Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/qsnXhEDiwovo6McNkzbid7cb3NA.roa
File: qsnXhEDiwovo6McNkzbid7cb3NA.roa (raw, json)
Hash identifier: RlXp52PLKy5GA7Qe5CPXEym4ZUSzNe7ndSn+4QoLZ5Y=
Subject key identifier: AA:C9:D7:84:40:E2:C2:8B:E8:E8:C7:0D:93:36:E2:77:B7:1B:DC:D0
Certificate issuer: /CN=89d3a9145973c79a3e7b95531e3d0df7d28c4a04
Certificate serial: 01856C4A784CF37062DA7D73E6F3C809BE64
Authority key identifier: 89:D3:A9:14:59:73:C7:9A:3E:7B:95:53:1E:3D:0D:F7:D2:8C:4A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idOpFFlzx5o-e5VTHj0N99KMSgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/qsnXhEDiwovo6McNkzbid7cb3NA.roa
Signing time: Sun 01 Jan 2023 07:44:57 +0000
ROA not before: Sun 01 Jan 2023 07:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61124
IP address blocks: 185.13.188.0/22 maxlen: 22
85.193.144.0/20 maxlen: 20
148.252.32.0/19 maxlen: 19
176.123.32.0/20 maxlen: 20
2a03:3ec0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:78:4c:f3:70:62:da:7d:73:e6:f3:c8:09:be:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89d3a9145973c79a3e7b95531e3d0df7d28c4a04
Validity
Not Before: Jan 1 07:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aac9d78440e2c28be8e8c70d9336e277b71bdcd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a7:cc:94:8a:bb:26:2f:ba:31:88:e1:ef:9e:
60:72:e3:82:e9:97:3a:04:87:74:45:d7:97:03:a4:
cd:35:9e:17:d3:b6:29:6f:54:b2:a9:f8:ef:07:f8:
83:7b:33:0f:3c:9b:5e:0d:b4:5d:52:04:50:4c:04:
d5:76:6a:af:35:55:bc:65:43:68:be:2f:4c:27:5a:
c3:9a:47:dd:34:b1:5b:64:7a:5d:a9:ca:6b:3d:3e:
d3:87:ed:1f:fd:9c:6f:b9:46:bb:21:f3:86:24:01:
e8:52:65:e6:29:53:94:03:ed:a8:67:27:a1:97:cd:
ce:fa:75:9f:96:28:06:f5:3e:45:95:c3:67:94:bf:
58:14:ca:b1:57:4b:cb:53:11:4f:9e:4c:87:d5:d1:
53:ea:5f:fd:16:10:40:c3:9c:91:af:ef:1d:9c:af:
f7:35:75:e9:2c:71:8f:ea:9b:9b:7d:23:2b:96:61:
42:1b:3d:1d:f7:1b:ea:2b:a0:6c:b7:26:33:74:a8:
10:f8:f3:d6:d0:05:87:c4:cc:7f:37:7e:5f:8b:af:
cf:e3:59:a8:01:61:84:05:4e:79:1c:f8:dc:e8:ab:
02:e2:29:73:65:8f:68:78:98:1b:00:b5:d4:de:41:
be:7a:cf:1f:ef:2c:7c:ad:93:1e:9c:fe:7a:1f:74:
6e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C9:D7:84:40:E2:C2:8B:E8:E8:C7:0D:93:36:E2:77:B7:1B:DC:D0
X509v3 Authority Key Identifier:
keyid:89:D3:A9:14:59:73:C7:9A:3E:7B:95:53:1E:3D:0D:F7:D2:8C:4A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idOpFFlzx5o-e5VTHj0N99KMSgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/qsnXhEDiwovo6McNkzbid7cb3NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/8c0f0c-19c7-4eaf-96f5-7d40c11a9500/1/idOpFFlzx5o-e5VTHj0N99KMSgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.193.144.0/20
148.252.32.0/19
