Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/1-QNKljwE0PXMLO3rM4RyWKwgWtI.roa
File: 1-QNKljwE0PXMLO3rM4RyWKwgWtI.roa (raw, json)
Hash identifier: NPIvZRZZTAslPwTOLzp3RDIykBYaIg84QxSvppqVuY8=
Subject key identifier: F9:03:4A:96:3C:04:D0:F5:CC:2C:ED:EB:33:84:72:58:AC:20:5A:D2
Certificate issuer: /CN=83f36b0adee6cb5518763b5bc8eaa3d41f23e938
Certificate serial: 0187601F66F4C59683EB44D3F15AC2CAC191
Authority key identifier: 83:F3:6B:0A:DE:E6:CB:55:18:76:3B:5B:C8:EA:A3:D4:1F:23:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_NrCt7my1UYdjtbyOqj1B8j6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/1-QNKljwE0PXMLO3rM4RyWKwgWtI.roa
Signing time: Sat 08 Apr 2023 09:08:03 +0000
ROA not before: Sat 08 Apr 2023 09:08:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 176.100.150.0/24 maxlen: 24
176.100.156.0/24 maxlen: 24
176.100.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Oct 2023 12:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:60:1f:66:f4:c5:96:83:eb:44:d3:f1:5a:c2:ca:c1:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f36b0adee6cb5518763b5bc8eaa3d41f23e938
Validity
Not Before: Apr 8 09:08:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9034a963c04d0f5cc2cedeb33847258ac205ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2b:9d:db:21:07:9f:31:7b:15:44:21:bb:a3:
7a:47:0a:75:e9:2b:1c:8e:5d:94:a8:7b:37:36:50:
f0:02:18:6d:1b:72:1d:19:32:47:2f:e1:8d:e9:fb:
e9:ca:00:1e:37:6b:f3:bd:c6:bc:c2:b7:78:97:f2:
31:61:d6:5f:2d:ca:a1:c0:c9:b3:94:ba:8a:3f:41:
9f:3d:1a:5e:50:13:ac:b9:ef:00:43:dc:fa:ab:59:
b7:d2:55:d6:ad:38:8a:46:73:99:d4:de:b7:81:65:
c5:6f:a9:82:7f:9f:31:62:c1:1b:59:1b:71:b1:61:
54:f0:58:df:d5:a9:f7:b9:8d:ec:ef:d1:f3:3d:38:
95:f2:b6:55:c4:66:01:79:91:9f:c3:69:00:5d:d0:
69:99:4b:f5:aa:4b:69:9b:82:39:0b:e2:63:d4:16:
bb:a2:1e:0b:cf:c9:e5:f8:7e:76:0f:23:b3:fb:12:
d1:ae:d9:88:8d:32:a5:54:2e:13:8f:52:c9:72:46:
f5:7a:15:56:54:2f:a8:66:28:13:c7:30:44:35:aa:
3f:1e:eb:07:42:51:9d:16:87:34:54:39:cd:fc:33:
75:60:f3:ad:97:18:50:3a:ad:e4:f9:c6:37:fd:51:
51:73:f0:63:a6:b0:c4:ad:c3:88:4c:8a:5c:68:2a:
30:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:03:4A:96:3C:04:D0:F5:CC:2C:ED:EB:33:84:72:58:AC:20:5A:D2
X509v3 Authority Key Identifier:
keyid:83:F3:6B:0A:DE:E6:CB:55:18:76:3B:5B:C8:EA:A3:D4:1F:23:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_NrCt7my1UYdjtbyOqj1B8j6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/1-QNKljwE0PXMLO3rM4RyWKwgWtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/g_NrCt7my1UYdjtbyOqj1B8j6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.150.0/24
176.100.156.0/23
