Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qsc3l6IQ-nUQKvOqFprzr-1IzyY.roa
File: Qsc3l6IQ-nUQKvOqFprzr-1IzyY.roa (raw, json)
Hash identifier: Wj01jZQbg4YyabLVFCuujIYpg1aCJrYdFQ+WlgPGFX8=
Subject key identifier: 42:C7:37:97:A2:10:FA:75:10:2A:F3:AA:16:9A:F3:AF:ED:48:CF:26
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66FD094797E790CD8A0D834996F2AF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qsc3l6IQ-nUQKvOqFprzr-1IzyY.roa
Signing time: Sun 01 Jan 2023 22:14:58 +0000
ROA not before: Sun 01 Jan 2023 22:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 62.76.231.0/24 maxlen: 24
194.87.115.0/24 maxlen: 24
194.87.26.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:fd:09:47:97:e7:90:cd:8a:0d:83:49:96:f2:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42c73797a210fa75102af3aa169af3afed48cf26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:21:dd:1b:2b:ba:11:20:1c:cd:17:c3:71:24:
1d:40:ab:e5:a8:be:10:a3:f8:b5:69:fa:a6:39:23:
99:a5:e3:a3:ea:f2:3a:16:c5:e8:7d:8b:92:f9:e3:
8c:a6:73:f7:33:3b:a3:28:6c:94:17:bc:c7:53:dd:
55:aa:7a:21:ba:8b:ad:99:99:f0:db:21:cf:e9:bf:
b4:95:75:22:c5:16:0f:37:2b:ea:b4:d7:99:35:27:
65:86:6b:08:8d:72:41:1c:f6:8a:7a:b0:95:d1:b7:
2e:4f:df:01:30:73:4c:68:25:65:35:c3:04:23:4b:
ba:01:0f:e4:dd:78:b2:3f:da:ca:a1:f8:c2:9b:27:
06:e8:06:a7:08:b9:d5:bf:f6:78:b6:6d:80:e3:db:
67:99:ba:1d:d8:51:b3:b5:8c:80:25:d8:00:da:0e:
99:76:e4:50:63:72:94:26:99:6a:34:46:04:20:27:
05:fb:ef:4f:fd:1e:6a:9e:8a:08:00:f6:9a:00:ef:
f0:fc:de:f4:40:6a:88:cb:95:12:64:f6:b4:71:58:
33:36:0c:4a:d8:72:64:09:0b:84:64:76:49:c6:62:
5b:19:f7:ad:f5:29:da:24:ec:b2:87:66:13:54:75:
eb:59:be:bd:e8:7b:27:3b:9b:21:67:d2:90:72:45:
d5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C7:37:97:A2:10:FA:75:10:2A:F3:AA:16:9A:F3:AF:ED:48:CF:26
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Qsc3l6IQ-nUQKvOqFprzr-1IzyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
194.87.26.0/24
194.87.115.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:1c:f7:b6:7e:eb:db:b6:ba:b1:d7:e1:f9:f3:d0:52:e8:8c:
38:4d:18:9e:fc:7e:27:4d:d6:9d:bc:ed:50:a1:cf:5f:0e:9d:
c9:93:d8:96:80:57:37:bb:74:39:7b:62:fc:96:76:62:18:9b:
7e:c0:c7:c3:12:df:d3:cc:0b:34:3d:ac:e6:97:7a:72:59:af:
dd:05:81:ca:78:31:3a:3f:34:c9:b4:f8:5d:33:bc:be:be:d5:
d6:f1:37:c2:be:25:2a:4a:7a:62:1c:0b:91:8b:7c:64:d0:18:
14:03:d7:78:80:c9:88:c3:b2:78:db:eb:22:21:48:fd:50:90:
9e:82:f1:de:bd:26:3c:d1:6f:92:df:e1:cb:04:b4:e0:fc:b0:
c1:70:14:a5:79:a2:42:0a:32:18:b9:0d:f0:12:c8:66:2f:87:
58:17:56:e0:bb:6c:17:12:ec:a5:87:9c:68:a7:37:d0:b8:5b:
fe:8a:ba:83:1f:43:d5:0e:20:3a:37:46:53:9e:ae:c1:2a:e2:
cd:ee:7f:5a:4d:70:bf:fb:e1:a3:a4:4b:c1:7a:c4:ec:4a:77:
eb:65:af:36:75:70:f5:cc:2b:3d:f0:21:60:fd:91:a5:19:cb:
ec:21:59:a1:98:63:9c:e0:fe:db:36:ec:46:e6:c8:a1:19:8b:
8d:eb:01:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvZv0JR5fnkM2KDYNJlvKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmM3Mzc5N2EyMTBmYTc1MTAyYWYzYWExNjlhZjNhZmVkNDhjZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSHdGyu6ESAczRfDcSQdQKvlqL4Q
o/i1afqmOSOZpeOj6vI6FsXofYuS+eOMpnP3MzujKGyUF7zHU91VqnohuoutmZnw
2yHP6b+0lXUixRYPNyvqtNeZNSdlhmsIjXJBHPaKerCV0bcuT98BMHNMaCVlNcME
I0u6AQ/k3XiyP9rKofjCmycG6AanCLnVv/Z4tm2A49tnmbod2FGztYyAJdgA2g6Z
duRQY3KUJplqNEYEICcF++9P/R5qnooIAPaaAO/w/N70QGqIy5USZPa0cVgzNgxK
2HJkCQuEZHZJxmJbGfet9SnaJOyyh2YTVHXrWb696HsnO5shZ9KQckXVJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFELHN5eiEPp1ECrzqhaa86/tSM8mMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUXNjM2w2SVEtblVRS3ZPcUZwcnpyLTFJenlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPkznAwQA
wlcaAwQAwldzMA0GCSqGSIb3DQEBCwUAA4IBAQBOHPe2fuvbtrqx1+H589BS6Iw4
TRie/H4nTdadvO1Qoc9fDp3Jk9iWgFc3u3Q5e2L8lnZiGJt+wMfDEt/TzAs0Pazm
l3pyWa/dBYHKeDE6PzTJtPhdM7y+vtXW8TfCviUqSnpiHAuRi3xk0BgUA9d4gMmI
w7J42+siIUj9UJCegvHevSY80W+S3+HLBLTg/LDBcBSleaJCCjIYuQ3wEshmL4dY
F1bgu2wXEuylh5xopzfQuFv+irqDH0PVDiA6N0ZTnq7BKuLN7n9aTXC/++GjpEvB
esTsSnfrZa82dXD1zCs98CFg/ZGlGcvsIVmhmGOc4P7bNuxG5sihGYuN6wEG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-ams.rpki-client.org