Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/ca-q7Wrey9fC645R1ICd_XpnAQM.roa
File: ca-q7Wrey9fC645R1ICd_XpnAQM.roa (raw, json)
Hash identifier: PwRvNv2xkOc/+F9tUCBS++oR5rARbpGQHw7WlhnDSPA=
Subject key identifier: 71:AF:AA:ED:6A:DE:CB:D7:C2:EB:8E:51:D4:80:9D:FD:7A:67:01:03
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018570305AC2E9C789E8A951970F4EA72AD8
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/ca-q7Wrey9fC645R1ICd_XpnAQM.roa
Signing time: Mon 02 Jan 2023 01:54:55 +0000
ROA not before: Mon 02 Jan 2023 01:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12301
IP address blocks: 195.228.4.0/24 maxlen: 24
195.228.112.0/24 maxlen: 24
84.1.236.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:5a:c2:e9:c7:89:e8:a9:51:97:0f:4e:a7:2a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 01:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71afaaed6adecbd7c2eb8e51d4809dfd7a670103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:31:cf:e2:0c:2f:0b:42:33:b6:19:0d:99:2c:
43:96:d1:91:53:e4:df:94:c6:91:7b:12:d3:3c:af:
50:72:a4:fb:02:a3:85:a6:39:04:1d:77:75:71:b9:
44:27:0a:26:99:1b:fc:1c:f5:83:24:9c:da:98:53:
62:e6:45:6f:96:5e:24:44:28:ee:3d:72:32:de:2e:
47:cc:3b:33:bd:7f:06:1e:94:ac:24:66:35:a8:27:
14:2b:de:d1:4d:43:3d:e8:e3:19:88:76:d4:62:d8:
5f:17:c0:2d:3d:77:f5:18:71:34:eb:10:26:c6:3c:
5f:9a:91:71:44:36:6b:d8:b5:9d:38:b0:ab:ca:b1:
88:ad:c2:a3:79:2e:c1:db:e1:eb:40:e6:db:98:e7:
a2:52:5b:8e:0d:3b:20:da:c2:16:67:9b:1f:3d:40:
1e:57:b2:bd:e6:c6:11:d0:f5:12:3d:fc:b8:83:e7:
28:89:5f:50:26:b0:1e:44:bb:19:71:ca:ae:21:db:
5a:46:93:28:d3:66:a8:15:83:ff:71:c1:9b:08:1a:
62:7a:65:30:b8:b3:06:ab:12:5e:16:ea:1d:88:09:
fb:8e:ad:cb:29:49:57:02:3b:02:cb:48:3a:5b:35:
dd:c7:9a:2e:46:18:d3:b4:5f:1c:87:55:ee:85:e5:
a8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:AF:AA:ED:6A:DE:CB:D7:C2:EB:8E:51:D4:80:9D:FD:7A:67:01:03
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/ca-q7Wrey9fC645R1ICd_XpnAQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.228.4.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
87:21:12:5c:f9:b7:fb:f2:5f:fb:65:1d:61:ed:d8:ef:9a:fa:
2d:f9:28:f1:4c:d8:4b:20:4a:42:c8:c6:86:37:06:4a:e9:2a:
dd:db:ff:7c:40:d7:85:09:97:c5:fc:ef:23:72:9f:7d:57:98:
f9:84:68:0f:d4:b6:fd:34:41:23:87:28:b5:bc:91:26:88:a4:
1a:27:8f:54:76:58:09:45:6a:20:95:c4:73:85:67:c2:8a:62:
5b:5f:6c:c7:75:50:e0:7b:e2:87:b0:49:a2:5b:e9:d5:3c:d4:
5b:6a:36:77:24:b9:77:70:8f:57:97:47:b4:7c:12:dd:6f:da:
95:56:6b:ea:cf:26:37:2b:69:13:83:9c:8c:b1:62:3f:85:6e:
43:0e:74:89:94:d8:f0:bb:4e:c3:0c:98:83:b4:70:7b:43:c5:
f6:3a:29:bd:70:ac:60:40:d4:89:b9:dc:ec:72:8e:fb:cf:b9:
b3:4f:38:c8:e4:1d:e8:68:d3:99:c3:0b:5a:75:13:55:ae:1a:
20:9c:42:d2:97:fb:94:f3:d4:ea:78:99:fe:09:5d:78:9c:97:
cf:18:8a:ae:1b:63:e1:74:68:9b:f0:05:d3:cc:d9:36:db:26:
a3:9a:79:55:64:b2:f7:15:07:fe:b2:06:a5:19:e6:80:c0:a4:
1f:83:02:a1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwMFrC6ceJ6KlRlw9OpyrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWFmYWFlZDZhZGVjYmQ3YzJlYjhlNTFkNDgwOWRmZDdhNjcwMTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTHP4gwvC0IzthkNmSxDltGRU+Tf
lMaRexLTPK9QcqT7AqOFpjkEHXd1cblEJwommRv8HPWDJJzamFNi5kVvll4kRCju
PXIy3i5HzDszvX8GHpSsJGY1qCcUK97RTUM96OMZiHbUYthfF8AtPXf1GHE06xAm
xjxfmpFxRDZr2LWdOLCryrGIrcKjeS7B2+HrQObbmOeiUluODTsg2sIWZ5sfPUAe
V7K95sYR0PUSPfy4g+coiV9QJrAeRLsZccquIdtaRpMo02aoFYP/ccGbCBpiemUw
uLMGqxJeFuodiAn7jq3LKUlXAjsCy0g6WzXdx5ouRhjTtF8ch1XuheWoUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHGvqu1q3svXwuuOUdSAnf16ZwEDMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvY2EtcTdXcmV5OWZDNjQ1UjFJQ2RfWHBuQVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVAHsAwQA
VAI2AwQAw+QEAwQAw+RwMA0GCSqGSIb3DQEBCwUAA4IBAQCHIRJc+bf78l/7ZR1h
7djvmvot+SjxTNhLIEpCyMaGNwZK6Srd2/98QNeFCZfF/O8jcp99V5j5hGgP1Lb9
NEEjhyi1vJEmiKQaJ49UdlgJRWoglcRzhWfCimJbX2zHdVDge+KHsEmiW+nVPNRb
ajZ3JLl3cI9Xl0e0fBLdb9qVVmvqzyY3K2kTg5yMsWI/hW5DDnSJlNjwu07DDJiD
tHB7Q8X2Oim9cKxgQNSJudzsco77z7mzTzjI5B3oaNOZwwtadRNVrhognELSl/uU
89TqeJn+CV14nJfPGIquG2PhdGib8AXTzNk22yajmnlVZLL3FQf+sgalGeaAwKQf
gwKh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org