Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/9268bf-25e9-4c38-baf7-e47ebee2c020/1/qTZXgWf1-tEpoj-MUALVq_yC2gY.roa
File: qTZXgWf1-tEpoj-MUALVq_yC2gY.roa (raw, json)
Hash identifier: UPVYSavdSpXEIeGtdj6hs+JRj0S0fmkmiCas9eUlme4=
Subject key identifier: A9:36:57:81:67:F5:FA:D1:29:A2:3F:8C:50:02:D5:AB:FC:82:DA:06
Certificate issuer: /CN=ed457f969c0fec35b926d0f72a47dd44b8b300f5
Certificate serial: 01857082DAF62EDB01325170678F56D29DA2
Authority key identifier: ED:45:7F:96:9C:0F:EC:35:B9:26:D0:F7:2A:47:DD:44:B8:B3:00:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7UV_lpwP7DW5JtD3KkfdRLizAPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/9268bf-25e9-4c38-baf7-e47ebee2c020/1/qTZXgWf1-tEpoj-MUALVq_yC2gY.roa
Signing time: Mon 02 Jan 2023 03:25:01 +0000
ROA not before: Mon 02 Jan 2023 03:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34798
IP address blocks: 193.22.104.0/23 maxlen: 32
193.19.120.0/23 maxlen: 32
2a0f:c640::/48 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:da:f6:2e:db:01:32:51:70:67:8f:56:d2:9d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed457f969c0fec35b926d0f72a47dd44b8b300f5
Validity
Not Before: Jan 2 03:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a936578167f5fad129a23f8c5002d5abfc82da06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:a7:5d:07:93:a7:da:2e:a8:db:7d:1d:05:
f6:7b:c5:07:9b:44:87:63:40:98:9d:be:10:09:20:
0e:73:ab:f2:40:66:e0:06:d9:30:b6:c9:e9:34:c7:
35:99:ac:1a:b7:ac:75:80:88:1b:59:3d:0a:31:c6:
1f:a4:e6:bf:72:9f:c6:13:85:20:84:d7:f8:0f:f2:
15:b9:7e:64:bf:8b:bc:14:60:69:20:2c:cb:84:f0:
54:df:e7:1d:ea:48:59:0d:b6:d2:bc:96:9f:df:ed:
1a:d3:c8:b1:05:7f:de:01:69:30:0f:73:a6:fc:eb:
74:b3:1a:4e:66:18:50:b3:e1:c3:70:15:83:5e:26:
13:d4:24:80:77:40:33:78:e4:eb:31:07:b2:e5:db:
ce:94:19:5c:fb:81:a7:44:6c:53:d8:4f:2e:74:ff:
24:68:38:c6:dc:63:54:80:d2:df:53:3a:c3:6f:d5:
51:11:1a:6c:7b:5a:28:56:3d:f9:3c:fd:3f:91:5d:
81:2f:47:8f:e5:35:0e:36:1d:51:80:ed:39:6f:fb:
42:46:f1:8e:ef:69:59:09:8e:9e:19:02:94:6e:d2:
59:ad:c7:90:60:6d:19:2a:04:55:f4:4c:1c:3c:44:
67:cd:54:1c:d7:bd:27:ce:30:f4:e4:e1:42:1b:c3:
05:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:36:57:81:67:F5:FA:D1:29:A2:3F:8C:50:02:D5:AB:FC:82:DA:06
X509v3 Authority Key Identifier:
keyid:ED:45:7F:96:9C:0F:EC:35:B9:26:D0:F7:2A:47:DD:44:B8:B3:00:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7UV_lpwP7DW5JtD3KkfdRLizAPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/9268bf-25e9-4c38-baf7-e47ebee2c020/1/qTZXgWf1-tEpoj-MUALVq_yC2gY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/9268bf-25e9-4c38-baf7-e47ebee2c020/1/7UV_lpwP7DW5JtD3KkfdRLizAPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.120.0/23
