2:df:32:0b:69:aa:
b7:f4:08:0f:67:f9:fc:68:ab:69:9c:61:92:80:b4:08:96:63:
f7:51:27:5c:2e:2c:90:c3:69:6f:5a:78:1d:9e:3a:70:70:c1:
96:27:fc:c9:b7:95:7e:5f:f9:3a:8b:9e:1d:2a:76:65:42:29:
3d:10:00:48:97:9c:82:74:c0:d9:45:d3:e2:98:2a:2c:02:1f:
ef:3b:33:88:02:10:04:9c:e9:4d:bf:f1:ae:6f:6b:04:5f:44:
56:a3:81:8a:7c:51:f9:38:d3:f6:35:07:57:14:c0:b9:62:35:
40:76:d4:19:85:3d:a6:80:fa:14:5b:07:a6:de:95:a1:77:73:
24:bf:3e:e6:19:dd:59:44:0c:bd:c7:4f:8b:bd:f9:73:80:9c:
05:d8:7a:b4:b0:94:3e:ef:0c:0c:81:9a:bd:f0:e4:8d:12:97:
3d:7a:9d:09:60:13:33:f0:21:d1:02:eb:e8:61:4e:65:31:6f:
b1:1d:df:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZK+/DnIvLdDdha2YAvsNl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjE3YTJkNTEzYTlmYjBmY2UxYTFjZmMyYjNjMDVjMDE4
YmQ4YzEwHhcNMjMwMjEzMTMzNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjRkNDUxMzUwZWM2MTM4ZWI0OWExNGIzNTY1ZTVjZTMzOTM1YThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0Stjh3Wv56apnL00ZOxyfAEkXta
/LmRB6AzeXZDkwTSIoeHlrX3ff3mEJucvePDTEhtpr30yYb8zlpTC7RgbdT+f/7R
bjWakit97wIExJRzC7oG47JEcX6/224wY1k51aMrxRs6pGXe2Z4sa+d7M2CwcXWB
/ptX1dMLOog93vsYfB3XJopK97KOd4eXmoAP1VquemRirR6V+ot22aMKmUtki8Fh
ylv9te/VZZwzdbKhp+yNm5jo/CmxoyTAgFyIYiF7CiREBDsSIA6uXfsy/ewrmdHK
8HDkN9tqxuy7OeiXMzU+/Mi6+XHRRQi9gw76+4NzO34Y8Y7+8UQpR0QJYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKtNRRNQ7GE460mhSzVl5c4zk1qKMB8GA1UdIwQY
MBaAFEIhei1ROp+w/OGhz8KzwFwBi9jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlGNkxWRTZuN0Q4NGFIUHdyUEFYQUdMMk1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9mMTI1NTEtMjBjYy00MjE4LWE0MjYt
ZjQxZDZjMGM4NGI2LzEvcTAxRkUxRHNZVGpyU2FGTE5XWGx6ak9UV29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9mMTI1NTEtMjBjYy00MjE4LWE0MjYtZjQxZDZjMGM4NGI2
LzEvUWlGNkxWRTZuN0Q4NGFIUHdyUEFYQUdMMk1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwbzEMA8E
AgACMAkDBwAgAQZ8C4AwDQYJKoZIhvcNAQELBQADggEBAI/FSNJpy5xF0sCIK7GT
pnfAaObnrQd5ZieoSSLDXLXOvgjRPOROPzp6g3G7ivFNDKUKnjIwwt40qc5ifD42
F60A97LfMgtpqrf0CA9n+fxoq2mcYZKAtAiWY/dRJ1wuLJDDaW9aeB2eOnBwwZYn
/Mm3lX5f+TqLnh0qdmVCKT0QAEiXnIJ0wNlF0+KYKiwCH+87M4gCEASc6U2/8a5v
awRfRFajgYp8Ufk40/Y1B1cUwLliNUB21BmFPaaA+hRbB6belaF3cyS/PuYZ3VlE
DL3HT4u9+XOAnAXYerSwlD7vDAyBmr3w5I0Slz16nQlgEzPwIdEC6+hhTmUxb7Ed
3/k=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:36 2024 by rpki-client on console-ams.rpki-client.org