Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QoNldcpJy8lim2nVa6oUlZq3zN4.roa
File: QoNldcpJy8lim2nVa6oUlZq3zN4.roa (raw, json)
Hash identifier: FXoRWct7n9p8MwF7zQ/kQpaUriU+lVBIQ3twuP/9PkU=
Subject key identifier: 42:83:65:75:CA:49:CB:C9:62:9B:69:D5:6B:AA:14:95:9A:B7:CC:DE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01870283D7066C33891040CEE2155CF56E7A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QoNldcpJy8lim2nVa6oUlZq3zN4.roa
Signing time: Tue 21 Mar 2023 04:53:27 +0000
ROA not before: Tue 21 Mar 2023 04:53:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:02:83:d7:06:6c:33:89:10:40:ce:e2:15:5c:f5:6e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 21 04:53:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42836575ca49cbc9629b69d56baa14959ab7ccde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:00:09:30:89:a3:a5:13:98:69:2a:d1:4b:b9:
7d:0b:a1:66:fa:0b:95:87:21:f4:30:13:37:9b:fe:
29:e0:c8:99:db:00:07:97:58:49:d4:ec:5d:a0:ad:
35:b5:54:35:27:37:a9:cc:1c:48:11:24:97:c7:8c:
b8:85:4e:19:71:92:f4:8b:80:0b:83:e6:a7:12:00:
25:43:31:27:02:48:16:63:6d:91:6c:66:74:b0:22:
2c:14:12:e4:06:4f:29:4c:ce:bf:25:36:8e:a0:20:
78:20:84:a3:c1:e0:17:ff:2c:fc:fc:2f:b1:37:ec:
2c:63:01:69:c3:eb:48:a3:e7:ca:5c:a6:4a:a3:2d:
52:99:d5:95:72:2c:7e:0d:32:33:f7:bd:ec:be:f3:
eb:60:ba:87:16:47:08:e6:95:3c:a0:8f:cd:dc:5d:
a8:11:b5:66:b5:57:c9:a8:6a:39:58:36:5f:18:2a:
52:01:97:62:ce:91:d6:c5:ff:fe:7e:51:62:86:d5:
7d:a5:34:e0:2f:99:49:81:10:1d:22:b8:92:6e:b5:
fe:ed:0e:cd:e7:f4:55:cf:b4:5c:e1:ed:c2:e7:31:
86:35:7f:f2:ef:56:68:3e:8a:a1:15:3f:12:95:89:
b5:4c:7d:86:12:4b:5a:c5:a4:2b:d0:f6:74:56:6c:
b5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:83:65:75:CA:49:CB:C9:62:9B:69:D5:6B:AA:14:95:9A:B7:CC:DE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QoNldcpJy8lim2nVa6oUlZq3zN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
192.124.180.0/24
193.124.90.0/24
193.124.200.0/24
194.87.124.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:14:3f:62:e5:fe:dc:91:a8:2f:9c:01:1a:ae:54:ea:17:6b:
0b:79:1d:e5:f5:17:da:4a:8c:29:81:79:da:ef:1c:d0:2c:2c:
b1:64:64:bf:25:12:a6:96:3f:1a:61:8a:a8:75:c5:3f:0d:bb:
c6:63:e1:2c:c2:50:1b:2f:18:33:18:90:c9:b8:02:40:af:be:
99:b0:b2:6d:a0:70:35:eb:d8:e5:00:b7:17:2d:38:c6:db:be:
08:2c:20:6e:4e:0b:f6:ed:4b:bb:cb:ce:e4:0b:e6:2f:33:7e:
16:00:c3:64:f4:20:23:f6:9c:ff:08:3e:ab:08:8e:60:fc:9f:
58:50:c1:85:f5:eb:46:04:b9:64:01:62:e3:f0:c6:87:19:44:
5a:c5:12:33:0f:a8:bd:9c:dd:10:51:59:ed:f2:40:a9:ae:b3:
19:90:25:1e:f1:ba:55:1d:95:f9:ec:e5:c7:45:5f:09:57:e8:
18:d7:19:ca:68:85:a5:b2:35:e2:13:12:63:c7:f5:ec:70:d8:
f0:68:96:37:64:5e:30:0f:c5:45:d5:a6:19:33:20:46:f3:4d:
55:8c:47:6a:11:b9:42:df:b6:26:1f:df:23:0d:28:2b:2b:31:
31:db:77:dd:e1:16:63:2b:de:32:c4:38:66:4d:8d:31:d1:b5:
ba:9d:aa:58
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYcCg9cGbDOJEEDO4hVc9W56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzIxMDQ1MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjgzNjU3NWNhNDljYmM5NjI5YjY5ZDU2YmFhMTQ5NTlhYjdjY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgAJMImjpROYaSrRS7l9C6Fm+guV
hyH0MBM3m/4p4MiZ2wAHl1hJ1OxdoK01tVQ1JzepzBxIESSXx4y4hU4ZcZL0i4AL
g+anEgAlQzEnAkgWY22RbGZ0sCIsFBLkBk8pTM6/JTaOoCB4IISjweAX/yz8/C+x
N+wsYwFpw+tIo+fKXKZKoy1SmdWVcix+DTIz973svvPrYLqHFkcI5pU8oI/N3F2o
EbVmtVfJqGo5WDZfGCpSAZdizpHWxf/+flFihtV9pTTgL5lJgRAdIriSbrX+7Q7N
5/RVz7Rc4e3C5zGGNX/y71ZoPoqhFT8SlYm1TH2GEktaxaQr0PZ0Vmy11QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEKDZXXKScvJYptp1WuqFJWat8zeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUW9ObGRjcEp5OGxpbTJuVmE2b1VsWnEzek40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPkziAwQA
wHy0AwQAwXxaAwQAwXzIAwQAwld8AwQA1MAJMA0GCSqGSIb3DQEBCwUAA4IBAQAe
FD9i5f7ckagvnAEarlTqF2sLeR3l9RfaSowpgXna7xzQLCyxZGS/JRKmlj8aYYqo
dcU/DbvGY+EswlAbLxgzGJDJuAJAr76ZsLJtoHA169jlALcXLTjG274ILCBuTgv2
7Uu7y87kC+YvM34WAMNk9CAj9pz/CD6rCI5g/J9YUMGF9etGBLlkAWLj8MaHGURa
xRIzD6i9nN0QUVnt8kCprrMZkCUe8bpVHZX57OXHRV8JV+gY1xnKaIWlsjXiExJj
x/XscNjwaJY3ZF4wD8VF1aYZMyBG801VjEdqEblC37YmH98jDSgrKzEx23fd4RZj
K94yxDhmTY0x0bW6napY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:03 2023 by rpki-client on console-fra.rpki-client.org