Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/QWhgKnOnV_lr5oBGwbrl9TYMtp4.roa
File: QWhgKnOnV_lr5oBGwbrl9TYMtp4.roa (raw, json)
Hash identifier: z/uwRvpXC6y86EXgeSHkBhS/WIa15/Hqg0PcaGy98Ik=
Subject key identifier: 41:68:60:2A:73:A7:57:F9:6B:E6:80:46:C1:BA:E5:F5:36:0C:B6:9E
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0189074128CF59144C5582C92C473705C4D8
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/QWhgKnOnV_lr5oBGwbrl9TYMtp4.roa
Signing time: Thu 29 Jun 2023 13:04:18 +0000
ROA not before: Thu 29 Jun 2023 13:04:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25697
IP address blocks: 95.111.212.0/22 maxlen: 22
194.113.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:07:41:28:cf:59:14:4c:55:82:c9:2c:47:37:05:c4:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jun 29 13:04:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4168602a73a757f96be68046c1bae5f5360cb69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b3:fc:94:32:44:74:d4:69:ba:37:65:18:4f:
b2:5e:37:d5:9f:c6:07:4a:7e:00:cb:7c:14:9b:b2:
23:08:d2:fb:1d:3f:ef:42:a3:fc:43:f0:ea:fd:47:
44:23:33:be:8f:30:4e:55:40:3b:ae:75:ba:90:f2:
af:92:12:f4:3e:19:fb:28:61:5e:93:cf:b5:00:1a:
2f:89:95:b9:ae:44:fb:7e:98:5d:12:f8:e4:e5:53:
ec:6e:05:d5:37:74:b3:1f:0d:15:1a:23:21:90:54:
13:5e:16:b5:20:10:92:13:61:bd:92:aa:53:68:86:
a7:97:f6:8c:4b:50:f7:38:14:0e:aa:75:bc:b3:b7:
79:9c:54:14:13:fd:5b:37:79:6f:a2:b2:f8:a3:b8:
e0:19:a3:ba:93:eb:05:a9:19:1d:07:26:67:31:59:
ea:f8:26:35:97:1a:2f:fa:47:81:91:ed:ae:fe:22:
10:e3:fa:69:2a:70:d8:56:39:ad:c7:94:f4:eb:53:
d7:5a:33:7a:e6:bd:68:1e:78:f0:d5:93:41:1e:41:
5c:0d:c4:d1:9b:67:e5:27:0e:9d:71:78:4b:b2:8a:
01:51:f5:8d:45:2f:ca:98:2c:26:b1:e5:dc:fe:2c:
e4:4a:d7:c2:23:be:0b:c8:2c:cc:10:2a:71:62:88:
79:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:68:60:2A:73:A7:57:F9:6B:E6:80:46:C1:BA:E5:F5:36:0C:B6:9E
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/QWhgKnOnV_lr5oBGwbrl9TYMtp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.212.0/22
194.113.72.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:29:95:0a:93:f0:e4:12:5a:79:6a:ff:1e:b3:0b:76:25:64:
9a:14:f1:27:a9:77:fb:33:25:74:09:2b:b9:1d:b8:40:59:2d:
0c:26:91:98:5b:d8:a6:86:3c:04:91:cb:6c:4d:b8:5e:86:19:
ef:f3:d4:e0:51:1d:ef:b9:83:1d:45:06:40:c4:25:ad:f3:1e:
aa:64:5d:6a:49:70:da:8c:20:8b:b1:6c:41:40:8c:dc:65:86:
bb:33:c6:49:a2:60:22:f7:e9:23:b8:d5:16:5f:3c:6f:d8:32:
36:cf:92:19:19:d2:29:dd:2c:04:7a:ef:d9:6e:e1:6a:ec:5b:
52:03:ed:89:eb:34:07:4c:d6:23:0e:ee:2d:68:be:4c:03:38:
57:57:05:fb:7e:89:00:59:af:e2:df:c9:1a:eb:aa:9b:e5:4e:
25:3a:7d:45:eb:ae:68:6c:62:25:9c:c0:0f:24:e5:40:a5:6e:
cf:df:c9:bf:ac:94:e2:44:78:1e:59:7d:9b:ba:72:7e:3e:a8:
f5:4f:a3:73:ca:9f:28:0e:84:5a:7c:1e:0d:03:d2:c1:68:19:
05:83:5b:3a:fe:d1:0f:1f:2e:47:9c:76:8b:00:e6:42:f3:42:
2b:88:98:bd:2a:ad:d0:2d:b6:a9:7f:a5:2f:77:8f:18:33:07:
68:7f:b6:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYkHQSjPWRRMVYLJLEc3BcTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjMwNjI5MTMwNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTY4NjAyYTczYTc1N2Y5NmJlNjgwNDZjMWJhZTVmNTM2MGNiNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7P8lDJEdNRpujdlGE+yXjfVn8YH
Sn4Ay3wUm7IjCNL7HT/vQqP8Q/Dq/UdEIzO+jzBOVUA7rnW6kPKvkhL0Phn7KGFe
k8+1ABoviZW5rkT7fphdEvjk5VPsbgXVN3SzHw0VGiMhkFQTXha1IBCSE2G9kqpT
aIanl/aMS1D3OBQOqnW8s7d5nFQUE/1bN3lvorL4o7jgGaO6k+sFqRkdByZnMVnq
+CY1lxov+keBke2u/iIQ4/ppKnDYVjmtx5T061PXWjN65r1oHnjw1ZNBHkFcDcTR
m2flJw6dcXhLsooBUfWNRS/KmCwmseXc/izkStfCI74LyCzMECpxYoh5jwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEFoYCpzp1f5a+aARsG65fU2DLaeMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvUVdoZ0tuT25WX2xyNW9CR3dicmw5VFlNdHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCX2/UAwQC
wnFIMA0GCSqGSIb3DQEBCwUAA4IBAQBaKZUKk/DkElp5av8eswt2JWSaFPEnqXf7
MyV0CSu5HbhAWS0MJpGYW9imhjwEkctsTbhehhnv89TgUR3vuYMdRQZAxCWt8x6q
ZF1qSXDajCCLsWxBQIzcZYa7M8ZJomAi9+kjuNUWXzxv2DI2z5IZGdIp3SwEeu/Z
buFq7FtSA+2J6zQHTNYjDu4taL5MAzhXVwX7fokAWa/i38ka66qb5U4lOn1F665o
bGIlnMAPJOVApW7P38m/rJTiRHgeWX2bunJ+Pqj1T6Nzyp8oDoRafB4NA9LBaBkF
g1s6/tEPHy5HnHaLAOZC80IriJi9Kq3QLbapf6Uvd48YMwdof7af
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:51 2024 by rpki-client on console-ams.rpki-client.org