Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/qTgE7aPwVQ9sJK7MectF8zif7Bo.roa
File: qTgE7aPwVQ9sJK7MectF8zif7Bo.roa (raw, json)
Hash identifier: t3c33ZAiGgCXrJoPhLGJzf7XE2Dkj8zT7jbq4JNIBzs=
Subject key identifier: A9:38:04:ED:A3:F0:55:0F:6C:24:AE:CC:79:CB:45:F3:38:9F:EC:1A
Certificate issuer: /CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Certificate serial: 0185710BE0716657F2B7D21F50DE2ABF7726
Authority key identifier: 8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/qTgE7aPwVQ9sJK7MectF8zif7Bo.roa
Signing time: Mon 02 Jan 2023 05:54:41 +0000
ROA not before: Mon 02 Jan 2023 05:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12324
IP address blocks: 87.246.240.0/20 maxlen: 20
212.182.64.0/20 maxlen: 20
87.246.192.0/19 maxlen: 19
212.182.0.0/18 maxlen: 18
5.201.0.0/17 maxlen: 17
2a04:440::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:e0:71:66:57:f2:b7:d2:1f:50:de:2a:bf:77:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Validity
Not Before: Jan 2 05:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a93804eda3f0550f6c24aecc79cb45f3389fec1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f2:8b:8d:d2:d9:b4:34:5a:4f:70:41:a4:e1:
ec:ff:84:d8:ca:15:ee:8f:2c:3b:55:bb:2e:1f:9c:
20:b2:36:a6:c8:21:68:fd:2b:69:a2:32:71:d2:7c:
71:72:5e:23:74:dc:37:b8:64:f2:21:5c:c8:4c:84:
fd:a4:4c:7e:2c:44:a3:bf:1a:f4:e2:3f:5e:13:27:
d5:54:68:af:38:e2:c2:46:0f:c3:c1:76:cc:2e:62:
ef:3c:6a:09:20:0e:00:14:45:c0:5d:a3:3c:90:93:
7a:e3:e5:72:54:6a:90:1f:41:ff:0a:88:fa:25:4e:
5c:aa:67:d8:fd:6c:6c:ae:e5:05:38:89:e2:8e:54:
47:99:48:8a:ed:96:f6:7e:90:30:45:18:ce:9e:f8:
05:af:1b:ee:b9:61:85:19:d2:ef:d8:5d:93:e9:46:
85:73:3f:ef:d3:de:e4:ee:e3:bb:10:31:a3:5c:ab:
c3:fa:df:2b:23:3f:9f:9d:b5:b1:2d:69:9b:13:fc:
de:13:c0:c2:01:a8:43:49:3e:26:37:70:7b:30:b0:
30:0b:ec:a9:95:b1:39:e7:a4:5e:d3:68:6d:3a:5f:
a1:e4:71:d7:6d:5e:96:65:11:db:83:69:06:1f:d0:
57:e5:3e:8c:c8:a2:1c:60:24:35:f7:81:94:0f:de:
30:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:38:04:ED:A3:F0:55:0F:6C:24:AE:CC:79:CB:45:F3:38:9F:EC:1A
X509v3 Authority Key Identifier:
keyid:8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/qTgE7aPwVQ9sJK7MectF8zif7Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/jU8_i6fc9YlPL2Edffq1PUpjwKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.0.0/17
87.246.192.0/19
87.246.240.0/20
212.182.0.0-212.182.79.255
IPv6:
2a04:440::/32
Signature Algorithm: sha256WithRSAEncryption
68:ff:b3:cb:2f:42:5b:67:7a:2e:79:a0:61:ce:91:db:38:84:
b5:65:2e:ec:7d:25:9a:a3:93:34:f3:86:fe:b0:27:c6:1d:2e:
4a:0b:24:f1:3c:d4:ec:92:0a:a9:75:b1:09:0d:43:2e:be:fb:
89:58:15:1b:70:a6:44:a7:39:8d:7b:cb:3c:d9:43:30:ed:7a:
29:a9:82:b6:3c:68:7a:76:38:d0:3a:01:71:c7:cf:f5:4c:a3:
1d:6d:95:bc:53:cd:3d:0a:b8:b2:2f:b8:1a:23:49:f0:e5:09:
4c:c6:e1:e1:82:33:d5:a9:df:a0:4f:d3:b7:23:49:32:9b:eb:
a0:f7:21:ea:c0:f1:ac:c9:c2:ec:f5:76:0d:95:2d:14:fe:70:
3d:26:fe:f6:9f:de:eb:ff:75:90:80:4a:1e:ad:88:65:de:27:
e3:c2:22:e4:e5:3f:0d:23:bd:5d:e3:5f:58:e6:05:f7:3d:6c:
13:32:30:1e:4e:43:97:ac:c4:94:67:4a:5f:b2:d1:0c:f6:7e:
c6:99:30:4c:55:39:49:96:1f:8a:bb:5d:cc:05:0e:b1:84:4e:
64:25:19:17:ae:1d:27:bf:cd:22:4e:55:75:e0:c2:ba:9c:01:
96:b2:21:c0:da:b0:91:56:39:09:bf:41:7d:4d:81:ae:61:20:
4c:8b:cd:49
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVxC+BxZlfyt9IfUN4qv3cmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNGYzZjhiYTdkY2Y1ODk0ZjJmNjExZDdkZmFiNTNkNGE2
M2MwYTkwHhcNMjMwMTAyMDU1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTM4MDRlZGEzZjA1NTBmNmMyNGFlY2M3OWNiNDVmMzM4OWZlYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fKLjdLZtDRaT3BBpOHs/4TYyhXu
jyw7VbsuH5wgsjamyCFo/StpojJx0nxxcl4jdNw3uGTyIVzITIT9pEx+LESjvxr0
4j9eEyfVVGivOOLCRg/DwXbMLmLvPGoJIA4AFEXAXaM8kJN64+VyVGqQH0H/Coj6
JU5cqmfY/WxsruUFOInijlRHmUiK7Zb2fpAwRRjOnvgFrxvuuWGFGdLv2F2T6UaF
cz/v097k7uO7EDGjXKvD+t8rIz+fnbWxLWmbE/zeE8DCAahDST4mN3B7MLAwC+yp
lbE556Re02htOl+h5HHXbV6WZRHbg2kGH9BX5T6MyKIcYCQ194GUD94w4QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKk4BO2j8FUPbCSuzHnLRfM4n+waMB8GA1UdIwQY
MBaAFI1PP4un3PWJTy9hHX36tT1KY8CpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalU4X2k2ZmM5WWxQTDJFZGZmcTFQVXBqd0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy81NTIyOWMtZTI4Mi00YTg1LWI3YTQt
OGFjYmZlYTJlY2ZhLzEvcVRnRTdhUHdWUTlzSks3TWVjdEY4emlmN0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy81NTIyOWMtZTI4Mi00YTg1LWI3YTQtOGFjYmZlYTJlY2Zh
LzEvalU4X2k2ZmM5WWxQTDJFZGZmcTFQVXBqd0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwQHBckAAwQF
V/bAAwQEV/bwMAsDAwHUtgMEBNS2QDANBAIAAjAHAwUAKgQEQDANBgkqhkiG9w0B
AQsFAAOCAQEAaP+zyy9CW2d6LnmgYc6R2ziEtWUu7H0lmqOTNPOG/rAnxh0uSgsk
8TzU7JIKqXWxCQ1DLr77iVgVG3CmRKc5jXvLPNlDMO16KamCtjxoenY40DoBccfP
9UyjHW2VvFPNPQq4si+4GiNJ8OUJTMbh4YIz1anfoE/TtyNJMpvroPch6sDxrMnC
7PV2DZUtFP5wPSb+9p/e6/91kIBKHq2IZd4n48Ii5OU/DSO9XeNfWOYF9z1sEzIw
Hk5Dl6zElGdKX7LRDPZ+xpkwTFU5SZYfirtdzAUOsYROZCUZF64dJ7/NIk5VdeDC
upwBlrIhwNqwkVY5Cb9BfU2BrmEgTIvNSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:49 2024 by rpki-client on console-ams.rpki-client.org