Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/qk-jEcKYmKF7h2qc5aphEX3AyKU.roa
File: qk-jEcKYmKF7h2qc5aphEX3AyKU.roa (raw, json)
Hash identifier: zbTYD/bh+yQVpeBcwh4Zl0lW6hFgM01xHSZWy1Uzing=
Subject key identifier: AA:4F:A3:11:C2:98:98:A1:7B:87:6A:9C:E5:AA:61:11:7D:C0:C8:A5
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 0187F8468A542243BF5AC7402F2224CF84F4
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/qk-jEcKYmKF7h2qc5aphEX3AyKU.roa
Signing time: Sun 07 May 2023 22:13:05 +0000
ROA not before: Sun 07 May 2023 22:13:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.31.232.0/24 maxlen: 24
81.31.242.0/23 maxlen: 23
81.31.244.0/22 maxlen: 24
185.84.160.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 19 May 2023 06:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f8:46:8a:54:22:43:bf:5a:c7:40:2f:22:24:cf:84:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: May 7 22:13:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa4fa311c29898a17b876a9ce5aa61117dc0c8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c4:d7:7a:f6:00:5a:d9:47:3c:08:b0:97:78:
cb:ed:86:77:6f:e3:8c:ec:82:5c:d5:d6:eb:1f:d1:
9a:8e:cb:1e:ca:9e:7a:14:bf:9d:36:31:d1:d4:b8:
93:6c:29:61:ec:7e:65:6f:66:fe:01:1f:a6:f5:16:
6c:52:32:e0:25:75:e7:ef:91:e8:10:ee:dd:04:e1:
a5:c1:fc:a5:8e:84:ef:97:cd:fa:bd:b1:9b:1e:a9:
1a:a5:05:2e:8f:bd:09:2b:ef:15:9a:f9:79:0e:61:
b7:02:aa:88:04:63:5c:fb:4d:fd:78:f2:9f:53:df:
19:cd:03:ab:d4:d4:25:bd:5c:46:9f:42:08:9b:f2:
11:93:5e:a7:19:85:29:38:89:ae:d8:f7:ff:61:1b:
56:00:16:bc:54:62:03:78:f3:52:00:dd:4d:a9:88:
b0:30:fd:73:ef:d8:0e:8c:3d:41:20:d7:98:e1:15:
fb:05:ef:07:df:4d:ce:39:cd:49:8f:53:48:a3:39:
fd:08:a6:47:6b:e6:0c:0b:f3:2b:c4:eb:83:30:82:
26:07:e8:68:79:06:3b:48:b5:8d:08:c3:6d:8e:41:
a8:fb:a6:6e:ab:26:8f:ba:30:f9:b5:d3:e2:2d:fe:
92:33:dc:32:2f:c8:e4:1e:b8:7f:f5:fb:fd:25:05:
b1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4F:A3:11:C2:98:98:A1:7B:87:6A:9C:E5:AA:61:11:7D:C0:C8:A5
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/qk-jEcKYmKF7h2qc5aphEX3AyKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.232.0/24
81.31.242.0-81.31.247.255
185.84.160.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:ed:55:1f:1c:b8:62:4f:ce:ee:c1:f8:44:97:f2:cc:42:4d:
c2:2d:2f:51:ad:c0:5c:86:90:5e:c6:51:b3:12:5a:e2:8d:e3:
fe:38:dc:02:4c:ff:80:17:1b:7a:2b:fb:40:e2:0e:8f:fc:e5:
d7:17:a3:66:3a:13:36:65:01:4e:1b:e6:1a:1b:43:ea:c3:bd:
b5:0f:ec:1d:7c:45:b2:80:24:fd:8d:20:92:38:d7:ae:85:5e:
6d:97:f6:f2:34:52:9b:23:bf:5a:f2:30:16:fc:d6:6f:f3:0b:
52:8a:2c:d0:18:d9:a9:d3:88:15:6b:ad:06:b3:fb:52:c2:cd:
48:2d:8d:46:a2:ef:97:69:ff:0e:ff:f7:7f:ed:0d:ca:e6:ff:
f5:75:14:ad:d9:18:99:20:aa:eb:a8:05:96:2c:a0:35:72:dc:
fe:87:18:bc:de:98:71:91:af:1d:3b:a2:3d:c4:61:69:a2:8a:
f9:bb:1f:0f:0d:16:22:cd:4f:ae:00:53:93:a5:86:45:9d:ce:
e2:f9:1f:6f:7f:1e:ec:d6:80:47:1f:ef:35:32:6f:0e:5a:ed:
16:0b:72:51:d5:2b:22:3c:a9:73:23:ab:77:42:f1:73:02:48:
7b:d9:fb:38:3d:f3:22:c5:d3:d9:14:42:04:66:3f:ec:1b:e5:
d5:6d:9a:b1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYf4RopUIkO/WsdALyIkz4T0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjMwNTA3MjIxMzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTRmYTMxMWMyOTg5OGExN2I4NzZhOWNlNWFhNjExMTdkYzBjOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMTXevYAWtlHPAiwl3jL7YZ3b+OM
7IJc1dbrH9Gajsseyp56FL+dNjHR1LiTbClh7H5lb2b+AR+m9RZsUjLgJXXn75Ho
EO7dBOGlwfyljoTvl836vbGbHqkapQUuj70JK+8Vmvl5DmG3AqqIBGNc+039ePKf
U98ZzQOr1NQlvVxGn0IIm/IRk16nGYUpOImu2Pf/YRtWABa8VGIDePNSAN1NqYiw
MP1z79gOjD1BINeY4RX7Be8H303OOc1Jj1NIozn9CKZHa+YMC/MrxOuDMIImB+ho
eQY7SLWNCMNtjkGo+6ZuqyaPujD5tdPiLf6SM9wyL8jkHrh/9fv9JQWxxwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKpPoxHCmJihe4dqnOWqYRF9wMilMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvcWstakVjS1ltS0Y3aDJxYzVhcGhFWDNBeUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUR/oMAwD
BAFRH/IDBANRH/ADBAG5VKAwDQYJKoZIhvcNAQELBQADggEBAJ/tVR8cuGJPzu7B
+ESX8sxCTcItL1GtwFyGkF7GUbMSWuKN4/443AJM/4AXG3or+0DiDo/85dcXo2Y6
EzZlAU4b5hobQ+rDvbUP7B18RbKAJP2NIJI4166FXm2X9vI0Upsjv1ryMBb81m/z
C1KKLNAY2anTiBVrrQaz+1LCzUgtjUai75dp/w7/93/tDcrm//V1FK3ZGJkgquuo
BZYsoDVy3P6HGLzemHGRrx07oj3EYWmiivm7Hw8NFiLNT64AU5OlhkWdzuL5H29/
HuzWgEcf7zUybw5a7RYLclHVKyI8qXMjq3dC8XMCSHvZ+zg98yLF09kUQgRmP+wb
5dVtmrE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org