Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/qQgf_2rI4ghscsooXt_gWMkHvao.roa
File: qQgf_2rI4ghscsooXt_gWMkHvao.roa (raw, json)
Hash identifier: Joe7+asFmXfO3+7zZbdMPm9hUrfl7tqwQ4YTcKQT17o=
Subject key identifier: A9:08:1F:FF:6A:C8:E2:08:6C:72:CA:28:5E:DF:E0:58:C9:07:BD:AA
Certificate issuer: /CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Certificate serial: 0188E2112BF24B4EA8C94F1EE1999D3B46DA
Authority key identifier: CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/qQgf_2rI4ghscsooXt_gWMkHvao.roa
Signing time: Thu 22 Jun 2023 07:45:56 +0000
ROA not before: Thu 22 Jun 2023 07:45:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51553
IP address blocks: 85.91.50.0/24 maxlen: 24
85.91.51.0/24 maxlen: 24
91.217.237.0/24 maxlen: 24
85.91.49.0/24 maxlen: 24
85.91.53.0/24 maxlen: 24
85.91.54.0/24 maxlen: 24
85.91.55.0/24 maxlen: 24
85.91.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jul 2023 14:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e2:11:2b:f2:4b:4e:a8:c9:4f:1e:e1:99:9d:3b:46:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf8375c321def9265983e2194d40ba97afe7f1cc
Validity
Not Before: Jun 22 07:45:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9081fff6ac8e2086c72ca285edfe058c907bdaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3e:aa:1a:d9:58:67:36:b3:7f:98:b5:fa:78:
ac:97:e4:bf:8c:41:af:93:aa:7c:cc:15:a8:8c:36:
5b:b8:0e:52:aa:47:79:5d:3e:af:9f:91:3c:7a:06:
4e:bb:16:56:b4:29:d8:85:87:36:26:0e:fb:ac:cb:
83:b0:f9:a6:f0:08:df:20:17:f9:0a:a8:d2:79:00:
1e:3a:1a:c6:7d:86:11:d2:e7:5c:75:6f:ba:35:95:
4d:8a:71:ae:b3:dd:25:2d:e5:e4:ef:83:fc:90:e8:
5d:ad:9b:19:9c:99:34:9a:38:38:44:62:2a:58:af:
d9:9f:f7:f8:c1:db:d9:2a:d7:18:44:16:d6:57:93:
c1:b9:15:a2:5d:30:3c:2a:32:a4:1a:be:f5:aa:0f:
1f:d3:68:af:ce:d4:c9:1e:f8:11:3e:f9:bb:ab:11:
f2:0b:c0:5e:4b:89:d1:00:c0:c5:ce:9b:1b:45:aa:
f8:ae:14:9c:ac:fb:cc:c9:a1:9d:80:8c:87:8d:5a:
a0:3e:8d:b4:cc:ce:3e:4e:de:91:ca:0c:29:b7:03:
12:cf:90:a2:70:38:e7:57:35:58:10:03:21:81:44:
34:99:4f:e7:d8:55:d4:c4:37:c9:28:15:d8:92:06:
76:1f:0b:eb:bf:e8:94:f6:b4:82:68:48:3f:04:67:
5c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:08:1F:FF:6A:C8:E2:08:6C:72:CA:28:5E:DF:E0:58:C9:07:BD:AA
X509v3 Authority Key Identifier:
keyid:CF:83:75:C3:21:DE:F9:26:59:83:E2:19:4D:40:BA:97:AF:E7:F1:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4N1wyHe-SZZg-IZTUC6l6_n8cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/qQgf_2rI4ghscsooXt_gWMkHvao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a765a3-ed94-4fe0-bf45-e0c7b96b57f2/1/z4N1wyHe-SZZg-IZTUC6l6_n8cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.49.0-85.91.55.255