Signature Algorithm: sha256WithRSAEncryption
42:17:59:0e:65:0c:a6:e3:cf:8f:0b:10:c8:85:c6:ec:06:bf:
3e:f8:4e:ac:7b:84:b6:ce:70:45:44:9f:b9:3d:4f:9d:81:da:
f0:43:95:77:d3:53:b5:fa:ad:95:7e:55:4f:db:77:6c:0b:c9:
e8:41:15:c9:e1:90:f5:5e:0d:29:b5:10:7d:d2:79:15:55:08:
cc:43:6f:fb:4d:32:69:e9:6d:df:a7:b3:b9:d4:b0:fc:d3:02:
48:72:a8:5d:70:32:e2:d9:38:01:a3:4d:6e:72:84:f6:e6:23:
40:f9:2a:01:68:5a:31:47:a3:2f:a4:52:b9:90:d3:e1:07:f8:
c7:b5:8b:fe:92:c3:58:c9:48:69:22:89:ad:e6:5b:fb:8f:cd:
3c:2d:7d:fe:02:e9:11:ab:6f:6a:ae:b3:d4:38:da:c1:30:89:
e0:86:a5:bd:c1:d0:a5:6b:c6:76:7c:4c:13:90:78:9b:9c:51:
81:11:4d:f7:19:08:ae:be:01:47:a1:fb:43:8b:54:d4:ce:2c:
9d:1e:fa:ec:17:e3:40:74:61:50:e5:20:08:39:bd:1b:d9:b6:
b9:49:b9:a4:9f:b1:47:b3:62:ba:30:fd:5e:67:40:2e:1b:4c:
6e:97:77:a3:62:3a:a7:28:a8:ba:c4:82:35:de:49:5b:1c:f0:
20:09:cf:6e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYdgH2b0xZaD60TT8VrCysGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjM2YjBhZGVlNmNiNTUxODc2M2I1YmM4ZWFhM2Q0MWYy
M2U5MzgwHhcNMjMwNDA4MDkwODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTAzNGE5NjNjMDRkMGY1Y2MyY2VkZWIzMzg0NzI1OGFjMjA1YWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyud2yEHnzF7FUQhu6N6Rwp16Ssc
jl2UqHs3NlDwAhhtG3IdGTJHL+GN6fvpygAeN2vzvca8wrd4l/IxYdZfLcqhwMmz
lLqKP0GfPRpeUBOsue8AQ9z6q1m30lXWrTiKRnOZ1N63gWXFb6mCf58xYsEbWRtx
sWFU8Fjf1an3uY3s79HzPTiV8rZVxGYBeZGfw2kAXdBpmUv1qktpm4I5C+Jj1Ba7
oh4Lz8nl+H52DyOz+xLRrtmIjTKlVC4Tj1LJckb1ehVWVC+oZigTxzBENao/HusH
QlGdFoc0VDnN/DN1YPOtlxhQOq3k+cY3/VFRc/BjprDErcOITIpcaCowOwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPkDSpY8BND1zCzt6zOEclisIFrSMB8GA1UdIwQY
MBaAFIPzawre5stVGHY7W8jqo9QfI+k4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19OckN0N215MVVZZGp0YnlPcWoxQjhqNlRnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83MzE5NWMtZTY2My00OThjLTk3ZGIt
YWY2NGYzZmEyNDU5LzEvMS1RTktsandFMFBYTUxPM3JNNFJ5V0t3Z1d0SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvNzMxOTVjLWU2NjMtNDk4Yy05N2RiLWFmNjRmM2ZhMjQ1
OS8xL2dfTnJDdDdteTFVWWRqdGJ5T3FqMUI4ajZUZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALBklgME
AbBknDANBgkqhkiG9w0BAQsFAAOCAQEAQhdZDmUMpuPPjwsQyIXG7Aa/PvhOrHuE
ts5wRUSfuT1PnYHa8EOVd9NTtfqtlX5VT9t3bAvJ6EEVyeGQ9V4NKbUQfdJ5FVUI
zENv+00yaelt36ezudSw/NMCSHKoXXAy4tk4AaNNbnKE9uYjQPkqAWhaMUejL6RS
uZDT4Qf4x7WL/pLDWMlIaSKJreZb+4/NPC19/gLpEatvaq6z1DjawTCJ4IalvcHQ
pWvGdnxME5B4m5xRgRFN9xkIrr4BR6H7Q4tU1M4snR767BfjQHRhUOUgCDm9G9m2
uUm5pJ+xR7NiujD9XmdALhtMbpd3o2I6pyiousSCNd5JWxzwIAnPbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:59 2024 by rpki-client on console-fra.rpki-client.org