Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/QHAvDxknZvZR7LjHUI5SducrJSA.roa
File: QHAvDxknZvZR7LjHUI5SducrJSA.roa (raw, json)
Hash identifier: iatQObzNz1giDjv4W/LeX5ET0A/dYIx7N4mqECSivOc=
Subject key identifier: 40:70:2F:0F:19:27:66:F6:51:EC:B8:C7:50:8E:52:76:E7:2B:25:20
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 018571830AA374FDEDB5257D973314A87861
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/QHAvDxknZvZR7LjHUI5SducrJSA.roa
Signing time: Mon 02 Jan 2023 08:04:51 +0000
ROA not before: Mon 02 Jan 2023 08:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 164.18.96.0/21 maxlen: 21
2a07:b982:c000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:0a:a3:74:fd:ed:b5:25:7d:97:33:14:a8:78:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Jan 2 08:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40702f0f192766f651ecb8c7508e5276e72b2520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ee:ce:ed:e9:bd:91:c5:97:a4:d9:53:e0:33:
d4:54:8b:19:be:98:eb:6d:c6:33:ab:cf:12:69:a5:
14:b8:f5:f4:50:9f:c9:60:b5:65:e4:a7:b8:2a:c6:
dd:02:82:4c:27:00:91:92:43:af:a8:9d:89:93:57:
bf:61:82:21:ac:45:af:08:f8:bc:1d:8c:fb:99:0a:
ec:ae:69:c3:b4:49:db:5f:ea:d7:0e:40:10:73:f1:
63:d6:46:6c:fb:03:3e:82:be:2c:8b:4a:01:bd:15:
6c:d4:a8:91:37:14:af:06:a1:3c:c0:16:1c:8d:7a:
b6:e3:7a:31:85:1a:81:77:24:1a:0d:11:ec:d2:ed:
21:fe:8e:b3:8c:52:5e:40:7a:da:89:45:56:0a:ba:
2b:2f:21:20:17:35:6f:c2:47:29:29:8d:41:43:14:
b5:39:99:fe:f3:fa:36:6f:92:9b:62:ec:9b:be:8d:
ce:c4:19:b3:02:f4:a0:b8:f5:1c:9a:ae:8b:40:b8:
44:f3:00:44:da:08:cf:c3:08:e7:84:e8:8e:bf:4b:
ca:42:12:27:f1:39:26:6a:58:b4:cd:5d:a6:06:95:
72:9b:36:88:ff:b9:31:b3:04:0c:ed:68:40:96:e5:
3a:cc:9e:c0:a3:68:fc:47:3c:fd:cb:c2:85:65:50:
4f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:70:2F:0F:19:27:66:F6:51:EC:B8:C7:50:8E:52:76:E7:2B:25:20
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/QHAvDxknZvZR7LjHUI5SducrJSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.18.96.0/21
IPv6:
2a07:b982:c000::/48
Signature Algorithm: sha256WithRSAEncryption
46:83:7b:b7:2f:ff:4e:1f:6a:8a:04:e5:49:15:7d:ca:5b:ff:
83:18:72:95:99:dc:9e:ff:e0:8e:57:1e:e6:da:26:d1:3d:63:
fe:dd:51:22:27:78:11:a7:b2:d5:b7:34:15:4e:57:01:8d:0e:
54:43:0f:ba:b1:0b:d1:ef:e1:af:8b:d6:0e:2a:25:2b:94:b2:
c5:04:6b:87:9c:2a:86:8b:8c:d8:81:72:e1:e7:0e:28:7b:46:
b2:b7:bc:60:84:51:85:86:0d:39:dc:87:07:41:f2:c7:e5:39:
f6:f0:36:df:bc:47:8c:8c:07:89:2b:cb:99:2c:e3:f6:69:83:
a1:91:89:4f:be:e9:72:21:89:65:ed:c5:0e:ef:dc:47:ef:7f:
51:47:8f:c3:5c:14:51:f4:a0:31:57:22:e1:6f:33:6d:ab:7e:
3e:0a:e9:19:63:a7:9c:86:55:f7:1b:c2:24:14:46:8b:63:3f:
e5:45:e4:3e:58:f6:11:dc:55:13:98:07:e5:16:3b:4d:e3:5d:
88:74:6c:ea:8b:6e:bb:86:ea:73:06:60:6c:91:ab:52:d5:46:
52:6a:04:ab:bd:62:61:d2:d3:a2:65:c0:05:86:3b:c7:a6:c7:
34:56:05:cf:61:0f:34:30:de:85:30:cd:a0:84:a8:82:c8:22:
01:32:eb:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxgwqjdP3ttSV9lzMUqHhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjMwMTAyMDgwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDcwMmYwZjE5Mjc2NmY2NTFlY2I4Yzc1MDhlNTI3NmU3MmIyNTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie7O7em9kcWXpNlT4DPUVIsZvpjr
bcYzq88SaaUUuPX0UJ/JYLVl5Ke4KsbdAoJMJwCRkkOvqJ2Jk1e/YYIhrEWvCPi8
HYz7mQrsrmnDtEnbX+rXDkAQc/Fj1kZs+wM+gr4si0oBvRVs1KiRNxSvBqE8wBYc
jXq243oxhRqBdyQaDRHs0u0h/o6zjFJeQHraiUVWCrorLyEgFzVvwkcpKY1BQxS1
OZn+8/o2b5KbYuybvo3OxBmzAvSguPUcmq6LQLhE8wBE2gjPwwjnhOiOv0vKQhIn
8Tkmali0zV2mBpVymzaI/7kxswQM7WhAluU6zJ7Ao2j8Rzz9y8KFZVBPgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEBwLw8ZJ2b2Uey4x1COUnbnKyUgMB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvUUhBdkR4a25adlpSN0xqSFVJNVNkdWNySlNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDpBJgMA8E
AgACMAkDBwAqB7mCwAAwDQYJKoZIhvcNAQELBQADggEBAEaDe7cv/04faooE5UkV
fcpb/4MYcpWZ3J7/4I5XHubaJtE9Y/7dUSIneBGnstW3NBVOVwGNDlRDD7qxC9Hv
4a+L1g4qJSuUssUEa4ecKoaLjNiBcuHnDih7RrK3vGCEUYWGDTnchwdB8sflOfbw
Nt+8R4yMB4kry5ks4/Zpg6GRiU++6XIhiWXtxQ7v3Efvf1FHj8NcFFH0oDFXIuFv
M22rfj4K6Rljp5yGVfcbwiQURotjP+VF5D5Y9hHcVROYB+UWO03jXYh0bOqLbruG
6nMGYGyRq1LVRlJqBKu9YmHS06JlwAWGO8emxzRWBc9hDzQw3oUwzaCEqILIIgEy
69Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:11 2024 by rpki-client on console-fra.rpki-client.org