Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/QZstFWsxQXpUarMXOM9w0XzQo30.roa
File: QZstFWsxQXpUarMXOM9w0XzQo30.roa (raw, json)
Hash identifier: mbVLJHHrISPhOP7CASt1K5MLv8VVJkrRoL5e5jXiTXg=
Subject key identifier: 41:9B:2D:15:6B:31:41:7A:54:6A:B3:17:38:CF:70:D1:7C:D0:A3:7D
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 018E33C706A0D29106428A4FED2B50F8AC48
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/QZstFWsxQXpUarMXOM9w0XzQo30.roa
Signing time: Tue 12 Mar 2024 17:47:45 +0000
ROA not before: Tue 12 Mar 2024 17:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 78.142.216.0/24 maxlen: 24
193.160.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 15:59:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:c7:06:a0:d2:91:06:42:8a:4f:ed:2b:50:f8:ac:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Mar 12 17:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=419b2d156b31417a546ab31738cf70d17cd0a37d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9b:31:9c:09:95:69:1e:19:63:b7:6b:72:d6:
bc:38:04:d7:91:a5:26:13:00:34:60:ac:e1:8b:e2:
83:95:5c:87:31:5d:aa:2b:b6:00:3e:56:cf:e3:dd:
2d:db:56:60:98:9c:43:89:e9:83:1a:82:c7:06:be:
c2:55:9c:3c:d1:aa:be:86:f2:f6:56:50:8f:28:d5:
6c:eb:a9:5e:45:62:37:a3:6e:79:e9:86:ed:00:e7:
0e:1c:be:78:c0:7f:32:86:8c:cf:97:a0:8e:38:38:
f6:36:07:59:b2:a5:3f:ff:d4:0e:fe:57:f3:ee:5a:
bb:45:4e:0b:45:fe:b6:19:ee:e3:79:aa:fb:b0:03:
94:bf:f8:56:65:a7:5c:2f:db:c5:d4:74:80:0c:3f:
8b:62:97:a0:35:60:94:df:b5:cf:6a:e4:11:e4:10:
61:3f:3f:e6:e1:7f:89:36:a3:7c:44:55:aa:6f:f8:
06:af:5b:5f:2e:a0:6a:ed:bc:8c:18:a0:a0:2d:7b:
a0:ec:15:91:86:49:51:0b:39:92:69:6c:f7:cf:85:
c4:f3:5d:47:85:57:4f:3f:48:3b:99:f7:38:41:22:
17:30:17:73:37:5a:f4:8e:18:b9:83:59:fc:55:cc:
e2:6b:fb:37:0b:13:59:e4:a7:f1:71:d6:f2:29:3b:
29:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9B:2D:15:6B:31:41:7A:54:6A:B3:17:38:CF:70:D1:7C:D0:A3:7D
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/QZstFWsxQXpUarMXOM9w0XzQo30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.216.0/24
193.160.8.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:d9:09:91:b0:e8:7a:2b:d5:eb:04:67:64:55:ca:8a:3f:b8:
90:08:6e:10:e9:e5:ba:c8:65:b4:cf:39:2b:96:34:16:56:45:
bb:7e:b7:41:37:9b:60:70:8a:22:02:c6:31:45:81:32:04:d3:
1d:f1:74:60:74:36:bb:0d:2c:1a:9e:db:f1:92:3e:dd:a8:18:
f4:76:a6:de:8f:19:61:7a:c0:11:72:ca:dd:cf:58:50:98:bc:
d4:1e:bd:b6:27:fe:2a:3d:45:a7:8f:3c:de:ca:57:75:23:09:
ec:93:b3:32:5d:09:22:91:96:22:e8:9c:92:40:5f:e5:b6:bb:
c9:44:01:41:fe:a9:93:9b:9f:4e:a8:8b:70:f7:d5:b3:74:b9:
41:69:41:e8:0c:fd:ef:12:18:6c:db:33:b1:e2:93:0b:89:3c:
8c:94:3d:10:5d:b4:25:8b:dd:2a:bd:06:0f:12:37:d0:0a:18:
72:d2:9d:05:1d:a4:fc:57:9f:5e:c0:1c:b0:33:37:66:3f:60:
0a:27:ff:aa:fc:c5:0e:61:06:1c:c8:9e:bf:77:bd:05:1c:43:
9d:d4:66:95:be:f3:95:9a:ee:af:22:e0:19:9e:1c:5f:15:a9:
6a:49:af:ed:e2:b4:55:7f:f8:1c:a9:71:e1:6e:4a:d2:f1:03:
e2:c2:53:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4zxwag0pEGQopP7StQ+KxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjQwMzEyMTc0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTliMmQxNTZiMzE0MTdhNTQ2YWIzMTczOGNmNzBkMTdjZDBhMzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZsxnAmVaR4ZY7drcta8OATXkaUm
EwA0YKzhi+KDlVyHMV2qK7YAPlbP490t21ZgmJxDiemDGoLHBr7CVZw80aq+hvL2
VlCPKNVs66leRWI3o2556YbtAOcOHL54wH8yhozPl6COODj2NgdZsqU//9QO/lfz
7lq7RU4LRf62Ge7jear7sAOUv/hWZadcL9vF1HSADD+LYpegNWCU37XPauQR5BBh
Pz/m4X+JNqN8RFWqb/gGr1tfLqBq7byMGKCgLXug7BWRhklRCzmSaWz3z4XE811H
hVdPP0g7mfc4QSIXMBdzN1r0jhi5g1n8Vczia/s3CxNZ5KfxcdbyKTspSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEGbLRVrMUF6VGqzFzjPcNF80KN9MB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvUVpzdEZXc3hRWHBVYXJNWE9NOXcwWHpRbzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATo7YAwQA
waAIMA0GCSqGSIb3DQEBCwUAA4IBAQBL2QmRsOh6K9XrBGdkVcqKP7iQCG4Q6eW6
yGW0zzkrljQWVkW7frdBN5tgcIoiAsYxRYEyBNMd8XRgdDa7DSwantvxkj7dqBj0
dqbejxlhesARcsrdz1hQmLzUHr22J/4qPUWnjzzeyld1Iwnsk7MyXQkikZYi6JyS
QF/ltrvJRAFB/qmTm59OqItw99WzdLlBaUHoDP3vEhhs2zOx4pMLiTyMlD0QXbQl
i90qvQYPEjfQChhy0p0FHaT8V59ewBywMzdmP2AKJ/+q/MUOYQYcyJ6/d70FHEOd
1GaVvvOVmu6vIuAZnhxfFalqSa/t4rRVf/gcqXHhbkrS8QPiwlMM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org