193.22.104.0/23
IPv6:
2a0f:c640::/48
Signature Algorithm: sha256WithRSAEncryption
2a:cb:2e:7c:48:3d:80:37:dc:8f:c2:47:52:fa:b5:b0:b9:43:
3b:89:34:d0:43:79:45:7a:30:aa:2f:2c:6d:61:0f:a9:d1:65:
35:ca:7b:05:dc:7f:79:e8:59:e1:f3:a0:31:f9:98:9b:53:b1:
01:65:69:88:42:a0:43:40:fd:3f:d4:94:63:1f:92:5f:5d:d4:
8d:e8:2e:45:1b:fc:55:e6:1f:b1:3e:5c:f8:cf:b6:e3:51:88:
60:f0:f8:0b:d1:61:7c:48:2f:b7:e7:87:1b:2b:07:cc:27:14:
be:71:7d:e4:69:41:a7:98:a1:46:30:f2:44:7e:d6:df:a1:e3:
72:1b:72:f7:79:1e:e4:1e:c2:bf:5b:d9:f3:73:31:21:5a:0b:
c8:41:80:ab:02:a1:a9:9c:21:64:f5:33:8c:f7:64:77:55:6a:
39:70:0c:5b:57:ea:e5:e4:db:1b:b1:ba:93:9a:6f:72:3d:65:
b7:6c:71:38:56:c4:57:7f:3c:75:8d:03:7d:15:61:23:b8:99:
cd:66:6d:ec:5e:a7:95:92:13:1a:11:58:55:10:c8:a6:2c:c6:
3b:27:84:89:69:4e:d8:85:11:b1:df:ae:20:d2:c2:a9:7e:b8:
b2:54:ee:e2:09:0e:40:61:72:6a:66:8a:ae:01:bb:5c:bf:88:
f4:48:6e:ff
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwgtr2LtsBMlFwZ49W0p2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNDU3Zjk2OWMwZmVjMzViOTI2ZDBmNzJhNDdkZDQ0Yjhi
MzAwZjUwHhcNMjMwMTAyMDMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTM2NTc4MTY3ZjVmYWQxMjlhMjNmOGM1MDAyZDVhYmZjODJkYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnunXQeTp9ouqNt9HQX2e8UHm0SH
Y0CYnb4QCSAOc6vyQGbgBtkwtsnpNMc1mawat6x1gIgbWT0KMcYfpOa/cp/GE4Ug
hNf4D/IVuX5kv4u8FGBpICzLhPBU3+cd6khZDbbSvJaf3+0a08ixBX/eAWkwD3Om
/Ot0sxpOZhhQs+HDcBWDXiYT1CSAd0AzeOTrMQey5dvOlBlc+4GnRGxT2E8udP8k
aDjG3GNUgNLfUzrDb9VRERpse1ooVj35PP0/kV2BL0eP5TUONh1RgO05b/tCRvGO
72lZCY6eGQKUbtJZrceQYG0ZKgRV9EwcPERnzVQc170nzjD05OFCG8MF4wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKk2V4Fn9frRKaI/jFAC1av8gtoGMB8GA1UdIwQY
MBaAFO1Ff5acD+w1uSbQ9ypH3US4swD1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1VWX2xwd1A3RFc1SnREM0trZmRSTGl6QVBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS85MjY4YmYtMjVlOS00YzM4LWJhZjct
ZTQ3ZWJlZTJjMDIwLzEvcVRaWGdXZjEtdEVwb2otTVVBTFZxX3lDMmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS85MjY4YmYtMjVlOS00YzM4LWJhZjctZTQ3ZWJlZTJjMDIw
LzEvN1VWX2xwd1A3RFc1SnREM0trZmRSTGl6QVBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBwRN4AwQB
wRZoMA8EAgACMAkDBwAqD8ZAAAAwDQYJKoZIhvcNAQELBQADggEBACrLLnxIPYA3
3I/CR1L6tbC5QzuJNNBDeUV6MKovLG1hD6nRZTXKewXcf3noWeHzoDH5mJtTsQFl
aYhCoENA/T/UlGMfkl9d1I3oLkUb/FXmH7E+XPjPtuNRiGDw+AvRYXxIL7fnhxsr
B8wnFL5xfeRpQaeYoUYw8kR+1t+h43Ibcvd5HuQewr9b2fNzMSFaC8hBgKsCoamc
IWT1M4z3ZHdVajlwDFtX6uXk2xuxupOab3I9ZbdscThWxFd/PHWNA30VYSO4mc1m
bexep5WSExoRWFUQyKYsxjsnhIlpTtiFEbHfriDSwql+uLJU7uIJDkBhcmpmiq4B
u1y/iPRIbv8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:38 2024 by rpki-client on console-fra.rpki-client.org