Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/DqruZ3GmPMfe0x6UgJ8flx2BHMI.roa
File: DqruZ3GmPMfe0x6UgJ8flx2BHMI.roa (raw, json)
Hash identifier: 3NvDOqO7nXs09l7a/R/A51gRp0uMNLHtAWAsXvIHftY=
Subject key identifier: 0E:AA:EE:67:71:A6:3C:C7:DE:D3:1E:94:80:9F:1F:97:1D:81:1C:C2
Certificate issuer: /CN=1ea0a9eb47d824b51f154442481a257168394551
Certificate serial: 018570026FA0B61A551C2F10854FF85E0E3A
Authority key identifier: 1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/DqruZ3GmPMfe0x6UgJ8flx2BHMI.roa
Signing time: Mon 02 Jan 2023 01:04:45 +0000
ROA not before: Mon 02 Jan 2023 01:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41044
IP address blocks: 217.113.192.0/20 maxlen: 20
194.24.228.0/23 maxlen: 23
194.24.228.0/24 maxlen: 24
194.24.229.0/24 maxlen: 24
217.113.204.0/24 maxlen: 24
217.113.205.0/24 maxlen: 24
217.113.206.0/24 maxlen: 24
217.113.207.0/24 maxlen: 24
2a11:fac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:6f:a0:b6:1a:55:1c:2f:10:85:4f:f8:5e:0e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea0a9eb47d824b51f154442481a257168394551
Validity
Not Before: Jan 2 01:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0eaaee6771a63cc7ded31e94809f1f971d811cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bc:80:25:b6:05:63:f2:e7:20:72:6b:13:40:
3c:ad:f7:d9:95:63:9a:0b:f2:ff:19:97:59:ba:f4:
87:d3:d9:d2:6b:4e:cc:79:e0:c8:f1:3f:9a:40:16:
4f:e8:2c:b6:ed:41:09:15:74:dd:98:32:0f:37:d7:
c3:de:5a:55:90:6a:ce:95:62:cd:8f:7b:d2:0f:45:
46:ed:6b:9a:09:c4:b9:25:10:e9:ac:b7:da:af:6e:
ad:f0:62:2a:66:26:e9:e6:36:e2:45:2a:d2:07:df:
dc:48:d9:e8:ac:95:0b:65:10:93:a0:cd:57:32:34:
7a:6a:16:26:1d:c0:4b:6f:01:a7:90:8f:81:24:1a:
a3:30:80:df:b6:7f:10:f5:b4:cf:02:49:c3:06:dc:
82:99:ad:20:24:41:c7:7e:b9:33:1f:5c:b2:23:62:
02:43:ba:58:72:a1:21:f2:f5:71:7d:64:c7:fa:41:
a0:a1:c0:87:6b:82:3b:21:54:52:7a:4c:e2:e1:9d:
03:ec:ef:56:ac:7a:e4:d9:b5:8f:23:f8:f1:49:47:
e0:25:28:00:7e:15:ef:d5:75:08:87:6e:17:84:44:
bf:db:bd:83:87:f8:36:c5:86:72:41:0f:e6:9e:8b:
db:f5:dc:66:ed:1c:7d:74:86:44:63:92:a6:a3:63:
d6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AA:EE:67:71:A6:3C:C7:DE:D3:1E:94:80:9F:1F:97:1D:81:1C:C2
X509v3 Authority Key Identifier:
keyid:1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/DqruZ3GmPMfe0x6UgJ8flx2BHMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/HqCp60fYJLUfFURCSBolcWg5RVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.228.0/23