176.123.32.0/20
185.13.188.0/22
IPv6:
2a03:3ec0::/32
Signature Algorithm: sha256WithRSAEncryption
29:bb:8c:90:0e:34:27:2a:a5:9c:67:30:06:fe:11:af:ea:f0:
d5:d4:c7:5e:18:5b:41:54:fe:90:a3:8b:e8:c6:81:88:15:b6:
99:85:44:1e:3b:07:fa:4a:3b:d3:cf:55:11:c4:fa:5b:45:ca:
3a:bc:1b:3f:5e:5c:cb:15:92:8f:4b:6f:a4:9e:13:4c:0e:ad:
e4:23:6e:18:ac:ff:1f:15:89:26:38:ed:08:8c:08:88:3f:6f:
f9:01:48:6b:83:06:26:74:c2:dc:fd:ce:1c:db:d5:64:ec:6d:
c8:6c:8d:21:0a:9b:47:3b:07:e0:a7:64:64:d7:ea:ce:ab:28:
61:45:fb:38:d2:1b:7e:78:28:06:13:52:d5:be:7d:c2:47:bf:
fe:15:37:cf:48:22:23:a2:f0:ce:ee:8c:e4:c0:9b:88:b9:f8:
2f:0c:58:6a:c6:70:9f:0d:97:b2:c1:04:10:76:94:bb:e7:e1:
56:a6:94:84:8b:b2:33:ea:d5:1f:3d:65:0a:47:3d:47:6c:ae:
a8:60:8c:91:b1:90:8c:3a:15:13:86:93:80:ce:6e:e7:bb:e8:
f7:b9:a2:0e:dc:49:2a:8f:67:3b:e9:a8:71:e5:d0:6c:47:04:
83:70:ee:cd:2e:eb:b4:11:5f:94:c0:a2:75:21:4f:8d:87:69:
c7:01:11:d5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsSnhM83Bi2n1z5vPICb5kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDNhOTE0NTk3M2M3OWEzZTdiOTU1MzFlM2QwZGY3ZDI4
YzRhMDQwHhcNMjMwMTAxMDc0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWM5ZDc4NDQwZTJjMjhiZThlOGM3MGQ5MzM2ZTI3N2I3MWJkY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqfMlIq7Ji+6MYjh755gcuOC6Zc6
BId0RdeXA6TNNZ4X07Ypb1SyqfjvB/iDezMPPJteDbRdUgRQTATVdmqvNVW8ZUNo
vi9MJ1rDmkfdNLFbZHpdqcprPT7Th+0f/ZxvuUa7IfOGJAHoUmXmKVOUA+2oZyeh
l83O+nWfligG9T5FlcNnlL9YFMqxV0vLUxFPnkyH1dFT6l/9FhBAw5yRr+8dnK/3
NXXpLHGP6pubfSMrlmFCGz0d9xvqK6BstyYzdKgQ+PPW0AWHxMx/N35fi6/P41mo
AWGEBU55HPjc6KsC4ilzZY9oeJgbALXU3kG+es8f7yx8rZMenP56H3RuNQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKrJ14RA4sKL6OjHDZM24ne3G9zQMB8GA1UdIwQY
MBaAFInTqRRZc8eaPnuVUx49DffSjEoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRPcEZGbHp4NW8tZTVWVEhqME45OUtNU2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi84YzBmMGMtMTljNy00ZWFmLTk2ZjUt
N2Q0MGMxMWE5NTAwLzEvcXNuWGhFRGl3b3ZvNk1jTmt6YmlkN2NiM05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi84YzBmMGMtMTljNy00ZWFmLTk2ZjUtN2Q0MGMxMWE5NTAw
LzEvaWRPcEZGbHp4NW8tZTVWVEhqME45OUtNU2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEVcGQAwQF
lPwgAwQEsHsgAwQCuQ28MA0EAgACMAcDBQAqAz7AMA0GCSqGSIb3DQEBCwUAA4IB
AQApu4yQDjQnKqWcZzAG/hGv6vDV1MdeGFtBVP6Qo4voxoGIFbaZhUQeOwf6SjvT
z1URxPpbRco6vBs/XlzLFZKPS2+knhNMDq3kI24YrP8fFYkmOO0IjAiIP2/5AUhr
gwYmdMLc/c4c29Vk7G3IbI0hCptHOwfgp2Rk1+rOqyhhRfs40ht+eCgGE1LVvn3C
R7/+FTfPSCIjovDO7ozkwJuIufgvDFhqxnCfDZeywQQQdpS75+FWppSEi7Iz6tUf
PWUKRz1HbK6oYIyRsZCMOhUThpOAzm7nu+j3uaIO3Ekqj2c76ahx5dBsRwSDcO7N
Luu0EV+UwKJ1IU+Nh2nHARHV
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:09 2024 by rpki-client on console.sobornost.net