Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/qQXCDantM1mX7VJMta3G7alO7Oo.roa
File: qQXCDantM1mX7VJMta3G7alO7Oo.roa (raw, json)
Hash identifier: eZ4VCA+NxMK0TdgbGIgpL45FE4IJ17AykCOEyK+8d1w=
Subject key identifier: A9:05:C2:0D:A9:ED:33:59:97:ED:52:4C:B5:AD:C6:ED:A9:4E:EC:EA
Certificate issuer: /CN=cdba6d5704fd290d0e073376eda688717564d196
Certificate serial: 01856E266076C75F7FA39978A319F946069B
Authority key identifier: CD:BA:6D:57:04:FD:29:0D:0E:07:33:76:ED:A6:88:71:75:64:D1:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/qQXCDantM1mX7VJMta3G7alO7Oo.roa
Signing time: Sun 01 Jan 2023 16:24:46 +0000
ROA not before: Sun 01 Jan 2023 16:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207114
IP address blocks: 91.207.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:60:76:c7:5f:7f:a3:99:78:a3:19:f9:46:06:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdba6d5704fd290d0e073376eda688717564d196
Validity
Not Before: Jan 1 16:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a905c20da9ed335997ed524cb5adc6eda94eecea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c8:07:ec:f8:2a:29:87:a7:c2:e6:65:51:41:
88:94:fa:c1:1b:9a:d2:9f:67:8e:71:57:eb:cb:55:
ea:14:6f:86:cf:67:66:cf:11:13:5e:9b:3b:47:02:
34:63:17:c7:4a:ed:17:e5:d0:7a:f6:03:9b:cc:6a:
d5:87:a6:61:59:85:8e:b5:27:bb:62:a4:98:a8:24:
f5:e8:b2:13:6c:af:a2:af:a2:4f:2c:f3:c1:6c:50:
8e:4c:aa:a6:a2:3a:5d:c4:ea:b1:8a:f0:2e:82:16:
43:ef:33:04:85:91:5f:f4:f0:bf:41:d5:ab:58:76:
1d:5f:36:13:4a:a9:c4:5e:d0:f8:ab:66:46:a9:fe:
a6:19:31:31:b0:90:6a:15:4f:3b:45:40:da:fa:12:
54:34:15:c5:64:31:9d:05:4a:5b:cd:84:7f:a8:32:
3a:e0:1f:bb:f9:b6:39:cc:de:57:a0:ee:72:36:bc:
83:88:02:36:16:31:fa:60:d7:ee:bd:a8:6e:3e:68:
5a:1d:2c:e5:31:be:9a:79:ed:cf:b1:b5:03:f0:55:
6b:32:e8:93:4f:e3:f0:96:cc:cf:93:1e:1f:db:63:
b8:85:5f:08:29:38:01:df:3d:7e:f1:a2:44:71:be:
51:47:68:f4:94:fc:17:b9:c0:9b:fa:46:83:3b:f4:
f3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:05:C2:0D:A9:ED:33:59:97:ED:52:4C:B5:AD:C6:ED:A9:4E:EC:EA
X509v3 Authority Key Identifier:
keyid:CD:BA:6D:57:04:FD:29:0D:0E:07:33:76:ED:A6:88:71:75:64:D1:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/qQXCDantM1mX7VJMta3G7alO7Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.249.0/24
Signature Algorithm: sha256WithRSAEncryption
16:ec:09:73:bb:93:12:35:22:b5:95:ad:42:43:bd:ef:02:ef:
