Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/qDULB6tBJzE9m5EUvSD0a7P6qDI.roa
File: qDULB6tBJzE9m5EUvSD0a7P6qDI.roa (raw, json)
Hash identifier: Raz8G9INDJhXsNQBWAYMpNIXZdgKFAOH7Q/MWU6rnvc=
Subject key identifier: A8:35:0B:07:AB:41:27:31:3D:9B:91:14:BD:20:F4:6B:B3:FA:A8:32
Certificate issuer: /CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Certificate serial: 01857139C6E94E491A508FA6D014A948AFEE
Authority key identifier: 05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/qDULB6tBJzE9m5EUvSD0a7P6qDI.roa
Signing time: Mon 02 Jan 2023 06:44:49 +0000
ROA not before: Mon 02 Jan 2023 06:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8240
IP address blocks: 185.172.24.0/22 maxlen: 22
195.80.96.0/19 maxlen: 19
213.184.32.0/19 maxlen: 19
2a02:88::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:c6:e9:4e:49:1a:50:8f:a6:d0:14:a9:48:af:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Validity
Not Before: Jan 2 06:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8350b07ab4127313d9b9114bd20f46bb3faa832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6a:96:60:b3:5d:18:7c:62:b5:84:32:44:9d:
7f:49:15:43:16:b5:ea:aa:a2:88:14:54:4c:9f:76:
2e:56:ad:c9:2e:c5:d4:60:7c:ab:59:03:ac:3e:de:
3e:bd:86:4d:ac:d2:bc:05:d1:a0:61:62:f8:87:de:
90:28:3c:cc:90:87:fe:e4:d9:bd:ab:70:c1:53:38:
d6:c4:95:8e:9c:a4:81:a0:06:12:c9:38:af:45:a1:
26:f6:d8:85:32:89:56:25:6d:89:79:e9:78:a9:4b:
59:e4:3d:4b:7f:e9:c1:4f:74:d9:95:0b:25:66:fd:
85:78:e1:17:7d:c5:b7:a1:b1:2d:5a:07:f4:85:e6:
93:02:2e:72:03:9a:76:30:c0:ca:73:e5:4b:44:31:
77:a4:7b:8f:76:99:d3:c9:08:27:1a:b0:89:3e:8e:
b0:a3:eb:af:43:95:90:45:f0:af:a2:c8:3a:c5:ee:
19:a0:85:dd:36:96:0d:69:50:48:6b:1b:7b:52:13:
80:e6:d4:6f:a1:44:8b:09:f8:d0:da:01:06:20:8e:
ad:8f:f9:7d:a4:91:ee:45:16:fe:35:a6:7e:e9:03:
80:6f:46:5d:8e:9a:76:15:b6:1b:66:3c:b2:fe:d1:
20:67:07:b1:43:71:52:4a:bd:2f:e3:63:50:63:9d:
f7:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:35:0B:07:AB:41:27:31:3D:9B:91:14:BD:20:F4:6B:B3:FA:A8:32
X509v3 Authority Key Identifier:
keyid:05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/qDULB6tBJzE9m5EUvSD0a7P6qDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/BYgfNX6maA3eUqKpv7u27UOF2Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.24.0/22
195.80.96.0/19
213.184.32.0/19
IPv6:
2a02:88::/32
Signature Algorithm: sha256WithRSAEncryption
30:66:ac:bf:1e:30:c2:cc:de:6b:d7:fa:9a:4a:eb:60:da:b7:
6c:b8:e1:46:fb:82:21:a4:1e:37:4a:36:63:00:e5:fc:f6:3b:
