Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/CQYuy_OLmNpQCid6xvrEAyvazUE.roa
File: CQYuy_OLmNpQCid6xvrEAyvazUE.roa (raw, json)
Hash identifier: 4WUgElj+s6Mdf5obQnqM9tjOLaSbWtXIQachq7Vg9qo=
Subject key identifier: 09:06:2E:CB:F3:8B:98:DA:50:0A:27:7A:C6:FA:C4:03:2B:DA:CD:41
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 0187B980D6B21AC64EF00E526CC8CACB2407
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/CQYuy_OLmNpQCid6xvrEAyvazUE.roa
Signing time: Tue 25 Apr 2023 17:40:41 +0000
ROA not before: Tue 25 Apr 2023 17:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51862
IP address blocks: 46.16.72.0/21 maxlen: 24
78.137.96.0/21 maxlen: 24
2a02:2478::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b9:80:d6:b2:1a:c6:4e:f0:0e:52:6c:c8:ca:cb:24:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Apr 25 17:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09062ecbf38b98da500a277ac6fac4032bdacd41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:af:ea:42:e6:cd:05:f9:10:f8:04:f5:43:cd:
fc:29:e4:6d:77:ce:42:07:00:ca:f0:91:7a:cf:83:
56:7d:2c:b8:74:a1:e2:66:27:9d:66:78:6b:ef:b9:
f7:21:96:16:ea:f7:a8:4a:65:1f:46:c0:2e:44:b4:
fb:f7:f3:c7:a3:f5:e9:f4:3d:06:c9:2c:68:b4:4a:
e6:04:b5:d3:cf:00:18:80:3e:de:31:11:ed:1f:07:
33:b3:35:ee:0f:17:a0:a7:16:73:78:d3:49:a6:c6:
e1:a6:1e:ea:cf:60:b3:82:35:05:b2:0c:a1:25:65:
bc:47:33:85:21:4c:e4:fb:ea:5b:4e:e1:cd:0a:f0:
e4:2b:b2:dd:c7:0a:ce:48:a7:2f:8b:1c:ff:43:8a:
94:1e:a3:a0:ce:a1:0b:13:5f:84:75:50:70:a2:a6:
65:46:2d:af:7a:98:37:16:f0:42:83:4f:55:38:38:
94:31:01:6e:5a:0d:f4:9e:e4:2c:6f:bd:dd:3b:ee:
0e:ee:45:cb:bb:ce:33:ea:3d:6a:47:a3:e4:7f:48:
2a:73:86:e6:3d:84:33:6d:d8:0a:cc:ff:27:e7:cf:
ed:e3:bc:75:91:e8:93:07:24:33:98:0c:6e:7e:fc:
66:b0:49:97:c5:57:bb:87:30:e1:46:4e:3b:ce:49:
ed:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:06:2E:CB:F3:8B:98:DA:50:0A:27:7A:C6:FA:C4:03:2B:DA:CD:41
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/CQYuy_OLmNpQCid6xvrEAyvazUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.72.0/21
78.137.96.0/21
IPv6:
2a02:2478::/32
Signature Algorithm: sha256WithRSAEncryption
63:77:64:05:09:40:10:54:5b:13:8a:fa:01:16:d8:9b:e2:de:
af:e4:2d:e9:7f:cc:29:b9:f9:f1:ff:e6:43:ff:ed:22:e4:d0:
47:87:88:b6:03:c4:d2:c2:fe:33:4b:9f:5e:1e:21:52:b3:85:
1b:68:f9:dd:d1:2c:c7:20:1a:1e:0c:5f:b5:f6:cb:9a:3c:c8:
9b:5e:c0:21:60:0c:61:d2:08:3c:82:a5:4b:8d:65:33:f1:e9:
a2:c2:ab:b4:de:00:0b:7e:4d:eb:c1:e8:6d:33:3b:b9:1a:be:
6c:be:72:d1:98:95:65:0e:c9:78:f5:c2:6d:ed:12:61:69:fc:
03:bd:3a:19:46:cf:be:ee:c8:26:e5:59:23:74:b2:19:58:66:
96:04:78:ac:e2:cd:f9:c7:e2:0c:c9:b5:fe:16:fa:55:74:bb:
f9:e6:11:67:fb:ab:ff:4e:90:ab:29:9d:01:a3:7f:fb:f6:b0:
11:3e:59:28:a8:43:c6:5c:bf:b8:39:d8:8b:34:fb:e5:22:ef:
2e:b3:b3:75:b8:61:58:67:96:e2:10:d4:c7:47:0e:0d:98:4b:
4e:cb:d8:05:3a:4b:6e:b5:ce:c2:b0:90:5f:f2:f3:8a:3b:90:
4c:a1:30:ea:c9:7b:92:69:e3:e2:8c:38:03:0e:c1:60:85:66:
ba:e6:34:37
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYe5gNayGsZO8A5SbMjKyyQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjMwNDI1MTc0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA2MmVjYmYzOGI5OGRhNTAwYTI3N2FjNmZhYzQwMzJiZGFjZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka/qQubNBfkQ+AT1Q838KeRtd85C
BwDK8JF6z4NWfSy4dKHiZiedZnhr77n3IZYW6veoSmUfRsAuRLT79/PHo/Xp9D0G
ySxotErmBLXTzwAYgD7eMRHtHwczszXuDxegpxZzeNNJpsbhph7qz2CzgjUFsgyh
JWW8RzOFIUzk++pbTuHNCvDkK7LdxwrOSKcvixz/Q4qUHqOgzqELE1+EdVBwoqZl
Ri2vepg3FvBCg09VODiUMQFuWg30nuQsb73dO+4O7kXLu84z6j1qR6Pkf0gqc4bm
PYQzbdgKzP8n58/t47x1keiTByQzmAxufvxmsEmXxVe7hzDhRk47zkntCwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAkGLsvzi5jaUAonesb6xAMr2s1BMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvQ1FZdXlfT0xtTnBRQ2lkNnh2ckVBeXZhelVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLhBIAwQD
TolgMA0EAgACMAcDBQAqAiR4MA0GCSqGSIb3DQEBCwUAA4IBAQBjd2QFCUAQVFsT
ivoBFtib4t6v5C3pf8wpufnx/+ZD/+0i5NBHh4i2A8TSwv4zS59eHiFSs4UbaPnd
0SzHIBoeDF+19suaPMibXsAhYAxh0gg8gqVLjWUz8emiwqu03gALfk3rwehtMzu5
Gr5svnLRmJVlDsl49cJt7RJhafwDvToZRs++7sgm5VkjdLIZWGaWBHis4s35x+IM
ybX+FvpVdLv55hFn+6v/TpCrKZ0Bo3/79rARPlkoqEPGXL+4OdiLNPvlIu8us7N1
uGFYZ5biENTHRw4NmEtOy9gFOktutc7CsJBf8vOKO5BMoTDqyXuSaePijDgDDsFg
hWa65jQ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:21 2024 by rpki-client on console-fra.rpki-client.org