Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/0047b7-f1e6-41a8-a8d2-4801198e75ca/1/qMkqv7R5Vo40erWZOWKSC62CQfE.roa
File: qMkqv7R5Vo40erWZOWKSC62CQfE.roa (raw, json)
Hash identifier: jas1+Nx4QhB/JYcPcCXjwzdIlu0pjxK9AFFnuq6MRi4=
Subject key identifier: A8:C9:2A:BF:B4:79:56:8E:34:7A:B5:99:39:62:92:0B:AD:82:41:F1
Certificate issuer: /CN=beed14bf4e46b13579583f97ff85910d103a53f8
Certificate serial: 01856CCAFC83F5F924019DE8D2EBEB768CAD
Authority key identifier: BE:ED:14:BF:4E:46:B1:35:79:58:3F:97:FF:85:91:0D:10:3A:53:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vu0Uv05GsTV5WD-X_4WRDRA6U_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/0047b7-f1e6-41a8-a8d2-4801198e75ca/1/qMkqv7R5Vo40erWZOWKSC62CQfE.roa
Signing time: Sun 01 Jan 2023 10:05:20 +0000
ROA not before: Sun 01 Jan 2023 10:05:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137
IP address blocks: 192.55.101.0/24 maxlen: 24
192.132.34.0/24 maxlen: 24
192.135.165.0/24 maxlen: 24
192.133.28.0/24 maxlen: 24
143.225.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:fc:83:f5:f9:24:01:9d:e8:d2:eb:eb:76:8c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beed14bf4e46b13579583f97ff85910d103a53f8
Validity
Not Before: Jan 1 10:05:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8c92abfb479568e347ab5993962920bad8241f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8e:82:5b:fd:09:36:43:78:90:64:de:c5:67:
1f:38:b8:6a:84:0b:14:f3:d6:cd:7e:12:95:14:54:
c9:1a:d4:91:8e:7a:7f:e9:21:66:fc:ed:d7:6d:fa:
09:ae:c9:e4:65:d9:05:5d:e7:6f:38:18:bf:fb:7d:
dd:f0:45:08:e9:de:f9:f3:5c:35:5f:1c:78:e3:fb:
2e:51:e0:f8:ff:ab:dc:3e:4e:34:d3:b5:14:9e:be:
13:29:dd:10:e0:49:ae:ff:19:ef:fb:8d:cc:b4:8c:
32:5b:a2:4a:20:6e:69:9c:96:74:92:fb:c2:10:16:
a5:a2:0e:ee:05:27:9c:64:66:84:6f:67:fb:24:23:
e5:67:80:b3:eb:a9:5d:4a:3a:e3:96:e0:27:28:4b:
5c:01:e8:f1:54:c1:de:a8:8b:39:a2:eb:90:7c:26:
44:16:84:6a:07:3d:2f:32:23:ed:3f:35:24:01:2b:
ec:88:d6:fa:30:75:63:08:44:0e:4f:b8:7f:5e:44:
c4:07:38:5c:f9:9b:64:c6:36:cb:6f:99:91:2a:30:
c7:f1:45:19:b2:48:a2:a9:2a:e7:84:38:46:2e:87:
9a:5a:4b:15:74:18:dc:b2:71:2a:ad:76:37:29:a6:
bd:cb:75:e2:d2:28:bd:0d:a8:69:f3:d2:c4:fd:88:
9f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C9:2A:BF:B4:79:56:8E:34:7A:B5:99:39:62:92:0B:AD:82:41:F1
X509v3 Authority Key Identifier:
keyid:BE:ED:14:BF:4E:46:B1:35:79:58:3F:97:FF:85:91:0D:10:3A:53:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vu0Uv05GsTV5WD-X_4WRDRA6U_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0047b7-f1e6-41a8-a8d2-4801198e75ca/1/qMkqv7R5Vo40erWZOWKSC62CQfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0047b7-f1e6-41a8-a8d2-4801198e75ca/1/vu0Uv05GsTV5WD-X_4WRDRA6U_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.225.0.0/16
