Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/qvwoO2QFiOHD7uZZLuZFCNqYzqk.roa
File: qvwoO2QFiOHD7uZZLuZFCNqYzqk.roa (raw, json)
Hash identifier: F/lMvHZQQZ5ZiumaudqbhTnHhNg8lQyzjpD8kKthYQ8=
Subject key identifier: AA:FC:28:3B:64:05:88:E1:C3:EE:E6:59:2E:E6:45:08:DA:98:CE:A9
Certificate issuer: /CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Certificate serial: 018570C2C049D95F4062CF46B69D18A4A5A2
Authority key identifier: C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/qvwoO2QFiOHD7uZZLuZFCNqYzqk.roa
Signing time: Mon 02 Jan 2023 04:34:49 +0000
ROA not before: Mon 02 Jan 2023 04:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43824
IP address blocks: 185.127.125.0/24 maxlen: 24
185.127.124.0/24 maxlen: 24
185.127.127.0/24 maxlen: 24
185.127.126.0/24 maxlen: 24
193.27.233.0/24 maxlen: 24
193.27.232.0/24 maxlen: 24
193.27.235.0/24 maxlen: 24
193.27.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:c0:49:d9:5f:40:62:cf:46:b6:9d:18:a4:a5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Validity
Not Before: Jan 2 04:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aafc283b640588e1c3eee6592ee64508da98cea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2a:17:1e:08:ea:d6:6f:26:93:18:27:b4:b1:
4c:1e:23:0f:4b:f6:13:b9:50:7a:d2:56:14:1f:37:
d4:7e:fb:5b:9a:0a:e2:56:c0:ea:bf:66:0a:34:09:
4b:c5:21:9e:ed:3a:37:b1:ca:33:2e:20:94:ab:1f:
40:a5:ab:35:ec:eb:e9:f3:21:18:7c:c5:a3:56:01:
97:3f:c3:04:5b:b1:ce:93:24:7c:3e:5d:11:2c:5a:
50:9a:aa:1f:15:e6:22:52:f7:94:aa:21:38:06:8c:
37:7b:5d:f4:4d:a5:30:d5:68:5c:e4:4f:26:d2:cc:
49:34:86:25:ba:a2:b6:a0:74:07:58:58:81:a4:90:
f2:e9:ef:6e:1e:aa:80:f9:e7:8f:f5:f2:ee:7c:de:
a5:06:59:58:a4:83:b2:e9:61:47:80:a9:c8:41:62:
1f:40:a3:17:f5:fa:b9:4f:fa:7a:15:72:a7:78:be:
14:f4:a5:31:ff:7b:97:a3:76:87:c5:eb:2b:68:e6:
0f:5d:ee:40:d2:17:42:ff:57:b0:6f:da:41:a8:9e:
50:92:c7:ad:26:ae:23:a8:ce:19:35:af:cb:75:b9:
dc:70:2c:a2:1c:86:e5:3b:9d:3e:4e:90:f8:d7:0e:
95:e8:64:a0:66:fa:41:3b:d6:bf:0d:dc:ad:81:4e:
fa:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FC:28:3B:64:05:88:E1:C3:EE:E6:59:2E:E6:45:08:DA:98:CE:A9
X509v3 Authority Key Identifier:
keyid:C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/qvwoO2QFiOHD7uZZLuZFCNqYzqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.124.0/22
193.27.232.0/22
Signature Algorithm: sha256WithRSAEncryption
76:70:7b:cf:6f:b7:47:99:34:4a:ec:a5:c5:d8:d2:f2:a0:03:
8b:6e:92:87:5c:64:47:a3:fb:9a:e7:e8:32:11:e0:33:2d:2f:
f6:0a:64:75:2b:4b:d3:37:1e:00:53:e9:0f:56:e2:68:e6:70:
8c:31:a7:77:89:eb:91:ad:7b:92:4e:60:d6:35:df:60:70:46:
90:8d:82:07:ca:41:fa:62:f6:16:fd:e0:27:27:88:4e:95:b8:
04:95:54:20:4f:af:42:93:6a:ee:f3:ae:f5:cf:de:e3:dd:e9:
0e:bc:5b:40:ea:0f:85:a6:52:8f:3d:7e:f0:b7:3b:49:fa:8a:
20:f9:17:45:04:90:59:fa:dd:07:4f:1b:9d:45:45:f4:f9:37:
3d:d1:5a:68:80:f8:ba:79:f0:f0:29:91:9e:8e:d7:1a:5c:a2:
f3:a4:2b:36:39:fa:31:32:f0:89:8f:1d:b3:dc:a2:b4:2d:a8:
53:a7:b8:b8:d3:54:49:42:ee:16:f2:6e:e5:e7:f5:1d:9d:19:
59:76:fd:d1:7e:3d:cd:ea:84:fa:15:b7:e0:6b:43:e9:01:47:
ec:8a:a3:00:a0:88:d8:ba:84:dc:a9:af:c5:9c:9f:3e:6c:9e:
c1:cc:50:bb:a3:34:dc:b9:e9:73:0e:8d:89:cc:a2:96:24:ae:
05:1e:90:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwwsBJ2V9AYs9Gtp0YpKWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDI4NWRmNWIwMzllMGYwNGUyZGZlY2UyOGE1YThmYmVj
NmU5MzgwHhcNMjMwMTAyMDQzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZjMjgzYjY0MDU4OGUxYzNlZWU2NTkyZWU2NDUwOGRhOThjZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSoXHgjq1m8mkxgntLFMHiMPS/YT
uVB60lYUHzfUfvtbmgriVsDqv2YKNAlLxSGe7To3scozLiCUqx9Apas17Ovp8yEY
fMWjVgGXP8MEW7HOkyR8Pl0RLFpQmqofFeYiUveUqiE4Bow3e130TaUw1Whc5E8m
0sxJNIYluqK2oHQHWFiBpJDy6e9uHqqA+eeP9fLufN6lBllYpIOy6WFHgKnIQWIf
QKMX9fq5T/p6FXKneL4U9KUx/3uXo3aHxesraOYPXe5A0hdC/1ewb9pBqJ5Qkset
Jq4jqM4ZNa/LdbnccCyiHIblO50+TpD41w6V6GSgZvpBO9a/DdytgU76JwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKr8KDtkBYjhw+7mWS7mRQjamM6pMB8GA1UdIwQY
MBaAFMEChd9bA54PBOLf7OKKWo++xuk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUt
NTJhZmM3N2NhMThmLzEvcXZ3b08yUUZpT0hEN3VaWkx1WkZDTnFZenFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUtNTJhZmM3N2NhMThm
LzEvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuX98AwQC
wRvoMA0GCSqGSIb3DQEBCwUAA4IBAQB2cHvPb7dHmTRK7KXF2NLyoAOLbpKHXGRH
o/ua5+gyEeAzLS/2CmR1K0vTNx4AU+kPVuJo5nCMMad3ieuRrXuSTmDWNd9gcEaQ
jYIHykH6YvYW/eAnJ4hOlbgElVQgT69Ck2ru8671z97j3ekOvFtA6g+FplKPPX7w
tztJ+oog+RdFBJBZ+t0HTxudRUX0+Tc90VpogPi6efDwKZGejtcaXKLzpCs2Ofox
MvCJjx2z3KK0LahTp7i401RJQu4W8m7l5/UdnRlZdv3Rfj3N6oT6Fbfga0PpAUfs
iqMAoIjYuoTcqa/FnJ8+bJ7BzFC7ozTcuelzDo2JzKKWJK4FHpBt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:16 2024 by rpki-client on console-fra.rpki-client.org