Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/Q9ljdK64FHFHjn7L2lAHhEI42Ps.roa
File: Q9ljdK64FHFHjn7L2lAHhEI42Ps.roa (raw, json)
Hash identifier: AbJ1rx5QJ8gSSJneW93GoiCF17SvY+apoh2ltiDs6Pc=
Subject key identifier: 43:D9:63:74:AE:B8:14:71:47:8E:7E:CB:DA:50:07:84:42:38:D8:FB
Certificate issuer: /CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc
Certificate serial: 0185729ECEA86A72089812D540BE6FBC8037
Authority key identifier: 6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/Q9ljdK64FHFHjn7L2lAHhEI42Ps.roa
Signing time: Mon 02 Jan 2023 13:14:48 +0000
ROA not before: Mon 02 Jan 2023 13:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210017
IP address blocks: 193.58.112.0/22 maxlen: 24
2a0d:e640::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:ce:a8:6a:72:08:98:12:d5:40:be:6f:bc:80:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc
Validity
Not Before: Jan 2 13:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43d96374aeb81471478e7ecbda5007844238d8fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:98:d5:12:97:c9:d1:c9:ee:91:54:16:f2:4c:
80:b8:16:71:3a:43:97:59:ac:a3:86:b0:89:c9:00:
32:e1:86:a1:18:2a:a8:ce:8a:89:75:d5:86:14:12:
bf:b2:f2:54:d3:ab:38:41:0d:a6:0e:44:15:fe:86:
69:f9:4f:b5:6d:a4:ab:97:20:d5:22:18:b0:e3:02:
67:82:53:50:c2:9c:f4:68:7d:ab:03:26:8f:47:68:
06:e8:bd:54:a6:2a:7e:06:22:0a:98:39:31:d7:9f:
31:b2:65:4b:f8:8c:70:f5:0a:43:c6:d3:b7:4f:da:
59:ac:00:da:ee:13:8a:36:f7:e1:3b:9b:27:40:74:
3f:10:f2:53:18:11:a6:82:ee:8a:fd:ea:bd:43:3d:
00:ce:8c:b9:6e:c5:35:74:de:65:17:91:23:0b:dd:
4f:60:fe:aa:c9:91:ae:ad:ad:1f:40:dc:ce:20:bf:
f1:5b:7c:20:41:ce:06:35:c2:1c:f9:34:e6:47:5b:
56:33:12:bb:1b:d1:4c:0e:c8:fd:9b:e7:59:07:29:
95:b3:1e:61:fc:39:a3:0f:3d:04:bd:2a:78:6b:99:
d0:6d:b2:de:9d:a9:fa:f2:4f:ba:a0:b8:87:1e:7e:
5e:2f:c3:5a:bf:2d:e2:92:a1:32:f2:bb:6b:4a:81:
86:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D9:63:74:AE:B8:14:71:47:8E:7E:CB:DA:50:07:84:42:38:D8:FB
X509v3 Authority Key Identifier:
keyid:6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/Q9ljdK64FHFHjn7L2lAHhEI42Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/bPmyTywIR9BBweZqEvAeq6R4tPw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.112.0/22
IPv6:
2a0d:e640::/29
Signature Algorithm: sha256WithRSAEncryption
51:3f:0a:99:3b:d7:97:8f:84:53:f7:b4:d2:d3:40:ac:cf:9b:
e9:a5:94:a9:b7:74:58:b5:71:c4:08:8f:63:9a:df:03:b3:a6:
a8:06:c3:6c:cb:84:e9:58:a6:21:20:eb:b5:3e:a9:03:2d:d1:
23:89:51:f7:3f:74:68:bf:06:51:91:88:b2:51:cb:19:66:28:
1d:63:21:fb:60:97:d9:1b:10:3d:b6:25:82:b3:90:86:50:11:
52:1f:ec:2b:74:e6:11:86:ba:1f:3f:bd:4e:2b:b7:aa:52:94:
dd:4f:e6:ab:a2:48:c4:10:ab:d3:5f:11:e7:17:88:49:e7:7c:
d4:df:74:60:4c:83:7d:96:09:21:52:1d:84:87:75:ba:d8:76:
b2:b5:14:d1:b5:49:2e:b8:7d:16:54:50:1a:8c:4d:0d:76:e0:
c1:43:ae:fb:c1:66:7a:45:e1:2d:73:24:2c:c3:fb:b1:40:41:
8c:f2:44:28:03:f6:47:6e:15:d5:3d:90:98:70:98:a8:d0:26:
b1:c8:d5:d2:6b:90:f5:a4:2b:c4:cd:9d:23:b6:d3:f1:f1:31:
6f:22:3f:5c:3e:b8:ce:6b:d1:a6:e2:79:15:2c:c3:6f:f5:6b:
ca:b1:88:59:01:55:f6:a5:2f:8e:55:8b:94:a7:c1:99:33:83:
9b:44:7a:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyns6oanIImBLVQL5vvIA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZjliMjRmMmMwODQ3ZDA0MWMxZTY2YTEyZjAxZWFiYTQ3
OGI0ZmMwHhcNMjMwMTAyMTMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Q5NjM3NGFlYjgxNDcxNDc4ZTdlY2JkYTUwMDc4NDQyMzhkOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJjVEpfJ0cnukVQW8kyAuBZxOkOX
WayjhrCJyQAy4YahGCqozoqJddWGFBK/svJU06s4QQ2mDkQV/oZp+U+1baSrlyDV
Ihiw4wJnglNQwpz0aH2rAyaPR2gG6L1Upip+BiIKmDkx158xsmVL+Ixw9QpDxtO3
T9pZrADa7hOKNvfhO5snQHQ/EPJTGBGmgu6K/eq9Qz0Azoy5bsU1dN5lF5EjC91P
YP6qyZGura0fQNzOIL/xW3wgQc4GNcIc+TTmR1tWMxK7G9FMDsj9m+dZBymVsx5h
/DmjDz0EvSp4a5nQbbLenan68k+6oLiHHn5eL8Navy3ikqEy8rtrSoGGfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEPZY3SuuBRxR45+y9pQB4RCONj7MB8GA1UdIwQY
MBaAFGz5sk8sCEfQQcHmahLwHqukeLT8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlBteVR5d0lSOUJCd2VacUV2QWVxNlI0dFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iNDU3NjUtMmMzMy00YTQ5LTkxZWIt
OTQ2ODkyZjg4YmViLzEvUTlsamRLNjRGSEZIam43TDJsQUhoRUk0MlBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iNDU3NjUtMmMzMy00YTQ5LTkxZWItOTQ2ODkyZjg4YmVi
LzEvYlBteVR5d0lSOUJCd2VacUV2QWVxNlI0dFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwTpwMA0E
AgACMAcDBQMqDeZAMA0GCSqGSIb3DQEBCwUAA4IBAQBRPwqZO9eXj4RT97TS00Cs
z5vppZSpt3RYtXHECI9jmt8Ds6aoBsNsy4TpWKYhIOu1PqkDLdEjiVH3P3RovwZR
kYiyUcsZZigdYyH7YJfZGxA9tiWCs5CGUBFSH+wrdOYRhrofP71OK7eqUpTdT+ar
okjEEKvTXxHnF4hJ53zU33RgTIN9lgkhUh2Eh3W62HaytRTRtUkuuH0WVFAajE0N
duDBQ677wWZ6ReEtcyQsw/uxQEGM8kQoA/ZHbhXVPZCYcJio0CaxyNXSa5D1pCvE
zZ0jttPx8TFvIj9cPrjOa9Gm4nkVLMNv9WvKsYhZAVX2pS+OVYuUp8GZM4ObRHrd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:53 2024 by rpki-client on console-fra.rpki-client.org