Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QPAhJFRC3lAwJ8Xy1pdbNFl2tJI.roa
File: QPAhJFRC3lAwJ8Xy1pdbNFl2tJI.roa (raw, json)
Hash identifier: k4k3fvHvR4DdPrz4bPORrcP7kgiiLcD59N6ZSr4cSvw=
Subject key identifier: 40:F0:21:24:54:42:DE:50:30:27:C5:F2:D6:97:5B:34:59:76:B4:92
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B1E97F046A0D46C5EA7716F6D222B284A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QPAhJFRC3lAwJ8Xy1pdbNFl2tJI.roa
Signing time: Wed 11 Oct 2023 11:55:55 +0000
ROA not before: Wed 11 Oct 2023 11:55:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
193.124.15.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
192.124.189.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:97:f0:46:a0:d4:6c:5e:a7:71:6f:6d:22:2b:28:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 11 11:55:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40f021245442de503027c5f2d6975b345976b492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ca:03:0d:4a:02:66:df:f9:d1:65:99:d5:92:
87:24:ef:b6:e8:c1:df:1e:a5:62:b3:7f:f1:6d:74:
af:7d:43:a6:03:13:50:e1:76:3f:5c:1d:cc:4c:0f:
86:d1:4b:ad:8e:3e:46:b8:d8:95:b9:49:1e:d8:ed:
a0:04:d5:55:2c:b5:5f:2c:4f:bf:3d:d1:db:9d:bb:
a6:32:62:38:cd:c1:17:10:1a:99:37:bc:76:a3:46:
af:4d:69:d2:9a:15:a1:8c:14:6d:ea:d7:22:54:a9:
e2:11:f1:65:1e:04:1f:3d:25:e3:01:70:84:f4:58:
26:db:87:22:1c:56:d7:cf:9e:2b:25:4d:6c:f5:52:
16:43:27:72:34:e3:46:47:53:60:2e:f3:30:fc:f1:
bd:74:f9:bb:38:a3:2c:11:13:da:c7:89:c0:d9:10:
82:0a:16:53:5b:64:13:61:a4:c7:39:ea:55:e8:83:
75:10:63:4a:4c:3f:a7:b2:37:b7:95:d6:d4:a7:59:
0d:e0:3e:eb:65:a2:8a:0b:fc:7a:5d:3e:5c:32:b3:
dd:b0:04:8c:ee:43:4e:4e:45:2c:60:8e:d0:73:5f:
85:7d:81:f5:12:1a:e7:33:4f:d0:90:f1:75:d3:76:
bd:3e:9f:5b:87:93:6a:12:48:f7:2f:1f:4d:90:28:
02:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F0:21:24:54:42:DE:50:30:27:C5:F2:D6:97:5B:34:59:76:B4:92
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QPAhJFRC3lAwJ8Xy1pdbNFl2tJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.189.0/24
193.124.15.0/24
193.124.24.0/24
194.58.223.0/24
194.87.29.0/24
194.87.123.0/24
194.135.104.0/24
195.133.21.0/24
195.133.26.0/23
195.133.83.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e7:53:be:1c:de:c5:f9:86:3a:e4:bd:49:8c:8e:87:da:bd:
85:92:51:0e:35:12:c8:10:27:7e:ae:1f:4c:ec:bd:63:a5:68:
cc:0a:78:d5:45:6f:df:94:2c:96:bb:31:99:20:9d:7c:6a:50:
94:42:d3:0a:82:5c:ac:ca:47:91:fd:c7:67:43:47:14:ed:61:
cd:5e:8f:74:15:70:6d:b6:b9:4d:c6:8b:4f:86:b6:ab:27:3f:
82:35:30:be:c1:39:37:eb:89:24:98:eb:6f:21:6f:59:13:81:
d6:ad:84:64:03:2a:c2:4b:21:48:6f:de:80:d2:32:ca:1c:5b:
d7:14:e9:e1:92:7c:da:13:95:6b:60:38:35:a0:03:ac:5d:eb:
a3:b7:6c:82:6d:2b:62:88:46:a3:00:c8:2b:8c:4e:9b:bb:00:
5d:74:c2:c0:41:f9:ee:ab:53:e8:b3:6a:57:c1:99:99:4a:d3:
8a:54:30:66:35:21:40:22:b5:a3:28:55:46:76:df:0b:81:a3:
68:f7:a5:93:81:df:43:15:33:f5:b5:43:5b:04:b4:43:be:40:
a3:e1:8d:dc:e9:d2:c6:22:6e:82:83:d9:b2:37:8b:91:1b:01:
ac:d3:c8:3e:48:bd:f9:ee:c3:26:5c:ce:ea:c2:6b:23:70:1d:
3f:34:f8:41
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYsel/BGoNRsXqdxb20iKyhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDExMTE1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGYwMjEyNDU0NDJkZTUwMzAyN2M1ZjJkNjk3NWIzNDU5NzZiNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncoDDUoCZt/50WWZ1ZKHJO+26MHf
HqVis3/xbXSvfUOmAxNQ4XY/XB3MTA+G0Uutjj5GuNiVuUke2O2gBNVVLLVfLE+/
PdHbnbumMmI4zcEXEBqZN7x2o0avTWnSmhWhjBRt6tciVKniEfFlHgQfPSXjAXCE
9Fgm24ciHFbXz54rJU1s9VIWQydyNONGR1NgLvMw/PG9dPm7OKMsERPax4nA2RCC
ChZTW2QTYaTHOepV6IN1EGNKTD+nsje3ldbUp1kN4D7rZaKKC/x6XT5cMrPdsASM
7kNOTkUsYI7Qc1+FfYH1EhrnM0/QkPF103a9Pp9bh5NqEkj3Lx9NkCgCNQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEDwISRUQt5QMCfF8taXWzRZdrSSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUVBBaEpGUkMzbEF3SjhYeTFwZGJORmwydEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwHy9AwQA
wXwPAwQAwXwYAwQAwjrfAwQAwlcdAwQAwld7AwQAwodoAwQAw4UVAwQBw4UaAwQA
w4VTMA0GCSqGSIb3DQEBCwUAA4IBAQAc51O+HN7F+YY65L1JjI6H2r2FklEONRLI
ECd+rh9M7L1jpWjMCnjVRW/flCyWuzGZIJ18alCUQtMKglysykeR/cdnQ0cU7WHN
Xo90FXBttrlNxotPhrarJz+CNTC+wTk364kkmOtvIW9ZE4HWrYRkAyrCSyFIb96A
0jLKHFvXFOnhknzaE5VrYDg1oAOsXeujt2yCbStiiEajAMgrjE6buwBddMLAQfnu
q1Pos2pXwZmZStOKVDBmNSFAIrWjKFVGdt8LgaNo96WTgd9DFTP1tUNbBLRDvkCj
4Y3c6dLGIm6Cg9myN4uRGwGs08g+SL357sMmXM7qwmsjcB0/NPhB
-----END CERTIFICATE-----
Generated at Mon Oct 23 10:11:27 2023 by rpki-client on console-ams.rpki-client.org