Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/QeDcHmjXuDsiXUsfa27ONb6UBZo.roa
File: QeDcHmjXuDsiXUsfa27ONb6UBZo.roa (raw, json)
Hash identifier: N0uNGqLEi8oKYnVCGqCDtPx5ZcId/r66/zBDfJL0id0=
Subject key identifier: 41:E0:DC:1E:68:D7:B8:3B:22:5D:4B:1F:6B:6E:CE:35:BE:94:05:9A
Certificate issuer: /CN=873726b17b01bf0b54426d1810f23dc4f58f6a7b
Certificate serial: 018F957724F96EB78D5153B9A7D73CD05F45
Authority key identifier: 87:37:26:B1:7B:01:BF:0B:54:42:6D:18:10:F2:3D:C4:F5:8F:6A:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hzcmsXsBvwtUQm0YEPI9xPWPans.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/QeDcHmjXuDsiXUsfa27ONb6UBZo.roa
Signing time: Mon 20 May 2024 10:06:04 +0000
ROA not before: Mon 20 May 2024 10:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49824
IP address blocks: 193.93.216.0/22 maxlen: 22
2001:678:604::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 May 2024 11:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:95:77:24:f9:6e:b7:8d:51:53:b9:a7:d7:3c:d0:5f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=873726b17b01bf0b54426d1810f23dc4f58f6a7b
Validity
Not Before: May 20 10:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41e0dc1e68d7b83b225d4b1f6b6ece35be94059a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c4:63:6a:64:69:40:f1:45:25:b3:f2:cd:4b:
a8:86:1a:39:8e:3b:a9:16:34:f2:3a:66:fc:23:a4:
12:9e:03:ee:f0:41:0c:fb:74:c7:44:0e:2c:d0:0a:
d3:79:21:70:79:c6:81:2d:89:7b:22:58:b4:b1:17:
4b:ad:97:8f:65:5d:13:46:b9:c3:f4:5b:f4:dd:9d:
f7:96:d8:56:e7:75:24:b4:06:a6:8d:ef:31:8f:ed:
33:85:27:b8:24:5f:6e:34:50:4b:b9:d8:e3:9f:c2:
c6:25:f2:d3:11:28:9d:51:b7:68:f3:6f:d5:6d:85:
d8:31:a6:67:89:56:7c:c3:bf:52:fe:d8:eb:a9:05:
0e:69:45:47:3b:a6:db:c8:74:03:65:b5:4a:b0:57:
e7:4c:da:d9:d6:2c:52:42:c3:05:d0:4a:fb:f0:19:
68:20:7c:46:be:6e:07:6a:a0:ab:4f:89:6c:a8:00:
7d:92:56:cf:9b:e1:0c:4f:24:df:ae:ee:38:4d:61:
5d:49:4b:50:55:b8:5d:93:e6:92:80:f8:e1:ba:d8:
a6:38:16:b2:08:90:40:ea:ab:79:c2:73:6b:28:a1:
47:62:85:b5:06:9b:cd:1b:39:07:76:64:45:1f:8f:
0c:c9:20:30:ef:50:f8:f9:b2:bd:66:c8:a1:a8:72:
f0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E0:DC:1E:68:D7:B8:3B:22:5D:4B:1F:6B:6E:CE:35:BE:94:05:9A
X509v3 Authority Key Identifier:
keyid:87:37:26:B1:7B:01:BF:0B:54:42:6D:18:10:F2:3D:C4:F5:8F:6A:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hzcmsXsBvwtUQm0YEPI9xPWPans.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/QeDcHmjXuDsiXUsfa27ONb6UBZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/23835a-b2cb-4a6e-89fd-2ae35175713c/1/hzcmsXsBvwtUQm0YEPI9xPWPans.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.216.0/22
