Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/qn14wWRuQCLae8gHrezI6dh49UQ.roa
File: qn14wWRuQCLae8gHrezI6dh49UQ.roa (raw, json)
Hash identifier: in3ywSoPb+wIkHoIUZdrjrDPcjsE6obEfE57uejm584=
Subject key identifier: AA:7D:78:C1:64:6E:40:22:DA:7B:C8:07:AD:EC:C8:E9:D8:78:F5:44
Certificate issuer: /CN=09fb3bc0f4626e188cc5836dcf9f4921dda1921e
Certificate serial: 01867D7CCFA5C92C56872A583E67C82C897A
Authority key identifier: 09:FB:3B:C0:F4:62:6E:18:8C:C5:83:6D:CF:9F:49:21:DD:A1:92:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfs7wPRibhiMxYNtz59JId2hkh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/qn14wWRuQCLae8gHrezI6dh49UQ.roa
Signing time: Thu 23 Feb 2023 08:56:17 +0000
ROA not before: Thu 23 Feb 2023 08:56:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47232
IP address blocks: 185.151.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7d:7c:cf:a5:c9:2c:56:87:2a:58:3e:67:c8:2c:89:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fb3bc0f4626e188cc5836dcf9f4921dda1921e
Validity
Not Before: Feb 23 08:56:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa7d78c1646e4022da7bc807adecc8e9d878f544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:af:82:75:d6:a9:50:41:43:fb:83:87:fe:1b:
e6:0e:05:e3:52:0e:2b:b3:17:8d:61:c0:54:8f:10:
2d:65:3c:23:dd:c7:63:06:21:83:e4:26:ad:d4:bf:
0d:62:22:37:b4:86:5d:b1:ce:f1:95:ed:b1:73:98:
12:a1:1c:f9:42:99:db:f1:33:db:3c:41:d4:3a:16:
a1:1d:26:fa:ee:41:47:a7:8c:3e:66:f6:00:a0:82:
8a:c0:01:ca:b3:f7:fb:4a:2e:dd:bc:47:a6:6f:44:
ba:1a:d1:a3:de:a3:3e:5a:15:30:51:f7:09:94:5d:
ba:76:82:22:0f:23:6c:3c:e6:d6:3f:3f:4a:69:4b:
13:4f:1e:38:cc:31:ea:b0:df:fd:77:11:a7:d0:98:
e2:44:78:f2:42:4d:4b:2f:4c:fe:d5:16:d9:0f:70:
94:23:a9:3b:d5:bf:e9:47:f4:1c:74:8a:cd:35:3e:
86:8d:be:4b:2b:e0:7a:05:17:92:62:f1:e0:81:c6:
95:2c:78:52:b0:99:cd:f1:bb:52:3f:9e:1f:99:24:
06:5a:ef:3a:80:28:97:04:f3:de:06:5a:16:e7:ed:
5c:41:6b:fc:a8:ba:15:7f:89:94:ce:52:f9:06:7a:
f4:1c:7d:94:0d:7a:76:91:19:e6:d5:21:27:52:c0:
c4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7D:78:C1:64:6E:40:22:DA:7B:C8:07:AD:EC:C8:E9:D8:78:F5:44
X509v3 Authority Key Identifier:
keyid:09:FB:3B:C0:F4:62:6E:18:8C:C5:83:6D:CF:9F:49:21:DD:A1:92:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfs7wPRibhiMxYNtz59JId2hkh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/qn14wWRuQCLae8gHrezI6dh49UQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/005c5d-a0f7-46d0-818c-9b2371770df5/1/Cfs7wPRibhiMxYNtz59JId2hkh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.171.0/24
