Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/QgOLuwJiQKImcPHOo9SSBg7Xp9g.roa
File: QgOLuwJiQKImcPHOo9SSBg7Xp9g.roa (raw, json)
Hash identifier: fY+nbhFjRWzVhqnfr8gzVnOSvkZDuYwJaa4nTlO4jR0=
Subject key identifier: 42:03:8B:BB:02:62:40:A2:26:70:F1:CE:A3:D4:92:06:0E:D7:A7:D8
Certificate issuer: /CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Certificate serial: 018CABA750A235E5827690E9810C2B901F1C
Authority key identifier: 15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/QgOLuwJiQKImcPHOo9SSBg7Xp9g.roa
Signing time: Wed 27 Dec 2023 14:21:58 +0000
ROA not before: Wed 27 Dec 2023 14:21:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15943
IP address blocks: 147.78.88.0/22 maxlen: 22
147.78.91.0/24 maxlen: 24
2a09:2040:ffff::/48 maxlen: 48
2a09:2040::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:a7:50:a2:35:e5:82:76:90:e9:81:0c:2b:90:1f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=151453f482cda78ebc99625d80b0ffc3660f95f2
Validity
Not Before: Dec 27 14:21:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42038bbb026240a22670f1cea3d492060ed7a7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6c:e6:45:00:07:ba:a6:9f:24:94:39:ac:b0:
86:c5:03:ae:0b:45:29:5c:b7:75:fb:34:52:13:26:
29:5e:8c:6f:a4:c4:1a:96:c8:0e:14:e9:34:3d:72:
15:f9:be:12:63:37:94:ba:fb:51:b2:bf:6b:0c:3f:
75:bb:a1:00:84:75:74:8b:9d:7c:eb:67:c6:51:09:
75:13:40:ab:85:c2:6d:ba:ae:3d:0d:9f:9a:88:0e:
ac:3a:55:60:30:1b:3b:41:08:0d:7f:36:e0:17:41:
89:84:e4:8e:19:b5:82:b4:25:e2:f4:01:f6:63:c3:
70:9f:c8:c5:66:39:41:54:8b:62:c8:dc:09:08:1e:
56:a3:1f:2a:a3:be:c6:09:bb:92:20:56:ec:92:b9:
57:c3:e8:db:43:5f:52:3a:e4:84:12:c7:8e:8e:c6:
cd:3a:e0:e8:84:7f:a1:9a:5e:7c:ee:c6:f5:eb:3c:
78:f3:f8:79:93:cb:5c:08:6e:84:7c:24:67:c0:fa:
f9:c7:1a:8b:fa:ee:4e:48:76:78:2e:c1:ec:0d:fc:
06:a0:71:0a:5f:54:e8:11:fd:27:7a:3f:de:51:ea:
57:66:b3:91:01:fc:33:ff:97:35:19:d2:00:9d:26:
5c:d1:7d:63:02:0f:26:94:29:dc:d3:72:7c:a8:31:
de:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:03:8B:BB:02:62:40:A2:26:70:F1:CE:A3:D4:92:06:0E:D7:A7:D8
X509v3 Authority Key Identifier:
keyid:15:14:53:F4:82:CD:A7:8E:BC:99:62:5D:80:B0:FF:C3:66:0F:95:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FRRT9ILNp468mWJdgLD_w2YPlfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/QgOLuwJiQKImcPHOo9SSBg7Xp9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/59fcf0-1d5c-4ecb-bf87-3bcb8bf8bbfe/1/FRRT9ILNp468mWJdgLD_w2YPlfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.88.0/22
