Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/qfCIT3KxdqYahSipIsvXWJa4WVQ.roa
File: qfCIT3KxdqYahSipIsvXWJa4WVQ.roa (raw, json)
Hash identifier: zS6EXyTYEPePSezFAKlEe8bc75NND9kXJhwdHReH2lw=
Subject key identifier: A9:F0:88:4F:72:B1:76:A6:1A:85:28:A9:22:CB:D7:58:96:B8:59:54
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 01856FF965F6D96282D8533AA4D934B17DC0
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/qfCIT3KxdqYahSipIsvXWJa4WVQ.roa
Signing time: Mon 02 Jan 2023 00:54:53 +0000
ROA not before: Mon 02 Jan 2023 00:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50340
IP address blocks: 85.28.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:65:f6:d9:62:82:d8:53:3a:a4:d9:34:b1:7d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 2 00:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9f0884f72b176a61a8528a922cbd75896b85954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c8:59:19:c1:cb:b8:2e:d3:53:39:2c:62:7f:
64:d1:53:75:18:61:17:2c:c9:f9:86:f7:9c:af:47:
2b:27:e7:0d:72:6c:24:87:80:43:95:b7:43:7b:9b:
b5:01:8a:87:ad:25:c9:7f:5f:86:ea:7f:93:79:71:
a5:70:c8:7a:16:40:83:b2:2b:6e:47:c5:1a:0a:69:
d2:a3:9b:d4:f2:ad:fe:0a:6c:49:b9:9e:69:6b:93:
c8:d2:54:82:ab:58:3b:3f:a4:87:d6:15:3d:78:1a:
73:c3:8d:6a:34:76:34:b0:34:aa:a8:76:6f:4e:5a:
ed:31:36:7b:14:f0:41:7d:82:4b:ff:4e:58:95:ef:
97:5b:28:ea:4b:fc:a9:4f:dc:96:e3:6b:4b:0e:13:
37:2d:eb:61:30:70:69:71:cf:59:18:86:f5:e4:3d:
04:ac:ea:dd:5a:4a:87:dc:e1:cc:b2:0c:86:60:77:
f7:8f:30:55:cd:3f:46:02:67:10:b7:d7:30:f1:a2:
90:07:e9:ca:b4:45:ff:f3:69:98:b8:db:5b:f1:62:
eb:97:54:ae:d8:49:13:5d:8e:ab:66:29:2f:d0:dc:
60:52:c1:bb:12:f7:2c:70:b8:82:e6:e1:91:46:53:
e3:92:58:93:87:c5:37:86:a2:69:6d:bd:c4:a0:36:
ac:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F0:88:4F:72:B1:76:A6:1A:85:28:A9:22:CB:D7:58:96:B8:59:54
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/qfCIT3KxdqYahSipIsvXWJa4WVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.60.0/24
Signature Algorithm: sha256WithRSAEncryption
33:78:50:0d:84:c9:7d:6c:68:d3:9a:9b:19:d8:73:2f:27:e9:
70:86:8c:23:44:6f:bf:19:f3:94:d5:ad:ec:07:74:a7:10:74:
eb:18:65:b3:9b:9b:46:47:2a:b5:de:2c:86:e9:49:7f:8d:e2:
5a:18:29:19:7f:fb:02:34:2c:bb:71:b6:b1:6b:be:6c:3f:8d:
ea:47:82:51:e1:90:3f:ad:3f:e3:5d:3c:f9:69:e2:8b:18:ef:
ff:6e:6d:4e:e5:ed:25:ea:80:c3:8c:81:3c:fd:ef:66:a1:5a:
75:f9:a8:ba:ef:71:32:09:54:f7:32:f6:85:dc:de:24:a8:56:
62:ce:fb:23:1b:f6:ea:c3:03:d0:e4:1a:92:ad:80:e9:81:b0:
fa:7d:79:55:86:94:7a:c3:45:f0:5e:84:0d:33:76:2c:22:77:
64:36:ec:ae:e5:01:97:7e:b1:a4:40:77:7f:b5:3f:f6:a1:46:
62:66:80:e2:a4:a1:2f:bf:0c:e3:41:69:71:d5:ff:71:06:ca:
ce:46:95:34:c0:33:16:c9:d7:60:5e:81:8d:ae:77:21:7a:59:
64:24:f8:80:17:a8:ca:2d:6b:fa:88:38:50:92:6a:72:a2:53:
eb:f9:e2:f5:d3:34:b8:1a:dd:4d:1c:54:98:a8:b8:c7:4f:b3:
96:e0:e1:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+WX22WKC2FM6pNk0sX3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjMwMTAyMDA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWYwODg0ZjcyYjE3NmE2MWE4NTI4YTkyMmNiZDc1ODk2Yjg1OTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMhZGcHLuC7TUzksYn9k0VN1GGEX
LMn5hvecr0crJ+cNcmwkh4BDlbdDe5u1AYqHrSXJf1+G6n+TeXGlcMh6FkCDsitu
R8UaCmnSo5vU8q3+CmxJuZ5pa5PI0lSCq1g7P6SH1hU9eBpzw41qNHY0sDSqqHZv
TlrtMTZ7FPBBfYJL/05Yle+XWyjqS/ypT9yW42tLDhM3LethMHBpcc9ZGIb15D0E
rOrdWkqH3OHMsgyGYHf3jzBVzT9GAmcQt9cw8aKQB+nKtEX/82mYuNtb8WLrl1Su
2EkTXY6rZikv0NxgUsG7EvcscLiC5uGRRlPjkliTh8U3hqJpbb3EoDas2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnwiE9ysXamGoUoqSLL11iWuFlUMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvcWZDSVQzS3hkcVlhaFNpcElzdlhXSmE0V1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVRw8MA0G
CSqGSIb3DQEBCwUAA4IBAQAzeFANhMl9bGjTmpsZ2HMvJ+lwhowjRG+/GfOU1a3s
B3SnEHTrGGWzm5tGRyq13iyG6Ul/jeJaGCkZf/sCNCy7cbaxa75sP43qR4JR4ZA/
rT/jXTz5aeKLGO//bm1O5e0l6oDDjIE8/e9moVp1+ai673EyCVT3MvaF3N4kqFZi
zvsjG/bqwwPQ5BqSrYDpgbD6fXlVhpR6w0XwXoQNM3YsIndkNuyu5QGXfrGkQHd/
tT/2oUZiZoDipKEvvwzjQWlx1f9xBsrORpU0wDMWyddgXoGNrnchellkJPiAF6jK
LWv6iDhQkmpyolPr+eL10zS4Gt1NHFSYqLjHT7OW4OEG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:32 2023 by rpki-client on console-ams.rpki-client.org