IPv6:
2001:678:604::/48
Signature Algorithm: sha256WithRSAEncryption
a4:90:17:d5:ee:e7:b4:ec:a3:1e:fb:97:0d:96:97:2e:03:ce:
01:1d:db:33:4b:85:0c:14:86:d7:50:9a:d1:3a:f1:70:47:8b:
8c:b2:29:88:35:49:de:58:da:e3:f8:b1:a2:e6:49:6c:7a:f4:
81:79:2a:59:85:da:94:1b:f9:d2:1f:0b:42:14:47:18:a7:a3:
d5:e6:46:fb:d4:ed:dd:71:08:6b:5a:bc:b6:a2:8f:7b:ed:51:
12:18:84:79:a7:bf:4e:6d:7c:5d:31:75:14:40:a1:f3:b6:a2:
14:e5:1c:e8:36:04:0f:b6:f0:24:54:80:5f:36:15:20:75:91:
f8:ed:ae:a5:fd:05:a8:8b:ed:09:c2:fd:32:c6:b5:48:74:c5:
79:fb:9d:1f:a7:fa:55:7c:a4:9d:67:c6:14:cb:e6:06:d0:02:
8e:dc:00:0f:cb:28:d1:a0:40:93:b5:b7:e1:94:79:00:16:f7:
0d:4f:54:b5:5a:84:6c:7f:e5:43:0c:94:38:31:89:b2:de:ea:
b9:2c:c4:e6:8b:c3:e2:38:df:15:00:6d:c6:c1:ed:cb:37:87:
31:c4:7f:47:64:c2:bb:1d:7c:6d:b7:b3:f8:51:f6:74:6a:96:
ca:3a:07:b1:e2:ba:bc:2c:23:6e:0f:f1:19:74:09:31:e9:f9:
31:1a:a0:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+VdyT5breNUVO5p9c80F9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MzcyNmIxN2IwMWJmMGI1NDQyNmQxODEwZjIzZGM0ZjU4
ZjZhN2IwHhcNMjQwNTIwMTAwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWUwZGMxZTY4ZDdiODNiMjI1ZDRiMWY2YjZlY2UzNWJlOTQwNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38RjamRpQPFFJbPyzUuohho5jjup
FjTyOmb8I6QSngPu8EEM+3THRA4s0ArTeSFwecaBLYl7Ili0sRdLrZePZV0TRrnD
9Fv03Z33lthW53UktAamje8xj+0zhSe4JF9uNFBLudjjn8LGJfLTESidUbdo82/V
bYXYMaZniVZ8w79S/tjrqQUOaUVHO6bbyHQDZbVKsFfnTNrZ1ixSQsMF0Er78Blo
IHxGvm4HaqCrT4lsqAB9klbPm+EMTyTfru44TWFdSUtQVbhdk+aSgPjhutimOBay
CJBA6qt5wnNrKKFHYoW1BpvNGzkHdmRFH48MySAw71D4+bK9ZsihqHLw6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEHg3B5o17g7Il1LH2tuzjW+lAWaMB8GA1UdIwQY
MBaAFIc3JrF7Ab8LVEJtGBDyPcT1j2p7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHpjbXNYc0J2d3RVUW0wWUVQSTl4UFdQYW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yMzgzNWEtYjJjYi00YTZlLTg5ZmQt
MmFlMzUxNzU3MTNjLzEvUWVEY0htalh1RHNpWFVzZmEyN09OYjZVQlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yMzgzNWEtYjJjYi00YTZlLTg5ZmQtMmFlMzUxNzU3MTNj
LzEvaHpjbXNYc0J2d3RVUW0wWUVQSTl4UFdQYW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwV3YMA8E
AgACMAkDBwAgAQZ4BgQwDQYJKoZIhvcNAQELBQADggEBAKSQF9Xu57Tsox77lw2W
ly4DzgEd2zNLhQwUhtdQmtE68XBHi4yyKYg1Sd5Y2uP4saLmSWx69IF5KlmF2pQb
+dIfC0IURxino9XmRvvU7d1xCGtavLaij3vtURIYhHmnv05tfF0xdRRAofO2ohTl
HOg2BA+28CRUgF82FSB1kfjtrqX9BaiL7QnC/TLGtUh0xXn7nR+n+lV8pJ1nxhTL
5gbQAo7cAA/LKNGgQJO1t+GUeQAW9w1PVLVahGx/5UMMlDgxibLe6rksxOaLw+I4
3xUAbcbB7cs3hzHEf0dkwrsdfG23s/hR9nRqlso6B7HiurwsI24P8Rl0CTHp+TEa
oLY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:10 2024 by rpki-client on console-ams.rpki-client.org