Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_QzvHvxOgOD7P3oCht8DaRwvdQk.roa
File: _QzvHvxOgOD7P3oCht8DaRwvdQk.roa (raw, json)
Hash identifier: AX6b3CUCy6gsA83pCPazvoPvaIU5RHMHeNNAxSEAPNc=
Subject key identifier: FD:0C:EF:1E:FC:4E:80:E0:FB:3F:7A:02:86:DF:03:69:1C:2F:75:09
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B633FBA480D55F386B11AADD0C9140
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_QzvHvxOgOD7P3oCht8DaRwvdQk.roa
Signing time: Mon 02 Jan 2023 09:00:44 +0000
ROA not before: Mon 02 Jan 2023 09:00:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 194.5.65.0/24 maxlen: 24
176.125.249.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Apr 2023 14:37:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:33:fb:a4:80:d5:5f:38:6b:11:aa:dd:0c:91:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd0cef1efc4e80e0fb3f7a0286df03691c2f7509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e2:d0:44:f8:18:9f:e8:87:7a:5a:37:db:38:
6f:3d:22:91:36:e1:99:7d:df:bc:cf:d7:43:cf:41:
6e:4a:b2:de:ab:d4:6b:15:ba:06:4e:ab:95:a1:0b:
88:5b:e8:95:c6:56:2a:7b:54:ad:08:c1:57:03:ad:
c6:8c:58:3b:9a:04:af:ab:d6:26:f0:4c:02:4f:6e:
24:57:a6:2f:2e:9a:8f:da:7c:7a:48:82:96:ce:cf:
13:6a:00:6b:a3:07:49:37:8c:48:22:53:4d:40:24:
0e:2e:36:cc:78:6e:13:27:8e:49:1a:cd:34:00:ce:
58:a4:29:e3:dd:e6:b2:88:c3:46:8b:bb:60:af:ea:
3f:f3:31:6e:15:13:74:54:4e:13:ad:8d:65:3e:a4:
03:46:f3:d2:49:63:d3:51:61:6d:18:23:0d:39:8d:
89:87:89:ba:15:f8:77:c9:5d:56:94:c1:d9:7b:4f:
51:43:a8:16:6b:71:a9:f8:a0:f5:50:4b:5c:3c:71:
0e:d9:78:0d:a0:6d:d1:1f:37:2d:51:d3:fe:a8:07:
44:23:ce:16:81:2c:ab:08:0f:e5:d3:71:67:54:94:
44:ba:89:fe:b1:5d:b3:38:88:1a:1e:88:14:0a:68:
79:4c:d7:aa:3c:ed:6d:ac:ee:2d:73:03:b2:7c:b5:
f5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0C:EF:1E:FC:4E:80:E0:FB:3F:7A:02:86:DF:03:69:1C:2F:75:09
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_QzvHvxOgOD7P3oCht8DaRwvdQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/23
194.5.65.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ba:87:d1:af:8a:a0:f4:88:ef:93:35:95:4e:d0:ff:be:9b:
aa:3e:1a:bf:08:3e:29:c6:7b:5e:8d:82:59:08:80:05:68:91:
e2:1c:33:98:1a:38:6d:e2:22:45:d5:ee:46:27:f5:0e:91:96:
41:3c:c2:c2:b3:0a:65:1d:da:2a:84:52:97:0c:ab:73:2c:65:
ff:85:bc:d3:94:95:be:4b:10:2d:30:e6:0b:e7:a1:25:d8:60:
b1:c5:1f:3f:1e:16:ee:45:b7:5b:72:2f:44:1f:99:6f:4e:41:
15:24:fc:8d:61:d5:26:ac:f0:c5:9c:c7:45:2b:dc:ee:c2:06:
96:00:ef:da:22:db:b5:87:be:99:cb:d0:62:19:60:24:6c:b7:
64:3d:e5:c6:1c:a7:e3:16:e3:cf:f9:7d:20:f8:5d:10:56:0d:
d9:7b:8b:d2:dd:83:a5:f6:08:23:bf:81:c4:b3:af:20:e1:a6:
cd:e8:16:b1:ec:c9:34:aa:43:f4:92:90:72:e7:cf:de:6a:9d:
4c:7a:41:51:89:60:2c:2e:7c:22:a8:9a:d1:23:ab:19:f7:02:
89:09:8b:78:e2:45:49:c0:6a:38:92:98:4a:81:f1:30:3b:b6:
a7:12:cf:c2:cc:b1:02:85:f1:e7:cd:81:ab:65:7c:57:5d:17:
b4:88:c5:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxtjP7pIDVXzhrEardDJFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDBjZWYxZWZjNGU4MGUwZmIzZjdhMDI4NmRmMDM2OTFjMmY3NTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeLQRPgYn+iHelo32zhvPSKRNuGZ
fd+8z9dDz0FuSrLeq9RrFboGTquVoQuIW+iVxlYqe1StCMFXA63GjFg7mgSvq9Ym
8EwCT24kV6YvLpqP2nx6SIKWzs8TagBrowdJN4xIIlNNQCQOLjbMeG4TJ45JGs00
AM5YpCnj3eayiMNGi7tgr+o/8zFuFRN0VE4TrY1lPqQDRvPSSWPTUWFtGCMNOY2J
h4m6Ffh3yV1WlMHZe09RQ6gWa3Gp+KD1UEtcPHEO2XgNoG3RHzctUdP+qAdEI84W
gSyrCA/l03FnVJREuon+sV2zOIgaHogUCmh5TNeqPO1trO4tcwOyfLX1cwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP0M7x78ToDg+z96AobfA2kcL3UJMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvX1F6dkh2eE9nT0Q3UDNvQ2h0OERhUnd2ZFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsH34AwQA
wgVBMA0GCSqGSIb3DQEBCwUAA4IBAQBZuofRr4qg9IjvkzWVTtD/vpuqPhq/CD4p
xntejYJZCIAFaJHiHDOYGjht4iJF1e5GJ/UOkZZBPMLCswplHdoqhFKXDKtzLGX/
hbzTlJW+SxAtMOYL56El2GCxxR8/HhbuRbdbci9EH5lvTkEVJPyNYdUmrPDFnMdF
K9zuwgaWAO/aItu1h76Zy9BiGWAkbLdkPeXGHKfjFuPP+X0g+F0QVg3Ze4vS3YOl
9ggjv4HEs68g4abN6Bax7Mk0qkP0kpBy58/eap1MekFRiWAsLnwiqJrRI6sZ9wKJ
CYt44kVJwGo4kphKgfEwO7anEs/CzLEChfHnzYGrZXxXXRe0iMVB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org