Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/cq56Z3bSVmrZLiHx47bY-wSZ1oI.roa
File: cq56Z3bSVmrZLiHx47bY-wSZ1oI.roa (raw, json)
Hash identifier: 5yVTNtJn9Noan+wvn1AchmnqydVzyUACHNpSLQ6afWo=
Subject key identifier: 72:AE:7A:67:76:D2:56:6A:D9:2E:21:F1:E3:B6:D8:FB:04:99:D6:82
Certificate issuer: /CN=dd4670c2a6fd7223327f68badbe6d08322b78058
Certificate serial: 01856E6FB12644653A2ED0E0D7A0FDD3BE93
Authority key identifier: DD:46:70:C2:A6:FD:72:23:32:7F:68:BA:DB:E6:D0:83:22:B7:80:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3UZwwqb9ciMyf2i62-bQgyK3gFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/cq56Z3bSVmrZLiHx47bY-wSZ1oI.roa
Signing time: Sun 01 Jan 2023 17:44:51 +0000
ROA not before: Sun 01 Jan 2023 17:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197177
IP address blocks: 109.106.4.0/22 maxlen: 23
91.223.52.0/24 maxlen: 24
185.174.12.0/22 maxlen: 23
Validation: Failed, certificate revoked on Thu 25 May 2023 09:18:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:b1:26:44:65:3a:2e:d0:e0:d7:a0:fd:d3:be:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4670c2a6fd7223327f68badbe6d08322b78058
Validity
Not Before: Jan 1 17:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72ae7a6776d2566ad92e21f1e3b6d8fb0499d682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3c:bc:62:f0:c1:4b:10:75:4e:d9:e1:2a:6f:
ba:6f:cb:f2:05:f2:53:63:1a:99:ae:60:8b:e5:bb:
be:37:9e:fd:75:6a:f9:c4:3c:55:07:14:23:bf:67:
b7:8f:f4:a1:a2:b3:7c:4a:b1:1c:f7:2a:42:5e:74:
55:8e:57:a4:25:a9:d2:be:1d:9e:d3:03:b7:09:4b:
77:12:f7:5d:f1:88:55:c5:c4:a1:f3:2d:0a:e2:98:
a5:e7:49:72:f2:79:a7:72:b9:06:2e:a7:e0:d8:a9:
cb:d9:20:00:dc:0b:d8:fa:60:e6:cd:73:d7:d1:10:
5f:68:65:85:11:4e:c2:a5:fa:2b:80:4a:1a:9b:71:
3a:3f:1b:0e:81:eb:49:38:0e:07:60:a9:14:9c:6c:
fc:aa:18:eb:30:dc:67:67:a3:d8:9f:2c:c5:a0:f3:
bc:32:91:09:7b:6d:72:b2:5c:30:88:e3:a9:3d:7b:
f9:54:e5:af:0a:f2:26:8d:ac:a2:0a:e3:d2:de:e8:
84:80:e2:ca:f1:2f:5c:44:ac:2d:fc:e4:e2:76:6c:
93:e1:b5:37:9d:3e:74:74:f9:07:ae:e9:fc:c0:43:
0b:f0:a3:9d:bd:35:ea:e4:37:67:72:b5:a6:3f:26:
9b:2a:3a:c6:31:46:d4:bd:6c:ab:cd:2f:20:50:9c:
3d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:AE:7A:67:76:D2:56:6A:D9:2E:21:F1:E3:B6:D8:FB:04:99:D6:82
X509v3 Authority Key Identifier:
keyid:DD:46:70:C2:A6:FD:72:23:32:7F:68:BA:DB:E6:D0:83:22:B7:80:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UZwwqb9ciMyf2i62-bQgyK3gFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/cq56Z3bSVmrZLiHx47bY-wSZ1oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/7a7781-9b4c-482b-b295-9cd3c6a18866/1/3UZwwqb9ciMyf2i62-bQgyK3gFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.52.0/24