52:b8:46:9a:a6:43:f2:e7:a2:c4:b1:9a:16:71:82:05:25:89:
b1:ca:58:51:2b:1c:c6:ed:d4:bb:d0:5a:e1:93:a4:99:ff:7f:
70:2c:68:36:a8:e5:bb:00:e5:22:3c:7a:8e:e2:e2:3b:91:c9:
59:64:1f:58:d0:29:24:94:f0:da:95:f4:85:b4:31:5d:8f:fb:
9b:2b:d7:18:96:bf:de:82:a6:bd:2d:09:0b:7a:7d:c8:65:ef:
8d:08:21:98:68:85:22:93:75:c6:d1:9b:62:fa:26:67:f1:75:
f7:9c:4f:b9:26:cb:e6:d5:bc:31:f4:1e:46:4e:94:bb:45:3d:
2d:95:ba:f1:fd:26:a4:a1:fe:e1:f3:64:01:cd:b7:49:11:5a:
dc:3e:f1:96:55:a0:a9:40:17:f4:13:24:8f:fb:cd:bf:7a:31:
98:17:f7:0d:13:d4:e1:fc:30:dd:47:67:fe:af:3d:de:b3:1e:
25:73:48:2f:64:58:72:c3:ec:75:95:d5:4d:b3:87:9d:a7:ec:
03:f8:d8:02:8a:07:56:49:b7:8e:5d:60:c0:25:42:9b:c4:aa:
c9:70:17:19:b5:e2:01:0e:4d:bb:63:65:5b:fd:00:7f:c7:59:
63:d4:1d:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJmB2x19/o5l4oxn5RgabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmE2ZDU3MDRmZDI5MGQwZTA3MzM3NmVkYTY4ODcxNzU2
NGQxOTYwHhcNMjMwMTAxMTYyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA1YzIwZGE5ZWQzMzU5OTdlZDUyNGNiNWFkYzZlZGE5NGVlY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcgH7PgqKYenwuZlUUGIlPrBG5rS
n2eOcVfry1XqFG+Gz2dmzxETXps7RwI0YxfHSu0X5dB69gObzGrVh6ZhWYWOtSe7
YqSYqCT16LITbK+ir6JPLPPBbFCOTKqmojpdxOqxivAughZD7zMEhZFf9PC/QdWr
WHYdXzYTSqnEXtD4q2ZGqf6mGTExsJBqFU87RUDa+hJUNBXFZDGdBUpbzYR/qDI6
4B+7+bY5zN5XoO5yNryDiAI2FjH6YNfuvahuPmhaHSzlMb6aee3PsbUD8FVrMuiT
T+PwlszPkx4f22O4hV8IKTgB3z1+8aJEcb5RR2j0lPwXucCb+kaDO/TzMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKkFwg2p7TNZl+1STLWtxu2pTuzqMB8GA1UdIwQY
MBaAFM26bVcE/SkNDgczdu2miHF1ZNGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9kMzI4MGItNTNmNy00Mzk0LTg1NTkt
YTQ2MTE2OWYxZGMyLzEvcVFYQ0RhbnRNMW1YN1ZKTXRhM0c3YWxPN09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9kMzI4MGItNTNmNy00Mzk0LTg1NTktYTQ2MTE2OWYxZGMy
LzEvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8/5MA0G
CSqGSIb3DQEBCwUAA4IBAQAW7Alzu5MSNSK1la1CQ73vAu9SuEaapkPy56LEsZoW
cYIFJYmxylhRKxzG7dS70Frhk6SZ/39wLGg2qOW7AOUiPHqO4uI7kclZZB9Y0Ckk
lPDalfSFtDFdj/ubK9cYlr/egqa9LQkLen3IZe+NCCGYaIUik3XG0Zti+iZn8XX3
nE+5Jsvm1bwx9B5GTpS7RT0tlbrx/Sakof7h82QBzbdJEVrcPvGWVaCpQBf0EySP
+82/ejGYF/cNE9Th/DDdR2f+rz3esx4lc0gvZFhyw+x1ldVNs4edp+wD+NgCigdW
SbeOXWDAJUKbxKrJcBcZteIBDk27Y2Vb/QB/x1lj1B0p
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:49 2024 by rpki-client on console-fra.rpki-client.org