Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QsBGYapyAiQuQoKqTzRCm771qPY.roa
File: QsBGYapyAiQuQoKqTzRCm771qPY.roa (raw, json)
Hash identifier: Z7zg9D7OlWDG2LQ1Vk2eTXkLf6OCQPiZXZ48x/tQ4O0=
Subject key identifier: 42:C0:46:61:AA:72:02:24:2E:42:82:AA:4F:34:42:9B:BE:F5:A8:F6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B13EF79BCFA9501939B280877041B344B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QsBGYapyAiQuQoKqTzRCm771qPY.roa
Signing time: Mon 09 Oct 2023 10:15:43 +0000
ROA not before: Mon 09 Oct 2023 10:15:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 193.124.5.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:ef:79:bc:fa:95:01:93:9b:28:08:77:04:1b:34:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 9 10:15:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42c04661aa7202242e4282aa4f34429bbef5a8f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1c:b8:d7:23:42:5e:c7:d6:59:4a:47:13:05:
a4:cc:13:71:3c:62:61:cf:22:1d:7c:ee:41:8a:46:
52:fa:ba:a0:f4:c5:25:86:fa:e9:ff:d6:96:6f:be:
15:e0:a6:89:14:ba:cf:b2:c3:e0:03:95:66:35:22:
2c:af:ce:ae:85:e7:eb:1f:23:b1:5a:bc:b3:f5:d6:
be:de:27:91:48:70:54:da:70:f9:2a:91:50:f4:6d:
e7:ab:05:d4:8d:50:83:02:5d:04:b6:a7:53:e7:ca:
ad:75:16:d0:c0:1c:bf:92:41:81:0b:ec:a5:6a:32:
35:b6:49:9b:58:38:89:48:d3:4a:3c:de:c9:f3:d8:
84:ec:89:1d:77:53:94:8d:52:76:55:65:25:9a:48:
85:ae:ce:a0:5c:0b:22:9b:ad:a5:ac:ae:9c:1e:2f:
44:6a:ff:36:e0:a7:62:f8:0c:ca:c0:c1:95:a7:08:
1e:32:f2:01:23:ec:a1:ce:28:c0:0e:c6:b5:bf:58:
48:58:ca:dc:5a:b1:2f:cd:03:9d:1f:1b:88:7e:0c:
16:c4:f0:ef:2e:b1:e2:35:86:80:56:69:8b:0c:d1:
13:3a:2d:cf:f2:15:de:16:d2:72:47:8e:45:6c:66:
e9:c2:ef:cf:a0:9c:35:17:64:97:36:3b:29:be:1a:
be:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C0:46:61:AA:72:02:24:2E:42:82:AA:4F:34:42:9B:BE:F5:A8:F6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/QsBGYapyAiQuQoKqTzRCm771qPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
194.87.30.0/24
194.87.143.0/24
194.87.221.0/24
212.192.215.0/24
212.192.254.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:bf:61:a0:4d:60:2e:28:da:2d:62:71:93:90:25:c0:98:8d:
d7:d8:70:f8:99:b5:b3:2b:6f:87:fe:f2:b0:2a:8e:bc:31:68:
a0:b0:f8:9b:fa:89:4f:bf:20:7f:0d:7b:63:08:84:1e:57:36:
53:7b:3e:e5:c7:a9:83:cc:ae:db:ea:50:95:dc:62:a6:0a:36:
fe:be:45:a2:fc:19:82:da:53:e7:10:80:d4:42:3a:cb:60:98:
ac:b9:b9:3b:b2:2b:1a:e1:bb:87:86:dc:e0:a0:ff:d3:5c:00:
29:f5:15:eb:a5:d7:61:9c:d5:35:21:84:fa:ca:f1:18:66:fc:
34:32:c3:2b:0d:58:fa:1a:b9:ee:62:82:52:5d:e8:cc:a2:46:
15:34:a6:9d:ce:6e:47:31:84:c0:49:77:cf:92:7d:c3:da:3a:
66:80:10:40:64:61:71:d1:08:1f:d1:a2:c2:01:55:51:08:2f:
bf:bb:75:6d:4a:69:29:5a:a9:a4:d1:f1:01:f6:38:36:fb:b7:
a0:c5:36:a7:ac:0e:9f:2f:36:9b:86:ef:c8:c7:e3:00:19:67:
c7:80:33:e4:53:7e:5f:d7:0f:f5:54:7e:f6:ae:a0:a6:13:e0:
f9:16:e7:de:69:47:2b:a9:a7:a1:88:3f:84:16:88:6e:96:49:
7d:24:19:4d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYsT73m8+pUBk5soCHcEGzRLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA5MTAxNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmMwNDY2MWFhNzIwMjI0MmU0MjgyYWE0ZjM0NDI5YmJlZjVhOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxy41yNCXsfWWUpHEwWkzBNxPGJh
zyIdfO5BikZS+rqg9MUlhvrp/9aWb74V4KaJFLrPssPgA5VmNSIsr86uhefrHyOx
Wryz9da+3ieRSHBU2nD5KpFQ9G3nqwXUjVCDAl0EtqdT58qtdRbQwBy/kkGBC+yl
ajI1tkmbWDiJSNNKPN7J89iE7Ikdd1OUjVJ2VWUlmkiFrs6gXAsim62lrK6cHi9E
av824Kdi+AzKwMGVpwgeMvIBI+yhzijADsa1v1hIWMrcWrEvzQOdHxuIfgwWxPDv
LrHiNYaAVmmLDNETOi3P8hXeFtJyR45FbGbpwu/PoJw1F2SXNjspvhq+ZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFELARmGqcgIkLkKCqk80Qpu+9aj2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUXNCR1lhcHlBaVF1UW9LcVR6UkNtNzcxcVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwFAwQA
wlceAwQAwlePAwQAwlfdAwQA1MDXAwQA1MD+MA0GCSqGSIb3DQEBCwUAA4IBAQAa
v2GgTWAuKNotYnGTkCXAmI3X2HD4mbWzK2+H/vKwKo68MWigsPib+olPvyB/DXtj
CIQeVzZTez7lx6mDzK7b6lCV3GKmCjb+vkWi/BmC2lPnEIDUQjrLYJisubk7sisa
4buHhtzgoP/TXAAp9RXrpddhnNU1IYT6yvEYZvw0MsMrDVj6GrnuYoJSXejMokYV
NKadzm5HMYTASXfPkn3D2jpmgBBAZGFx0Qgf0aLCAVVRCC+/u3VtSmkpWqmk0fEB
9jg2+7egxTanrA6fLzabhu/Ix+MAGWfHgDPkU35f1w/1VH72rqCmE+D5FufeaUcr
qaehiD+EFohulkl9JBlN
-----END CERTIFICATE-----
Generated at Thu Oct 12 11:37:33 2023 by rpki-client on console-ams.rpki-client.org