Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QmgrM0zOVtmNZG-59VHXdEVQv6c.roa
File: QmgrM0zOVtmNZG-59VHXdEVQv6c.roa (raw, json)
Hash identifier: bm8wX4Nlc5LsTcpI39gmcAW1jm0OEyhG26XP/peicNQ=
Subject key identifier: 42:68:2B:33:4C:CE:56:D9:8D:64:6F:B9:F5:51:D7:74:45:50:BF:A7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01895E197A73432E70A772B3AB2A89D32733
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QmgrM0zOVtmNZG-59VHXdEVQv6c.roa
Signing time: Sun 16 Jul 2023 09:47:55 +0000
ROA not before: Sun 16 Jul 2023 09:47:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41944
IP address blocks: 195.133.94.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:5e:19:7a:73:43:2e:70:a7:72:b3:ab:2a:89:d3:27:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 16 09:47:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42682b334cce56d98d646fb9f551d7744550bfa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:37:67:66:80:10:e4:98:5d:85:17:d2:61:02:
b0:91:47:23:b3:a5:10:ff:31:9b:4c:c1:70:c6:29:
e8:53:bc:98:bd:4c:4e:75:05:e3:fa:0d:9b:de:1c:
57:82:88:15:9f:c3:38:55:a7:f8:1d:66:47:fb:9f:
91:55:01:ef:7c:4a:d1:16:b6:d6:c3:70:cd:f9:3b:
66:2a:4e:4f:9f:86:cd:19:8b:e4:c6:d4:79:10:a6:
62:dd:ab:30:be:6e:98:df:2d:bf:bd:57:cd:4f:30:
6e:bc:46:6e:39:52:b9:95:fc:37:09:91:6e:6c:76:
55:76:42:a6:04:eb:71:78:f2:17:d2:c3:47:37:ca:
6a:09:21:4f:35:41:06:2c:d3:12:61:c1:d1:54:1b:
be:98:d8:ab:79:88:27:bf:46:47:67:1c:1a:ae:2a:
eb:2d:dc:66:27:c1:5e:38:99:60:ee:e2:33:99:9b:
95:11:44:ad:94:0e:49:42:86:ca:e1:69:51:54:12:
ca:20:7a:61:f7:b0:22:6e:4a:fb:e8:a9:97:69:e5:
b7:3c:0f:e7:77:a8:02:c7:b0:2c:81:b8:a9:f5:f5:
e7:48:f1:3d:2b:9d:4f:e5:83:d6:cd:24:d5:bf:38:
3b:b4:7b:c8:d8:d9:f2:00:e4:c7:62:65:fd:75:b2:
56:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:68:2B:33:4C:CE:56:D9:8D:64:6F:B9:F5:51:D7:74:45:50:BF:A7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QmgrM0zOVtmNZG-59VHXdEVQv6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.43.0/24
195.133.94.0/24
Signature Algorithm: sha256WithRSAEncryption
83:8c:88:f1:30:01:7c:d3:d3:ee:4c:5f:76:14:78:16:13:8c:
fa:c0:5a:ad:dc:5a:38:dc:ed:8a:0b:de:71:6d:84:47:ae:bd:
74:75:98:bd:6f:8f:c8:8d:17:d3:9d:3a:32:2a:ff:e0:f1:14:
7c:c5:84:bf:a5:6d:cd:f4:1f:e5:37:a2:c9:06:9a:aa:3c:96:
e6:39:0d:bb:32:68:bb:e9:8e:87:e8:91:95:09:01:5b:ec:96:
11:33:b4:36:b4:57:dc:73:6f:42:e0:38:81:e1:71:2b:bc:ac:
aa:eb:ed:19:44:d4:6d:c9:71:02:7a:06:85:cf:52:38:4a:4d:
6e:cb:df:97:26:33:de:a9:04:7e:ec:4f:c9:c5:b4:26:c0:22:
b3:b6:95:1a:48:5e:c4:26:c6:63:38:f3:44:a9:6d:0d:a4:4e:
aa:29:4f:32:ff:78:ad:4c:da:93:55:89:44:f6:aa:0a:64:c0:
8d:5b:64:71:4b:d9:c6:4d:f1:02:49:38:d8:a4:69:ff:2f:fa:
e8:01:2a:4c:51:cb:09:f0:dd:23:3f:cd:9a:d1:57:f1:2c:d6:
2b:57:09:44:f2:1a:73:dd:0e:99:50:ee:07:8c:d6:d7:34:1b:
b1:4b:20:e5:4b:6c:fc:39:f0:00:90:90:1c:61:b5:5f:be:e0:
fc:90:de:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYleGXpzQy5wp3KzqyqJ0yczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzE2MDk0NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY4MmIzMzRjY2U1NmQ5OGQ2NDZmYjlmNTUxZDc3NDQ1NTBiZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjdnZoAQ5JhdhRfSYQKwkUcjs6UQ
/zGbTMFwxinoU7yYvUxOdQXj+g2b3hxXgogVn8M4Vaf4HWZH+5+RVQHvfErRFrbW
w3DN+TtmKk5Pn4bNGYvkxtR5EKZi3aswvm6Y3y2/vVfNTzBuvEZuOVK5lfw3CZFu
bHZVdkKmBOtxePIX0sNHN8pqCSFPNUEGLNMSYcHRVBu+mNireYgnv0ZHZxwarirr
LdxmJ8FeOJlg7uIzmZuVEUStlA5JQobK4WlRVBLKIHph97Aibkr76KmXaeW3PA/n
d6gCx7Asgbip9fXnSPE9K51P5YPWzSTVvzg7tHvI2NnyAOTHYmX9dbJWwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEJoKzNMzlbZjWRvufVR13RFUL+nMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUW1nck0wek9WdG1OWkctNTlWSFhkRVZRdjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjorAwQA
w4VeMA0GCSqGSIb3DQEBCwUAA4IBAQCDjIjxMAF809PuTF92FHgWE4z6wFqt3Fo4
3O2KC95xbYRHrr10dZi9b4/IjRfTnToyKv/g8RR8xYS/pW3N9B/lN6LJBpqqPJbm
OQ27Mmi76Y6H6JGVCQFb7JYRM7Q2tFfcc29C4DiB4XErvKyq6+0ZRNRtyXECegaF
z1I4Sk1uy9+XJjPeqQR+7E/JxbQmwCKztpUaSF7EJsZjOPNEqW0NpE6qKU8y/3it
TNqTVYlE9qoKZMCNW2RxS9nGTfECSTjYpGn/L/roASpMUcsJ8N0jP82a0VfxLNYr
VwlE8hpz3Q6ZUO4HjNbXNBuxSyDlS2z8OfAAkJAcYbVfvuD8kN5/
-----END CERTIFICATE-----
Generated at Fri Jul 21 12:28:00 2023 by rpki-client on console-ams.rpki-client.org