Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/qQAjKtND58eYQMDSwPy-lq2nRYc.roa
File: qQAjKtND58eYQMDSwPy-lq2nRYc.roa (raw, json)
Hash identifier: gNqcrY6fjYDxgfO2FoaqkDeRboMydTGYef2We5z2G7E=
Subject key identifier: A9:00:23:2A:D3:43:E7:C7:98:40:C0:D2:C0:FC:BE:96:AD:A7:45:87
Certificate issuer: /CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Certificate serial: 018CC56E21DF26982F8C207FC1E92063EA73
Authority key identifier: 38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/qQAjKtND58eYQMDSwPy-lq2nRYc.roa
Signing time: Mon 01 Jan 2024 14:29:38 +0000
ROA not before: Mon 01 Jan 2024 14:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58173
IP address blocks: 185.96.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 15:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:21:df:26:98:2f:8c:20:7f:c1:e9:20:63:ea:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389b2fa3651383a7fc6a86adba56c7c6207d7568
Validity
Not Before: Jan 1 14:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a900232ad343e7c79840c0d2c0fcbe96ada74587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:26:59:47:b4:d2:04:09:18:79:aa:cd:a9:
26:12:12:30:26:68:8c:e4:19:30:f0:51:4d:6f:6b:
9d:15:0b:07:5e:94:da:3e:9c:bb:a9:e0:64:81:c3:
91:cf:0a:bf:e3:d4:4b:78:ff:7a:6d:ad:30:f5:b4:
97:c7:97:d5:df:8c:d6:78:91:3a:ac:4b:dd:de:c5:
9d:6b:9a:65:e0:1c:34:95:18:61:f7:d1:b7:64:29:
5e:01:0a:10:ce:32:2f:5a:a9:d8:9b:f7:0c:da:50:
e5:4d:9a:88:86:a8:fe:13:f2:10:94:42:5d:c5:c0:
c8:e6:ba:54:a4:a9:5d:72:de:7a:00:34:cb:28:68:
fd:08:5e:32:1b:54:3b:9c:a5:b9:b7:10:41:df:3c:
9e:4d:c8:a5:2c:6a:4b:27:ca:6a:60:d4:0a:52:99:
f4:73:58:c6:66:95:f5:57:d1:c4:c3:ff:7b:62:21:
ba:2b:a4:ab:bc:51:31:13:6b:f1:66:ff:7d:40:23:
b6:be:6d:6d:e6:18:12:2c:98:b0:eb:9e:76:38:85:
04:09:50:53:a8:7a:87:aa:15:a7:d8:14:08:03:cf:
88:01:30:db:66:e6:a8:43:9e:3a:a8:a9:de:be:35:
46:38:3b:72:6d:fa:dc:11:aa:94:ec:4c:24:a4:f9:
a8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:00:23:2A:D3:43:E7:C7:98:40:C0:D2:C0:FC:BE:96:AD:A7:45:87
X509v3 Authority Key Identifier:
keyid:38:9B:2F:A3:65:13:83:A7:FC:6A:86:AD:BA:56:C7:C6:20:7D:75:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJsvo2UTg6f8aoatulbHxiB9dWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/qQAjKtND58eYQMDSwPy-lq2nRYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1ad26f-a33e-4069-a802-373b522a821d/1/OJsvo2UTg6f8aoatulbHxiB9dWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.192.0/22
Signature Algorithm: sha256WithRSAEncryption
47:06:c9:7a:22:10:9b:86:6f:83:4a:df:c9:af:36:f4:eb:aa:
b0:ad:aa:86:15:0b:fc:5e:14:da:55:a6:e2:c1:dc:77:28:89:
f3:d3:d9:3c:a5:bc:7b:ce:c7:75:a7:38:33:7a:c6:b2:13:e4:
09:13:be:0c:cc:2b:00:70:3a:b4:4f:ad:06:12:4e:1e:53:68:
f2:06:63:e9:26:ba:39:8e:ca:aa:d7:5c:aa:c0:14:6f:da:72:
ba:d5:af:98:84:28:60:dc:a5:58:57:bd:99:36:8e:97:aa:34:
4d:97:2e:eb:2d:f3:b1:85:a1:f1:a9:b6:88:3d:33:d5:b3:27:
7d:c3:2c:30:74:49:ce:bb:4e:d0:74:aa:9b:ff:dd:45:12:f9:
dd:4d:fa:0c:61:bf:b9:c6:17:a5:f8:2f:9f:8a:24:59:4a:90:
4d:20:34:aa:25:e3:c9:1c:be:ce:7f:32:46:dd:71:95:a7:f2:
2b:de:7c:4b:26:f7:8d:80:ca:27:2b:11:e3:c6:43:b3:2c:b1:
71:18:d5:43:e0:14:66:13:bb:8c:cd:c7:c4:c2:86:c8:20:22:
5e:ac:82:c6:81:69:e4:b1:80:8b:ae:5c:d6:8e:fa:2f:44:2a:
9d:4f:0a:28:3b:6e:62:57:89:27:90:98:af:33:a5:fb:c3:c6:
4a:cc:03:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbiHfJpgvjCB/wekgY+pzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWIyZmEzNjUxMzgzYTdmYzZhODZhZGJhNTZjN2M2MjA3
ZDc1NjgwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTAwMjMyYWQzNDNlN2M3OTg0MGMwZDJjMGZjYmU5NmFkYTc0NTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDEmWUe00gQJGHmqzakmEhIwJmiM
5Bkw8FFNb2udFQsHXpTaPpy7qeBkgcORzwq/49RLeP96ba0w9bSXx5fV34zWeJE6
rEvd3sWda5pl4Bw0lRhh99G3ZCleAQoQzjIvWqnYm/cM2lDlTZqIhqj+E/IQlEJd
xcDI5rpUpKldct56ADTLKGj9CF4yG1Q7nKW5txBB3zyeTcilLGpLJ8pqYNQKUpn0
c1jGZpX1V9HEw/97YiG6K6SrvFExE2vxZv99QCO2vm1t5hgSLJiw6552OIUECVBT
qHqHqhWn2BQIA8+IATDbZuaoQ546qKnevjVGODtybfrcEaqU7EwkpPmoIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKkAIyrTQ+fHmEDA0sD8vpatp0WHMB8GA1UdIwQY
MBaAFDibL6NlE4On/GqGrbpWx8YgfXVoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDIt
MzczYjUyMmE4MjFkLzEvcVFBakt0TkQ1OGVZUU1EU3dQeS1scTJuUlljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYWQyNmYtYTMzZS00MDY5LWE4MDItMzczYjUyMmE4MjFk
LzEvT0pzdm8yVVRnNmY4YW9hdHVsYkh4aUI5ZFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWDAMA0G
CSqGSIb3DQEBCwUAA4IBAQBHBsl6IhCbhm+DSt/Jrzb066qwraqGFQv8XhTaVabi
wdx3KInz09k8pbx7zsd1pzgzesayE+QJE74MzCsAcDq0T60GEk4eU2jyBmPpJro5
jsqq11yqwBRv2nK61a+YhChg3KVYV72ZNo6XqjRNly7rLfOxhaHxqbaIPTPVsyd9
wywwdEnOu07QdKqb/91FEvndTfoMYb+5xhel+C+fiiRZSpBNIDSqJePJHL7OfzJG
3XGVp/Ir3nxLJveNgMonKxHjxkOzLLFxGNVD4BRmE7uMzcfEwobIICJerILGgWnk
sYCLrlzWjvovRCqdTwooO25iV4knkJivM6X7w8ZKzAON
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:01 2024 by rpki-client on console-fra.rpki-client.org