Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/7QIJ98d6GvtpNlsNqFwhI62kbyE.roa
File: 7QIJ98d6GvtpNlsNqFwhI62kbyE.roa (raw, json)
Hash identifier: nO89TWGCGaVOnW1s16JfCiWnGb4I03rrwtqF83NSTwQ=
Subject key identifier: ED:02:09:F7:C7:7A:1A:FB:69:36:5B:0D:A8:5C:21:23:AD:A4:6F:21
Certificate issuer: /CN=fc35877cc038bffdb97bb3d6ea216ab52b3a0582
Certificate serial: 0185720C739D53E7803B65EC1E2BBC9EF15C
Authority key identifier: FC:35:87:7C:C0:38:BF:FD:B9:7B:B3:D6:EA:21:6A:B5:2B:3A:05:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/7QIJ98d6GvtpNlsNqFwhI62kbyE.roa
Signing time: Mon 02 Jan 2023 10:34:56 +0000
ROA not before: Mon 02 Jan 2023 10:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199927
IP address blocks: 185.42.56.0/22 maxlen: 22
2a04:8e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:73:9d:53:e7:80:3b:65:ec:1e:2b:bc:9e:f1:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc35877cc038bffdb97bb3d6ea216ab52b3a0582
Validity
Not Before: Jan 2 10:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed0209f7c77a1afb69365b0da85c2123ada46f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:80:1e:2e:1d:ec:2e:bd:ac:0f:97:67:ef:58:
cd:29:f4:64:1b:74:16:01:fd:fa:f0:f7:64:12:b6:
31:03:e8:21:36:87:93:3d:f1:6f:e1:79:af:50:99:
ee:f7:fb:f0:c4:93:c2:a8:b1:3b:d1:b5:a4:39:78:
af:61:e6:89:1c:18:3b:45:69:6c:41:52:3e:98:b1:
c8:02:4c:ef:ef:8e:c4:60:b0:bd:80:2e:45:f3:c0:
7e:fe:97:5c:c8:0d:8a:1b:ec:14:55:3b:c4:89:e7:
30:23:40:6a:9c:14:64:60:54:0a:d5:ba:87:a1:53:
a8:36:01:4b:98:6c:11:01:b7:97:49:d6:1c:d8:99:
a8:8b:e8:54:bc:16:23:59:7c:2a:5c:d5:27:b0:69:
02:4d:c3:5e:cc:fb:b7:14:e2:60:98:56:65:14:53:
55:02:4d:ea:43:b5:48:f5:a0:02:ac:9b:c3:8c:8d:
ae:82:0a:c7:b3:cc:1e:4f:aa:27:cc:a0:e5:7a:7b:
e0:ac:42:f7:5c:27:37:ed:f0:6f:b6:a0:cd:b8:7e:
66:d6:cf:86:45:19:ad:63:34:fc:06:30:60:32:e3:
c7:10:e7:80:f0:1e:15:f4:65:12:fc:d9:bf:8a:19:
29:ba:99:21:bf:3c:4e:a9:2d:e4:77:b0:bc:ba:7b:
d9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:02:09:F7:C7:7A:1A:FB:69:36:5B:0D:A8:5C:21:23:AD:A4:6F:21
X509v3 Authority Key Identifier:
keyid:FC:35:87:7C:C0:38:BF:FD:B9:7B:B3:D6:EA:21:6A:B5:2B:3A:05:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/7QIJ98d6GvtpNlsNqFwhI62kbyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/_DWHfMA4v_25e7PW6iFqtSs6BYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.56.0/22
IPv6:
2a04:8e40::/29
Signature Algorithm: sha256WithRSAEncryption
5a:c8:86:cd:b0:78:3a:0c:d2:a3:1d:e7:87:30:26:c1:b1:07:
