Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/QzSuR5Mi-g7kjZRMk3YZoOYWHUk.roa
File: QzSuR5Mi-g7kjZRMk3YZoOYWHUk.roa (raw, json)
Hash identifier: 1GcFQp+IEednpRQtZp5+0Ht5BE4gkoErvbKQEwwR6Nw=
Subject key identifier: 43:34:AE:47:93:22:FA:0E:E4:8D:94:4C:93:76:19:A0:E6:16:1D:49
Certificate issuer: /CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
Certificate serial: 018EE633EFE3CD9A1B5CA9022D84DDE9FF81
Authority key identifier: 82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/QzSuR5Mi-g7kjZRMk3YZoOYWHUk.roa
Signing time: Tue 16 Apr 2024 09:19:07 +0000
ROA not before: Tue 16 Apr 2024 09:19:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20670
IP address blocks: 31.131.168.0/21 maxlen: 21
45.93.228.0/22 maxlen: 22
91.210.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 19 Apr 2024 13:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:33:ef:e3:cd:9a:1b:5c:a9:02:2d:84:dd:e9:ff:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
Validity
Not Before: Apr 16 09:19:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4334ae479322fa0ee48d944c937619a0e6161d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:39:62:9e:40:2a:da:6c:c6:02:60:da:03:d0:
0b:1c:07:6b:26:67:ea:fb:f0:fc:47:91:b7:b9:9e:
5f:72:c4:6a:b7:a0:d9:81:b1:24:95:55:b3:a4:ea:
89:6e:f1:8a:0b:08:f2:39:95:1a:11:0b:c7:2e:71:
1c:85:f9:be:3d:d4:2a:ff:21:a0:0e:7d:e2:de:82:
b0:28:ba:0c:fd:18:f5:de:bc:f8:98:86:40:b6:2e:
75:95:59:04:c3:36:c7:2a:95:e8:08:06:99:2e:58:
83:2b:a3:eb:83:39:ce:ff:6e:b7:58:41:6f:ec:fc:
69:2f:6b:f5:21:ec:a6:a8:dc:90:2e:2e:c6:03:de:
9d:1b:0b:8d:eb:78:2d:1d:91:97:d2:f0:bd:14:40:
8b:55:f1:7b:f4:f6:aa:98:b0:ca:12:08:14:97:76:
23:ef:f4:63:20:92:06:3e:e0:78:11:68:59:e7:87:
3a:ad:d9:7d:31:f9:ea:71:14:c2:e1:ce:3a:49:c6:
d4:88:9d:2a:3b:ed:3c:91:43:8b:e5:30:25:05:e5:
2a:92:f1:13:1f:37:f2:53:a3:26:b5:01:44:45:73:
77:12:50:4a:be:5b:06:1f:83:13:38:ef:e3:45:f3:
09:f2:4d:c6:35:a6:59:9f:84:e6:47:86:b9:4c:a3:
31:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:34:AE:47:93:22:FA:0E:E4:8D:94:4C:93:76:19:A0:E6:16:1D:49
X509v3 Authority Key Identifier:
keyid:82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/QzSuR5Mi-g7kjZRMk3YZoOYWHUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/grE25oINlPA7HF1x7uPUsiGRUo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.168.0/21
45.93.228.0/22
91.210.76.0/22
Signature Algorithm: sha256WithRSAEncryption
64:0a:e7:f9:cd:85:64:68:e2:0f:3e:35:d2:78:7b:b6:c6:27:
2f:06:db:af:e8:91:7c:ed:44:c8:3f:a3:8f:79:fe:33:8b:d8:
0a:bd:50:ad:30:5d:9b:e1:2d:0c:dc:f1:3d:db:5f:d3:87:f5:
e5:a9:8d:7d:93:92:75:5b:7c:01:74:fb:69:74:50:d7:22:08:
dd:83:ce:0c:95:eb:05:97:28:36:5e:38:f4:20:20:19:62:ba:
f3:75:25:cf:ad:4e:f2:0b:b6:ec:09:26:cb:8f:0c:82:a3:4a:
53:ab:42:d5:4b:3c:ee:8e:6a:0d:11:ea:49:ce:2c:02:df:2c:
38:7a:82:06:6c:e3:32:7d:e7:4c:62:b2:3b:e1:9f:49:99:20:
3c:98:a9:7b:72:a3:de:62:55:29:95:81:ad:e8:20:47:a2:54:
c1:aa:c7:21:2c:a3:25:16:1c:f1:67:d0:3b:cb:2c:65:a7:62:
ca:9e:f1:72:c7:d5:4d:63:42:a5:6c:de:08:1d:ea:65:ec:3d:
c2:6a:d5:2e:9e:78:4f:37:b9:49:31:aa:fc:4b:92:27:5e:73:
ed:89:10:d7:1e:88:ae:d7:d2:df:34:ad:12:7a:c8:c6:13:f0:
c1:e7:b4:95:89:de:31:40:82:eb:34:37:2f:84:74:01:6a:cc:
ff:5e:8f:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7mM+/jzZobXKkCLYTd6f+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjEzNmU2ODIwZDk0ZjAzYjFjNWQ3MWVlZTNkNGIyMjE5
MTUyOGYwHhcNMjQwNDE2MDkxOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM0YWU0NzkzMjJmYTBlZTQ4ZDk0NGM5Mzc2MTlhMGU2MTYxZDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TlinkAq2mzGAmDaA9ALHAdrJmfq
+/D8R5G3uZ5fcsRqt6DZgbEklVWzpOqJbvGKCwjyOZUaEQvHLnEchfm+PdQq/yGg
Dn3i3oKwKLoM/Rj13rz4mIZAti51lVkEwzbHKpXoCAaZLliDK6PrgznO/263WEFv
7PxpL2v1IeymqNyQLi7GA96dGwuN63gtHZGX0vC9FECLVfF79PaqmLDKEggUl3Yj
7/RjIJIGPuB4EWhZ54c6rdl9MfnqcRTC4c46ScbUiJ0qO+08kUOL5TAlBeUqkvET
HzfyU6MmtQFERXN3ElBKvlsGH4MTOO/jRfMJ8k3GNaZZn4TmR4a5TKMxhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEM0rkeTIvoO5I2UTJN2GaDmFh1JMB8GA1UdIwQY
MBaAFIKxNuaCDZTwOxxdce7j1LIhkVKPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JFMjVvSU5sUEE3SEYxeDd1UFVzaUdSVW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMjExMmUtNGUxMy00M2QwLTllYjEt
MGRhM2NhYTkxNDI5LzEvUXpTdVI1TWktZzdralpSTWszWVpvT1lXSFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yMjExMmUtNGUxMy00M2QwLTllYjEtMGRhM2NhYTkxNDI5
LzEvZ3JFMjVvSU5sUEE3SEYxeDd1UFVzaUdSVW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH4OoAwQC
LV3kAwQCW9JMMA0GCSqGSIb3DQEBCwUAA4IBAQBkCuf5zYVkaOIPPjXSeHu2xicv
Btuv6JF87UTIP6OPef4zi9gKvVCtMF2b4S0M3PE921/Th/XlqY19k5J1W3wBdPtp
dFDXIgjdg84MlesFlyg2Xjj0ICAZYrrzdSXPrU7yC7bsCSbLjwyCo0pTq0LVSzzu
jmoNEepJziwC3yw4eoIGbOMyfedMYrI74Z9JmSA8mKl7cqPeYlUplYGt6CBHolTB
qschLKMlFhzxZ9A7yyxlp2LKnvFyx9VNY0KlbN4IHepl7D3CatUunnhPN7lJMar8
S5InXnPtiRDXHoiu19LfNK0SesjGE/DB57SVid4xQILrNDcvhHQBasz/Xo9b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:42 2024 by rpki-client on console-fra.rpki-client.org