Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Qz1_Kcngd-QxTARGmpmI-JQiCag.roa
File: Qz1_Kcngd-QxTARGmpmI-JQiCag.roa (raw, json)
Hash identifier: gvSfTxefV76DfZnzCR/1nmmdscuX24Tg3sE/0r+Nr2k=
Subject key identifier: 43:3D:7F:29:C9:E0:77:E4:31:4C:04:46:9A:99:88:F8:94:22:09:A8
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0186078EA078EE5EE10264AA9BDA24F0CDBB
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Qz1_Kcngd-QxTARGmpmI-JQiCag.roa
Signing time: Tue 31 Jan 2023 11:20:33 +0000
ROA not before: Tue 31 Jan 2023 11:20:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200557
IP address blocks: 5.188.219.0/24 maxlen: 24
5.188.216.0/24 maxlen: 24
37.9.42.0/24 maxlen: 24
37.9.41.0/24 maxlen: 24
37.9.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:07:8e:a0:78:ee:5e:e1:02:64:aa:9b:da:24:f0:cd:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 31 11:20:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=433d7f29c9e077e4314c04469a9988f8942209a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:50:22:21:17:7f:3f:b4:81:53:99:26:5c:a9:
0d:ee:59:06:02:1c:c3:ed:4e:78:62:d1:ac:f5:15:
35:f9:66:ce:2a:c8:09:66:83:85:83:b1:92:68:8c:
76:f5:ac:9e:56:cc:83:d0:a5:f7:ea:6d:d3:97:49:
28:ef:9a:f2:9e:a8:40:e1:91:d8:9b:70:19:f7:ce:
b4:70:0f:84:fd:bc:22:b1:ef:d2:db:bb:71:00:dd:
41:45:72:40:e4:d9:fd:cc:ae:42:02:a6:34:54:cf:
9b:dc:f1:76:d0:fa:05:5e:fd:a1:6e:67:57:a2:b7:
13:86:5d:05:d1:41:f8:8e:17:a5:47:38:28:9c:93:
65:91:9e:9d:73:5e:ed:58:4b:0f:08:a0:84:a1:10:
9e:d1:d2:33:59:0d:01:d8:a7:63:97:75:4f:cb:86:
c1:1e:43:f2:fb:6e:d1:1c:60:23:73:9a:a4:08:bf:
ff:79:b6:0b:06:9e:a1:c7:e9:f0:c6:94:53:c8:8e:
8b:f6:a4:84:c5:57:ed:83:9e:70:f5:0b:70:63:af:
14:51:c8:ae:e9:31:c0:68:1d:e9:90:af:15:70:97:
5f:c4:03:95:68:2d:8f:19:a3:d3:65:ff:ae:8d:c6:
96:59:ed:5c:b8:fa:91:96:d3:c9:90:03:2a:3c:02:
9c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3D:7F:29:C9:E0:77:E4:31:4C:04:46:9A:99:88:F8:94:22:09:A8
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/Qz1_Kcngd-QxTARGmpmI-JQiCag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.216.0/24
5.188.219.0/24
37.9.40.0-37.9.42.255
Signature Algorithm: sha256WithRSAEncryption
91:70:ab:cf:f5:9b:8a:00:5b:5e:f4:cd:23:03:2a:16:ca:cd:
8e:2a:05:1e:02:88:15:38:6f:b5:11:e6:91:e4:0b:7b:72:2f:
34:23:cd:fa:ac:09:a6:eb:da:a5:50:09:d1:40:b9:29:d3:95:
c6:5b:fa:af:5c:e3:ac:1f:48:96:e8:ca:78:2c:d3:fb:e7:26:
8d:36:a4:8e:ba:32:15:7a:b0:dd:b3:63:31:f5:3c:59:56:8f:
de:57:71:0e:0d:2e:bb:07:fe:9f:be:7d:5e:e2:ce:db:6a:d1:
94:61:79:ec:c6:cc:95:97:33:d2:f4:62:0a:38:90:a7:51:9e:
0c:0c:67:1e:7f:4c:73:ce:c9:6f:1b:2d:32:d9:d4:ce:1e:4b:
ef:57:b1:68:79:2f:17:c7:de:ec:d3:a0:0c:0b:80:a6:9b:f4:
51:6e:85:22:29:98:dd:1c:f5:b5:c0:d7:13:7f:1d:e8:4d:40:
ff:55:13:21:30:b7:0d:a2:1a:4b:66:e1:e8:87:ce:0d:3e:ad:
2e:1f:0e:69:0a:4a:ab:f3:dc:a7:1a:34:bf:c1:df:fd:35:cd:
2b:9a:e3:ee:a7:dc:41:9d:5e:d6:92:22:46:12:9a:a0:0b:79:
ae:c5:80:fc:75:44:d8:73:bd:ee:a0:22:d0:b1:03:a0:2e:e0:
c1:4d:4f:07
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYYHjqB47l7hAmSqm9ok8M27MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTMxMTEyMDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzNkN2YyOWM5ZTA3N2U0MzE0YzA0NDY5YTk5ODhmODk0MjIwOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVAiIRd/P7SBU5kmXKkN7lkGAhzD
7U54YtGs9RU1+WbOKsgJZoOFg7GSaIx29ayeVsyD0KX36m3Tl0ko75rynqhA4ZHY
m3AZ9860cA+E/bwise/S27txAN1BRXJA5Nn9zK5CAqY0VM+b3PF20PoFXv2hbmdX
orcThl0F0UH4jhelRzgonJNlkZ6dc17tWEsPCKCEoRCe0dIzWQ0B2Kdjl3VPy4bB
HkPy+27RHGAjc5qkCL//ebYLBp6hx+nwxpRTyI6L9qSExVftg55w9QtwY68UUciu
6THAaB3pkK8VcJdfxAOVaC2PGaPTZf+ujcaWWe1cuPqRltPJkAMqPAKcAQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEM9fynJ4HfkMUwERpqZiPiUIgmoMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvUXoxX0tjbmdkLVF4VEFSR21wbUktSlFpQ2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQABbzYAwQA
BbzbMAwDBAMlCSgDBAAlCSowDQYJKoZIhvcNAQELBQADggEBAJFwq8/1m4oAW170
zSMDKhbKzY4qBR4CiBU4b7UR5pHkC3tyLzQjzfqsCabr2qVQCdFAuSnTlcZb+q9c
46wfSJboyngs0/vnJo02pI66MhV6sN2zYzH1PFlWj95XcQ4NLrsH/p++fV7izttq
0ZRheezGzJWXM9L0Ygo4kKdRngwMZx5/THPOyW8bLTLZ1M4eS+9XsWh5LxfH3uzT
oAwLgKab9FFuhSIpmN0c9bXA1xN/HehNQP9VEyEwtw2iGktm4eiHzg0+rS4fDmkK
Sqvz3KcaNL/B3/01zSua4+6n3EGdXtaSIkYSmqALea7FgPx1RNhzve6gItCxA6Au
4MFNTwc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:43 2023 by rpki-client on console-ams.rpki-client.org