Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/cn2-QQYM5inCscxCQj8LIxgeV90.roa
File: cn2-QQYM5inCscxCQj8LIxgeV90.roa (raw, json)
Hash identifier: zukPZxB3qm47+9Li+fVp2mSEEEg+JT2S04U2u0/s07U=
Subject key identifier: 72:7D:BE:41:06:0C:E6:29:C2:B1:CC:42:42:3F:0B:23:18:1E:57:DD
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 01899D4982AC6C3FAA7041B2C5FE2E3EAB10
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/cn2-QQYM5inCscxCQj8LIxgeV90.roa
Signing time: Fri 28 Jul 2023 16:16:27 +0000
ROA not before: Fri 28 Jul 2023 16:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48030
IP address blocks: 195.210.9.0/24 maxlen: 24
195.128.246.0/23 maxlen: 23
193.93.61.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9d:49:82:ac:6c:3f:aa:70:41:b2:c5:fe:2e:3e:ab:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jul 28 16:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=727dbe41060ce629c2b1cc42423f0b23181e57dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:38:f2:15:ff:68:6f:78:cc:a4:ac:8c:a2:fe:
a5:fc:b3:5f:f5:62:0e:8f:35:f9:f4:4d:3d:a2:cd:
84:5d:eb:b7:a6:9b:8d:2d:f8:d4:5c:99:bf:59:78:
3c:05:07:15:25:28:d7:00:bf:38:ef:9e:1b:ed:cb:
15:6e:2f:5f:8f:ed:bc:05:e1:3e:14:86:9a:82:c7:
5f:6f:ad:b0:78:71:ff:96:83:8c:56:95:1c:05:4e:
43:d8:df:c0:35:47:bb:10:d7:62:f2:68:1a:9b:dd:
80:d0:4f:73:b4:df:bf:bf:d9:cf:9e:47:5a:6b:f0:
9e:5d:41:27:ce:6d:46:89:69:b1:36:85:41:32:88:
e6:0f:20:c2:60:59:29:d8:e7:6b:a6:e9:91:f7:e9:
36:54:4f:32:20:87:44:c9:8d:3b:49:37:3c:07:ad:
ea:ea:13:82:da:93:c9:f5:25:9b:70:04:c2:75:bf:
7b:b2:0a:f0:40:12:cb:85:cf:3b:b4:58:61:56:6f:
80:7b:5f:21:52:da:8a:e0:66:74:1d:bd:37:55:fb:
ca:36:15:6d:5d:43:d3:5e:a0:63:d5:01:07:86:69:
b7:ff:01:e3:a4:10:bd:ee:55:e0:42:bd:dd:a5:2f:
b3:a0:cd:94:ed:d1:02:19:80:f7:24:32:51:e1:79:
54:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7D:BE:41:06:0C:E6:29:C2:B1:CC:42:42:3F:0B:23:18:1E:57:DD
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/cn2-QQYM5inCscxCQj8LIxgeV90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.61.0/24
195.128.246.0/23
195.210.9.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:40:df:31:3d:8e:25:7c:4e:ed:45:6f:b4:5e:ff:32:e0:c3:
6c:b4:a3:ad:76:df:f4:b6:c6:39:f9:9e:c0:30:05:27:41:b2:
e2:40:66:a2:b5:90:d2:b2:ac:0a:af:c9:aa:1c:3c:b5:0d:d4:
99:d1:db:62:cb:f6:3d:19:13:40:23:2d:90:4a:fb:29:dc:88:
8a:19:42:8b:3c:db:40:38:2d:93:61:18:fa:4b:7b:a6:f8:b8:
26:11:f4:d5:15:21:ed:5a:3e:6e:54:51:8e:a7:9b:4d:1e:38:
3b:ef:0e:d2:24:f8:f8:45:2c:8f:d9:0e:cc:42:a7:8a:ed:38:
2e:f2:a5:7e:7d:76:be:03:55:b5:bc:5a:68:91:c3:15:5d:39:
94:ca:c2:73:15:d8:14:17:ad:76:33:c4:cf:c5:2b:54:f2:c1:
99:94:db:0d:14:6b:9a:41:34:a9:57:3b:12:83:39:33:75:fb:
56:bb:f4:8f:36:1f:ac:9f:7a:d1:cf:ba:e6:38:e9:6f:33:b2:
81:63:69:e4:93:a9:85:1a:ca:1e:3e:22:34:63:5b:9a:e4:f0:
8e:3d:67:3f:63:88:97:2c:57:0a:19:6b:e8:6c:8c:15:0e:28:
50:14:dd:3f:eb:c3:71:5f:6c:dd:23:c9:1b:ea:39:a6:75:9d:
e2:1c:59:76
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmdSYKsbD+qcEGyxf4uPqsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjMwNzI4MTYxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdkYmU0MTA2MGNlNjI5YzJiMWNjNDI0MjNmMGIyMzE4MWU1N2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjjyFf9ob3jMpKyMov6l/LNf9WIO
jzX59E09os2EXeu3ppuNLfjUXJm/WXg8BQcVJSjXAL84754b7csVbi9fj+28BeE+
FIaagsdfb62weHH/loOMVpUcBU5D2N/ANUe7ENdi8mgam92A0E9ztN+/v9nPnkda
a/CeXUEnzm1GiWmxNoVBMojmDyDCYFkp2OdrpumR9+k2VE8yIIdEyY07STc8B63q
6hOC2pPJ9SWbcATCdb97sgrwQBLLhc87tFhhVm+Ae18hUtqK4GZ0Hb03VfvKNhVt
XUPTXqBj1QEHhmm3/wHjpBC97lXgQr3dpS+zoM2U7dECGYD3JDJR4XlUtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHJ9vkEGDOYpwrHMQkI/CyMYHlfdMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvY24yLVFRWU01aW5Dc2N4Q1FqOExJeGdlVjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwV09AwQB
w4D2AwQAw9IJMA0GCSqGSIb3DQEBCwUAA4IBAQA8QN8xPY4lfE7tRW+0Xv8y4MNs
tKOtdt/0tsY5+Z7AMAUnQbLiQGaitZDSsqwKr8mqHDy1DdSZ0dtiy/Y9GRNAIy2Q
Svsp3IiKGUKLPNtAOC2TYRj6S3um+LgmEfTVFSHtWj5uVFGOp5tNHjg77w7SJPj4
RSyP2Q7MQqeK7Tgu8qV+fXa+A1W1vFpokcMVXTmUysJzFdgUF612M8TPxStU8sGZ
lNsNFGuaQTSpVzsSgzkzdftWu/SPNh+sn3rRz7rmOOlvM7KBY2nkk6mFGsoePiI0
Y1ua5PCOPWc/Y4iXLFcKGWvobIwVDihQFN0/68NxX2zdI8kb6jmmdZ3iHFl2
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:40 2024 by rpki-client on console-ams.rpki-client.org