Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/q4SaxUmP5bYdFG4tMCZj6u-ajN0.roa
File: q4SaxUmP5bYdFG4tMCZj6u-ajN0.roa (raw, json)
Hash identifier: yN09rFnXmUYLXmEqL8JkOcUnTvl/UjuXF0Yw4lJpFIc=
Subject key identifier: AB:84:9A:C5:49:8F:E5:B6:1D:14:6E:2D:30:26:63:EA:EF:9A:8C:DD
Certificate issuer: /CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Certificate serial: 0185724C94F42413B752A236DE0FE9F63A6B
Authority key identifier: 8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/q4SaxUmP5bYdFG4tMCZj6u-ajN0.roa
Signing time: Mon 02 Jan 2023 11:44:59 +0000
ROA not before: Mon 02 Jan 2023 11:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29600
IP address blocks: 95.131.112.0/21 maxlen: 21
83.136.136.0/21 maxlen: 21
80.70.16.0/20 maxlen: 20
85.15.192.0/18 maxlen: 18
2a01:a880::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:94:f4:24:13:b7:52:a2:36:de:0f:e9:f6:3a:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Validity
Not Before: Jan 2 11:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab849ac5498fe5b61d146e2d302663eaef9a8cdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:37:71:08:48:88:ab:a2:7c:1c:e9:23:b9:55:
9d:fa:95:89:e8:01:59:7f:41:78:b2:03:3d:0e:ac:
36:e4:35:f3:62:11:a9:b7:a5:ef:fd:89:ad:25:24:
91:51:3e:b0:1e:55:a9:d1:b9:45:78:ed:f8:87:e5:
95:00:53:51:2c:05:e2:d5:e3:b3:d9:f3:7b:ca:d6:
8f:f2:a7:10:43:7f:9f:40:3f:56:72:73:20:7d:da:
8f:2b:fb:38:86:cf:fa:21:e7:e0:d1:70:ba:09:df:
c3:a7:f9:fd:35:b9:cd:ef:9d:ee:3b:5a:86:50:2e:
e8:e4:fe:b9:de:b0:cf:f6:e9:38:5b:bd:c6:23:93:
9f:74:df:8f:fd:b1:90:24:eb:69:a3:7d:5b:a7:9e:
c3:c0:33:e8:4f:c6:9d:e3:49:f5:ab:94:0f:75:30:
2b:c9:9a:5c:cd:7a:49:c3:4e:1b:49:ed:4c:14:1f:
07:53:d5:c3:57:40:62:d4:21:62:dd:1d:d1:2f:45:
66:9b:df:e8:24:5f:cb:af:12:82:31:b3:e8:71:80:
09:3d:04:09:83:4e:83:da:3f:ee:1f:4c:e9:56:eb:
0f:7c:74:67:88:c7:59:94:ef:63:f0:91:46:48:33:
ec:59:d9:38:f4:ef:29:ba:ba:4b:0b:96:92:a7:84:
b1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:84:9A:C5:49:8F:E5:B6:1D:14:6E:2D:30:26:63:EA:EF:9A:8C:DD
X509v3 Authority Key Identifier:
keyid:8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/q4SaxUmP5bYdFG4tMCZj6u-ajN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/jxdSJfOGzpgBGfaYhPm-fGorOzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.16.0/20
83.136.136.0/21
85.15.192.0/18
95.131.112.0/21
IPv6:
2a01:a880::/29
Signature Algorithm: sha256WithRSAEncryption
