Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/QFRiZbSjfvqYNE66eDqVgpw0Xok.roa
File: QFRiZbSjfvqYNE66eDqVgpw0Xok.roa (raw, json)
Hash identifier: Tk1vea3C5Kmja/zWM2Y217Ck6kiWREo2VSu1w0TL7ws=
Subject key identifier: 40:54:62:65:B4:A3:7E:FA:98:34:4E:BA:78:3A:95:82:9C:34:5E:89
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018570CBFD95162FFA1E70207B025166DAF0
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/QFRiZbSjfvqYNE66eDqVgpw0Xok.roa
Signing time: Mon 02 Jan 2023 04:44:54 +0000
ROA not before: Mon 02 Jan 2023 04:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60057
IP address blocks: 178.250.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 09:09:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:fd:95:16:2f:fa:1e:70:20:7b:02:51:66:da:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jan 2 04:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40546265b4a37efa98344eba783a95829c345e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a8:0e:ce:0f:9d:c4:6f:17:58:64:b9:50:93:
ae:9b:cd:83:c3:fb:d7:18:b7:27:b4:47:a2:a2:9c:
10:eb:02:bf:ad:77:9f:b1:2e:00:8d:be:ce:bd:39:
87:b9:30:6c:9a:fa:32:a7:91:58:b2:b5:6a:c9:6d:
8a:53:6e:65:7b:f7:d7:df:e0:5a:5a:1a:46:b8:0d:
69:f0:9e:2c:f1:f9:b3:b8:c0:9c:47:44:aa:a9:7a:
d0:93:f9:b2:24:3e:c5:03:73:a2:13:79:ec:88:66:
06:cc:68:cc:75:2f:8b:9d:87:a8:05:af:d5:fe:bd:
72:4c:17:3f:7b:5f:ac:c4:dd:fa:72:ca:08:34:70:
0b:ef:5a:ad:d2:ec:a9:be:73:24:ad:c3:ec:be:2d:
96:93:88:82:4b:51:26:64:89:68:fe:99:e4:7a:86:
c6:c3:37:3d:58:c9:3d:6a:ef:b3:f2:40:2d:5e:5e:
80:1b:a9:55:8f:9d:b2:26:c1:dc:84:af:26:eb:7d:
15:8d:74:09:f3:5c:9a:c5:69:ff:7e:ee:79:78:72:
e5:42:da:cd:85:cb:67:43:50:d5:92:aa:0e:d3:29:
a4:00:f4:34:3b:d3:fd:99:24:8f:3f:b7:44:49:b9:
57:16:79:15:98:09:21:41:a3:27:77:56:4f:70:1a:
26:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:54:62:65:B4:A3:7E:FA:98:34:4E:BA:78:3A:95:82:9C:34:5E:89
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/QFRiZbSjfvqYNE66eDqVgpw0Xok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.189.0/24
Signature Algorithm: sha256WithRSAEncryption
44:df:8d:e4:09:11:fd:23:31:ac:83:e3:6c:ca:80:f4:3c:61:
77:85:ab:7d:e5:6d:38:52:87:0b:78:24:c3:82:a0:6c:d6:97:
ed:d6:e5:6c:09:07:10:12:64:81:11:b6:c9:c4:3a:1e:23:96:
c3:3a:e2:8f:32:01:c7:a7:0e:df:ef:6c:dd:4b:7d:43:e6:ed:
7d:b9:a8:dd:38:75:cf:80:cd:c2:d0:e9:07:86:65:37:8b:ab:
24:61:15:d8:fa:1c:34:5d:21:29:e6:47:1d:03:6e:e4:c1:02:
0a:14:2a:c9:07:70:ce:6e:c4:ab:45:37:24:84:02:b3:e6:d4:
2e:4a:fb:55:9c:ce:b6:9b:43:c4:3f:29:b7:22:08:40:5a:c7:
98:69:a2:85:db:fa:75:5a:f0:19:b5:47:f7:95:43:47:cd:7d:
a5:75:f2:4f:ff:02:13:83:80:d6:fb:f2:d8:3f:55:c8:94:a5:
b7:a5:39:1b:1c:c8:2f:f0:02:85:7e:fe:28:26:40:02:02:6a:
2f:6b:a1:7a:16:07:85:d2:9b:55:f2:11:a1:4b:eb:49:07:f7:
84:a7:1d:73:35:81:37:a1:82:f4:89:fb:29:87:58:50:bf:82:
d5:00:92:4b:17:e5:1d:1d:f7:b3:2d:4b:96:f1:ca:50:df:77:
5a:34:05:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy/2VFi/6HnAgewJRZtrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjMwMTAyMDQ0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDU0NjI2NWI0YTM3ZWZhOTgzNDRlYmE3ODNhOTU4MjljMzQ1ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqgOzg+dxG8XWGS5UJOum82Dw/vX
GLcntEeiopwQ6wK/rXefsS4Ajb7OvTmHuTBsmvoyp5FYsrVqyW2KU25le/fX3+Ba
WhpGuA1p8J4s8fmzuMCcR0SqqXrQk/myJD7FA3OiE3nsiGYGzGjMdS+LnYeoBa/V
/r1yTBc/e1+sxN36csoINHAL71qt0uypvnMkrcPsvi2Wk4iCS1EmZIlo/pnkeobG
wzc9WMk9au+z8kAtXl6AG6lVj52yJsHchK8m630VjXQJ81yaxWn/fu55eHLlQtrN
hctnQ1DVkqoO0ymkAPQ0O9P9mSSPP7dESblXFnkVmAkhQaMnd1ZPcBomGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBUYmW0o376mDROung6lYKcNF6JMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvUUZSaVpiU2pmdnFZTkU2NmVEcVZncHcwWG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvq9MA0G
CSqGSIb3DQEBCwUAA4IBAQBE343kCRH9IzGsg+NsyoD0PGF3hat95W04UocLeCTD
gqBs1pft1uVsCQcQEmSBEbbJxDoeI5bDOuKPMgHHpw7f72zdS31D5u19uajdOHXP
gM3C0OkHhmU3i6skYRXY+hw0XSEp5kcdA27kwQIKFCrJB3DObsSrRTckhAKz5tQu
SvtVnM62m0PEPym3IghAWseYaaKF2/p1WvAZtUf3lUNHzX2ldfJP/wITg4DW+/LY
P1XIlKW3pTkbHMgv8AKFfv4oJkACAmova6F6FgeF0ptV8hGhS+tJB/eEpx1zNYE3
oYL0ifsph1hQv4LVAJJLF+UdHfezLUuW8cpQ33daNAUk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:33 2024 by rpki-client on console-fra.rpki-client.org