Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/Qdi1cNPYPaQQQAcpihMIs7Y1x70.roa
File: Qdi1cNPYPaQQQAcpihMIs7Y1x70.roa (raw, json)
Hash identifier: T0tvT+JWTt3MKaxIG6uAWxhGO44P5A4B31b3SlAk+Vw=
Subject key identifier: 41:D8:B5:70:D3:D8:3D:A4:10:40:07:29:8A:13:08:B3:B6:35:C7:BD
Certificate issuer: /CN=916033dd557447965bdaef8b4724a5e77d3c05ae
Certificate serial: 01891CD46B68029EA02595B67CDB73B1E2E5
Authority key identifier: 91:60:33:DD:55:74:47:96:5B:DA:EF:8B:47:24:A5:E7:7D:3C:05:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kWAz3VV0R5Zb2u-LRySl5308Ba4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/Qdi1cNPYPaQQQAcpihMIs7Y1x70.roa
Signing time: Mon 03 Jul 2023 17:37:10 +0000
ROA not before: Mon 03 Jul 2023 17:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29574
IP address blocks: 194.146.140.0/24 maxlen: 24
194.146.143.0/24 maxlen: 24
194.146.142.0/24 maxlen: 24
194.146.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:d4:6b:68:02:9e:a0:25:95:b6:7c:db:73:b1:e2:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=916033dd557447965bdaef8b4724a5e77d3c05ae
Validity
Not Before: Jul 3 17:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41d8b570d3d83da4104007298a1308b3b635c7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:73:a3:8c:2a:c7:88:d4:02:0a:79:9d:06:d8:
b7:a4:dd:9d:57:99:e3:32:94:ae:86:8a:15:19:6e:
51:4d:1d:8c:fa:f5:ae:a0:d1:1f:b9:73:4b:e0:0a:
a7:4a:8e:f6:af:a1:81:72:74:4e:be:b0:68:72:68:
ef:ea:ed:5b:7e:b2:e6:5b:94:0b:92:39:52:58:11:
04:b3:ea:1b:fc:62:7f:6e:20:a3:65:a9:92:16:6d:
bf:03:fe:66:60:20:a7:b1:fe:f9:d8:d4:1c:51:43:
b5:e3:25:bb:65:d1:6d:8d:0b:85:26:8c:1a:1b:a1:
37:b0:91:52:fb:10:c8:6e:55:ac:40:5e:1b:07:c1:
09:e3:c9:80:71:58:b6:b1:05:3d:70:2d:20:e1:c3:
96:10:a7:d9:7d:3d:5d:74:a6:1c:b5:bf:0f:51:85:
7a:4b:27:71:9d:5d:fb:94:a6:f8:5c:bc:47:c6:e3:
25:15:cd:d5:1c:a0:f9:fe:32:59:64:71:02:d7:28:
00:84:03:64:ea:5d:57:3f:3f:c0:73:9b:9c:c6:f7:
85:5c:55:24:0c:db:c3:35:25:16:ad:e3:44:be:e5:
66:4d:83:04:0b:5d:c9:44:27:10:c1:52:ab:e3:9e:
af:73:8b:27:84:e6:5d:11:4f:68:c4:06:c0:11:0c:
26:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D8:B5:70:D3:D8:3D:A4:10:40:07:29:8A:13:08:B3:B6:35:C7:BD
X509v3 Authority Key Identifier:
keyid:91:60:33:DD:55:74:47:96:5B:DA:EF:8B:47:24:A5:E7:7D:3C:05:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kWAz3VV0R5Zb2u-LRySl5308Ba4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/Qdi1cNPYPaQQQAcpihMIs7Y1x70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bc51f4-61f2-4faa-a02a-602936539405/1/kWAz3VV0R5Zb2u-LRySl5308Ba4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.140.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:7e:c1:15:92:2d:b9:74:05:4b:2a:a2:a1:ac:a1:f7:12:17:
