Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/qOaTjbivX-1PbRt7VFNzbkrsLJE.roa
File: qOaTjbivX-1PbRt7VFNzbkrsLJE.roa (raw, json)
Hash identifier: MvDHDvcgpig0Uu/93FyIqhAqYDTJWbc1fIZ58eD4nLI=
Subject key identifier: A8:E6:93:8D:B8:AF:5F:ED:4F:6D:1B:7B:54:53:73:6E:4A:EC:2C:91
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 0187C2CB62089E3FB675223774674E3A38D4
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/qOaTjbivX-1PbRt7VFNzbkrsLJE.roa
Signing time: Thu 27 Apr 2023 12:58:41 +0000
ROA not before: Thu 27 Apr 2023 12:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.66.94.0/23 maxlen: 23
37.44.228.0/22 maxlen: 24
192.145.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jul 2023 08:18:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c2:cb:62:08:9e:3f:b6:75:22:37:74:67:4e:3a:38:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Apr 27 12:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8e6938db8af5fed4f6d1b7b5453736e4aec2c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:91:f3:31:3d:d3:1e:ad:33:86:f9:a2:0a:
ba:a0:e8:9a:5f:cc:f2:e7:9e:30:aa:f9:55:ed:59:
06:b3:ed:1d:5e:4b:13:5d:ad:12:f2:ee:6b:cd:21:
90:57:04:be:c4:04:ab:75:af:de:be:e3:be:72:4a:
d7:86:79:c7:f6:40:d5:a0:3f:b0:df:7f:c0:f3:68:
78:8b:86:f9:31:06:33:55:d7:ad:4e:f4:49:71:67:
62:7f:20:e7:e5:6c:85:0f:9e:c6:e5:97:5e:c1:47:
f0:4d:07:e9:5f:14:f5:f2:ac:74:78:de:9e:74:f3:
ef:47:09:3f:62:e6:78:2d:0c:f0:fb:f8:29:07:2c:
07:14:b5:91:1f:ea:a1:9c:34:50:8b:db:35:47:ac:
5c:33:85:c5:34:1c:b5:ba:42:03:2e:a9:f4:b1:c7:
9b:6b:4e:53:a5:31:d4:e7:f2:8c:fc:b0:e1:e9:46:
4b:52:8c:a7:99:ab:d2:a1:7f:db:7e:b2:96:ec:b3:
a6:29:c2:3b:b1:67:46:f6:f1:b4:1c:05:19:2d:33:
bd:28:43:40:b4:6b:ae:36:fc:d1:91:8d:d1:1a:1c:
4f:7e:8d:3d:00:0b:62:1a:d0:bc:c9:71:68:70:f6:
9e:e4:53:df:61:13:0a:27:14:e7:97:ea:e5:ed:c4:
11:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E6:93:8D:B8:AF:5F:ED:4F:6D:1B:7B:54:53:73:6E:4A:EC:2C:91
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/qOaTjbivX-1PbRt7VFNzbkrsLJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.94.0/23
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
07:02:bb:3c:e2:14:e8:cf:a5:b3:71:ba:4c:00:39:b5:f9:b0:
e9:ab:f1:53:11:64:a2:0b:6c:9b:aa:f8:db:42:aa:b7:17:1a:
a3:ed:e4:9f:40:53:fa:91:1a:8f:bc:64:c5:4e:97:b6:03:db:
90:10:75:1c:05:d8:20:44:89:38:ef:73:75:8e:fe:84:67:96:
22:fa:8c:3f:e6:83:ea:2b:f7:a9:51:24:5f:56:74:8f:69:97:
61:24:3a:2e:de:4e:d3:dd:d4:8c:0c:78:45:89:eb:15:54:e0:
9b:52:0d:f2:09:87:70:7b:00:99:e1:4d:f5:ae:e8:eb:f5:72:
c0:bd:07:fd:fd:c0:af:0c:1d:84:34:97:08:c8:0d:55:8d:32:
18:d1:a6:e7:53:84:da:68:ce:bc:65:0e:a7:25:77:bb:04:a6:
a6:d7:67:59:d7:9a:10:89:c6:20:60:94:a6:c8:84:d0:b4:16:
7c:2c:59:4c:bc:80:e9:d1:91:3e:e5:88:f1:d8:52:27:9d:3a:
40:48:ba:7f:2f:47:bd:ec:07:cd:f3:c3:2d:7f:ab:a9:65:6d:
d2:3f:c3:51:06:c0:9a:a8:aa:65:3c:0d:18:9e:b6:b5:26:6c:
67:dc:97:43:d5:58:fb:be:a8:bf:c3:b8:41:dc:64:77:46:68:
2f:cb:e1:0d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfCy2IInj+2dSI3dGdOOjjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMwNDI3MTI1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU2OTM4ZGI4YWY1ZmVkNGY2ZDFiN2I1NDUzNzM2ZTRhZWMyYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lCR8zE90x6tM4b5ogq6oOiaX8zy
554wqvlV7VkGs+0dXksTXa0S8u5rzSGQVwS+xASrda/evuO+ckrXhnnH9kDVoD+w
33/A82h4i4b5MQYzVdetTvRJcWdifyDn5WyFD57G5ZdewUfwTQfpXxT18qx0eN6e
dPPvRwk/YuZ4LQzw+/gpBywHFLWRH+qhnDRQi9s1R6xcM4XFNBy1ukIDLqn0sceb
a05TpTHU5/KM/LDh6UZLUoynmavSoX/bfrKW7LOmKcI7sWdG9vG0HAUZLTO9KENA
tGuuNvzRkY3RGhxPfo09AAtiGtC8yXFocPae5FPfYRMKJxTnl+rl7cQR1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKjmk424r1/tT20be1RTc25K7CyRMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvcU9hVGpiaXZYLTFQYlJ0N1ZGTnpia3JzTEpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJSzkAwQB
LUJeAwQCwJE0MA0GCSqGSIb3DQEBCwUAA4IBAQAHArs84hToz6WzcbpMADm1+bDp
q/FTEWSiC2ybqvjbQqq3Fxqj7eSfQFP6kRqPvGTFTpe2A9uQEHUcBdggRIk473N1
jv6EZ5Yi+ow/5oPqK/epUSRfVnSPaZdhJDou3k7T3dSMDHhFiesVVOCbUg3yCYdw
ewCZ4U31rujr9XLAvQf9/cCvDB2ENJcIyA1VjTIY0abnU4TaaM68ZQ6nJXe7BKam
12dZ15oQicYgYJSmyITQtBZ8LFlMvIDp0ZE+5Yjx2FInnTpASLp/L0e97AfN88Mt
f6upZW3SP8NRBsCaqKplPA0Ynra1Jmxn3JdD1Vj7vqi/w7hB3GR3Rmgvy+EN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org