16:23:28:0d:69:05:6c:cb:d2:74:e5:de:53:ac:25:bb:37:cb:
95:e0:ae:ec:3c:45:85:9f:6b:bc:b6:60:b0:bd:b2:a6:ef:63:
09:39:f6:9b:21:11:88:e7:e5:b2:37:55:58:c1:b4:04:a6:05:
0f:28:91:ec:ac:15:99:13:a1:2c:cb:27:51:32:8c:0e:8b:e2:
b2:bc:74:4f:0c:09:41:d3:ec:e6:7c:75:75:5d:35:2b:02:78:
c0:9b:c2:a8:89:ef:aa:cf:0f:76:46:48:cd:74:b1:05:70:ac:
f9:1a:e7:49:c6:03:9a:24:66:4f:1b:e6:18:4a:6e:64:92:a3:
e5:61:4d:75:f4:dd:e3:53:60:65:09:10:ac:37:65:b0:79:17:
3e:2d:f7:8b:15:d7:3a:dd:1b:1a:08:9e:8d:74:69:d3:73:42:
26:d3:0f:68:4b:c2:f5:99:fb:5d:fe:21:78:fc:ae:f6:04:2a:
2d:51:99:67:a3:3b:9a:30:d0:b7:8b:fe:82:26:ee:52:a0:0c:
40:1e:61:5c:f4:ab:0d:e6:95:84:39:fa:0f:f1:b5:e9:cb:4e:
58:51:78:f9:aa:de:90:9d:5b:0c:6c:4c:cf:01:1f:9b:a7:56:
46:33:ad:fe:17:16:69:b2:ba:40:31:d3:f7:c6:b1:b3:bc:df:
54:e6:f6:e0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyTJT0JBO3UqI23g/p9jprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTc1MjI1ZjM4NmNlOTgwMTE5ZjY5ODg0ZjliZTdjNmEy
YjNiMzMwHhcNMjMwMTAyMTE0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjg0OWFjNTQ5OGZlNWI2MWQxNDZlMmQzMDI2NjNlYWVmOWE4Y2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jdxCEiIq6J8HOkjuVWd+pWJ6AFZ
f0F4sgM9Dqw25DXzYhGpt6Xv/YmtJSSRUT6wHlWp0blFeO34h+WVAFNRLAXi1eOz
2fN7ytaP8qcQQ3+fQD9WcnMgfdqPK/s4hs/6Iefg0XC6Cd/Dp/n9NbnN753uO1qG
UC7o5P653rDP9uk4W73GI5OfdN+P/bGQJOtpo31bp57DwDPoT8ad40n1q5QPdTAr
yZpczXpJw04bSe1MFB8HU9XDV0Bi1CFi3R3RL0Vmm9/oJF/LrxKCMbPocYAJPQQJ
g06D2j/uH0zpVusPfHRniMdZlO9j8JFGSDPsWdk49O8purpLC5aSp4Sx6wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKuEmsVJj+W2HRRuLTAmY+rvmozdMB8GA1UdIwQY
MBaAFI8XUiXzhs6YARn2mIT5vnxqKzszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjct
NjFiNzcyZDc1MWVjLzEvcTRTYXhVbVA1YllkRkc0dE1DWmo2dS1hak4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjctNjFiNzcyZDc1MWVj
LzEvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEYQAwQD
U4iIAwQGVQ/AAwQDX4NwMA0EAgACMAcDBQMqAaiAMA0GCSqGSIb3DQEBCwUAA4IB
AQAWIygNaQVsy9J05d5TrCW7N8uV4K7sPEWFn2u8tmCwvbKm72MJOfabIRGI5+Wy
N1VYwbQEpgUPKJHsrBWZE6EsyydRMowOi+KyvHRPDAlB0+zmfHV1XTUrAnjAm8Ko
ie+qzw92RkjNdLEFcKz5GudJxgOaJGZPG+YYSm5kkqPlYU119N3jU2BlCRCsN2Ww
eRc+LfeLFdc63RsaCJ6NdGnTc0Im0w9oS8L1mftd/iF4/K72BCotUZlnozuaMNC3
i/6CJu5SoAxAHmFc9KsN5pWEOfoP8bXpy05YUXj5qt6QnVsMbEzPAR+bp1ZGM63+
FxZpsrpAMdP3xrGzvN9U5vbg
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:55 2023 by rpki-client on console-fra.rpki-client.org