Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/3quqk0fooiZvUJlNg-OV-u1F32s.roa
File: 3quqk0fooiZvUJlNg-OV-u1F32s.roa (raw, json)
Hash identifier: JDHRyxRtdpfGGJo+BFf1e5ShFjWopfGtNxkt+RSyjLI=
Subject key identifier: DE:AB:AA:93:47:E8:A2:26:6F:50:99:4D:83:E3:95:FA:ED:45:DF:6B
Certificate issuer: /CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Certificate serial: 01857139B02EA24D0248609A2B443FF7FF3C
Authority key identifier: F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/3quqk0fooiZvUJlNg-OV-u1F32s.roa
Signing time: Mon 02 Jan 2023 06:44:44 +0000
ROA not before: Mon 02 Jan 2023 06:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60498
IP address blocks: 185.31.28.0/24 maxlen: 24
185.31.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:b0:2e:a2:4d:02:48:60:9a:2b:44:3f:f7:ff:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Validity
Not Before: Jan 2 06:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=deabaa9347e8a2266f50994d83e395faed45df6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:85:c5:8e:6a:8c:05:5f:bc:f2:44:d2:f7:81:
78:da:94:6a:c8:37:96:41:1a:26:8b:4f:5c:34:0c:
1a:54:f7:d8:c0:f0:f0:ac:9e:96:1a:59:8c:34:3c:
77:70:37:e8:c5:9d:28:85:2b:f0:64:a4:29:4e:aa:
7f:d8:c2:4f:80:a1:ed:a6:dd:07:1c:88:a0:ac:49:
d0:8d:32:d5:cc:75:36:26:b3:2f:7f:1d:19:3f:d8:
5c:07:6d:36:b0:4e:49:fa:a9:ee:d4:cb:53:00:bc:
c7:33:76:83:ad:3a:cc:e0:11:b1:d4:cc:4d:41:0a:
9e:78:cf:de:fc:11:1c:69:06:e6:8c:d3:01:66:06:
58:c7:cc:62:e3:65:d8:21:17:27:69:4f:6a:96:cc:
70:a1:5d:d9:31:ae:80:0d:56:2f:42:42:be:cd:9f:
b7:05:a8:df:ae:17:db:42:f6:93:ea:4e:ac:76:93:
cb:1a:d9:dd:38:97:66:74:6e:c0:3f:38:2a:d2:70:
3a:75:f8:ac:0d:30:ac:b0:93:63:70:9f:03:32:bb:
e9:c3:ee:c7:e0:94:a2:cf:6c:99:70:ee:fc:fb:f6:
29:56:1d:e5:80:23:a9:7d:45:35:60:7e:f5:e9:a5:
3b:2d:1a:fb:5e:db:3a:df:5c:ca:2e:82:58:3d:09:
11:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AB:AA:93:47:E8:A2:26:6F:50:99:4D:83:E3:95:FA:ED:45:DF:6B
X509v3 Authority Key Identifier:
keyid:F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/3quqk0fooiZvUJlNg-OV-u1F32s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.28.0/24
185.31.30.0/24
Signature Algorithm: sha256WithRSAEncryption
93:64:59:f8:cb:74:7a:b1:11:52:55:dd:38:f0:32:06:dc:33:
d1:e2:8c:31:b2:35:a4:3a:af:8d:54:02:ca:f3:99:6d:ee:9a:
df:5c:b9:84:80:41:86:d8:00:91:69:59:3c:33:1a:be:16:74:
b6:ce:8e:42:b2:48:77:0b:e0:a7:7f:4f:65:ac:7d:7a:c2:78:
a7:d0:56:87:28:cb:8b:a8:8b:26:99:47:5b:fb:15:2d:79:67:
cf:c5:db:fa:4c:0b:ae:c3:76:a1:9a:8b:25:d2:b1:71:85:00:
f2:01:4c:c6:c4:cb:cf:d1:37:96:eb:30:45:43:bf:e1:83:12:
db:18:b7:59:47:f2:d5:e9:15:fa:f6:e8:ef:0d:62:9c:77:2d:
7b:1c:d2:86:3f:ea:ca:30:b2:da:be:dc:67:48:0b:4d:59:c6:
ed:e7:8e:69:49:87:91:10:76:38:a0:25:c7:0d:a6:2d:6c:e7:
e6:22:a5:3b:c7:61:66:9c:99:ec:f8:2c:ef:58:7e:c2:0e:23:
e3:d8:73:15:65:5e:62:04:71:c5:64:1c:e8:80:be:6d:50:ce:
11:ad:01:d7:26:99:fb:8e:03:18:b5:3d:6f:6e:10:2d:72:1e:
20:99:9b:70:db:a7:05:5a:ff:ea:b2:40:aa:8b:18:da:d6:87:
f6:0f:a7:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxObAuok0CSGCaK0Q/9/88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMWM4OTk3YTM1NGJjN2Q0ZTVhNjBhOWY0MjQzOGExODJm
YTk5OGEwHhcNMjMwMTAyMDY0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWFiYWE5MzQ3ZThhMjI2NmY1MDk5NGQ4M2UzOTVmYWVkNDVkZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIXFjmqMBV+88kTS94F42pRqyDeW
QRomi09cNAwaVPfYwPDwrJ6WGlmMNDx3cDfoxZ0ohSvwZKQpTqp/2MJPgKHtpt0H
HIigrEnQjTLVzHU2JrMvfx0ZP9hcB202sE5J+qnu1MtTALzHM3aDrTrM4BGx1MxN
QQqeeM/e/BEcaQbmjNMBZgZYx8xi42XYIRcnaU9qlsxwoV3ZMa6ADVYvQkK+zZ+3
BajfrhfbQvaT6k6sdpPLGtndOJdmdG7APzgq0nA6dfisDTCssJNjcJ8DMrvpw+7H
4JSiz2yZcO78+/YpVh3lgCOpfUU1YH716aU7LRr7Xts631zKLoJYPQkRTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6rqpNH6KImb1CZTYPjlfrtRd9rMB8GA1UdIwQY
MBaAFPAciZejVLx9TlpgqfQkOKGC+pmKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEJ5Smw2TlV2SDFPV21DcDlDUTRvWUw2bVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mYWE5NWYtM2IzMi00MWZlLWFiZTMt
YzI3YzRhNjEwYmQzLzEvM3F1cWswZm9vaVp2VUpsTmctT1YtdTFGMzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mYWE5NWYtM2IzMi00MWZlLWFiZTMtYzI3YzRhNjEwYmQz
LzEvOEJ5Smw2TlV2SDFPV21DcDlDUTRvWUw2bVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuR8cAwQA
uR8eMA0GCSqGSIb3DQEBCwUAA4IBAQCTZFn4y3R6sRFSVd048DIG3DPR4owxsjWk
Oq+NVALK85lt7prfXLmEgEGG2ACRaVk8Mxq+FnS2zo5Cskh3C+Cnf09lrH16wnin
0FaHKMuLqIsmmUdb+xUteWfPxdv6TAuuw3ahmosl0rFxhQDyAUzGxMvP0TeW6zBF
Q7/hgxLbGLdZR/LV6RX69ujvDWKcdy17HNKGP+rKMLLavtxnSAtNWcbt545pSYeR
EHY4oCXHDaYtbOfmIqU7x2FmnJns+CzvWH7CDiPj2HMVZV5iBHHFZBzogL5tUM4R
rQHXJpn7jgMYtT1vbhAtch4gmZtw26cFWv/qskCqixja1of2D6c3
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:20:00 2024 by rpki-client on console-ams.rpki-client.org