Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/QYtnXUhes-traiAoYcqGbpuIrEY.roa
File: QYtnXUhes-traiAoYcqGbpuIrEY.roa (raw, json)
Hash identifier: 04mVj1hq80CXNyhbaIfDBi/Mf9xox0/UuYhw1srUr/U=
Subject key identifier: 41:8B:67:5D:48:5E:B3:EB:6B:6A:20:28:61:CA:86:6E:9B:88:AC:46
Certificate issuer: /CN=8ef645770d2914402d6c95b8daf51f7ffe12772b
Certificate serial: 0185AFAE3710483083502AB12981FEC5C556
Authority key identifier: 8E:F6:45:77:0D:29:14:40:2D:6C:95:B8:DA:F5:1F:7F:FE:12:77:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvZFdw0pFEAtbJW42vUff_4Sdys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/QYtnXUhes-traiAoYcqGbpuIrEY.roa
Signing time: Sat 14 Jan 2023 09:48:28 +0000
ROA not before: Sat 14 Jan 2023 09:48:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16001
IP address blocks: 80.250.128.0/20 maxlen: 20
185.255.64.0/22 maxlen: 22
2a00:ecc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 13 Jun 2023 08:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:af:ae:37:10:48:30:83:50:2a:b1:29:81:fe:c5:c5:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef645770d2914402d6c95b8daf51f7ffe12772b
Validity
Not Before: Jan 14 09:48:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=418b675d485eb3eb6b6a202861ca866e9b88ac46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b0:34:91:07:a5:b2:c2:c8:b7:9d:ec:98:ee:
c7:99:2d:2b:d0:20:d7:7d:a9:b3:42:21:29:4f:eb:
17:b0:ed:0f:94:5b:40:34:f3:3d:b4:cd:e2:58:6f:
42:8d:44:77:76:29:2e:88:ba:11:f8:af:69:b1:2e:
69:54:46:31:03:ac:1b:23:4f:99:9b:a8:1a:e2:34:
b3:34:84:4f:11:e4:23:cf:ae:ab:d4:fc:25:dd:62:
7e:13:71:58:97:65:c7:df:3b:85:09:50:94:4e:57:
c9:0f:0c:54:93:6a:da:0d:2b:c2:41:af:08:a3:b5:
f2:6d:3d:33:a2:07:7d:ca:6c:9f:21:f8:dd:df:7a:
d2:93:07:1e:aa:89:11:56:d2:83:87:4e:25:4b:d3:
4e:e3:7b:e7:bb:32:31:d5:6b:36:ff:c3:5a:e1:d8:
82:42:52:44:63:b5:cc:49:aa:46:9b:44:36:7e:fb:
9b:c1:23:57:dd:48:2b:90:32:f5:77:51:3c:d1:cc:
de:ee:75:a1:a6:97:7b:eb:ee:ee:f7:9a:d3:3f:b2:
a5:27:84:90:14:ab:13:24:bd:59:f7:66:3b:f3:6a:
2d:3b:d4:f3:99:38:43:f4:20:30:a5:34:03:51:ee:
4c:d3:84:97:0a:e6:19:6b:e8:6a:0d:c1:48:ac:0d:
aa:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:8B:67:5D:48:5E:B3:EB:6B:6A:20:28:61:CA:86:6E:9B:88:AC:46
X509v3 Authority Key Identifier:
keyid:8E:F6:45:77:0D:29:14:40:2D:6C:95:B8:DA:F5:1F:7F:FE:12:77:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvZFdw0pFEAtbJW42vUff_4Sdys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/QYtnXUhes-traiAoYcqGbpuIrEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/b0975c-2573-4d0a-b8d9-656957f3867e/1/jvZFdw0pFEAtbJW42vUff_4Sdys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.128.0/20
