Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/QZU3rbc4HceAN80wr0FgVq9QikU.roa
File: QZU3rbc4HceAN80wr0FgVq9QikU.roa (raw, json)
Hash identifier: wPglTexyt3lU2z2EJjvEfTIkGHEfI36kPW9inYZxt3Y=
Subject key identifier: 41:95:37:AD:B7:38:1D:C7:80:37:CD:30:AF:41:60:56:AF:50:8A:45
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 01856C1CC4E0D9E8DCFB7D44D16AA438E820
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/QZU3rbc4HceAN80wr0FgVq9QikU.roa
Signing time: Sun 01 Jan 2023 06:55:02 +0000
ROA not before: Sun 01 Jan 2023 06:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204873
IP address blocks: 46.238.240.0/21 maxlen: 21
185.174.152.0/23 maxlen: 24
94.101.16.0/20 maxlen: 21
89.191.152.0/23 maxlen: 23
46.238.236.0/22 maxlen: 22
2001:90f::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:c4:e0:d9:e8:dc:fb:7d:44:d1:6a:a4:38:e8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jan 1 06:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=419537adb7381dc78037cd30af416056af508a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:98:1a:95:a7:d2:91:73:1a:d8:ba:56:c5:de:
03:1e:06:0f:33:be:5b:20:13:87:3e:15:79:f3:bf:
59:71:9a:78:6a:5b:51:d0:42:7b:18:a8:a5:6c:21:
b9:dc:dd:f1:8f:97:b8:8d:a8:da:3c:f0:0e:f4:14:
7d:05:16:08:74:a8:3e:10:f8:80:d5:cf:49:81:c2:
98:11:68:f2:02:a0:45:d2:e7:35:72:d3:ef:86:6d:
6b:1f:fd:24:08:e6:d0:63:26:d0:2c:ae:3e:bf:da:
7c:b7:af:e6:53:23:cc:65:7b:98:89:68:3d:82:8e:
32:70:f5:f1:c4:08:09:4e:ab:2c:f5:18:0d:22:8a:
e1:c8:f3:f9:a4:79:c7:1c:52:66:2e:83:64:52:27:
ee:37:b6:44:30:d2:da:c1:f9:d3:3e:10:cb:6c:52:
24:33:1d:93:b2:55:ce:e9:9b:e7:49:ad:ba:35:b0:
88:03:3a:9b:95:33:b4:c8:38:fb:68:51:d1:fd:42:
d8:ac:4b:63:ba:58:ad:0f:fd:b6:68:df:21:90:35:
f0:68:c6:bd:63:a3:d5:01:b6:54:54:4d:13:c1:de:
28:b4:62:88:2f:a0:f8:a2:f9:99:47:98:b0:2d:d3:
9e:9c:29:56:b9:79:f7:64:58:c9:4b:08:54:65:00:
40:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:95:37:AD:B7:38:1D:C7:80:37:CD:30:AF:41:60:56:AF:50:8A:45
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/QZU3rbc4HceAN80wr0FgVq9QikU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.238.236.0-46.238.247.255
89.191.152.0/23
94.101.16.0/20
185.174.152.0/23
IPv6:
2001:90f::/32
Signature Algorithm: sha256WithRSAEncryption
30:99:ff:ba:ec:a7:3b:75:b7:7a:ba:5c:db:b5:09:49:08:95:
32:c1:58:31:ac:08:2a:27:18:f3:41:0e:ba:08:8d:b5:42:50:
