Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/8062a9-7f47-44ea-abb7-91dbc9f0e8db/1/qoFNqSk2Cio4RbsTGrUGPG-noZA.roa
File: qoFNqSk2Cio4RbsTGrUGPG-noZA.roa (raw, json)
Hash identifier: 1HyVh0QFCEbO6Zka8MvHMv772N1ccCvQsizpLAQ/ngU=
Subject key identifier: AA:81:4D:A9:29:36:0A:2A:38:45:BB:13:1A:B5:06:3C:6F:A7:A1:90
Certificate issuer: /CN=a1655282be419d21222b506fb7a368c3fe5db23d
Certificate serial: 01857283777C13031CBD79FA7000AAD5B219
Authority key identifier: A1:65:52:82:BE:41:9D:21:22:2B:50:6F:B7:A3:68:C3:FE:5D:B2:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWVSgr5BnSEiK1Bvt6Now_5dsj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/8062a9-7f47-44ea-abb7-91dbc9f0e8db/1/qoFNqSk2Cio4RbsTGrUGPG-noZA.roa
Signing time: Mon 02 Jan 2023 12:44:56 +0000
ROA not before: Mon 02 Jan 2023 12:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29329
IP address blocks: 109.197.8.0/21 maxlen: 32
93.157.120.0/21 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:77:7c:13:03:1c:bd:79:fa:70:00:aa:d5:b2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1655282be419d21222b506fb7a368c3fe5db23d
Validity
Not Before: Jan 2 12:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa814da929360a2a3845bb131ab5063c6fa7a190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e2:a9:4b:76:08:9f:30:26:0c:63:66:b6:32:
91:0f:a8:0d:8b:11:4e:0f:b7:34:69:16:57:9f:3c:
48:8c:90:66:df:6d:54:46:11:fe:52:e4:bb:eb:e1:
74:f8:76:b6:d6:43:33:a6:f8:ac:7d:fa:a4:41:da:
bf:e2:70:c2:be:38:9d:f3:58:55:c7:34:38:fc:61:
c3:a0:5d:fd:17:18:eb:04:b1:6e:2e:41:67:30:37:
26:53:cc:17:e1:41:26:e8:cf:b2:54:ed:6f:63:8b:
04:a4:1a:57:41:43:ae:46:2d:fb:b5:86:4c:f6:6a:
a2:c9:d3:83:4c:d3:e5:72:35:a1:a5:67:c8:6d:b0:
03:74:bf:4b:d7:25:c0:9c:83:b8:05:5d:df:5f:49:
15:be:d5:34:cf:61:cf:2d:7b:55:63:28:99:79:8a:
79:d9:58:a8:8e:75:2d:ee:8e:32:e7:3b:a5:db:14:
91:de:59:ab:a1:02:5f:fc:63:cb:47:29:17:05:f7:
b3:52:34:db:94:02:a4:63:91:ff:86:ec:a7:18:60:
f6:48:16:51:c3:c1:82:ff:a0:3f:09:4e:ea:76:11:
66:69:a8:32:02:c9:56:78:5e:81:6e:16:ef:d1:db:
87:ad:bb:ad:a3:d0:30:5a:3d:57:ff:39:32:c0:3e:
27:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:81:4D:A9:29:36:0A:2A:38:45:BB:13:1A:B5:06:3C:6F:A7:A1:90
X509v3 Authority Key Identifier:
keyid:A1:65:52:82:BE:41:9D:21:22:2B:50:6F:B7:A3:68:C3:FE:5D:B2:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWVSgr5BnSEiK1Bvt6Now_5dsj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8062a9-7f47-44ea-abb7-91dbc9f0e8db/1/qoFNqSk2Cio4RbsTGrUGPG-noZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/8062a9-7f47-44ea-abb7-91dbc9f0e8db/1/oWVSgr5BnSEiK1Bvt6Now_5dsj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.120.0/21
