Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/QYHQmglDbDUOZ22jrClETg633Ro.roa
File: QYHQmglDbDUOZ22jrClETg633Ro.roa (raw, json)
Hash identifier: uIKifJi5THR6l2NWEeDwoTsOmVouXEfDpmI50iJKeRE=
Subject key identifier: 41:81:D0:9A:09:43:6C:35:0E:67:6D:A3:AC:29:44:4E:0E:B7:DD:1A
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018C734F4D68121320BDD4719077966C292F
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/QYHQmglDbDUOZ22jrClETg633Ro.roa
Signing time: Sat 16 Dec 2023 15:47:06 +0000
ROA not before: Sat 16 Dec 2023 15:47:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.228.15.0/24 maxlen: 24
91.228.13.0/24 maxlen: 24
94.154.38.0/24 maxlen: 24
94.154.33.0/24 maxlen: 24
94.154.32.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:73:4f:4d:68:12:13:20:bd:d4:71:90:77:96:6c:29:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Dec 16 15:47:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4181d09a09436c350e676da3ac29444e0eb7dd1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d1:ad:a0:11:b4:d5:b3:99:36:62:d2:c4:a6:
a6:af:f3:a4:78:17:c8:05:49:d2:a4:e4:80:ab:48:
ef:9b:7e:e6:c9:65:8a:7c:78:07:74:0c:b7:03:ea:
80:e9:24:47:d4:dd:d8:ef:0f:bc:05:25:63:57:39:
d8:46:e0:c6:2f:76:f3:d0:09:8f:b7:89:91:04:95:
4d:dd:0e:20:e0:83:19:c9:df:94:b2:bd:1f:26:95:
56:14:e8:bb:bf:d1:c9:7c:11:be:ed:ee:76:ac:30:
87:e4:2e:41:ca:bc:b3:75:14:9a:bc:91:f7:62:39:
78:5a:0f:97:ad:66:ba:d9:c2:4b:d9:8c:22:69:ef:
3c:92:f6:5b:44:b9:b0:da:bc:83:f3:76:af:c4:68:
f6:03:fc:a1:37:63:74:71:e0:a9:bc:6b:fe:41:26:
33:5c:27:b0:ce:1d:66:a3:53:aa:5c:63:ca:84:da:
fd:5e:98:fc:fc:f3:cc:5e:4f:77:fe:62:d4:52:4d:
05:e5:17:01:56:1d:e8:fa:8c:13:bb:60:64:c1:2b:
f3:df:0e:7d:09:31:0b:c5:a4:5b:95:61:a1:48:e0:
7a:9b:f5:a2:05:35:6f:59:87:79:78:59:79:d1:8c:
27:fd:e1:b2:d1:d8:9b:72:e3:c4:39:bd:14:84:1c:
21:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:81:D0:9A:09:43:6C:35:0E:67:6D:A3:AC:29:44:4E:0E:B7:DD:1A
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/QYHQmglDbDUOZ22jrClETg633Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.13.0/24
91.228.15.0/24
94.154.32.0/22
94.154.38.0/24
Signature Algorithm: sha256WithRSAEncryption
35:77:a2:b4:28:cb:87:4c:67:8c:f0:23:91:bb:ba:8f:4a:ed:
b8:6c:cb:bf:e7:81:44:42:ca:dd:8d:16:60:29:b8:3c:92:85:
1a:c4:9f:0c:ff:d4:54:9c:7a:39:5d:47:1a:cc:aa:09:52:e3:
9c:c4:16:6a:01:28:30:23:43:ab:f2:e0:e1:7b:e5:b2:60:8b:
43:27:96:c3:f9:05:cc:3e:67:50:04:cd:97:f5:d7:98:3c:12:
9f:de:75:a9:66:b0:5b:40:7f:9b:93:3b:a0:97:bb:a7:31:b2:
a5:43:b2:c4:c0:a8:f2:3b:4a:6c:56:ec:f7:b9:f0:9b:3d:a9:
83:13:74:79:ea:0b:09:63:b4:c6:b5:d6:b8:2a:1f:92:63:9a:
e2:36:f6:50:32:e0:46:5e:ca:7a:53:fa:b9:18:36:2b:55:9c:
03:03:27:12:72:d6:a9:1c:e8:66:cf:f3:57:bd:2d:46:57:a2:
03:88:dd:e2:36:e1:c6:38:49:17:98:bb:ec:4a:4b:9d:c8:44:
77:cd:63:fb:d5:18:18:8e:72:31:23:3b:60:1f:bd:5c:ee:61:
f3:13:9c:28:4f:65:47:b0:51:07:1a:fb:9e:ae:52:eb:e9:9c:
42:4e:71:68:f6:56:04:b0:2b:41:ea:c9:0d:3b:37:62:60:f6:
e6:2d:cd:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxzT01oEhMgvdRxkHeWbCkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMjE2MTU0NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTgxZDA5YTA5NDM2YzM1MGU2NzZkYTNhYzI5NDQ0ZTBlYjdkZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9GtoBG01bOZNmLSxKamr/OkeBfI
BUnSpOSAq0jvm37myWWKfHgHdAy3A+qA6SRH1N3Y7w+8BSVjVznYRuDGL3bz0AmP
t4mRBJVN3Q4g4IMZyd+Usr0fJpVWFOi7v9HJfBG+7e52rDCH5C5ByryzdRSavJH3
Yjl4Wg+XrWa62cJL2Ywiae88kvZbRLmw2ryD83avxGj2A/yhN2N0ceCpvGv+QSYz
XCewzh1mo1OqXGPKhNr9Xpj8/PPMXk93/mLUUk0F5RcBVh3o+owTu2BkwSvz3w59
CTELxaRblWGhSOB6m/WiBTVvWYd5eFl50Ywn/eGy0dibcuPEOb0UhBwhQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEGB0JoJQ2w1Dmdto6wpRE4Ot90aMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvUVlIUW1nbERiRFVPWjIyanJDbEVUZzYzM1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+QNAwQA
W+QPAwQCXpogAwQAXpomMA0GCSqGSIb3DQEBCwUAA4IBAQA1d6K0KMuHTGeM8COR
u7qPSu24bMu/54FEQsrdjRZgKbg8koUaxJ8M/9RUnHo5XUcazKoJUuOcxBZqASgw
I0Or8uDhe+WyYItDJ5bD+QXMPmdQBM2X9deYPBKf3nWpZrBbQH+bkzugl7unMbKl
Q7LEwKjyO0psVuz3ufCbPamDE3R56gsJY7TGtda4Kh+SY5riNvZQMuBGXsp6U/q5
GDYrVZwDAycSctapHOhmz/NXvS1GV6IDiN3iNuHGOEkXmLvsSkudyER3zWP71RgY
jnIxIztgH71c7mHzE5woT2VHsFEHGvuerlLr6ZxCTnFo9lYEsCtB6skNOzdiYPbm
Lc0s
-----END CERTIFICATE-----
Generated at Wed Dec 27 23:03:02 2023 by rpki-client on console-fra.rpki-client.org