Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/qaVRH2xjkgxEgr8xroZFfVcea8w.roa
File: qaVRH2xjkgxEgr8xroZFfVcea8w.roa (raw, json)
Hash identifier: Odnsndx9lheTiJfnkCO5v/Um6p9Lk2EItdvJ3YdT6PU=
Subject key identifier: A9:A5:51:1F:6C:63:92:0C:44:82:BF:31:AE:86:45:7D:57:1E:6B:CC
Certificate issuer: /CN=af73ff1ec55f49296dd734039fa0284cc400eb26
Certificate serial: 01857328324E47DCFB60B1A4A9F1CD54617D
Authority key identifier: AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/qaVRH2xjkgxEgr8xroZFfVcea8w.roa
Signing time: Mon 02 Jan 2023 15:44:52 +0000
ROA not before: Mon 02 Jan 2023 15:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211099
IP address blocks: 194.156.235.0/24 maxlen: 24
94.177.116.0/23 maxlen: 24
2a02:7c9::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:32:4e:47:dc:fb:60:b1:a4:a9:f1:cd:54:61:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af73ff1ec55f49296dd734039fa0284cc400eb26
Validity
Not Before: Jan 2 15:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9a5511f6c63920c4482bf31ae86457d571e6bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e0:fe:00:c9:da:e6:e2:07:b6:9e:5c:2a:41:
57:f8:dd:00:f6:09:50:55:ac:d3:ec:99:7a:36:5f:
64:5f:c4:96:99:8f:60:4f:d3:b2:8a:ed:2a:03:61:
45:7e:30:ae:23:c9:dd:23:70:dd:9c:f6:5e:95:d3:
a0:24:fc:47:eb:d4:4b:41:b5:d5:88:f9:71:46:3b:
ee:f7:c6:ba:5e:18:1a:3f:d6:c0:b4:6b:51:73:86:
06:86:dc:50:e6:99:55:7f:f2:f6:e0:4c:21:ae:f2:
ff:de:6f:bb:cd:00:a5:79:b3:4b:a6:1d:62:4a:78:
1b:2e:4d:03:d7:95:f1:02:c6:87:f9:01:51:86:46:
75:25:22:ec:62:93:00:dd:cd:b4:d0:c7:e6:1f:89:
81:7a:1f:7a:70:b2:17:46:29:10:cb:c1:40:76:91:
60:47:df:3a:07:1f:44:b7:75:ff:9c:a6:df:91:dc:
50:4f:63:75:72:c7:7d:83:7f:80:45:89:ad:bf:32:
37:d3:db:7e:ad:11:a0:5a:47:08:fb:45:ba:d1:cd:
6c:90:09:6d:75:32:93:06:61:f1:94:8b:a0:0d:af:
e0:10:a8:cd:71:64:e2:79:04:60:1b:14:26:6e:c4:
ca:54:b8:16:f8:49:1b:a6:22:8a:dc:69:a3:34:8e:
4c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A5:51:1F:6C:63:92:0C:44:82:BF:31:AE:86:45:7D:57:1E:6B:CC
X509v3 Authority Key Identifier:
keyid:AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/qaVRH2xjkgxEgr8xroZFfVcea8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/r3P_HsVfSSlt1zQDn6AoTMQA6yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.177.116.0/23
194.156.235.0/24
IPv6:
2a02:7c9::/44
Signature Algorithm: sha256WithRSAEncryption
72:59:3d:36:71:51:89:56:9f:6a:48:b7:5e:94:13:0d:8e:be:
2f:70:a9:37:7c:7c:f6:03:ce:db:57:66:c0:3d:f4:20:d7:a5:
