Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/QgZCzZXf8vtEG0-Im6s1_ggDsPY.roa
File: QgZCzZXf8vtEG0-Im6s1_ggDsPY.roa (raw, json)
Hash identifier: CcWM+r0PceUwDUnoUQOpR9/NboEXKc5wod3Y3TLCcqg=
Subject key identifier: 42:06:42:CD:95:DF:F2:FB:44:1B:4F:88:9B:AB:35:FE:08:03:B0:F6
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB856583244382E9AF051A1C5BFE965
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/QgZCzZXf8vtEG0-Im6s1_ggDsPY.roa
Signing time: Sun 01 Jan 2023 09:44:58 +0000
ROA not before: Sun 01 Jan 2023 09:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199233
IP address blocks: 194.2.131.0/24 maxlen: 24
194.2.130.0/23 maxlen: 24
90.85.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:56:58:32:44:38:2e:9a:f0:51:a1:c5:bf:e9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=420642cd95dff2fb441b4f889bab35fe0803b0f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b3:33:0e:a1:ae:95:e8:fa:ed:35:eb:72:f7:
75:3e:da:d0:37:52:47:ff:e4:c9:ac:f0:81:f3:6f:
b7:13:6e:de:08:fa:d1:63:85:f6:ae:1e:3e:e6:2a:
a4:e4:d4:53:a6:f2:05:54:80:3b:f8:c1:da:83:8d:
ff:a3:87:d9:64:4b:92:41:50:d0:5e:63:0c:56:2f:
0a:38:bf:05:f0:09:48:54:70:a6:e3:35:8c:0f:76:
95:e1:d3:0c:19:02:42:dd:fe:a0:43:2f:e1:b9:5c:
98:91:04:df:fd:fe:ea:03:1b:18:c7:02:be:87:24:
5d:9a:f6:8a:42:6c:9b:bf:82:eb:59:bd:3c:6b:65:
56:8c:7d:b8:84:a0:db:b1:52:5b:1c:7c:2c:a1:14:
2b:1d:88:15:86:d6:6e:07:b5:fd:32:93:c6:5e:af:
86:20:95:e1:17:84:cd:22:d3:5d:a8:b3:85:a2:f7:
92:aa:bc:e5:52:bc:44:0e:d5:79:2e:19:73:2e:27:
13:88:02:0e:2b:4f:ec:c7:3c:8f:44:28:4f:8f:9d:
ea:32:a8:e2:f6:8a:74:1e:10:cd:6d:56:c2:32:93:
90:a7:93:3c:56:8e:f4:21:64:6c:09:25:04:2c:e4:
aa:3f:34:96:a2:a9:d9:99:32:a7:20:ec:b8:1d:97:
85:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:06:42:CD:95:DF:F2:FB:44:1B:4F:88:9B:AB:35:FE:08:03:B0:F6
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/QgZCzZXf8vtEG0-Im6s1_ggDsPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.85.39.0/24
194.2.130.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:31:20:e9:9a:0d:f5:6e:5a:10:2d:0c:b1:6f:41:cb:7c:88:
78:ed:19:69:0a:89:a1:06:cd:ad:a7:e8:e5:27:39:99:02:67:
6b:e0:c0:06:35:ba:ca:59:da:81:85:af:9a:93:85:23:9c:5e:
c7:da:81:9e:0e:2c:7b:a4:da:58:73:60:e2:47:de:82:d6:13:
f0:a7:5b:0c:0a:a1:b0:6a:f5:bb:37:e5:17:79:a9:52:5b:f6:
6b:37:ca:43:89:69:95:90:73:8f:bb:c7:f9:d2:22:47:d4:e4:
f2:cb:50:ae:2a:a2:b3:26:75:4a:eb:3d:f4:4e:69:48:1b:42:
6a:d2:a9:a5:ff:6f:e5:9b:7a:04:9f:ea:b3:83:1f:b7:66:dd:
21:c9:06:ee:47:49:ac:e0:78:4f:2a:ee:51:e0:f1:0d:c4:ac:
5b:72:b3:e8:10:61:3b:90:c1:e1:85:6c:9d:78:8e:95:9c:21:
92:e6:e5:0e:32:5f:36:1d:43:92:e8:c9:a5:13:3c:e0:a4:7d:
ab:b3:58:22:4d:98:d8:d8:c4:4a:71:a3:02:5c:0b:06:33:cb:
ed:02:77:2d:51:13:6f:ec:f0:33:a0:a3:9b:f8:4b:b9:10:75:
92:86:71:9e:15:43:58:66:2d:97:ec:6b:18:6a:40:7d:dd:2a:
21:98:45:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsuFZYMkQ4LprwUaHFv+llMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA2NDJjZDk1ZGZmMmZiNDQxYjRmODg5YmFiMzVmZTA4MDNiMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrMzDqGulej67TXrcvd1PtrQN1JH
/+TJrPCB82+3E27eCPrRY4X2rh4+5iqk5NRTpvIFVIA7+MHag43/o4fZZEuSQVDQ
XmMMVi8KOL8F8AlIVHCm4zWMD3aV4dMMGQJC3f6gQy/huVyYkQTf/f7qAxsYxwK+
hyRdmvaKQmybv4LrWb08a2VWjH24hKDbsVJbHHwsoRQrHYgVhtZuB7X9MpPGXq+G
IJXhF4TNItNdqLOFoveSqrzlUrxEDtV5LhlzLicTiAIOK0/sxzyPRChPj53qMqji
9op0HhDNbVbCMpOQp5M8Vo70IWRsCSUELOSqPzSWoqnZmTKnIOy4HZeF9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEIGQs2V3/L7RBtPiJurNf4IA7D2MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvUWdaQ3paWGY4dnRFRzAtSW02czFfZ2dEc1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWlUnAwQB
wgKCMA0GCSqGSIb3DQEBCwUAA4IBAQBLMSDpmg31bloQLQyxb0HLfIh47RlpComh
Bs2tp+jlJzmZAmdr4MAGNbrKWdqBha+ak4UjnF7H2oGeDix7pNpYc2DiR96C1hPw
p1sMCqGwavW7N+UXealSW/ZrN8pDiWmVkHOPu8f50iJH1OTyy1CuKqKzJnVK6z30
TmlIG0Jq0qml/2/lm3oEn+qzgx+3Zt0hyQbuR0ms4HhPKu5R4PENxKxbcrPoEGE7
kMHhhWydeI6VnCGS5uUOMl82HUOS6MmlEzzgpH2rs1giTZjY2MRKcaMCXAsGM8vt
AnctURNv7PAzoKOb+Eu5EHWShnGeFUNYZi2X7GsYakB93SohmEUp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org