Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QZPn4sPzFbruJ1E5sdjaWrLar_M.roa
File: QZPn4sPzFbruJ1E5sdjaWrLar_M.roa (raw, json)
Hash identifier: wm/opYwu10wZvbceMuu9IDRUZQ9xwmrzg7DEYm3agy8=
Subject key identifier: 41:93:E7:E2:C3:F3:15:BA:EE:27:51:39:B1:D8:DA:5A:B2:DA:AF:F3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66ED41CC05F112D7592DF2DAD202D2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QZPn4sPzFbruJ1E5sdjaWrLar_M.roa
Signing time: Sun 01 Jan 2023 22:14:54 +0000
ROA not before: Sun 01 Jan 2023 22:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 193.124.4.0/24 maxlen: 24
195.133.73.0/24 maxlen: 24
193.124.125.0/24 maxlen: 24
193.124.47.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:ed:41:cc:05:f1:12:d7:59:2d:f2:da:d2:02:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4193e7e2c3f315baee275139b1d8da5ab2daaff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:53:c5:06:68:3c:8e:b1:8b:01:12:6b:83:55:
14:4f:8b:c0:bd:2e:05:c0:7f:58:89:0d:98:a7:78:
c6:4f:cd:d0:89:10:8c:6d:ab:4a:e4:4d:f1:9f:e2:
77:cd:54:e6:30:90:10:94:3f:81:52:4a:99:c7:62:
41:d2:9e:6f:37:40:49:ec:8f:a6:7f:b7:98:52:2c:
80:82:ed:9f:d9:e4:48:9b:b1:63:9a:d3:94:67:61:
89:26:9f:83:b0:ca:8e:07:36:91:ab:86:89:1f:bd:
fe:10:e6:26:b5:c6:e0:b0:39:9e:71:30:61:cb:06:
e4:63:95:72:91:bf:a5:1d:71:9e:8d:a3:bc:8e:19:
ef:7f:97:f4:07:b9:a9:61:f6:ea:17:02:72:85:70:
98:ab:80:92:63:da:9e:da:22:fd:be:19:27:c9:7e:
74:a8:64:ea:0f:e8:f5:27:25:2a:66:ee:24:f9:88:
c3:8b:85:fb:03:aa:22:4f:f3:9a:01:b0:6a:1e:90:
b3:86:94:38:37:7e:3b:b9:1b:29:67:82:a7:82:b3:
e1:2d:01:82:72:ec:40:5c:fd:1e:ba:59:59:99:9e:
1b:fb:3b:9b:de:36:3d:49:77:1e:80:55:26:65:f9:
c7:c4:3f:8e:ab:32:88:95:0b:7a:cc:49:91:ba:4a:
e8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:93:E7:E2:C3:F3:15:BA:EE:27:51:39:B1:D8:DA:5A:B2:DA:AF:F3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QZPn4sPzFbruJ1E5sdjaWrLar_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.4.0/24
193.124.47.0/24
193.124.125.0/24
194.87.37.0/24
194.87.162.0/24
195.58.63.0/24
195.133.73.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:9b:84:c6:0f:bb:ea:e0:60:61:d2:20:2a:96:f4:13:69:07:
cb:ff:72:45:94:54:14:07:86:98:6d:85:a9:9e:9c:e0:db:c6:
dc:11:b9:33:f0:c8:4a:6d:b6:f9:b6:a4:e7:d4:07:b6:7c:f2:
ad:a0:92:3e:92:e7:b1:07:50:cd:c0:2b:01:f7:a9:47:64:4e:
e9:e7:39:41:53:55:6f:ae:94:3a:86:5c:4a:2b:72:64:d5:7c:
3b:9c:78:01:c5:a1:81:15:d6:7e:38:37:a8:38:9a:c7:9f:4b:
4a:14:6e:e1:61:9b:d9:b6:0e:8d:e6:1a:28:a7:a8:8a:a7:b7:
82:b6:e9:bf:dc:9a:0f:3b:0c:74:a6:4d:17:1c:4e:76:ba:b5:
eb:d1:9c:d2:9c:76:bb:28:18:18:00:91:42:56:d6:88:a8:91:
39:5f:83:ff:a3:40:19:fb:1d:ec:65:a2:ad:20:78:28:f2:78:
89:5a:d3:9a:de:48:57:43:d7:b3:b8:fc:42:5e:48:95:06:cb:
3d:6c:27:67:e3:f4:94:53:45:81:d5:78:8b:0f:ef:7f:2d:97:
d4:68:68:84:03:0d:e1:f7:83:12:b8:a8:d1:ee:7b:3b:1d:9c:
d1:16:0a:a3:9b:b5:49:47:ed:59:5c:d1:1c:b6:80:e8:29:34:
23:d3:14:73
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVvZu1BzAXxEtdZLfLa0gLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTkzZTdlMmMzZjMxNWJhZWUyNzUxMzliMWQ4ZGE1YWIyZGFhZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVPFBmg8jrGLARJrg1UUT4vAvS4F
wH9YiQ2Yp3jGT83QiRCMbatK5E3xn+J3zVTmMJAQlD+BUkqZx2JB0p5vN0BJ7I+m
f7eYUiyAgu2f2eRIm7FjmtOUZ2GJJp+DsMqOBzaRq4aJH73+EOYmtcbgsDmecTBh
ywbkY5Vykb+lHXGejaO8jhnvf5f0B7mpYfbqFwJyhXCYq4CSY9qe2iL9vhknyX50
qGTqD+j1JyUqZu4k+YjDi4X7A6oiT/OaAbBqHpCzhpQ4N347uRspZ4KngrPhLQGC
cuxAXP0eullZmZ4b+zub3jY9SXcegFUmZfnHxD+OqzKIlQt6zEmRukroBwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEGT5+LD8xW67idRObHY2lqy2q/zMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUVpQbjRzUHpGYnJ1SjFFNXNkamFXckxhcl9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwEAwQA
wXwvAwQAwXx9AwQAwlclAwQAwleiAwQAwzo/AwQAw4VJMA0GCSqGSIb3DQEBCwUA
A4IBAQB9m4TGD7vq4GBh0iAqlvQTaQfL/3JFlFQUB4aYbYWpnpzg28bcEbkz8MhK
bbb5tqTn1Ae2fPKtoJI+kuexB1DNwCsB96lHZE7p5zlBU1VvrpQ6hlxKK3Jk1Xw7
nHgBxaGBFdZ+ODeoOJrHn0tKFG7hYZvZtg6N5hoop6iKp7eCtum/3JoPOwx0pk0X
HE52urXr0ZzSnHa7KBgYAJFCVtaIqJE5X4P/o0AZ+x3sZaKtIHgo8niJWtOa3khX
Q9ezuPxCXkiVBss9bCdn4/SUU0WB1XiLD+9/LZfUaGiEAw3h94MSuKjR7ns7HZzR
Fgqjm7VJR+1ZXNEctoDoKTQj0xRz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org