Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QKQuiaVD0-ff9zUPzJhayYj2aYM.roa
File: QKQuiaVD0-ff9zUPzJhayYj2aYM.roa (raw, json)
Hash identifier: CZ4b7LhJGV7tSzr+lNaKorirHZeZbCAYJ0kwA10LRyw=
Subject key identifier: 40:A4:2E:89:A5:43:D3:E7:DF:F7:35:0F:CC:98:5A:C9:88:F6:69:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81FF5077B7AAE4E4B3CFE9AD33F996
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QKQuiaVD0-ff9zUPzJhayYj2aYM.roa
Signing time: Sun 01 Jan 2023 13:25:13 +0000
ROA not before: Sun 01 Jan 2023 13:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200033
IP address blocks: 94.156.134.0/24 maxlen: 24
94.156.135.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:ff:50:77:b7:aa:e4:e4:b3:cf:e9:ad:33:f9:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40a42e89a543d3e7dff7350fcc985ac988f66983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8e:13:a1:5c:21:e9:49:26:91:7e:a9:d6:9b:
75:06:e7:e8:ff:82:30:63:cd:4c:d2:df:63:83:bf:
7f:fc:83:7c:2e:01:25:a1:1a:48:40:8b:3e:b9:38:
0f:2c:d1:10:be:62:df:35:19:3d:57:b4:9d:ec:03:
9f:18:c7:ca:1b:a3:08:0f:ce:ea:db:2a:1a:31:90:
1f:30:73:dc:ea:74:a9:39:fd:2a:3b:14:7f:6a:f4:
a0:1a:dc:d7:43:2f:1b:38:4d:54:2a:3b:9b:47:44:
05:74:5e:80:17:d5:c6:2d:c3:11:4b:d2:40:d7:c5:
90:7b:57:02:f2:d8:5d:e5:49:cf:aa:ae:87:39:5c:
14:3d:6b:ae:2e:77:ca:cd:2f:f3:32:0a:0f:cd:34:
15:96:cc:bf:46:5a:ff:1e:b9:72:37:ed:99:92:73:
b4:cd:07:3f:08:f7:82:1f:65:12:ff:4f:65:da:c5:
5a:5a:6e:81:40:b1:47:c9:50:bf:37:86:9a:99:2c:
2f:7d:5f:bc:94:6c:5f:52:0e:47:e6:74:a8:45:f5:
a3:bb:b4:3b:8e:39:ff:1c:d8:c3:9f:25:95:71:f9:
13:cb:8e:df:b5:86:1f:e6:81:e2:20:76:a9:2f:ba:
7c:d2:bd:20:ae:f7:06:1f:70:98:9d:65:3c:98:45:
62:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A4:2E:89:A5:43:D3:E7:DF:F7:35:0F:CC:98:5A:C9:88:F6:69:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QKQuiaVD0-ff9zUPzJhayYj2aYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.134.0/23
Signature Algorithm: sha256WithRSAEncryption
84:a2:c1:92:3e:1a:4c:e3:34:96:da:6e:01:b7:9d:51:0a:52:
db:e8:20:7e:50:07:16:83:f7:aa:97:f4:ee:a7:10:92:fd:1b:
d0:0a:5f:a9:93:25:c9:4f:a6:3b:0c:4d:02:e6:0d:1a:0e:b5:
09:0a:91:54:ce:75:53:76:2a:d1:23:e9:ed:e6:3f:65:35:8d:
31:c0:c4:7c:6a:52:77:62:bd:fe:e6:83:a6:bd:07:a6:6d:be:
81:2d:a5:1c:45:10:f7:73:38:9a:50:21:85:d1:c6:0c:59:1a:
72:83:fb:e0:0c:8d:2b:d2:6a:8c:65:d4:20:45:31:da:69:c8:
c1:a3:c9:85:5e:54:35:81:1f:50:57:81:cc:b1:0b:e6:31:5d:
a5:46:52:a0:4c:fc:c8:23:92:49:9c:7a:aa:e1:cc:6b:20:20:
e7:51:7f:c2:61:eb:fa:f5:80:65:1a:63:7b:20:29:0c:f9:c0:
14:e1:d7:9e:88:d9:6f:99:87:4e:86:91:72:ee:83:9f:e8:5e:
ab:47:1b:f7:b7:71:b3:59:1c:a8:6e:69:74:21:03:14:08:e7:
6b:88:c6:fd:e4:a9:52:ef:e6:26:b7:ce:bf:f8:18:38:14:c1:
94:e1:4f:03:01:8c:bf:b9:48:b7:36:30:bb:80:47:9e:a7:6d:
e3:cb:b0:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgf9Qd7eq5OSzz+mtM/mWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE0MmU4OWE1NDNkM2U3ZGZmNzM1MGZjYzk4NWFjOTg4ZjY2OTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs44ToVwh6UkmkX6p1pt1Bufo/4Iw
Y81M0t9jg79//IN8LgEloRpIQIs+uTgPLNEQvmLfNRk9V7Sd7AOfGMfKG6MID87q
2yoaMZAfMHPc6nSpOf0qOxR/avSgGtzXQy8bOE1UKjubR0QFdF6AF9XGLcMRS9JA
18WQe1cC8thd5UnPqq6HOVwUPWuuLnfKzS/zMgoPzTQVlsy/Rlr/HrlyN+2ZknO0
zQc/CPeCH2US/09l2sVaWm6BQLFHyVC/N4aamSwvfV+8lGxfUg5H5nSoRfWju7Q7
jjn/HNjDnyWVcfkTy47ftYYf5oHiIHapL7p80r0grvcGH3CYnWU8mEVinQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECkLomlQ9Pn3/c1D8yYWsmI9mmDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUUtRdWlhVkQwLWZmOXpVUHpKaGF5WWoyYVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXpyGMA0G
CSqGSIb3DQEBCwUAA4IBAQCEosGSPhpM4zSW2m4Bt51RClLb6CB+UAcWg/eql/Tu
pxCS/RvQCl+pkyXJT6Y7DE0C5g0aDrUJCpFUznVTdirRI+nt5j9lNY0xwMR8alJ3
Yr3+5oOmvQembb6BLaUcRRD3cziaUCGF0cYMWRpyg/vgDI0r0mqMZdQgRTHaacjB
o8mFXlQ1gR9QV4HMsQvmMV2lRlKgTPzII5JJnHqq4cxrICDnUX/CYev69YBlGmN7
ICkM+cAU4deeiNlvmYdOhpFy7oOf6F6rRxv3t3GzWRyobml0IQMUCOdriMb95KlS
7+Ymt86/+Bg4FMGU4U8DAYy/uUi3NjC7gEeep23jy7AL
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:47 2024 by rpki-client on console-fra.rpki-client.org