185.255.64.0/22
IPv6:
2a00:ecc0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:53:dd:19:c6:f7:09:cc:4a:48:9a:55:9e:f7:fe:84:fa:8a:
8e:61:8b:a4:be:29:57:8b:84:7e:10:6d:14:78:dd:43:83:b3:
67:db:6d:3e:81:de:b2:7a:61:90:88:a4:81:d5:f3:54:da:24:
87:1e:91:fc:9c:1c:19:8f:22:87:a4:a8:c3:69:37:60:4a:a7:
49:78:e7:c4:da:76:e7:cf:64:13:cb:7b:63:62:78:16:94:2d:
ee:47:9d:94:28:92:30:11:67:c0:1a:10:cb:6f:49:e6:22:0e:
f1:5d:b1:22:f2:30:ed:bc:9a:38:53:e3:1b:b9:27:62:9b:9a:
db:4b:46:10:f5:69:2a:fe:c1:25:04:ec:af:42:c0:ef:db:34:
4e:a1:9a:8f:dd:13:bb:01:93:b9:41:72:69:28:f1:42:ef:56:
72:f7:6e:c8:e5:2d:9e:fc:6d:3e:1f:12:90:bc:19:f9:88:f5:
31:f9:7f:09:b2:89:66:2c:5a:3a:99:bf:dc:3e:af:6d:1e:e6:
2c:0c:1c:55:ae:35:4b:7c:c1:82:b0:35:b8:81:c1:8e:3d:83:
0b:cf:55:5e:3c:99:5e:f0:16:c9:70:7d:fa:f7:6f:7f:5b:56:
98:56:c6:4c:14:76:d1:3e:13:12:3c:b9:81:de:45:fb:5f:95:
65:b9:44:c6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWvrjcQSDCDUCqxKYH+xcVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjY0NTc3MGQyOTE0NDAyZDZjOTViOGRhZjUxZjdmZmUx
Mjc3MmIwHhcNMjMwMTE0MDk0ODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MThiNjc1ZDQ4NWViM2ViNmI2YTIwMjg2MWNhODY2ZTliODhhYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbA0kQelssLIt53smO7HmS0r0CDX
famzQiEpT+sXsO0PlFtANPM9tM3iWG9CjUR3dikuiLoR+K9psS5pVEYxA6wbI0+Z
m6ga4jSzNIRPEeQjz66r1Pwl3WJ+E3FYl2XH3zuFCVCUTlfJDwxUk2raDSvCQa8I
o7XybT0zogd9ymyfIfjd33rSkwceqokRVtKDh04lS9NO43vnuzIx1Ws2/8Na4diC
QlJEY7XMSapGm0Q2fvubwSNX3UgrkDL1d1E80cze7nWhppd76+7u95rTP7KlJ4SQ
FKsTJL1Z92Y782otO9TzmThD9CAwpTQDUe5M04SXCuYZa+hqDcFIrA2q/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEGLZ11IXrPra2ogKGHKhm6biKxGMB8GA1UdIwQY
MBaAFI72RXcNKRRALWyVuNr1H3/+EncrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZaRmR3MHBGRUF0YkpXNDJ2VWZmXzRTZHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iMDk3NWMtMjU3My00ZDBhLWI4ZDkt
NjU2OTU3ZjM4NjdlLzEvUVl0blhVaGVzLXRyYWlBb1ljcUdicHVJckVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iMDk3NWMtMjU3My00ZDBhLWI4ZDktNjU2OTU3ZjM4Njdl
LzEvanZaRmR3MHBGRUF0YkpXNDJ2VWZmXzRTZHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUPqAAwQC
uf9AMA0EAgACMAcDBQAqAOzAMA0GCSqGSIb3DQEBCwUAA4IBAQBrU90ZxvcJzEpI
mlWe9/6E+oqOYYukvilXi4R+EG0UeN1Dg7Nn220+gd6yemGQiKSB1fNU2iSHHpH8
nBwZjyKHpKjDaTdgSqdJeOfE2nbnz2QTy3tjYngWlC3uR52UKJIwEWfAGhDLb0nm
Ig7xXbEi8jDtvJo4U+MbuSdim5rbS0YQ9Wkq/sElBOyvQsDv2zROoZqP3RO7AZO5
QXJpKPFC71Zy927I5S2e/G0+HxKQvBn5iPUx+X8JsolmLFo6mb/cPq9tHuYsDBxV
rjVLfMGCsDW4gcGOPYMLz1VePJle8BbJcH36929/W1aYVsZMFHbRPhMSPLmB3kX7
X5VluUTG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:22 2024 by rpki-client on console-fra.rpki-client.org