109.197.8.0/21
Signature Algorithm: sha256WithRSAEncryption
df:4b:44:5d:5d:69:a8:a2:8d:a1:8e:34:db:e4:4d:bc:6a:71:
ee:6a:df:d6:b8:2f:9e:59:2a:82:6a:cf:ff:fc:d3:1f:c2:8a:
f9:5e:71:95:4d:85:f5:89:77:ce:ad:29:a3:25:fb:71:d2:e4:
ba:b3:99:35:29:a9:4b:43:1d:ed:0c:58:cf:57:e9:bf:8e:52:
72:a3:fb:44:6b:9a:6c:1d:d0:dd:bd:86:d2:ec:5f:20:7e:62:
e7:34:a7:3e:41:2a:c1:f7:a1:34:06:72:95:e7:f9:76:5a:c4:
aa:b3:40:99:49:99:cc:60:7d:f1:f3:c8:a6:5a:00:2c:99:86:
7d:4a:22:89:9b:e7:8a:46:2c:bb:f6:0a:df:7b:1b:7f:ad:aa:
df:42:4e:03:f8:95:f7:e0:ac:ce:86:cd:57:8e:ff:c4:e6:ff:
74:0e:c9:86:73:5a:a4:53:d8:2b:da:c8:d5:9f:28:59:bd:42:
24:22:2b:89:36:fe:4a:50:f0:b7:7e:92:42:b1:49:d1:b7:a0:
34:8c:cb:d6:59:99:bc:e5:ff:fe:3c:af:04:96:0d:2b:16:42:
f5:6b:8c:d4:cb:cc:dd:33:4c:d7:e5:9a:e1:16:dd:aa:13:72:
31:ff:4a:9d:5e:03:d5:a9:1d:18:8b:27:d5:17:2c:ed:65:55:
97:bc:f9:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyg3d8EwMcvXn6cACq1bIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNjU1MjgyYmU0MTlkMjEyMjJiNTA2ZmI3YTM2OGMzZmU1
ZGIyM2QwHhcNMjMwMTAyMTI0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTgxNGRhOTI5MzYwYTJhMzg0NWJiMTMxYWI1MDYzYzZmYTdhMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruKpS3YInzAmDGNmtjKRD6gNixFO
D7c0aRZXnzxIjJBm321URhH+UuS76+F0+Ha21kMzpvisffqkQdq/4nDCvjid81hV
xzQ4/GHDoF39FxjrBLFuLkFnMDcmU8wX4UEm6M+yVO1vY4sEpBpXQUOuRi37tYZM
9mqiydODTNPlcjWhpWfIbbADdL9L1yXAnIO4BV3fX0kVvtU0z2HPLXtVYyiZeYp5
2ViojnUt7o4y5zul2xSR3lmroQJf/GPLRykXBfezUjTblAKkY5H/huynGGD2SBZR
w8GC/6A/CU7qdhFmaagyAslWeF6Bbhbv0duHrbuto9AwWj1X/zkywD4nmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKqBTakpNgoqOEW7Exq1Bjxvp6GQMB8GA1UdIwQY
MBaAFKFlUoK+QZ0hIitQb7ejaMP+XbI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dWU2dyNUJuU0VpSzFCdnQ2Tm93XzVkc2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS84MDYyYTktN2Y0Ny00NGVhLWFiYjct
OTFkYmM5ZjBlOGRiLzEvcW9GTnFTazJDaW80UmJzVEdyVUdQRy1ub1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS84MDYyYTktN2Y0Ny00NGVhLWFiYjctOTFkYmM5ZjBlOGRi
LzEvb1dWU2dyNUJuU0VpSzFCdnQ2Tm93XzVkc2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXZ14AwQD
bcUIMA0GCSqGSIb3DQEBCwUAA4IBAQDfS0RdXWmooo2hjjTb5E28anHuat/WuC+e
WSqCas///NMfwor5XnGVTYX1iXfOrSmjJftx0uS6s5k1KalLQx3tDFjPV+m/jlJy
o/tEa5psHdDdvYbS7F8gfmLnNKc+QSrB96E0BnKV5/l2WsSqs0CZSZnMYH3x88im
WgAsmYZ9SiKJm+eKRiy79grfext/rarfQk4D+JX34KzOhs1Xjv/E5v90DsmGc1qk
U9gr2sjVnyhZvUIkIiuJNv5KUPC3fpJCsUnRt6A0jMvWWZm85f/+PK8Elg0rFkL1
a4zUy8zdM0zX5ZrhFt2qE3Ix/0qdXgPVqR0YiyfVFyztZVWXvPnn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:40 2024 by rpki-client on console-ams.rpki-client.org