Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/qtvr0SfkwtwTMpIcnRyVdTwNSyw.roa
File: qtvr0SfkwtwTMpIcnRyVdTwNSyw.roa (raw, json)
Hash identifier: a2jpbZl9rSKLU3OrvmFJxwYU9IjqHAwfskY2usQrBsk=
Subject key identifier: AA:DB:EB:D1:27:E4:C2:DC:13:32:92:1C:9D:1C:95:75:3C:0D:4B:2C
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018C249BA4CA88BED356E91BB80CF1697674
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/qtvr0SfkwtwTMpIcnRyVdTwNSyw.roa
Signing time: Fri 01 Dec 2023 09:00:29 +0000
ROA not before: Fri 01 Dec 2023 09:00:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 195.133.202.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
89.37.216.0/23 maxlen: 24
84.234.16.0/20 maxlen: 24
194.88.112.0/20 maxlen: 24
93.113.184.0/21 maxlen: 24
62.112.12.0/23 maxlen: 24
194.58.64.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:9b:a4:ca:88:be:d3:56:e9:1b:b8:0c:f1:69:76:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Dec 1 09:00:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aadbebd127e4c2dc1332921c9d1c95753c0d4b2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:96:ae:9b:31:70:eb:a8:2e:c6:7e:2c:23:00:
0d:2d:21:0d:d6:64:de:ce:e6:72:53:2b:aa:0d:c8:
ec:88:43:03:5f:80:89:c2:7c:ca:cc:8a:75:1c:02:
9d:35:4f:9d:68:10:6a:a4:cd:75:78:40:a5:e3:26:
0b:d2:8e:ce:40:a7:5d:1f:49:b1:d2:09:07:3e:22:
65:1b:a5:c4:86:57:01:be:de:d5:5d:5b:35:3b:ff:
4d:d1:7f:ca:0c:34:fc:a0:06:a7:c2:10:fa:2e:e4:
bf:63:36:42:a7:6b:25:4d:76:fc:dd:4e:61:94:56:
b8:43:ca:9c:48:1e:93:60:43:81:8b:98:95:a4:43:
ed:2b:5d:64:e1:0c:a9:da:0f:96:dd:7c:4c:2d:ee:
fe:fc:e1:88:35:a8:a6:a4:bc:8b:15:2b:8e:51:e7:
54:25:db:76:fc:8c:54:37:53:96:61:5f:80:d8:0c:
23:9f:81:27:2b:ea:36:5c:46:af:45:c9:35:26:9d:
d8:77:b8:41:c4:d7:c7:04:24:94:e5:c7:18:9d:13:
95:44:7c:e9:6c:ab:3d:09:24:64:d7:ae:a6:4a:fe:
7e:28:38:a9:c6:39:3a:4d:b9:74:2b:dc:7e:97:52:
eb:d5:f1:6d:8d:86:8e:0f:b5:e9:c7:78:c9:2d:60:
0d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:DB:EB:D1:27:E4:C2:DC:13:32:92:1C:9D:1C:95:75:3C:0D:4B:2C
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/qtvr0SfkwtwTMpIcnRyVdTwNSyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.12.0/23
84.234.16.0/20
89.37.216.0/23
93.113.184.0/21
194.58.64.0/23
194.88.96.0/21
194.88.112.0/20
195.133.202.0/23
Signature Algorithm: sha256WithRSAEncryption
81:a9:bb:85:26:14:69:3a:6c:9e:b1:f0:72:dc:38:ec:5d:5c:
21:7c:05:f9:c5:08:1f:0e:93:44:e3:17:cd:aa:94:99:5c:a0:
ce:31:78:f7:e6:2b:b9:0b:bc:05:af:73:b4:9b:f2:43:f4:21:
4c:63:1d:79:e3:8b:5d:bc:50:2b:a8:a1:fc:7d:ee:aa:45:7e:
29:30:9d:df:00:4b:c0:67:45:d0:31:29:30:e7:f1:d0:ea:e2:
ec:79:c4:14:c6:76:e7:b6:bb:7f:20:78:e1:db:63:aa:0c:63:
e2:df:c5:44:1c:55:7a:32:69:42:28:c4:cd:f9:7d:cf:e3:b4:
43:e8:3a:cd:6b:63:ab:0c:0a:a3:07:bc:7e:d3:ff:b6:ba:ab:
f5:50:15:54:7a:76:bf:01:c2:4a:32:c8:b8:6f:66:cd:80:f6:
28:22:eb:5f:01:92:5c:70:04:ed:be:fc:af:61:c6:45:f7:7c:
36:a8:25:17:45:43:71:07:95:6c:fc:f4:3c:83:5b:bb:97:0f:
d9:47:b3:83:71:29:3d:1a:17:f0:ca:53:9a:77:56:4e:77:55:
a7:3f:bd:8a:ee:51:2e:d3:4d:04:d5:37:99:f1:69:68:cc:06:
1f:c8:b5:36:b0:c4:41:b1:69:ce:de:80:94:e2:fc:58:e7:e6:
5e:cb:86:c8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYwkm6TKiL7TVukbuAzxaXZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMjAxMDkwMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWRiZWJkMTI3ZTRjMmRjMTMzMjkyMWM5ZDFjOTU3NTNjMGQ0YjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJaumzFw66guxn4sIwANLSEN1mTe
zuZyUyuqDcjsiEMDX4CJwnzKzIp1HAKdNU+daBBqpM11eECl4yYL0o7OQKddH0mx
0gkHPiJlG6XEhlcBvt7VXVs1O/9N0X/KDDT8oAanwhD6LuS/YzZCp2slTXb83U5h
lFa4Q8qcSB6TYEOBi5iVpEPtK11k4Qyp2g+W3XxMLe7+/OGINaimpLyLFSuOUedU
Jdt2/IxUN1OWYV+A2Awjn4EnK+o2XEavRck1Jp3Yd7hBxNfHBCSU5ccYnROVRHzp
bKs9CSRk166mSv5+KDipxjk6Tbl0K9x+l1Lr1fFtjYaOD7Xpx3jJLWANmwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKrb69En5MLcEzKSHJ0clXU8DUssMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvcXR2cjBTZmt3dHdUTXBJY25SeVZkVHdOU3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBPnAMAwQE
VOoQAwQBWSXYAwQDXXG4AwQBwjpAAwQDwlhgAwQEwlhwAwQBw4XKMA0GCSqGSIb3
DQEBCwUAA4IBAQCBqbuFJhRpOmyesfBy3DjsXVwhfAX5xQgfDpNE4xfNqpSZXKDO
MXj35iu5C7wFr3O0m/JD9CFMYx1544tdvFArqKH8fe6qRX4pMJ3fAEvAZ0XQMSkw
5/HQ6uLsecQUxnbntrt/IHjh22OqDGPi38VEHFV6MmlCKMTN+X3P47RD6DrNa2Or
DAqjB7x+0/+2uqv1UBVUena/AcJKMsi4b2bNgPYoIutfAZJccATtvvyvYcZF93w2
qCUXRUNxB5Vs/PQ8g1u7lw/ZR7ODcSk9GhfwylOad1ZOd1WnP72K7lEu000E1TeZ
8WlozAYfyLU2sMRBsWnO3oCU4vxY5+Zey4bI
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:45 2024 by rpki-client on console-fra.rpki-client.org