Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/QNQnpaCcNXBDjLzs9l22MgbvLjE.roa
File: QNQnpaCcNXBDjLzs9l22MgbvLjE.roa (raw, json)
Hash identifier: 2ZnMPJo1tqS/EXoTwXhRFTZR4hqp7ZJDlZqTN/wofAY=
Subject key identifier: 40:D4:27:A5:A0:9C:35:70:43:8C:BC:EC:F6:5D:B6:32:06:EF:2E:31
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 01856EA68AD0E41AFF87EE50EAC8C1B17286
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/QNQnpaCcNXBDjLzs9l22MgbvLjE.roa
Signing time: Sun 01 Jan 2023 18:44:46 +0000
ROA not before: Sun 01 Jan 2023 18:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395092
IP address blocks: 217.195.152.0/22 maxlen: 22
213.108.246.0/23 maxlen: 23
45.155.36.0/22 maxlen: 22
2a0d:9ec0::/48 maxlen: 48
2a0d:d8c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:8a:d0:e4:1a:ff:87:ee:50:ea:c8:c1:b1:72:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 1 18:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40d427a5a09c3570438cbcecf65db63206ef2e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a8:e5:69:37:1c:46:b2:97:6a:24:86:a4:ba:
47:17:e6:03:ba:99:aa:84:a3:ba:3f:53:97:44:a3:
41:e9:14:6b:45:d2:4f:4c:60:33:9d:18:0b:83:61:
ee:12:5d:be:2d:31:45:31:07:b8:9f:2c:c2:d9:f7:
43:39:03:6f:d7:46:b8:88:7e:95:1b:04:a0:bb:e5:
c1:cc:f7:c2:48:43:35:dc:b9:90:de:2e:1c:66:c1:
4d:ad:79:85:a3:76:1c:de:ee:8c:ce:e9:6a:c0:0e:
27:3b:dc:07:f4:0b:b0:80:3e:50:84:e8:ea:26:47:
30:9c:a1:9f:c9:66:3d:51:11:51:d4:83:f0:d6:89:
de:bc:db:4a:bc:e6:56:cd:18:8b:a5:11:a0:b0:a6:
3c:f5:a0:b9:4a:07:2f:93:0b:cf:33:1e:c9:fe:dd:
5e:cd:ef:fc:49:5d:35:1f:ee:32:04:e2:73:aa:a4:
51:1b:d5:15:47:09:d1:08:f7:d4:59:32:85:83:78:
f1:a6:ac:bb:52:d2:86:6a:14:a6:43:d4:92:96:e1:
ea:4b:bc:92:be:94:8e:fe:bd:2b:90:3c:70:01:f3:
c4:d7:fc:e0:e2:b3:16:b1:6c:41:37:38:7e:07:c0:
31:03:10:53:12:16:1f:60:c2:70:07:c5:ba:d1:32:
90:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D4:27:A5:A0:9C:35:70:43:8C:BC:EC:F6:5D:B6:32:06:EF:2E:31
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/QNQnpaCcNXBDjLzs9l22MgbvLjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.36.0/22
213.108.246.0/23
217.195.152.0/22
IPv6:
2a0d:9ec0::/48
2a0d:d8c0::/48
Signature Algorithm: sha256WithRSAEncryption
1a:6a:91:c0:44:06:27:a2:1e:dc:c5:94:54:c0:5b:9d:3a:99:
be:a4:83:80:37:76:e5:5c:4a:ec:43:a3:72:85:05:80:e5:88:
1f:ca:4c:c8:ab:62:42:f3:f3:18:35:80:48:28:59:a1:be:52:
37:2f:8a:94:c4:47:3f:14:6f:b8:2f:cb:73:20:00:3d:6a:3e:
d0:c3:47:bb:82:11:55:88:8f:9d:48:e6:9b:0d:d9:3f:f0:6e:
b2:d1:2b:90:03:01:ae:53:7c:f5:8e:6b:d3:10:7c:8a:69:87:
db:67:08:02:9d:62:70:a1:ea:e8:7f:f6:01:07:f9:35:a6:d6:
29:52:bb:9a:2e:2c:04:59:ce:42:a1:ab:4f:53:fb:da:99:a4:
3a:f6:fd:a6:d5:6b:f1:b4:23:76:33:fd:d1:9a:0c:a9:c5:57:
ea:73:0a:a6:d0:51:eb:65:d2:c9:28:57:65:0c:a0:d5:5e:e5:
96:ef:a1:7d:a3:72:9a:45:70:2f:cb:65:29:3a:10:75:ed:a6:
1d:f8:f3:f5:9b:62:ea:91:dc:d7:1f:2e:f7:53:94:d0:97:3f:
db:2c:57:b4:92:e7:d3:7d:59:e2:45:98:20:34:7e:58:9c:ce:
ef:ba:24:2d:cf:cc:96:dc:5b:51:08:9a:f8:fc:7b:d3:3c:8a:
8c:ce:5f:78
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVuporQ5Br/h+5Q6sjBsXKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjMwMTAxMTg0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ0MjdhNWEwOWMzNTcwNDM4Y2JjZWNmNjVkYjYzMjA2ZWYyZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmajlaTccRrKXaiSGpLpHF+YDupmq
hKO6P1OXRKNB6RRrRdJPTGAznRgLg2HuEl2+LTFFMQe4nyzC2fdDOQNv10a4iH6V
GwSgu+XBzPfCSEM13LmQ3i4cZsFNrXmFo3Yc3u6MzulqwA4nO9wH9AuwgD5QhOjq
JkcwnKGfyWY9URFR1IPw1onevNtKvOZWzRiLpRGgsKY89aC5SgcvkwvPMx7J/t1e
ze/8SV01H+4yBOJzqqRRG9UVRwnRCPfUWTKFg3jxpqy7UtKGahSmQ9SSluHqS7yS
vpSO/r0rkDxwAfPE1/zg4rMWsWxBNzh+B8AxAxBTEhYfYMJwB8W60TKQoQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEDUJ6WgnDVwQ4y87PZdtjIG7y4xMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvUU5RbnBhQ2NOWEJEakx6czlsMjJNZ2J2TGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCLZskAwQB
1Wz2AwQC2cOYMBgEAgACMBIDBwAqDZ7AAAADBwAqDdjAAAAwDQYJKoZIhvcNAQEL
BQADggEBABpqkcBEBieiHtzFlFTAW506mb6kg4A3duVcSuxDo3KFBYDliB/KTMir
YkLz8xg1gEgoWaG+UjcvipTERz8Ub7gvy3MgAD1qPtDDR7uCEVWIj51I5psN2T/w
brLRK5ADAa5TfPWOa9MQfIpph9tnCAKdYnCh6uh/9gEH+TWm1ilSu5ouLARZzkKh
q09T+9qZpDr2/abVa/G0I3Yz/dGaDKnFV+pzCqbQUetl0skoV2UMoNVe5ZbvoX2j
cppFcC/LZSk6EHXtph348/WbYuqR3NcfLvdTlNCXP9ssV7SS59N9WeJFmCA0flic
zu+6JC3PzJbcW1EImvj8e9M8iozOX3g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org