217.113.192.0/20
IPv6:
2a11:fac0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:c6:d6:0d:8e:39:41:f1:55:11:8f:bb:fd:3c:24:b9:e3:21:
45:79:98:a9:f7:02:95:6a:62:31:30:83:32:f3:7e:8b:f8:1a:
82:35:f7:8f:6f:9e:f6:e7:27:50:2a:da:1d:03:eb:f2:fc:30:
6d:26:b5:34:7a:54:bf:91:b9:3b:a9:1c:27:c8:db:ed:6a:03:
e0:73:8f:1f:f8:b0:63:92:61:93:40:be:5a:e4:7c:85:70:60:
17:3c:b1:9a:1d:91:c8:b3:70:77:76:cf:99:01:02:68:f0:19:
5f:91:46:5c:aa:eb:b6:3e:b4:3d:c9:a2:e8:b1:ef:ca:fb:cb:
f6:44:5f:ef:20:04:1e:a8:ef:6b:22:f3:89:e6:43:74:4c:3f:
cc:9c:c2:2c:37:c8:34:b0:5e:1a:e2:91:60:91:e3:34:a8:1b:
84:89:af:c6:00:39:a9:81:ef:09:85:6f:14:6e:0a:7e:93:a3:
c7:ad:4a:ea:f1:0a:ea:80:0d:cd:ec:f9:4a:e6:de:7a:81:e4:
50:e3:5f:86:ea:f8:89:cf:29:09:5d:51:81:3b:52:b3:5c:79:
dc:ce:aa:dc:7c:e3:98:13:9c:ce:5f:1f:47:24:15:a0:82:a2:
64:95:c4:06:09:70:48:e3:c5:f6:a3:e5:88:2d:cb:d5:12:5a:
ee:d0:8b:3a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwAm+gthpVHC8QhU/4Xg46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTBhOWViNDdkODI0YjUxZjE1NDQ0MjQ4MWEyNTcxNjgz
OTQ1NTEwHhcNMjMwMTAyMDEwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWFhZWU2NzcxYTYzY2M3ZGVkMzFlOTQ4MDlmMWY5NzFkODExY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkryAJbYFY/LnIHJrE0A8rffZlWOa
C/L/GZdZuvSH09nSa07MeeDI8T+aQBZP6Cy27UEJFXTdmDIPN9fD3lpVkGrOlWLN
j3vSD0VG7WuaCcS5JRDprLfar26t8GIqZibp5jbiRSrSB9/cSNnorJULZRCToM1X
MjR6ahYmHcBLbwGnkI+BJBqjMIDftn8Q9bTPAknDBtyCma0gJEHHfrkzH1yyI2IC
Q7pYcqEh8vVxfWTH+kGgocCHa4I7IVRSekzi4Z0D7O9WrHrk2bWPI/jxSUfgJSgA
fhXv1XUIh24XhES/272Dh/g2xYZyQQ/mnovb9dxm7Rx9dIZEY5Kmo2PWHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA6q7mdxpjzH3tMelICfH5cdgRzCMB8GA1UdIwQY
MBaAFB6gqetH2CS1HxVEQkgaJXFoOUVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzkt
ODQxOGE5NmY2Nzk1LzEvRHFydVozR21QTWZlMHg2VWdKOGZseDJCSE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzktODQxOGE5NmY2Nzk1
LzEvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwhjkAwQE
2XHAMA0EAgACMAcDBQMqEfrAMA0GCSqGSIb3DQEBCwUAA4IBAQCLxtYNjjlB8VUR
j7v9PCS54yFFeZip9wKVamIxMIMy836L+BqCNfePb5725ydQKtodA+vy/DBtJrU0
elS/kbk7qRwnyNvtagPgc48f+LBjkmGTQL5a5HyFcGAXPLGaHZHIs3B3ds+ZAQJo
8BlfkUZcquu2PrQ9yaLose/K+8v2RF/vIAQeqO9rIvOJ5kN0TD/MnMIsN8g0sF4a
4pFgkeM0qBuEia/GADmpge8JhW8Ubgp+k6PHrUrq8QrqgA3N7PlK5t56geRQ41+G
6viJzykJXVGBO1KzXHnczqrcfOOYE5zOXx9HJBWggqJklcQGCXBI48X2o+WILcvV
Elru0Is6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org