Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qi1mL5SQzhF0Al0u3yknNcX1E-I.roa
File: qi1mL5SQzhF0Al0u3yknNcX1E-I.roa (raw, json)
Hash identifier: AXO9bnWIfPRRnjSNSx0fNMdPko+Zbsjl6+H32gqR5Vo=
Subject key identifier: AA:2D:66:2F:94:90:CE:11:74:02:5D:2E:DF:29:27:35:C5:F5:13:E2
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857102F7BC6C050557282FFC0F6FFBC1D0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qi1mL5SQzhF0Al0u3yknNcX1E-I.roa
Signing time: Mon 02 Jan 2023 05:44:57 +0000
ROA not before: Mon 02 Jan 2023 05:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 185.244.222.0/23 maxlen: 23
185.244.221.0/24 maxlen: 24
185.228.227.0/24 maxlen: 24
89.31.219.0/24 maxlen: 24
193.84.135.0/24 maxlen: 24
84.245.48.0/21 maxlen: 21
84.245.58.0/23 maxlen: 23
84.245.56.0/24 maxlen: 24
84.245.60.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:f7:bc:6c:05:05:57:28:2f:fc:0f:6f:fb:c1:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa2d662f9490ce1174025d2edf292735c5f513e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4f:2a:48:54:17:31:33:49:8c:e5:e3:f6:10:
c2:5c:5a:20:3a:cf:54:c7:bf:52:83:d3:6b:d5:c2:
86:4a:af:ec:3e:45:db:1f:0d:42:e3:82:5b:af:f4:
79:09:5b:ac:ac:8a:e9:19:57:ec:e1:a6:79:df:1d:
3b:59:dd:b4:b2:4b:29:9e:e1:12:ea:1a:ca:f4:8c:
f7:01:8d:e5:ff:e1:87:3e:89:45:d6:61:de:60:5e:
f6:1f:30:1c:ff:f0:8f:f6:e1:33:4b:10:f8:6a:16:
e4:d2:62:c9:28:ed:c1:a4:3e:27:45:e1:97:e2:6d:
ec:b5:94:08:89:a4:ee:97:84:1b:e7:3b:72:1a:67:
52:4c:e0:ec:21:b5:92:1c:68:a8:80:03:40:ef:d3:
1d:74:0b:f0:b0:01:39:aa:4a:ee:d1:a2:7c:8e:a1:
9a:af:71:0b:e9:6e:34:fd:e4:ae:8e:8a:b3:78:4a:
36:2a:f0:b9:dc:5e:6a:f9:3a:92:d3:af:6f:cb:eb:
b9:6c:76:7e:65:ad:c7:4a:8c:67:8f:26:2b:ad:9b:
00:ef:62:1c:6f:14:02:b7:02:c6:bf:53:bb:9a:18:
f8:be:99:ee:77:30:23:1b:c3:69:bb:09:05:e2:17:
cf:cd:f3:c4:b6:d7:ab:ff:50:b8:12:6e:a7:de:40:
7e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2D:66:2F:94:90:CE:11:74:02:5D:2E:DF:29:27:35:C5:F5:13:E2
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qi1mL5SQzhF0Al0u3yknNcX1E-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.245.48.0-84.245.56.255
84.245.58.0-84.245.63.255
89.31.219.0/24
185.228.227.0/24
185.244.221.0-185.244.223.255
193.84.135.0/24
Signature Algorithm: sha256WithRSAEncryption
91:9f:ce:5d:11:d7:e5:a5:a6:9c:76:c4:9a:c7:d9:ea:34:3d:
36:e8:d9:51:a4:ee:1e:94:31:87:81:65:a4:ea:7d:2c:4f:85:
73:ad:8d:31:02:2b:59:2d:1c:2c:1b:d8:3e:97:d3:53:be:3d:
64:4f:fe:5c:a5:e0:37:f7:3b:f1:5a:11:25:f9:77:00:51:4d:
9e:e9:ac:db:78:5c:64:15:e3:33:3c:24:95:e6:f0:e3:f8:6f:
8d:f9:92:4c:2c:14:9c:d4:73:2d:88:39:92:0c:0a:00:1e:9e:
3f:06:a1:37:22:b7:b5:22:95:2c:6e:94:28:3b:28:4a:59:39:
8b:50:c3:e8:38:4e:40:06:8f:2b:cf:6d:2b:c3:b5:41:09:f9:
6a:91:15:e9:ff:58:16:d5:4b:df:8d:f1:ae:27:56:a5:d7:ba:
0c:8e:5f:08:34:10:73:bf:d0:3b:cc:f3:62:76:3d:fd:4f:ac:
34:35:4d:98:2a:56:15:64:c0:c2:e4:28:bf:e8:8f:35:e1:a8:
05:62:55:f4:af:fc:d2:f7:be:85:aa:21:51:a2:96:cf:04:6e:
f2:2d:8a:9d:76:78:b0:14:a8:5d:30:be:b6:7f:a6:7e:5d:77:
24:f0:ab:50:13:14:14:ee:8f:39:9c:ad:ea:62:61:46:10:5b:
1a:5c:95:e2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVxAve8bAUFVygv/A9v+8HQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTJkNjYyZjk0OTBjZTExNzQwMjVkMmVkZjI5MjczNWM1ZjUxM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu08qSFQXMTNJjOXj9hDCXFogOs9U
x79Sg9Nr1cKGSq/sPkXbHw1C44Jbr/R5CVusrIrpGVfs4aZ53x07Wd20skspnuES
6hrK9Iz3AY3l/+GHPolF1mHeYF72HzAc//CP9uEzSxD4ahbk0mLJKO3BpD4nReGX
4m3stZQIiaTul4Qb5ztyGmdSTODsIbWSHGiogANA79MddAvwsAE5qkru0aJ8jqGa
r3EL6W40/eSujoqzeEo2KvC53F5q+TqS069vy+u5bHZ+Za3HSoxnjyYrrZsA72Ic
bxQCtwLGv1O7mhj4vpnudzAjG8NpuwkF4hfPzfPEtter/1C4Em6n3kB+swIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKotZi+UkM4RdAJdLt8pJzXF9RPiMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcWkxbUw1U1F6aEYwQWwwdTN5a25OY1gxRS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBARU9TAD
BABU9TgwDAMEAVT1OgMEBlT1AAMEAFkf2wMEALnk4zAMAwQAufTdAwQFufTAAwQA
wVSHMA0GCSqGSIb3DQEBCwUAA4IBAQCRn85dEdflpaacdsSax9nqND026NlRpO4e
lDGHgWWk6n0sT4VzrY0xAitZLRwsG9g+l9NTvj1kT/5cpeA39zvxWhEl+XcAUU2e
6azbeFxkFeMzPCSV5vDj+G+N+ZJMLBSc1HMtiDmSDAoAHp4/BqE3Ire1IpUsbpQo
OyhKWTmLUMPoOE5ABo8rz20rw7VBCflqkRXp/1gW1UvfjfGuJ1al17oMjl8INBBz
v9A7zPNidj39T6w0NU2YKlYVZMDC5Ci/6I814agFYlX0r/zS976FqiFRopbPBG7y
LYqddniwFKhdML62f6Z+XXck8KtQExQU7o85nK3qYmFGEFsaXJXi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-ams.rpki-client.org