da:52:a9:f2:f5:a1:2f:0a:79:21:72:b8:65:85:d4:97:88:7e:
f0:91:59:fc:a7:aa:4c:b1:3f:0c:f4:80:7d:57:02:9d:2e:9d:
06:67:de:82:a8:c8:15:ed:e7:b9:65:85:35:04:ac:46:49:61:
89:54:b2:91:27:ef:ba:87:a7:0a:3c:52:2e:29:f0:3c:33:d2:
6b:6e:7f:d8:fa:7c:7d:ab:60:81:d5:6e:df:e1:f6:24:d0:58:
67:d3:24:f8:01:05:b2:01:a3:8f:c0:aa:1f:0c:30:ae:a4:c9:
8f:8f:b9:00:76:0a:05:6c:3d:43:ed:89:b3:f0:69:ef:b9:e6:
5a:7c:84:cf:05:52:26:7b:86:d2:0e:b8:30:d7:9c:d1:5d:d2:
44:e9:23:5a:9c:5e:90:2f:29:f1:a8:45:b1:08:a6:cc:fc:f9:
16:9d:07:4f:b6:b2:b3:d5:27:84:ca:65:80:25:1c:fb:16:be:
a9:e1:dc:d5:de:db:21:ec:5a:92:3e:cd:9e:a0:64:9f:0f:63:
72:cf:9f:dd:0a:1e:fd:e6:06:8b:a8:2d:ce:e4:50:06:63:47:
f2:79:14:ee
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxOcbpTkkaUI+m0BSpSK/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODgxZjM1N2VhNjY4MGRkZTUyYTJhOWJmYmJiNmVkNDM4
NWQ4ZDkwHhcNMjMwMTAyMDY0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODM1MGIwN2FiNDEyNzMxM2Q5YjkxMTRiZDIwZjQ2YmIzZmFhODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmqWYLNdGHxitYQyRJ1/SRVDFrXq
qqKIFFRMn3YuVq3JLsXUYHyrWQOsPt4+vYZNrNK8BdGgYWL4h96QKDzMkIf+5Nm9
q3DBUzjWxJWOnKSBoAYSyTivRaEm9tiFMolWJW2Jeel4qUtZ5D1Lf+nBT3TZlQsl
Zv2FeOEXfcW3obEtWgf0heaTAi5yA5p2MMDKc+VLRDF3pHuPdpnTyQgnGrCJPo6w
o+uvQ5WQRfCvosg6xe4ZoIXdNpYNaVBIaxt7UhOA5tRvoUSLCfjQ2gEGII6tj/l9
pJHuRRb+NaZ+6QOAb0Zdjpp2FbYbZjyy/tEgZwexQ3FSSr0v42NQY533SQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKg1CwerQScxPZuRFL0g9Guz+qgyMB8GA1UdIwQY
MBaAFAWIHzV+pmgN3lKiqb+7tu1DhdjZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQllnZk5YNm1hQTNlVXFLcHY3dTI3VU9GMk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9hYmMxMDMtY2U2Ni00ZmNjLThmZTEt
M2M5MWFkNGIzZTA4LzEvcURVTEI2dEJKekU5bTVFVXZTRDBhN1A2cURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9hYmMxMDMtY2U2Ni00ZmNjLThmZTEtM2M5MWFkNGIzZTA4
LzEvQllnZk5YNm1hQTNlVXFLcHY3dTI3VU9GMk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuawYAwQF
w1BgAwQF1bggMA0EAgACMAcDBQAqAgCIMA0GCSqGSIb3DQEBCwUAA4IBAQAwZqy/
HjDCzN5r1/qaSutg2rdsuOFG+4IhpB43SjZjAOX89jvaUqny9aEvCnkhcrhlhdSX
iH7wkVn8p6pMsT8M9IB9VwKdLp0GZ96CqMgV7ee5ZYU1BKxGSWGJVLKRJ++6h6cK
PFIuKfA8M9Jrbn/Y+nx9q2CB1W7f4fYk0Fhn0yT4AQWyAaOPwKofDDCupMmPj7kA
dgoFbD1D7Ymz8GnvueZafITPBVIme4bSDrgw15zRXdJE6SNanF6QLynxqEWxCKbM
/PkWnQdPtrKz1SeEymWAJRz7Fr6p4dzV3tsh7FqSPs2eoGSfD2Nyz5/dCh795gaL
qC3O5FAGY0fyeRTu
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:13 2023 by rpki-client on console.sobornost.net