IPv6:
2a09:2040::/29
Signature Algorithm: sha256WithRSAEncryption
55:33:49:8d:72:b3:aa:65:76:68:c9:55:25:93:8f:ac:b7:47:
17:5a:f9:53:7a:fb:3d:02:94:f3:b4:97:d7:55:6f:fc:c3:64:
30:76:bf:11:c8:04:eb:68:c7:9c:de:0f:a4:d5:67:d7:9b:b8:
a7:ef:40:ae:1e:0f:a3:11:72:a1:38:36:0a:3b:83:b1:36:15:
59:0b:b7:95:c0:fb:f2:1d:df:0f:f8:21:d8:6d:95:a7:e2:be:
e7:03:b1:1d:33:39:cb:55:60:6b:d9:33:a3:b8:76:49:c3:ca:
9e:7b:18:b3:60:ad:62:2f:6f:29:7c:ae:52:53:11:3d:02:93:
ed:63:4d:0d:51:90:22:b1:5e:43:62:bd:2b:36:77:73:83:c9:
3e:88:19:4b:f8:bc:77:68:17:80:dd:75:ef:1b:de:01:23:b4:
c5:7d:8e:5f:b5:a0:32:71:90:e4:f7:a0:9f:3d:eb:ce:0b:40:
69:7a:93:85:0e:ec:60:04:76:9b:72:d3:ee:96:04:d4:6e:fa:
5e:de:d1:f4:25:23:8a:6b:36:c5:08:ba:8e:33:fd:d5:5f:66:
75:bc:60:77:ac:6e:bc:86:0f:0c:03:a6:59:30:a1:ef:f2:15:
7e:d5:f6:b7:0e:e0:22:73:4f:37:7c:1a:52:cb:55:f6:44:36:
e7:52:aa:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyrp1CiNeWCdpDpgQwrkB8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MTQ1M2Y0ODJjZGE3OGViYzk5NjI1ZDgwYjBmZmMzNjYw
Zjk1ZjIwHhcNMjMxMjI3MTQyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjAzOGJiYjAyNjI0MGEyMjY3MGYxY2VhM2Q0OTIwNjBlZDdhN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWzmRQAHuqafJJQ5rLCGxQOuC0Up
XLd1+zRSEyYpXoxvpMQalsgOFOk0PXIV+b4SYzeUuvtRsr9rDD91u6EAhHV0i518
62fGUQl1E0CrhcJtuq49DZ+aiA6sOlVgMBs7QQgNfzbgF0GJhOSOGbWCtCXi9AH2
Y8Nwn8jFZjlBVItiyNwJCB5Wox8qo77GCbuSIFbskrlXw+jbQ19SOuSEEseOjsbN
OuDohH+hml587sb16zx48/h5k8tcCG6EfCRnwPr5xxqL+u5OSHZ4LsHsDfwGoHEK
X1ToEf0nej/eUepXZrORAfwz/5c1GdIAnSZc0X1jAg8mlCnc03J8qDHeDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEIDi7sCYkCiJnDxzqPUkgYO16fYMB8GA1UdIwQY
MBaAFBUUU/SCzaeOvJliXYCw/8NmD5XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODct
M2JjYjhiZjhiYmZlLzEvUWdPTHV3SmlRS0ltY1BIT285U1NCZzdYcDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC81OWZjZjAtMWQ1Yy00ZWNiLWJmODctM2JjYjhiZjhiYmZl
LzEvRlJSVDlJTE5wNDY4bVdKZGdMRF93MllQbGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCk05YMA0E
AgACMAcDBQMqCSBAMA0GCSqGSIb3DQEBCwUAA4IBAQBVM0mNcrOqZXZoyVUlk4+s
t0cXWvlTevs9ApTztJfXVW/8w2Qwdr8RyATraMec3g+k1WfXm7in70CuHg+jEXKh
ODYKO4OxNhVZC7eVwPvyHd8P+CHYbZWn4r7nA7EdMznLVWBr2TOjuHZJw8qeexiz
YK1iL28pfK5SUxE9ApPtY00NUZAisV5DYr0rNndzg8k+iBlL+Lx3aBeA3XXvG94B
I7TFfY5ftaAycZDk96CfPevOC0BpepOFDuxgBHabctPulgTUbvpe3tH0JSOKazbF
CLqOM/3VX2Z1vGB3rG68hg8MA6ZZMKHv8hV+1fa3DuAic083fBpSy1X2RDbnUqqB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:29 2024 by rpki-client on console-fra.rpki-client.org