109.106.4.0/22
185.174.12.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:c3:3c:72:78:3d:4b:c9:ad:eb:db:6e:2a:18:ed:43:b4:5c:
a7:bb:48:2d:3c:98:56:35:d7:8e:9e:bd:78:5f:b7:0b:9e:3d:
29:61:53:a6:5f:86:21:4a:fe:d8:78:56:5b:92:f3:93:f6:31:
c6:41:0a:13:69:66:1d:53:98:4d:e5:c2:e8:6e:ac:c4:7f:22:
f7:e1:1b:ac:5b:e1:ea:40:ba:ca:b3:df:21:01:30:71:0a:a4:
2b:94:21:52:71:3f:bb:c2:4b:16:ce:aa:fd:5f:fa:67:b0:d4:
4a:63:17:fe:ac:5b:fe:7f:33:2f:02:ab:f4:f5:2f:88:5a:c1:
55:ef:11:32:c2:36:9a:35:04:91:7d:4e:8b:6c:69:af:17:65:
d7:29:11:97:ad:f8:28:e4:4e:50:f6:60:b2:1f:28:17:fb:15:
a8:20:34:90:e2:14:12:59:1e:74:bb:e6:97:e4:eb:7d:b1:64:
5d:67:1c:c2:a2:9e:c0:4e:ec:4a:b7:89:9a:0b:47:ca:75:fc:
80:c0:43:83:bf:90:6c:da:d8:b8:45:cb:ab:19:57:e0:7c:c0:
75:b3:02:fc:21:b0:bf:e5:ef:c7:39:72:23:f7:9b:d5:e6:14:
c1:a3:68:7d:8e:7a:50:7b:a8:47:39:9d:11:62:9e:fd:a7:b0:
15:26:b5:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVub7EmRGU6LtDg16D9076TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNDY3MGMyYTZmZDcyMjMzMjdmNjhiYWRiZTZkMDgzMjJi
NzgwNTgwHhcNMjMwMTAxMTc0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmFlN2E2Nzc2ZDI1NjZhZDkyZTIxZjFlM2I2ZDhmYjA0OTlkNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzy8YvDBSxB1TtnhKm+6b8vyBfJT
YxqZrmCL5bu+N579dWr5xDxVBxQjv2e3j/ShorN8SrEc9ypCXnRVjlekJanSvh2e
0wO3CUt3Evdd8YhVxcSh8y0K4pil50ly8nmncrkGLqfg2KnL2SAA3AvY+mDmzXPX
0RBfaGWFEU7CpforgEoam3E6PxsOgetJOA4HYKkUnGz8qhjrMNxnZ6PYnyzFoPO8
MpEJe21yslwwiOOpPXv5VOWvCvImjayiCuPS3uiEgOLK8S9cRKwt/OTidmyT4bU3
nT50dPkHrun8wEML8KOdvTXq5DdncrWmPyabKjrGMUbUvWyrzS8gUJw9jwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHKuemd20lZq2S4h8eO22PsEmdaCMB8GA1UdIwQY
MBaAFN1GcMKm/XIjMn9outvm0IMit4BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Vad3dxYjljaU15ZjJpNjItYlFneUszZ0ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83YTc3ODEtOWI0Yy00ODJiLWIyOTUt
OWNkM2M2YTE4ODY2LzEvY3E1NlozYlNWbXJaTGlIeDQ3Ylktd1NaMW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83YTc3ODEtOWI0Yy00ODJiLWIyOTUtOWNkM2M2YTE4ODY2
LzEvM1Vad3dxYjljaU15ZjJpNjItYlFneUszZ0ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW980AwQC
bWoEAwQCua4MMA0GCSqGSIb3DQEBCwUAA4IBAQA/wzxyeD1Lya3r224qGO1DtFyn
u0gtPJhWNdeOnr14X7cLnj0pYVOmX4YhSv7YeFZbkvOT9jHGQQoTaWYdU5hN5cLo
bqzEfyL34RusW+HqQLrKs98hATBxCqQrlCFScT+7wksWzqr9X/pnsNRKYxf+rFv+
fzMvAqv09S+IWsFV7xEywjaaNQSRfU6LbGmvF2XXKRGXrfgo5E5Q9mCyHygX+xWo
IDSQ4hQSWR50u+aX5Ot9sWRdZxzCop7ATuxKt4maC0fKdfyAwEODv5Bs2ti4Rcur
GVfgfMB1swL8IbC/5e/HOXIj95vV5hTBo2h9jnpQe6hHOZ0RYp79p7AVJrXj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:08 2024 by rpki-client on console-ams.rpki-client.org