Signature Algorithm: sha256WithRSAEncryption
52:0a:04:8b:d6:71:b7:6a:20:30:c3:31:d1:e8:6f:a5:e3:8e:
3b:77:3e:b1:68:32:e2:2f:df:61:ce:ba:31:92:69:e0:b3:1d:
ac:f6:ee:ca:b3:bb:7a:6d:60:67:d5:f5:f9:a1:00:26:ef:45:
01:25:4c:09:9b:91:d2:43:24:e3:47:03:de:e2:a7:b5:57:c2:
79:a4:9b:95:1a:6c:ef:59:6d:e9:b2:d0:4d:bc:db:d8:c1:29:
08:fb:13:69:ba:37:9d:82:bc:1b:1b:a0:24:78:c0:59:8f:4b:
08:0d:39:74:a0:df:e8:99:91:e6:29:2a:90:e1:d0:eb:95:9f:
2c:ee:37:dc:e2:c8:99:c8:3a:4b:25:dd:ad:20:04:82:ef:6e:
ca:8f:05:69:e5:bc:49:df:a1:87:9c:94:78:0c:fd:e8:7e:53:
11:60:c5:0c:9e:c5:0e:00:4d:2e:a1:71:db:74:c9:5f:da:01:
d1:19:7f:eb:08:07:5f:69:0b:df:32:34:d9:f5:1f:56:d7:c4:
71:62:2b:5d:70:59:67:9e:56:c7:2d:72:59:d2:85:8a:b3:41:
7e:7f:cc:f7:ae:c7:77:95:a8:cd:e7:1e:fe:31:a4:29:2e:33:
d4:5c:a7:e1:f9:83:f3:ec:60:27:a1:64:96:25:c4:a8:b6:09:
ed:c8:65:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ9fM+lySxWhypYPmfILIl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmIzYmMwZjQ2MjZlMTg4Y2M1ODM2ZGNmOWY0OTIxZGRh
MTkyMWUwHhcNMjMwMjIzMDg1NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTdkNzhjMTY0NmU0MDIyZGE3YmM4MDdhZGVjYzhlOWQ4NzhmNTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq+CddapUEFD+4OH/hvmDgXjUg4r
sxeNYcBUjxAtZTwj3cdjBiGD5Cat1L8NYiI3tIZdsc7xle2xc5gSoRz5Qpnb8TPb
PEHUOhahHSb67kFHp4w+ZvYAoIKKwAHKs/f7Si7dvEemb0S6GtGj3qM+WhUwUfcJ
lF26doIiDyNsPObWPz9KaUsTTx44zDHqsN/9dxGn0JjiRHjyQk1LL0z+1RbZD3CU
I6k71b/pR/QcdIrNNT6Gjb5LK+B6BReSYvHggcaVLHhSsJnN8btSP54fmSQGWu86
gCiXBPPeBloW5+1cQWv8qLoVf4mUzlL5Bnr0HH2UDXp2kRnm1SEnUsDEkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKp9eMFkbkAi2nvIB63syOnYePVEMB8GA1UdIwQY
MBaAFAn7O8D0Ym4YjMWDbc+fSSHdoZIeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZzN3dQUmliaGlNeFlOdHo1OUpJZDJoa2g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wMDVjNWQtYTBmNy00NmQwLTgxOGMt
OWIyMzcxNzcwZGY1LzEvcW4xNHdXUnVRQ0xhZThnSHJlekk2ZGg0OVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wMDVjNWQtYTBmNy00NmQwLTgxOGMtOWIyMzcxNzcwZGY1
LzEvQ2ZzN3dQUmliaGlNeFlOdHo1OUpJZDJoa2g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZerMA0G
CSqGSIb3DQEBCwUAA4IBAQBSCgSL1nG3aiAwwzHR6G+l4447dz6xaDLiL99hzrox
kmngsx2s9u7Ks7t6bWBn1fX5oQAm70UBJUwJm5HSQyTjRwPe4qe1V8J5pJuVGmzv
WW3pstBNvNvYwSkI+xNpujedgrwbG6AkeMBZj0sIDTl0oN/omZHmKSqQ4dDrlZ8s
7jfc4siZyDpLJd2tIASC727KjwVp5bxJ36GHnJR4DP3oflMRYMUMnsUOAE0uoXHb
dMlf2gHRGX/rCAdfaQvfMjTZ9R9W18RxYitdcFlnnlbHLXJZ0oWKs0F+f8z3rsd3
lajN5x7+MaQpLjPUXKfh+YPz7GAnoWSWJcSotgntyGU4
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:10 2024 by rpki-client on console-fra.rpki-client.org