Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qnV1it-KLMRLaIINsQGmVsABlDo.roa
File: qnV1it-KLMRLaIINsQGmVsABlDo.roa (raw, json)
Hash identifier: Z4oX+sB3eoZvsS6H6VlNA1XTrVCe/GYHz5UKJCmCHts=
Subject key identifier: AA:75:75:8A:DF:8A:2C:C4:4B:68:82:0D:B1:01:A6:56:C0:01:94:3A
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018B710726CB6074A4B617F987AAA6ECC695
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qnV1it-KLMRLaIINsQGmVsABlDo.roa
Signing time: Fri 27 Oct 2023 12:06:15 +0000
ROA not before: Fri 27 Oct 2023 12:06:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 178.213.181.0/24 maxlen: 24
178.213.180.0/24 maxlen: 24
91.238.42.0/24 maxlen: 24
91.238.42.0/23 maxlen: 23
91.238.43.0/24 maxlen: 24
91.245.91.0/24 maxlen: 24
176.103.121.0/24 maxlen: 24
64.43.72.0/24 maxlen: 24
91.234.120.0/24 maxlen: 24
91.234.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:07:26:cb:60:74:a4:b6:17:f9:87:aa:a6:ec:c6:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 27 12:06:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa75758adf8a2cc44b68820db101a656c001943a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ce:6a:14:c0:40:de:44:2f:b6:2a:cb:a3:87:
76:eb:ba:5e:98:0f:69:7a:40:3f:f1:cf:5a:09:b8:
2b:27:1f:4c:b6:4c:6e:9c:a4:ec:77:9c:f4:40:cb:
9d:c1:47:c1:85:29:c3:27:13:14:5c:5e:ef:d4:96:
9b:b5:f8:bd:cf:95:d4:9b:5c:82:a1:b3:33:a8:42:
2c:bc:68:f5:f7:03:cb:24:61:e3:a7:90:47:21:bf:
19:6c:18:ca:e0:2b:f8:f6:43:a7:cd:aa:98:38:04:
9a:99:ef:1d:74:a0:62:37:47:6e:91:c1:77:c7:8a:
31:a5:55:b9:99:bd:bf:9a:c1:c5:76:e8:f3:f6:f9:
2a:d4:5c:0d:f5:18:fa:c8:2d:4b:35:e2:3b:62:33:
e1:20:27:74:9a:56:c8:5c:5b:51:eb:59:cf:4b:e0:
81:29:bc:28:2b:fc:ad:4e:53:45:7d:be:b2:51:5f:
eb:db:bd:ab:f2:41:b6:a7:e7:ae:fe:e7:d5:98:90:
3e:ef:e5:7f:e6:01:d4:68:78:7f:de:fd:ee:4c:4d:
ee:31:dc:fb:bd:1b:54:1f:08:0d:a1:2b:3c:f3:33:
d4:f7:fd:d6:c4:0b:f7:e0:97:9a:38:20:3f:8b:92:
c3:da:61:a4:b1:21:fd:e8:a9:94:25:d7:fb:52:08:
58:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:75:75:8A:DF:8A:2C:C4:4B:68:82:0D:B1:01:A6:56:C0:01:94:3A
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/qnV1it-KLMRLaIINsQGmVsABlDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.72.0/24
91.234.120.0/23
91.238.42.0/23
91.245.91.0/24
176.103.121.0/24
178.213.180.0/23
Signature Algorithm: sha256WithRSAEncryption
19:bb:cd:59:e6:a8:a3:40:a6:87:9d:9d:d5:0b:44:c1:ca:69:
c4:9d:ad:80:57:99:8d:d4:32:19:49:b9:1e:25:22:33:59:17:
e4:e7:ce:c9:fa:42:82:9b:14:d3:29:67:5f:f8:89:e2:96:d5:
06:41:c7:75:ac:a6:d1:bc:6d:1e:e7:13:54:3d:93:db:5a:a9:
b2:99:7a:73:69:34:08:3c:69:5e:8f:63:e8:3c:e3:b3:40:23:
a8:8a:16:06:4d:d5:f5:c8:a4:a0:23:00:ed:31:ed:38:4b:a1:
08:5a:a5:18:cb:39:84:9d:f6:86:7f:72:26:8d:c8:ad:ff:6d:
04:c4:1f:65:cf:88:0b:ec:70:55:34:2e:fa:71:e4:06:8c:8c:
af:ff:58:45:6f:6b:86:2b:37:a7:49:a1:be:3c:42:6d:27:fc:
4a:87:6f:b3:1d:8f:ce:09:1e:49:ca:7c:cf:e4:3f:0f:69:7b:
44:aa:d3:65:09:89:f1:d1:cb:2c:3a:0f:06:fe:5e:c9:5d:f4:
3f:69:ff:95:d2:2c:6d:ce:3f:47:6c:e4:6b:62:cc:b1:3d:5c:
4c:2a:45:e6:cc:1e:01:d6:8e:6c:b0:fd:22:b4:06:b9:e5:d2:
ad:7b:5d:83:e4:5d:91:bb:3e:01:07:81:d9:22:ca:ee:1b:89:
36:ac:6c:cb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYtxBybLYHSkthf5h6qm7MaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMDI3MTIwNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc1NzU4YWRmOGEyY2M0NGI2ODgyMGRiMTAxYTY1NmMwMDE5NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc5qFMBA3kQvtirLo4d267pemA9p
ekA/8c9aCbgrJx9MtkxunKTsd5z0QMudwUfBhSnDJxMUXF7v1Jabtfi9z5XUm1yC
obMzqEIsvGj19wPLJGHjp5BHIb8ZbBjK4Cv49kOnzaqYOASame8ddKBiN0dukcF3
x4oxpVW5mb2/msHFdujz9vkq1FwN9Rj6yC1LNeI7YjPhICd0mlbIXFtR61nPS+CB
KbwoK/ytTlNFfb6yUV/r272r8kG2p+eu/ufVmJA+7+V/5gHUaHh/3v3uTE3uMdz7
vRtUHwgNoSs88zPU9/3WxAv34JeaOCA/i5LD2mGksSH96KmUJdf7UghY1QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKp1dYrfiizES2iCDbEBplbAAZQ6MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcW5WMWl0LUtMTVJMYUlJTnNRR21Wc0FCbERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAQCtIAwQB
W+p4AwQBW+4qAwQAW/VbAwQAsGd5AwQBstW0MA0GCSqGSIb3DQEBCwUAA4IBAQAZ
u81Z5qijQKaHnZ3VC0TBymnEna2AV5mN1DIZSbkeJSIzWRfk587J+kKCmxTTKWdf
+IniltUGQcd1rKbRvG0e5xNUPZPbWqmymXpzaTQIPGlej2PoPOOzQCOoihYGTdX1
yKSgIwDtMe04S6EIWqUYyzmEnfaGf3Imjcit/20ExB9lz4gL7HBVNC76ceQGjIyv
/1hFb2uGKzenSaG+PEJtJ/xKh2+zHY/OCR5JynzP5D8PaXtEqtNlCYnx0cssOg8G
/l7JXfQ/af+V0ixtzj9HbORrYsyxPVxMKkXmzB4B1o5ssP0itAa55dKte12D5F2R
uz4BB4HZIsruG4k2rGzL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org