192.55.101.0/24
192.132.34.0/24
192.133.28.0/24
192.135.165.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:cb:56:6f:12:e1:93:05:59:3c:a9:e6:05:1d:e2:d8:d2:b6:
c8:98:05:2b:78:5b:10:a4:67:e9:a2:47:6e:c8:e2:7e:41:16:
2a:9b:73:b0:67:a3:92:e6:3e:27:89:61:88:da:10:44:32:f9:
0e:1b:b7:e6:ba:50:42:55:a8:2d:58:95:be:d2:cb:86:74:78:
02:5d:20:a0:37:fa:a8:bf:f9:6c:d6:68:66:74:37:a5:08:64:
ea:c2:86:7f:08:ec:82:56:f2:25:2c:7f:ff:f1:a7:69:15:11:
3d:b2:2d:d3:01:51:96:1a:b5:29:aa:f5:82:25:c9:fa:c1:07:
fd:52:61:11:89:91:96:30:a5:ac:5d:38:95:95:9a:01:d9:72:
4c:38:6f:1c:9a:b0:61:01:7a:10:da:76:01:56:f8:25:45:b3:
5d:c3:c2:d0:3f:41:3c:c6:c2:67:49:b9:c7:1b:dd:1a:66:09:
e3:a5:45:c0:cf:71:e6:80:d0:37:88:85:56:49:0c:fe:27:37:
41:6e:12:d9:7b:93:d1:53:93:07:9b:f8:91:7d:d4:2d:79:07:
1f:95:2b:66:51:5b:76:2f:6d:5f:b5:c0:f0:97:de:86:0e:58:
6e:72:64:b6:8b:36:ee:17:7c:5f:9e:e7:08:73:b2:7c:52:06:
d1:ee:3f:26
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVsyvyD9fkkAZ3o0uvrdoytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlZWQxNGJmNGU0NmIxMzU3OTU4M2Y5N2ZmODU5MTBkMTAz
YTUzZjgwHhcNMjMwMTAxMTAwNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM5MmFiZmI0Nzk1NjhlMzQ3YWI1OTkzOTYyOTIwYmFkODI0MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI6CW/0JNkN4kGTexWcfOLhqhAsU
89bNfhKVFFTJGtSRjnp/6SFm/O3XbfoJrsnkZdkFXedvOBi/+33d8EUI6d7581w1
Xxx44/suUeD4/6vcPk4007UUnr4TKd0Q4Emu/xnv+43MtIwyW6JKIG5pnJZ0kvvC
EBalog7uBSecZGaEb2f7JCPlZ4Cz66ldSjrjluAnKEtcAejxVMHeqIs5ouuQfCZE
FoRqBz0vMiPtPzUkASvsiNb6MHVjCEQOT7h/XkTEBzhc+ZtkxjbLb5mRKjDH8UUZ
skiiqSrnhDhGLoeaWksVdBjcsnEqrXY3Kaa9y3Xi0ii9Dahp89LE/YifswIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKjJKr+0eVaONHq1mTlikgutgkHxMB8GA1UdIwQY
MBaAFL7tFL9ORrE1eVg/l/+FkQ0QOlP4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnUwVXYwNUdzVFY1V0QtWF80V1JEUkE2VV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wMDQ3YjctZjFlNi00MWE4LWE4ZDIt
NDgwMTE5OGU3NWNhLzEvcU1rcXY3UjVWbzQwZXJXWk9XS1NDNjJDUWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8wMDQ3YjctZjFlNi00MWE4LWE4ZDItNDgwMTE5OGU3NWNh
LzEvdnUwVXYwNUdzVFY1V0QtWF80V1JEUkE2VV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwMAj+EDBADA
N2UDBADAhCIDBADAhRwDBADAh6UwDQYJKoZIhvcNAQELBQADggEBAKjLVm8S4ZMF
WTyp5gUd4tjStsiYBSt4WxCkZ+miR27I4n5BFiqbc7Bno5LmPieJYYjaEEQy+Q4b
t+a6UEJVqC1Ylb7Sy4Z0eAJdIKA3+qi/+WzWaGZ0N6UIZOrChn8I7IJW8iUsf//x
p2kVET2yLdMBUZYatSmq9YIlyfrBB/1SYRGJkZYwpaxdOJWVmgHZckw4bxyasGEB
ehDadgFW+CVFs13DwtA/QTzGwmdJuccb3RpmCeOlRcDPceaA0DeIhVZJDP4nN0Fu
Etl7k9FTkweb+JF91C15Bx+VK2ZRW3YvbV+1wPCX3oYOWG5yZLaLNu4XfF+e5whz
snxSBtHuPyY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:14 2024 by rpki-client on console-ams.rpki-client.org