Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/q5g2cz6hLEjfHBCOKYhn_2EG_Og.roa
File: q5g2cz6hLEjfHBCOKYhn_2EG_Og.roa (raw, json)
Hash identifier: cvR4U5PphHY4V1MesUpJ637Nk2ZOHl1AcwB6nlCjUds=
Subject key identifier: AB:98:36:73:3E:A1:2C:48:DF:1C:10:8E:29:88:67:FF:61:06:FC:E8
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 01856EAFDC8F86897A9682330A4581E5F884
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/q5g2cz6hLEjfHBCOKYhn_2EG_Og.roa
Signing time: Sun 01 Jan 2023 18:54:57 +0000
ROA not before: Sun 01 Jan 2023 18:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204948
IP address blocks: 185.234.248.0/23 maxlen: 23
185.234.250.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:dc:8f:86:89:7a:96:82:33:0a:45:81:e5:f8:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 1 18:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab9836733ea12c48df1c108e298867ff6106fce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fe:bb:bf:55:fc:6e:cc:a8:b4:20:06:8a:2b:
75:87:b0:97:68:9f:7c:e0:ce:68:07:d0:56:9c:e5:
86:63:43:4b:75:c7:34:19:9a:81:7d:cf:3b:ca:8d:
62:1d:b9:a7:48:a6:fb:54:ae:b9:00:77:d6:c8:88:
3f:c6:db:e0:b8:3c:79:0c:28:76:6d:63:90:e2:7d:
31:a0:ed:d7:30:0c:79:95:2d:62:74:06:a8:c6:4f:
43:92:f7:f5:a6:0b:d4:fb:cd:22:35:17:bf:6b:90:
0d:1b:b7:7f:7b:34:b4:89:16:8b:8e:8f:3a:3d:6b:
db:b1:92:78:d2:93:9c:1b:ec:cc:76:ec:61:fc:43:
ba:af:f4:5f:dd:a8:a5:e2:ea:6a:4d:ae:8d:82:9d:
5c:42:9e:14:14:f3:14:26:7f:46:60:3e:78:55:1f:
df:39:e7:33:09:44:e4:e6:1c:ef:d1:25:6f:f3:47:
c9:ca:95:11:db:02:c1:ab:ff:84:94:5d:92:80:f3:
f2:7b:77:21:5e:3f:c1:16:3d:f0:b6:5c:18:f0:a0:
46:fb:77:65:37:2f:0e:6a:20:7d:7b:f8:7e:29:30:
a8:3a:da:67:90:23:59:60:0d:12:15:b6:1f:f1:5e:
68:af:e2:2a:f8:76:26:3b:2e:71:3e:73:f0:ee:c6:
29:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:98:36:73:3E:A1:2C:48:DF:1C:10:8E:29:88:67:FF:61:06:FC:E8
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/q5g2cz6hLEjfHBCOKYhn_2EG_Og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.248.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:b9:0c:85:78:bb:c9:18:05:d5:b2:49:f1:71:58:c4:df:02:
f7:53:78:12:bc:ad:94:5f:07:eb:63:cc:6e:0a:18:1a:0d:44:
62:8f:40:02:bb:eb:06:e1:78:1c:a0:3c:4b:16:cc:f7:8e:37:
a4:bc:97:b9:c4:d0:cd:7d:0a:29:ff:05:db:ec:c9:aa:e0:7d:
35:1a:03:e0:d1:bb:9e:22:c1:59:ac:48:93:c5:28:23:d5:47:
17:8a:dd:7d:e0:eb:7d:3e:79:f9:c7:c9:87:47:12:c4:e4:22:
97:84:49:31:78:4b:54:49:bd:1a:cf:5b:76:ac:58:51:b3:06:
48:53:15:fa:bf:bd:56:7c:45:82:7c:36:e0:34:15:0d:26:0e:
16:2d:28:eb:11:f0:bf:03:a7:d0:38:47:99:37:c9:2e:09:64:
6b:25:a6:6f:af:02:7a:29:e1:cb:19:cb:9e:78:01:ab:9a:d5:
ce:63:dc:fd:15:ed:94:b7:b5:47:0e:67:7b:b2:6c:3f:6f:47:
92:53:39:2a:58:d5:11:db:fd:1a:44:7c:d5:eb:56:5c:58:ec:
3f:45:1e:9d:c8:fe:9f:df:5a:7e:ef:0e:d1:b1:ab:3d:19:04:
36:9c:d4:b0:43:dd:96:42:94:a9:c4:e4:92:9c:fc:f5:fa:43:
37:10:97:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur9yPhol6loIzCkWB5fiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjMwMTAxMTg1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjk4MzY3MzNlYTEyYzQ4ZGYxYzEwOGUyOTg4NjdmZjYxMDZmY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf67v1X8bsyotCAGiit1h7CXaJ98
4M5oB9BWnOWGY0NLdcc0GZqBfc87yo1iHbmnSKb7VK65AHfWyIg/xtvguDx5DCh2
bWOQ4n0xoO3XMAx5lS1idAaoxk9Dkvf1pgvU+80iNRe/a5ANG7d/ezS0iRaLjo86
PWvbsZJ40pOcG+zMduxh/EO6r/Rf3ail4upqTa6Ngp1cQp4UFPMUJn9GYD54VR/f
OeczCUTk5hzv0SVv80fJypUR2wLBq/+ElF2SgPPye3chXj/BFj3wtlwY8KBG+3dl
Ny8OaiB9e/h+KTCoOtpnkCNZYA0SFbYf8V5or+Iq+HYmOy5xPnPw7sYpZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKuYNnM+oSxI3xwQjimIZ/9hBvzoMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvcTVnMmN6NmhMRWpmSEJDT0tZaG5fMkVHX09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuer4MA0G
CSqGSIb3DQEBCwUAA4IBAQCLuQyFeLvJGAXVsknxcVjE3wL3U3gSvK2UXwfrY8xu
ChgaDURij0ACu+sG4XgcoDxLFsz3jjekvJe5xNDNfQop/wXb7Mmq4H01GgPg0bue
IsFZrEiTxSgj1UcXit194Ot9Pnn5x8mHRxLE5CKXhEkxeEtUSb0az1t2rFhRswZI
UxX6v71WfEWCfDbgNBUNJg4WLSjrEfC/A6fQOEeZN8kuCWRrJaZvrwJ6KeHLGcue
eAGrmtXOY9z9Fe2Ut7VHDmd7smw/b0eSUzkqWNUR2/0aRHzV61ZcWOw/RR6dyP6f
31p+7w7Rsas9GQQ2nNSwQ92WQpSpxOSSnPz1+kM3EJdK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org