75:7a:77:1a:20:e0:5c:8d:aa:a0:ad:15:c7:58:18:45:a3:db:
08:83:e7:9e:7d:93:c4:4d:de:b2:d8:90:05:64:3f:d4:b6:3d:
4a:42:99:ef:c8:5b:b8:69:81:95:ba:2a:c5:55:fc:65:7e:bd:
fa:08:94:df:ca:fd:52:0d:d3:97:59:19:ea:a3:3f:bf:05:c3:
5e:55:0d:4d:96:30:a5:81:0d:e6:b8:aa:2a:d3:bb:bf:2b:06:
bd:b5:1a:55:5a:59:b3:27:c7:1c:99:b0:a2:73:a2:ea:0d:dd:
5e:90:15:63:10:6f:5a:4c:c7:29:5b:c5:5d:46:53:8d:7f:a5:
37:51:9c:be:a8:1f:97:d2:7a:5f:a2:9d:fb:8a:fe:e3:2a:ca:
70:88:f4:bd:e6:fb:b2:78:a2:d0:a6:d4:96:76:b3:6b:b8:92:
78:d6:43:c1:f4:d2:02:a3:45:50:91:30:f4:14:45:39:a3:39:
67:13:0b:ab:61:46:6b:c7:f0:55:35:5d:fa:61:bb:1e:6c:e8:
92:9b:4a:b2:79:fe:13:26:93:22:ac:3d:f2:08:99:f2:52:af:
1f:a5:50:6a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVzKDJOR9z7YLGkqfHNVGF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzNmZjFlYzU1ZjQ5Mjk2ZGQ3MzQwMzlmYTAyODRjYzQw
MGViMjYwHhcNMjMwMTAyMTU0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWE1NTExZjZjNjM5MjBjNDQ4MmJmMzFhZTg2NDU3ZDU3MWU2YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOD+AMna5uIHtp5cKkFX+N0A9glQ
VazT7Jl6Nl9kX8SWmY9gT9Oyiu0qA2FFfjCuI8ndI3DdnPZeldOgJPxH69RLQbXV
iPlxRjvu98a6XhgaP9bAtGtRc4YGhtxQ5plVf/L24EwhrvL/3m+7zQClebNLph1i
SngbLk0D15XxAsaH+QFRhkZ1JSLsYpMA3c200MfmH4mBeh96cLIXRikQy8FAdpFg
R986Bx9Et3X/nKbfkdxQT2N1csd9g3+ARYmtvzI309t+rRGgWkcI+0W60c1skAlt
dTKTBmHxlIugDa/gEKjNcWTieQRgGxQmbsTKVLgW+EkbpiKK3GmjNI5M9QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKmlUR9sY5IMRIK/Ma6GRX1XHmvMMB8GA1UdIwQY
MBaAFK9z/x7FX0kpbdc0A5+gKEzEAOsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNQX0hzVmZTU2x0MXpRRG42QW9UTVFBNnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jZWE1ODEtNWNkZS00NTc0LWJhMGEt
MmM2MmRlN2IzZTQ1LzEvcWFWUkgyeGprZ3hFZ3I4eHJvWkZmVmNlYTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jZWE1ODEtNWNkZS00NTc0LWJhMGEtMmM2MmRlN2IzZTQ1
LzEvcjNQX0hzVmZTU2x0MXpRRG42QW9UTVFBNnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBXrF0AwQA
wpzrMA8EAgACMAkDBwQqAgfJAAAwDQYJKoZIhvcNAQELBQADggEBAHJZPTZxUYlW
n2pIt16UEw2Ovi9wqTd8fPYDzttXZsA99CDXpXV6dxog4FyNqqCtFcdYGEWj2wiD
5559k8RN3rLYkAVkP9S2PUpCme/IW7hpgZW6KsVV/GV+vfoIlN/K/VIN05dZGeqj
P78Fw15VDU2WMKWBDea4qirTu78rBr21GlVaWbMnxxyZsKJzouoN3V6QFWMQb1pM
xylbxV1GU41/pTdRnL6oH5fSel+infuK/uMqynCI9L3m+7J4otCm1JZ2s2u4knjW
Q8H00gKjRVCRMPQURTmjOWcTC6thRmvH8FU1Xfphux5s6JKbSrJ5/hMmkyKsPfII
mfJSrx+lUGo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:06 2024 by rpki-client on console.sobornost.net