90:e1:d7:fd:c5:c1:36:13:79:5b:46:b2:a2:21:27:2b:41:5a:
41:e3:c8:08:6f:f2:9d:fa:77:80:92:d9:eb:82:3c:da:10:18:
be:44:c0:6c:f9:ef:cd:fb:26:65:7c:d7:2d:44:f8:e5:be:fd:
aa:a9:ab:5d:e1:89:88:90:ea:3f:05:f9:ad:e0:27:7b:be:c2:
3c:78:be:52:7e:1d:64:00:18:bf:66:e0:5c:67:97:d8:5a:28:
d3:38:98:13:2d:92:e0:ae:55:c3:d3:1e:90:bb:2b:73:b9:14:
d1:5a:a7:aa:74:ae:90:a7:a2:64:74:75:9a:59:fc:0d:26:1e:
ed:3f:e4:80:c3:da:ba:4c:44:29:1d:5d:53:b8:06:b7:dc:cc:
b3:22:6f:19:22:4e:3a:7f:d5:cb:15:ed:38:90:95:49:d0:a1:
93:93:6e:5a:44:45:5d:80:d9:ab:ce:62:7a:e0:87:e9:3e:c0:
d2:ce:d6:52:cc:53:c1:a7:a3:16:14:98:1b:fd:e4:fe:29:14:
12:10:0f:e0:d6:b8:fd:ed:08:fc:4b:b7:cc:01:d9:e5:5d:a4:
70:25:7a:bf
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVsHMTg2ejc+31E0WqkOOggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZThmNTZiYzFmNTAxMDI5MTY4MWJjMmQ4YzAyZjlhY2Jm
NzE0YTAwHhcNMjMwMTAxMDY1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTk1MzdhZGI3MzgxZGM3ODAzN2NkMzBhZjQxNjA1NmFmNTA4YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJgalafSkXMa2LpWxd4DHgYPM75b
IBOHPhV5879ZcZp4altR0EJ7GKilbCG53N3xj5e4jajaPPAO9BR9BRYIdKg+EPiA
1c9JgcKYEWjyAqBF0uc1ctPvhm1rH/0kCObQYybQLK4+v9p8t6/mUyPMZXuYiWg9
go4ycPXxxAgJTqss9RgNIorhyPP5pHnHHFJmLoNkUifuN7ZEMNLawfnTPhDLbFIk
Mx2TslXO6ZvnSa26NbCIAzqblTO0yDj7aFHR/ULYrEtjulitD/22aN8hkDXwaMa9
Y6PVAbZUVE0Twd4otGKIL6D4ovmZR5iwLdOenClWuXn3ZFjJSwhUZQBAPwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFEGVN623OB3HgDfNMK9BYFavUIpFMB8GA1UdIwQY
MBaAFOLo9WvB9QECkWgbwtjAL5rL9xSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTct
NDQ3ZWRjNGY5YWY2LzEvUVpVM3JiYzRIY2VBTjgwd3IwRmdWcTlRaWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84MDQyYmYtNzFiYS00ZmJkLTllMTctNDQ3ZWRjNGY5YWY2
LzEvNHVqMWE4SDFBUUtSYUJ2QzJNQXZtc3YzRktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAIu7uwD
BAMu7vADBAFZv5gDBAReZRADBAG5rpgwDQQCAAIwBwMFACABCQ8wDQYJKoZIhvcN
AQELBQADggEBADCZ/7rspzt1t3q6XNu1CUkIlTLBWDGsCConGPNBDroIjbVCUJDh
1/3FwTYTeVtGsqIhJytBWkHjyAhv8p36d4CS2euCPNoQGL5EwGz57837JmV81y1E
+OW+/aqpq13hiYiQ6j8F+a3gJ3u+wjx4vlJ+HWQAGL9m4Fxnl9haKNM4mBMtkuCu
VcPTHpC7K3O5FNFap6p0rpCnomR0dZpZ/A0mHu0/5IDD2rpMRCkdXVO4BrfczLMi
bxkiTjp/1csV7TiQlUnQoZOTblpERV2A2avOYnrgh+k+wNLO1lLMU8GnoxYUmBv9
5P4pFBIQD+DWuP3tCPxLt8wB2eVdpHAler8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:01 2024 by rpki-client on console-fra.rpki-client.org