Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/QTMKhuAfe1j8TX5-DihF-bSjerI.roa
File: QTMKhuAfe1j8TX5-DihF-bSjerI.roa (raw, json)
Hash identifier: BAuenAMjemAsjUG1mHG5DwAuwsCfPbe9HSI3km7+vVE=
Subject key identifier: 41:33:0A:86:E0:1F:7B:58:FC:4D:7E:7E:0E:28:45:F9:B4:A3:7A:B2
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018CCA29C10631D1D579C2B94CF928CBF9C9
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/QTMKhuAfe1j8TX5-DihF-bSjerI.roa
Signing time: Tue 02 Jan 2024 12:33:03 +0000
ROA not before: Tue 02 Jan 2024 12:33:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21700
IP address blocks: 213.176.72.0/22 maxlen: 24
213.176.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 May 2024 11:16:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:c1:06:31:d1:d5:79:c2:b9:4c:f9:28:cb:f9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 2 12:33:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41330a86e01f7b58fc4d7e7e0e2845f9b4a37ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c3:33:80:be:81:7c:07:0a:f7:b0:38:31:38:
a1:68:ab:eb:96:75:02:b1:16:a3:16:eb:9c:8b:91:
6b:23:a3:e7:3f:9a:0a:3d:02:8d:78:8b:06:5b:3e:
67:3f:0f:f1:86:9a:b3:42:72:1d:14:40:ca:33:88:
4a:bc:4b:ba:49:92:f4:5c:f7:61:5f:6d:6d:e6:76:
97:48:b1:40:d2:6c:98:f7:cd:0a:4f:cb:6c:8f:95:
06:f8:e4:5a:5e:d6:09:d9:39:bc:45:cf:1b:94:a1:
cb:8d:60:3f:0d:bf:76:db:cf:5d:ba:9e:00:b0:b1:
e1:4a:d9:9f:be:58:2c:62:7a:8e:19:12:0c:9c:53:
31:94:11:a0:fe:e3:ea:89:14:ea:f4:e5:b7:78:bd:
31:00:3d:8b:4d:1c:79:37:97:e6:be:cd:4c:24:f3:
12:94:2c:e0:5b:00:11:88:d7:89:67:63:fc:be:4f:
78:e3:9a:a3:84:5a:1c:42:62:73:2e:4e:1c:15:7d:
bf:b8:92:67:d4:f7:7f:06:cf:f2:61:49:15:52:b6:
b4:8c:92:7e:f0:8a:8b:0a:ec:04:c8:72:bf:7f:b1:
76:c8:b8:19:48:4f:ee:4a:4a:b5:81:7e:d2:fc:7d:
d7:9c:27:92:89:b4:ff:e7:c4:54:be:48:2a:c0:43:
96:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:33:0A:86:E0:1F:7B:58:FC:4D:7E:7E:0E:28:45:F9:B4:A3:7A:B2
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/QTMKhuAfe1j8TX5-DihF-bSjerI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.72.0/22
213.176.92.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:b0:ba:1d:b5:5b:5b:ba:62:ed:28:04:c1:63:57:a7:04:b3:
5f:f8:6f:67:3d:67:75:3a:18:8e:1b:b4:f1:0c:b5:7d:89:3e:
79:fc:23:4e:fe:5a:b0:94:6f:b0:e0:fb:f7:a7:35:a7:85:9a:
15:8a:ce:9d:5c:57:d8:e2:a9:dc:ea:f8:13:4a:62:72:e3:2c:
1a:f0:7f:3d:84:16:c5:fe:dc:6b:56:50:4e:3f:02:ab:aa:35:
08:47:91:b1:76:5d:67:51:6e:76:00:32:10:89:3d:06:b2:67:
80:7f:f1:c9:87:f5:2a:cc:c3:ad:df:97:29:31:f7:e7:e4:0f:
9b:3f:ff:84:f3:30:43:41:4c:c9:57:71:73:88:8e:9c:1c:7c:
49:e4:23:a9:53:a2:97:b3:f7:f4:85:64:06:49:26:77:e3:5b:
b5:1b:31:34:c1:1a:56:25:c3:02:ef:2b:12:f8:9c:4f:16:21:
07:49:5c:31:58:d6:fc:f0:d3:b0:53:d2:9a:17:c0:b3:31:bd:
02:40:1f:ec:68:e6:e8:61:da:26:b2:0e:32:05:9d:fa:f8:77:
97:31:45:ef:ec:fd:7f:a7:52:76:cd:84:54:89:9f:39:92:75:
33:5d:77:2f:b9:aa:44:83:8e:94:dd:40:27:ef:f4:d6:19:3e:
2b:69:90:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKcEGMdHVecK5TPkoy/nJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMTAyMTIzMzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTMzMGE4NmUwMWY3YjU4ZmM0ZDdlN2UwZTI4NDVmOWI0YTM3YWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsMzgL6BfAcK97A4MTihaKvrlnUC
sRajFuuci5FrI6PnP5oKPQKNeIsGWz5nPw/xhpqzQnIdFEDKM4hKvEu6SZL0XPdh
X21t5naXSLFA0myY980KT8tsj5UG+ORaXtYJ2Tm8Rc8blKHLjWA/Db92289dup4A
sLHhStmfvlgsYnqOGRIMnFMxlBGg/uPqiRTq9OW3eL0xAD2LTRx5N5fmvs1MJPMS
lCzgWwARiNeJZ2P8vk9445qjhFocQmJzLk4cFX2/uJJn1Pd/Bs/yYUkVUra0jJJ+
8IqLCuwEyHK/f7F2yLgZSE/uSkq1gX7S/H3XnCeSibT/58RUvkgqwEOWTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEEzCobgH3tY/E1+fg4oRfm0o3qyMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvUVRNS2h1QWZlMWo4VFg1LURpaEYtYlNqZXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1bBIAwQC
1bBcMA0GCSqGSIb3DQEBCwUAA4IBAQBPsLodtVtbumLtKATBY1enBLNf+G9nPWd1
OhiOG7TxDLV9iT55/CNO/lqwlG+w4Pv3pzWnhZoVis6dXFfY4qnc6vgTSmJy4ywa
8H89hBbF/txrVlBOPwKrqjUIR5Gxdl1nUW52ADIQiT0GsmeAf/HJh/UqzMOt35cp
Mffn5A+bP/+E8zBDQUzJV3FziI6cHHxJ5COpU6KXs/f0hWQGSSZ341u1GzE0wRpW
JcMC7ysS+JxPFiEHSVwxWNb88NOwU9KaF8CzMb0CQB/saOboYdomsg4yBZ36+HeX
MUXv7P1/p1J2zYRUiZ85knUzXXcvuapEg46U3UAn7/TWGT4raZC9
-----END CERTIFICATE-----
Generated at Sat May 25 11:56:50 2024 by rpki-client on console-fra.rpki-client.org