Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/47065d-2d83-4641-8223-41f39a8c09dd/1/q7innN1JkCcIgRT5-EzgHroueB0.roa
File: q7innN1JkCcIgRT5-EzgHroueB0.roa (raw, json)
Hash identifier: a33Iay/i4Dliv/dDB+7NmVnIfRLjm0Zf0oXOdIs+W4g=
Subject key identifier: AB:B8:A7:9C:DD:49:90:27:08:81:14:F9:F8:4C:E0:1E:BA:2E:78:1D
Certificate issuer: /CN=62f603f3a55a29e6617f096b3a69bff0a392a928
Certificate serial: 01856BC1121626ECC02A57776AC8251A850E
Authority key identifier: 62:F6:03:F3:A5:5A:29:E6:61:7F:09:6B:3A:69:BF:F0:A3:92:A9:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvYD86VaKeZhfwlrOmm_8KOSqSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/47065d-2d83-4641-8223-41f39a8c09dd/1/q7innN1JkCcIgRT5-EzgHroueB0.roa
Signing time: Sun 01 Jan 2023 05:14:53 +0000
ROA not before: Sun 01 Jan 2023 05:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44238
IP address blocks: 91.195.238.0/23 maxlen: 23
2001:67c:160::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:12:16:26:ec:c0:2a:57:77:6a:c8:25:1a:85:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62f603f3a55a29e6617f096b3a69bff0a392a928
Validity
Not Before: Jan 1 05:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abb8a79cdd499027088114f9f84ce01eba2e781d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c0:06:f1:12:0d:9c:c1:ec:fd:83:b0:c5:71:
42:39:93:87:71:7f:8f:17:89:72:3e:cd:24:90:e0:
c0:34:d3:e9:af:df:a5:b4:d6:43:23:b9:39:c1:44:
6b:95:02:ac:70:91:eb:aa:e7:8e:b5:44:a8:9c:8e:
d1:97:8d:5f:88:9c:1d:02:35:09:e5:b4:01:22:32:
0d:1a:37:36:bc:29:55:a1:1a:39:38:52:b1:ce:11:
f1:8b:47:98:27:0d:03:d4:2f:1f:b8:4e:77:f0:be:
86:22:7e:12:f1:7c:47:5b:22:9f:c8:cb:1b:f2:77:
d4:04:fd:a3:91:97:d7:d6:02:90:b8:b9:f6:a4:7e:
74:98:5d:94:a7:2d:49:4f:00:68:9f:ae:28:37:90:
e4:17:16:f8:67:c1:87:2e:be:93:95:22:74:ea:78:
cb:4d:08:8c:13:f6:55:ff:d1:e7:09:5a:f1:3a:6c:
1e:9e:60:2b:20:76:26:93:72:33:d5:53:c0:ae:4d:
94:e1:4d:f5:e8:26:5d:53:6d:f1:b8:c3:90:b1:f2:
4b:3b:49:68:46:99:4b:87:b8:50:64:0d:b6:ce:6a:
cc:62:3d:dc:b4:40:52:b7:e4:3d:7d:fe:a5:6a:20:
aa:0e:ab:60:52:81:88:96:9b:63:dc:d7:c6:4a:81:
f5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:B8:A7:9C:DD:49:90:27:08:81:14:F9:F8:4C:E0:1E:BA:2E:78:1D
X509v3 Authority Key Identifier:
keyid:62:F6:03:F3:A5:5A:29:E6:61:7F:09:6B:3A:69:BF:F0:A3:92:A9:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvYD86VaKeZhfwlrOmm_8KOSqSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/47065d-2d83-4641-8223-41f39a8c09dd/1/q7innN1JkCcIgRT5-EzgHroueB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/47065d-2d83-4641-8223-41f39a8c09dd/1/YvYD86VaKeZhfwlrOmm_8KOSqSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.238.0/23