91.217.237.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:99:e4:1f:d5:cd:f6:bc:3e:d4:3b:90:28:af:44:12:cb:3c:
1b:39:10:59:bd:54:6e:84:de:8f:4e:56:5e:84:ec:e7:29:c0:
48:fb:98:c2:9a:e6:fd:c0:22:13:45:2a:20:82:cf:90:48:9e:
28:9a:a6:95:15:69:d3:79:99:71:62:12:dc:42:63:54:5a:5f:
2d:a9:8e:07:4c:2d:3c:98:49:e4:84:65:3b:42:a8:2d:ee:59:
0d:d1:23:d0:45:8a:90:1c:05:3e:27:58:bd:84:48:55:94:85:
c0:65:3b:bf:c0:58:c2:06:f8:a9:f4:9b:c2:ee:d7:40:f0:68:
99:df:96:df:4a:27:d2:2a:78:5e:b1:a1:de:5e:67:db:95:51:
1b:03:d7:05:fc:9f:43:a5:03:fc:ed:9c:7c:2c:0a:f3:9c:14:
a4:1d:0f:f0:fa:8c:0e:a2:30:0a:dd:1b:e8:a5:4a:40:be:e6:
af:90:1e:49:fa:f8:1b:74:25:d9:ae:73:2e:9c:16:1d:12:8d:
83:7e:ea:94:83:f4:d1:84:6e:ce:e5:11:5b:cb:02:11:eb:e9:
cf:14:44:bb:f9:62:24:47:33:da:bb:a0:62:86:28:c0:4c:c5:
b8:dc:40:2a:9e:61:f2:2d:ca:2e:a6:f6:fc:c2:cd:05:2e:20:
e5:11:d1:ac
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYjiESvyS06oyU8e4ZmdO0baMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODM3NWMzMjFkZWY5MjY1OTgzZTIxOTRkNDBiYTk3YWZl
N2YxY2MwHhcNMjMwNjIyMDc0NTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA4MWZmZjZhYzhlMjA4NmM3MmNhMjg1ZWRmZTA1OGM5MDdiZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjj6qGtlYZzazf5i1+nisl+S/jEGv
k6p8zBWojDZbuA5Sqkd5XT6vn5E8egZOuxZWtCnYhYc2Jg77rMuDsPmm8AjfIBf5
CqjSeQAeOhrGfYYR0udcdW+6NZVNinGus90lLeXk74P8kOhdrZsZnJk0mjg4RGIq
WK/Zn/f4wdvZKtcYRBbWV5PBuRWiXTA8KjKkGr71qg8f02ivztTJHvgRPvm7qxHy
C8BeS4nRAMDFzpsbRar4rhScrPvMyaGdgIyHjVqgPo20zM4+Tt6RygwptwMSz5Ci
cDjnVzVYEAMhgUQ0mU/n2FXUxDfJKBXYkgZ2Hwvrv+iU9rSCaEg/BGdcnwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKkIH/9qyOIIbHLKKF7f4FjJB72qMB8GA1UdIwQY
MBaAFM+DdcMh3vkmWYPiGU1Aupev5/HMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejROMXd5SGUtU1paZy1JWlRVQzZsNl9uOGN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hNzY1YTMtZWQ5NC00ZmUwLWJmNDUt
ZTBjN2I5NmI1N2YyLzEvcVFnZl8yckk0Z2hzY3Nvb1h0X2dXTWtIdmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hNzY1YTMtZWQ5NC00ZmUwLWJmNDUtZTBjN2I5NmI1N2Yy
LzEvejROMXd5SGUtU1paZy1JWlRVQzZsNl9uOGN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABVWzED
BANVWzADBABb2e0wDQYJKoZIhvcNAQELBQADggEBAKeZ5B/Vzfa8PtQ7kCivRBLL
PBs5EFm9VG6E3o9OVl6E7OcpwEj7mMKa5v3AIhNFKiCCz5BIniiappUVadN5mXFi
EtxCY1RaXy2pjgdMLTyYSeSEZTtCqC3uWQ3RI9BFipAcBT4nWL2ESFWUhcBlO7/A
WMIG+Kn0m8Lu10DwaJnflt9KJ9IqeF6xod5eZ9uVURsD1wX8n0OlA/ztnHwsCvOc
FKQdD/D6jA6iMArdG+ilSkC+5q+QHkn6+Bt0Jdmucy6cFh0SjYN+6pSD9NGEbs7l
EVvLAhHr6c8URLv5YiRHM9q7oGKGKMBMxbjcQCqeYfItyi6m9vzCzQUuIOUR0aw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:35 2024 by rpki-client on console-fra.rpki-client.org