44:6e:c4:72:55:80:b6:9d:92:bb:d8:0f:b6:aa:af:ff:ad:14:
a3:55:00:e2:ad:af:b2:b2:04:37:64:ab:3d:39:c2:b0:c0:27:
89:79:82:ea:c7:cf:41:3e:56:0e:b6:90:38:4e:c5:85:b5:44:
be:c3:c6:0c:3f:5a:7d:05:a7:98:d4:e1:c3:c5:d9:f1:21:8f:
2a:7c:e5:5b:e7:5a:54:b1:6a:69:2f:6c:cb:f9:7a:8d:ac:54:
27:4e:0d:b4:11:65:ab:e8:cd:15:11:8e:7b:b0:a1:e7:95:a2:
90:78:4a:10:d4:9b:be:b9:56:81:c2:e6:41:e4:e9:e7:a1:e9:
57:91:a3:b3:03:3d:e4:68:09:7a:8e:20:22:09:40:43:91:a5:
b2:47:ac:9b:0b:38:68:94:c5:88:73:e1:77:42:f4:e3:b7:47:
aa:fb:6d:dc:47:ec:d5:46:7a:76:b3:2a:7b:8f:0b:b4:dc:16:
36:a6:9b:47:4a:51:77:64:19:29:6a:28:77:8b:1d:7c:f0:53:
e1:40:7f:c3:ef:14:b8:9f:df:0f:b9:e4:22:b5:89:ce:bf:74:
05:56:32:1d:ee:b2:f0:92:fa:d1:04:b1:4b:2c:50:6c:4a:42:
24:55:c7:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyDHOdU+eAO2XsHiu8nvFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMzU4NzdjYzAzOGJmZmRiOTdiYjNkNmVhMjE2YWI1MmIz
YTA1ODIwHhcNMjMwMTAyMTAzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDAyMDlmN2M3N2ExYWZiNjkzNjViMGRhODVjMjEyM2FkYTQ2ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIAeLh3sLr2sD5dn71jNKfRkG3QW
Af368PdkErYxA+ghNoeTPfFv4XmvUJnu9/vwxJPCqLE70bWkOXivYeaJHBg7RWls
QVI+mLHIAkzv747EYLC9gC5F88B+/pdcyA2KG+wUVTvEiecwI0BqnBRkYFQK1bqH
oVOoNgFLmGwRAbeXSdYc2Jmoi+hUvBYjWXwqXNUnsGkCTcNezPu3FOJgmFZlFFNV
Ak3qQ7VI9aACrJvDjI2uggrHs8weT6onzKDlenvgrEL3XCc37fBvtqDNuH5m1s+G
RRmtYzT8BjBgMuPHEOeA8B4V9GUS/Nm/ihkpupkhvzxOqS3kd7C8unvZcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO0CCffHehr7aTZbDahcISOtpG8hMB8GA1UdIwQY
MBaAFPw1h3zAOL/9uXuz1uoharUrOgWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RXSGZNQTR2XzI1ZTdQVzZpRnF0U3M2QllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lODA3MmEtNjAxNy00ZWQ1LWJlZTMt
OGU2NWIzNDdmMjE4LzEvN1FJSjk4ZDZHdnRwTmxzTnFGd2hJNjJrYnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lODA3MmEtNjAxNy00ZWQ1LWJlZTMtOGU2NWIzNDdmMjE4
LzEvX0RXSGZNQTR2XzI1ZTdQVzZpRnF0U3M2QllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSo4MA0E
AgACMAcDBQMqBI5AMA0GCSqGSIb3DQEBCwUAA4IBAQBayIbNsHg6DNKjHeeHMCbB
sQdEbsRyVYC2nZK72A+2qq//rRSjVQDira+ysgQ3ZKs9OcKwwCeJeYLqx89BPlYO
tpA4TsWFtUS+w8YMP1p9BaeY1OHDxdnxIY8qfOVb51pUsWppL2zL+XqNrFQnTg20
EWWr6M0VEY57sKHnlaKQeEoQ1Ju+uVaBwuZB5OnnoelXkaOzAz3kaAl6jiAiCUBD
kaWyR6ybCzholMWIc+F3QvTjt0eq+23cR+zVRnp2syp7jwu03BY2pptHSlF3ZBkp
aih3ix188FPhQH/D7xS4n98PueQitYnOv3QFVjId7rLwkvrRBLFLLFBsSkIkVccJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:54 2024 by rpki-client on console-ams.rpki-client.org