IPv6:
2001:67c:160::/48
Signature Algorithm: sha256WithRSAEncryption
9b:53:b7:d3:41:12:27:65:79:b7:5c:df:5c:7a:0f:63:56:37:
44:5a:b8:70:30:ff:2b:c8:fa:eb:12:a8:5d:1c:88:80:2d:ca:
8b:b0:bb:7a:7b:55:d1:d2:7a:81:24:8f:2f:12:c3:34:e3:e7:
04:76:f8:92:a3:e0:db:08:a3:cb:db:c6:2f:bd:5f:b0:3c:e6:
76:b9:a7:31:53:8d:f2:70:69:c7:87:9e:d0:31:a2:a0:12:ab:
01:11:41:c7:b7:28:30:97:81:99:f5:e5:7c:ca:dd:63:f4:20:
73:b2:b2:bf:cd:21:59:bc:1e:a9:f0:96:05:41:22:fe:33:ce:
0e:06:84:b3:ac:e1:ea:e6:6b:70:f1:6c:f1:4a:5f:99:61:75:
4a:16:bd:52:3f:ee:c6:02:6a:48:6d:b0:56:3e:16:69:29:9f:
d7:0c:cb:75:be:fe:bc:03:32:26:13:86:61:63:7e:62:ed:d3:
48:f3:48:de:09:de:33:01:07:20:f4:5d:47:bd:a2:ac:92:07:
6b:84:36:6f:d2:fc:75:15:c8:90:ce:ad:b6:df:a5:21:f9:06:
db:df:3d:23:e8:5e:18:d9:c3:00:38:0a:bc:ea:58:d9:38:fc:
2c:f3:f9:94:bc:d9:0e:34:74:25:65:f7:7b:71:0a:e7:c3:5b:
6d:49:03:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrwRIWJuzAKld3asglGoUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZjYwM2YzYTU1YTI5ZTY2MTdmMDk2YjNhNjliZmYwYTM5
MmE5MjgwHhcNMjMwMTAxMDUxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmI4YTc5Y2RkNDk5MDI3MDg4MTE0ZjlmODRjZTAxZWJhMmU3ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncAG8RINnMHs/YOwxXFCOZOHcX+P
F4lyPs0kkODANNPpr9+ltNZDI7k5wURrlQKscJHrqueOtUSonI7Rl41fiJwdAjUJ
5bQBIjINGjc2vClVoRo5OFKxzhHxi0eYJw0D1C8fuE538L6GIn4S8XxHWyKfyMsb
8nfUBP2jkZfX1gKQuLn2pH50mF2Upy1JTwBon64oN5DkFxb4Z8GHLr6TlSJ06njL
TQiME/ZV/9HnCVrxOmwenmArIHYmk3Iz1VPArk2U4U316CZdU23xuMOQsfJLO0lo
RplLh7hQZA22zmrMYj3ctEBSt+Q9ff6laiCqDqtgUoGIlptj3NfGSoH1OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKu4p5zdSZAnCIEU+fhM4B66LngdMB8GA1UdIwQY
MBaAFGL2A/OlWinmYX8Jazppv/CjkqkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXZZRDg2VmFLZVpoZndsck9tbV84S09TcVNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80NzA2NWQtMmQ4My00NjQxLTgyMjMt
NDFmMzlhOGMwOWRkLzEvcTdpbm5OMUprQ2NJZ1JUNS1FemdIcm91ZUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS80NzA2NWQtMmQ4My00NjQxLTgyMjMtNDFmMzlhOGMwOWRk
LzEvWXZZRDg2VmFLZVpoZndsck9tbV84S09TcVNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8PuMA8E
AgACMAkDBwAgAQZ8AWAwDQYJKoZIhvcNAQELBQADggEBAJtTt9NBEidlebdc31x6
D2NWN0RauHAw/yvI+usSqF0ciIAtyouwu3p7VdHSeoEkjy8SwzTj5wR2+JKj4NsI
o8vbxi+9X7A85na5pzFTjfJwaceHntAxoqASqwERQce3KDCXgZn15XzK3WP0IHOy
sr/NIVm8HqnwlgVBIv4zzg4GhLOs4erma3DxbPFKX5lhdUoWvVI/7sYCakhtsFY+
Fmkpn9cMy3W+/rwDMiYThmFjfmLt00jzSN4J3jMBByD0XUe9oqySB2uENm/S/HUV
yJDOrbbfpSH5BtvfPSPoXhjZwwA4CrzqWNk4/Czz+ZS82Q40dCVl93txCufDW21J
AwA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:03 2024 by rpki-client on console-fra.rpki-client.org