Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/QNNJ-yiiNVyVQJ3CoXyRP1ZVGh0.roa
File: QNNJ-yiiNVyVQJ3CoXyRP1ZVGh0.roa (raw, json)
Hash identifier: FS6OloiMY5oa+IvxvYQVU3kgcTKMedyfsbj/qvwYHI4=
Subject key identifier: 40:D3:49:FB:28:A2:35:5C:95:40:9D:C2:A1:7C:91:3F:56:55:1A:1D
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018BDC2432BDD6F18A14EC088D3F04D975C4
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/QNNJ-yiiNVyVQJ3CoXyRP1ZVGh0.roa
Signing time: Fri 17 Nov 2023 07:17:21 +0000
ROA not before: Fri 17 Nov 2023 07:17:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207783
IP address blocks: 194.102.170.0/24 maxlen: 24
85.120.144.0/24 maxlen: 24
217.156.96.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:24:32:bd:d6:f1:8a:14:ec:08:8d:3f:04:d9:75:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Nov 17 07:17:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40d349fb28a2355c95409dc2a17c913f56551a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d0:a8:41:c2:80:54:e0:1e:a3:ee:60:a1:2a:
0a:4d:2a:57:99:c9:86:46:cb:0e:be:43:e0:73:6b:
ac:87:5b:38:ef:9d:e0:d8:1a:ac:63:c3:8a:17:ce:
8d:c2:41:1a:b9:b4:8a:23:b7:69:82:e8:33:65:db:
48:28:9b:4f:7c:9c:76:dc:75:d5:25:e0:75:60:cf:
1d:fb:82:eb:f7:b1:ce:1c:5d:bf:e5:14:4f:b0:0a:
10:b6:d5:89:53:bf:57:4c:6d:72:57:61:f7:1c:b0:
03:16:04:df:3b:1e:54:cf:08:30:49:41:9d:3a:d8:
43:25:f6:80:0e:c0:46:d2:df:4c:9f:e3:51:f4:d8:
52:59:5b:73:31:fe:95:ca:00:7e:b8:ad:6e:43:3c:
57:a3:3c:8b:49:01:61:70:d4:41:a4:a8:d7:f8:b7:
f4:5e:d2:fa:ae:35:fa:e3:a3:37:aa:34:b9:84:56:
24:f6:49:e6:a6:c7:20:73:cb:9a:02:31:72:06:fc:
53:26:0b:2c:ac:e3:1c:3e:6f:d5:8a:ef:63:6b:f2:
ee:1e:12:c6:35:1c:d0:2c:b3:39:30:d1:15:4e:fd:
35:ff:f4:61:e2:7d:d5:a1:a5:f1:42:5b:b4:3b:84:
71:07:53:49:a4:ed:dc:a2:ed:ad:0f:7b:69:80:b6:
15:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D3:49:FB:28:A2:35:5C:95:40:9D:C2:A1:7C:91:3F:56:55:1A:1D
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/QNNJ-yiiNVyVQJ3CoXyRP1ZVGh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.144.0/24
194.102.170.0/24
217.156.96.0/24
Signature Algorithm: sha256WithRSAEncryption
06:d9:99:ad:42:7b:28:0f:93:2f:a9:c3:2e:e9:f7:55:ce:bf:
32:11:80:90:e0:70:e8:f8:bb:17:ce:b6:41:fd:82:97:7b:7e:
17:43:b4:5d:d1:57:a6:2f:7f:72:d1:8b:88:7f:bd:8e:4e:3f:
29:b4:62:c2:64:50:5d:12:9f:bd:c4:d3:c5:c7:2d:5f:8f:87:
eb:9f:50:75:33:e3:af:c5:7e:fb:3e:9a:15:c7:2c:bf:9d:b8:
cd:0e:f4:4c:da:33:a7:a7:94:26:67:ed:88:00:3d:d0:06:d6:
c3:23:a3:52:1a:87:af:59:a8:44:39:c5:4f:e7:d3:b3:6c:05:
d1:b2:a6:ac:b7:17:ac:b6:12:50:c7:a6:65:3f:9f:be:69:c4:
ef:91:a2:da:b4:1d:7e:ba:fa:4a:28:e9:aa:eb:07:61:db:b1:
98:9d:43:2d:0e:30:ec:01:d7:0c:8c:dd:91:6b:0c:8b:38:61:
fa:2e:51:d0:17:5c:87:c4:7a:f0:69:cb:f1:03:ac:9c:1a:45:
d2:9b:92:e0:f1:44:c3:99:5e:43:0d:88:d8:67:32:30:8a:5f:
98:bf:54:7f:45:25:7f:be:ad:c2:ed:21:7a:e0:82:ac:ce:ae:
26:ed:72:aa:f8:f8:dd:ac:66:78:36:99:7c:78:7d:99:2d:27:
ed:84:d7:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvcJDK91vGKFOwIjT8E2XXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMxMTE3MDcxNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQzNDlmYjI4YTIzNTVjOTU0MDlkYzJhMTdjOTEzZjU2NTUxYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtCoQcKAVOAeo+5goSoKTSpXmcmG
RssOvkPgc2ush1s4753g2BqsY8OKF86NwkEaubSKI7dpgugzZdtIKJtPfJx23HXV
JeB1YM8d+4Lr97HOHF2/5RRPsAoQttWJU79XTG1yV2H3HLADFgTfOx5UzwgwSUGd
OthDJfaADsBG0t9Mn+NR9NhSWVtzMf6VygB+uK1uQzxXozyLSQFhcNRBpKjX+Lf0
XtL6rjX646M3qjS5hFYk9knmpscgc8uaAjFyBvxTJgssrOMcPm/Viu9ja/LuHhLG
NRzQLLM5MNEVTv01//Rh4n3VoaXxQlu0O4RxB1NJpO3cou2tD3tpgLYV5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEDTSfsoojVclUCdwqF8kT9WVRodMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvUU5OSi15aWlOVnlWUUozQ29YeVJQMVpWR2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXiQAwQA
wmaqAwQA2ZxgMA0GCSqGSIb3DQEBCwUAA4IBAQAG2ZmtQnsoD5MvqcMu6fdVzr8y
EYCQ4HDo+LsXzrZB/YKXe34XQ7Rd0VemL39y0YuIf72OTj8ptGLCZFBdEp+9xNPF
xy1fj4frn1B1M+OvxX77PpoVxyy/nbjNDvRM2jOnp5QmZ+2IAD3QBtbDI6NSGoev
WahEOcVP59OzbAXRsqastxesthJQx6ZlP5++acTvkaLatB1+uvpKKOmq6wdh27GY
nUMtDjDsAdcMjN2RawyLOGH6LlHQF1yHxHrwacvxA6ycGkXSm5Lg8UTDmV5DDYjY
ZzIwil+Yv1R/RSV/vq3C7SF64IKszq4m7XKq+PjdrGZ4Npl8eH2ZLSfthNck
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:06 2024 by rpki-client on console-fra.rpki-client.org