Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Q-n0Qx7GD5LI8c-xx7mV3PHH7MM.roa
File: Q-n0Qx7GD5LI8c-xx7mV3PHH7MM.roa (raw, json)
Hash identifier: 0r0fnTJAulUWVRGjEM2pYYfrJwXoxa1FvVKuljcTHiI=
Subject key identifier: 43:E9:F4:43:1E:C6:0F:92:C8:F1:CF:B1:C7:B9:95:DC:F1:C7:EC:C3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AB29B508072624535DB26FA260A43602C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Q-n0Qx7GD5LI8c-xx7mV3PHH7MM.roa
Signing time: Wed 20 Sep 2023 12:40:37 +0000
ROA not before: Wed 20 Sep 2023 12:40:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:9b:50:80:72:62:45:35:db:26:fa:26:0a:43:60:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 20 12:40:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43e9f4431ec60f92c8f1cfb1c7b995dcf1c7ecc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:51:e6:04:8f:a3:4d:af:5d:91:5f:ab:b5:0c:
8e:27:25:35:54:de:2d:b3:6a:ae:78:3a:ff:68:6e:
2d:72:7b:3a:7d:f3:7a:43:d3:91:ca:c0:b6:08:27:
5d:1c:f5:f0:b8:79:3a:1a:6e:22:35:50:68:32:e1:
9a:36:97:8c:a0:82:58:c4:d7:dd:d8:58:50:bc:56:
1a:0d:59:b5:4c:9c:9c:7d:66:b3:00:e1:9d:7c:18:
ab:9c:7d:23:71:d1:0b:98:ab:c4:b2:51:f8:75:12:
22:e5:d3:4e:d7:bb:08:e3:27:a8:90:e6:11:d6:df:
d4:71:23:03:94:cb:64:57:69:81:d8:60:63:dc:80:
7b:50:58:0f:d0:05:89:53:d7:80:30:56:cf:2d:b0:
e8:ce:de:9e:bd:30:1e:c6:7b:73:3e:bf:6a:fb:cb:
e5:76:ce:35:68:60:a9:29:66:e8:30:8d:ea:fd:6a:
6b:d7:17:46:81:39:81:17:30:58:ab:82:f7:33:87:
ba:61:73:25:3b:be:b3:8a:fd:37:0f:fc:f1:48:9d:
25:f3:0f:93:e7:cc:7c:9f:7b:f8:6b:b1:67:c6:69:
88:69:d6:18:82:bc:6b:1b:f2:f2:58:0c:5b:aa:dd:
99:2c:25:b0:87:78:d5:62:47:b1:4c:a0:d5:d5:77:
9f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E9:F4:43:1E:C6:0F:92:C8:F1:CF:B1:C7:B9:95:DC:F1:C7:EC:C3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Q-n0Qx7GD5LI8c-xx7mV3PHH7MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.255.0/24
193.149.28.0/22
Signature Algorithm: sha256WithRSAEncryption
46:97:d5:10:d7:af:38:58:cb:3c:f7:a6:82:3d:1d:ad:c1:cf:
22:3f:b7:e9:39:b6:46:12:12:33:0a:17:14:a6:63:f9:6e:48:
f2:70:91:dc:f2:41:cd:e7:be:79:7c:e8:22:c7:52:d3:da:b3:
04:cf:c1:1b:3e:e3:c3:e2:a4:a7:2e:d0:75:89:f2:39:e8:c2:
8d:0e:4f:ff:0e:07:73:a6:95:a7:5a:20:6e:dc:03:5b:bf:24:
52:cb:d6:d9:6a:9b:6a:f7:a3:86:b4:ee:e4:0d:38:da:ba:30:
0a:58:45:89:c6:b7:4d:46:21:b1:b5:32:f3:79:3d:bd:57:4d:
a9:05:d1:e4:57:e8:4b:38:80:ef:5d:26:47:a3:28:3c:b1:5b:
81:45:e1:30:71:c7:b7:6b:de:62:94:dd:df:25:00:2e:20:07:
3e:dd:a9:5e:d9:0b:5c:f0:6d:1f:a5:27:60:15:e7:03:20:8f:
a1:67:6a:0f:9b:52:50:2e:69:cb:31:f6:a4:27:d5:ac:ae:62:
77:ba:60:da:d8:50:18:99:f7:0b:f5:ac:8b:7f:87:06:45:9b:
9c:48:14:78:b2:d1:62:99:1f:d7:95:56:76:4a:43:45:3a:44:
94:81:c8:bd:3c:ce:be:75:69:9b:65:ad:79:82:76:25:95:6c:
f9:91:bf:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqym1CAcmJFNdsm+iYKQ2AsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTIwMTI0MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2U5ZjQ0MzFlYzYwZjkyYzhmMWNmYjFjN2I5OTVkY2YxYzdlY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklHmBI+jTa9dkV+rtQyOJyU1VN4t
s2queDr/aG4tcns6ffN6Q9ORysC2CCddHPXwuHk6Gm4iNVBoMuGaNpeMoIJYxNfd
2FhQvFYaDVm1TJycfWazAOGdfBirnH0jcdELmKvEslH4dRIi5dNO17sI4yeokOYR
1t/UcSMDlMtkV2mB2GBj3IB7UFgP0AWJU9eAMFbPLbDozt6evTAexntzPr9q+8vl
ds41aGCpKWboMI3q/Wpr1xdGgTmBFzBYq4L3M4e6YXMlO76ziv03D/zxSJ0l8w+T
58x8n3v4a7FnxmmIadYYgrxrG/LyWAxbqt2ZLCWwh3jVYkexTKDV1XefqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEPp9EMexg+SyPHPsce5ldzxx+zDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUS1uMFF4N0dENUxJOGMteHg3bVYzUEhIN01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsH3/AwQC
wZUcMA0GCSqGSIb3DQEBCwUAA4IBAQBGl9UQ1684WMs896aCPR2twc8iP7fpObZG
EhIzChcUpmP5bkjycJHc8kHN5755fOgix1LT2rMEz8EbPuPD4qSnLtB1ifI56MKN
Dk//DgdzppWnWiBu3ANbvyRSy9bZaptq96OGtO7kDTjaujAKWEWJxrdNRiGxtTLz
eT29V02pBdHkV+hLOIDvXSZHoyg8sVuBReEwcce3a95ilN3fJQAuIAc+3ale2Qtc
8G0fpSdgFecDII+hZ2oPm1JQLmnLMfakJ9WsrmJ3umDa2FAYmfcL9ayLf4cGRZuc
SBR4stFimR/XlVZ2SkNFOkSUgci9PM6+dWmbZa15gnYllWz5kb+Z
-----END CERTIFICATE-----
Generated at Wed Sep 20 14:02:06 2023 by rpki-client on console-ams.rpki-client.org