21:2c:6c:b9:59:85:13:b1:83:bf:51:8c:dc:57:e5:11:36:70:
58:9c:94:3b:e0:1d:86:4e:8a:91:ed:23:3b:25:a6:12:4a:6c:
5d:9c:71:4c:e3:ca:54:99:47:de:a1:9d:c1:23:79:da:10:24:
05:b9:d4:de:52:7d:0f:4b:f0:85:42:4f:73:ba:29:28:f6:88:
81:c2:fc:b7:cb:0d:0f:9e:c4:9c:88:ea:a3:91:17:0c:22:49:
40:80:09:f2:3e:3b:09:3d:54:36:db:48:ff:77:1c:32:8e:15:
3b:34:17:ce:fa:7a:da:46:94:f4:d9:e9:15:94:87:da:20:8a:
5a:6d:41:a1:12:aa:ff:75:e3:0b:97:3f:22:8c:fb:6d:75:5b:
be:ab:6d:1e:d8:2f:00:67:22:81:67:ce:f6:dc:51:25:a8:57:
e9:29:83:27:a6:76:32:ce:9a:96:07:b6:d6:76:76:f8:c2:f3:
5f:80:29:20:91:f7:c2:df:a3:49:f3:5b:98:c2:74:28:e3:f0:
30:d5:a1:74:33:0e:1f:9d:3b:84:2d:48:a0:fa:60:2d:d7:ea:
64:27:ba:1d:aa:73:71:95:9b:a0:6b:25:ee:fa:79:6d:d0:83:
c9:87:45:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkc1GtoAp6gJZW2fNtzseLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNjAzM2RkNTU3NDQ3OTY1YmRhZWY4YjQ3MjRhNWU3N2Qz
YzA1YWUwHhcNMjMwNzAzMTczNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ4YjU3MGQzZDgzZGE0MTA0MDA3Mjk4YTEzMDhiM2I2MzVjN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HOjjCrHiNQCCnmdBti3pN2dV5nj
MpSuhooVGW5RTR2M+vWuoNEfuXNL4AqnSo72r6GBcnROvrBocmjv6u1bfrLmW5QL
kjlSWBEEs+ob/GJ/biCjZamSFm2/A/5mYCCnsf752NQcUUO14yW7ZdFtjQuFJowa
G6E3sJFS+xDIblWsQF4bB8EJ48mAcVi2sQU9cC0g4cOWEKfZfT1ddKYctb8PUYV6
SydxnV37lKb4XLxHxuMlFc3VHKD5/jJZZHEC1ygAhANk6l1XPz/Ac5ucxveFXFUk
DNvDNSUWreNEvuVmTYMEC13JRCcQwVKr456vc4snhOZdEU9oxAbAEQwmpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHYtXDT2D2kEEAHKYoTCLO2Nce9MB8GA1UdIwQY
MBaAFJFgM91VdEeWW9rvi0ckped9PAWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1dBejNWVjBSNVpiMnUtTFJ5U2w1MzA4QmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iYzUxZjQtNjFmMi00ZmFhLWEwMmEt
NjAyOTM2NTM5NDA1LzEvUWRpMWNOUFlQYVFRUUFjcGloTUlzN1kxeDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iYzUxZjQtNjFmMi00ZmFhLWEwMmEtNjAyOTM2NTM5NDA1
LzEva1dBejNWVjBSNVpiMnUtTFJ5U2w1MzA4QmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpKMMA0G
CSqGSIb3DQEBCwUAA4IBAQCbfsEVki25dAVLKqKhrKH3EhchLGy5WYUTsYO/UYzc
V+URNnBYnJQ74B2GToqR7SM7JaYSSmxdnHFM48pUmUfeoZ3BI3naECQFudTeUn0P
S/CFQk9zuiko9oiBwvy3yw0PnsSciOqjkRcMIklAgAnyPjsJPVQ220j/dxwyjhU7
NBfO+nraRpT02ekVlIfaIIpabUGhEqr/deMLlz8ijPttdVu+q20e2C8AZyKBZ872
3FElqFfpKYMnpnYyzpqWB7bWdnb4wvNfgCkgkffC36NJ81uYwnQo4/Aw1aF0Mw4f
nTuELUig+mAt1+pkJ7odqnNxlZugayXu+nlt0IPJh0WX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:45 2024 by rpki-client on console-fra.rpki-client.org