Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/QrWFpezndMrS2t8fh8RsJCh5pDo.roa
File: QrWFpezndMrS2t8fh8RsJCh5pDo.roa (raw, json)
Hash identifier: jucLMAqIDQj67ASozhmigqPWiYK8+OS0i2ms0e2JxqE=
Subject key identifier: 42:B5:85:A5:EC:E7:74:CA:D2:DA:DF:1F:87:C4:6C:24:28:79:A4:3A
Certificate issuer: /CN=66a1d1a017802e5c57da5978544fc537403da73a
Certificate serial: 01871A0D38895F517A76D055750BC67C55E2
Authority key identifier: 66:A1:D1:A0:17:80:2E:5C:57:DA:59:78:54:4F:C5:37:40:3D:A7:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZqHRoBeALlxX2ll4VE_FN0A9pzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/QrWFpezndMrS2t8fh8RsJCh5pDo.roa
Signing time: Sat 25 Mar 2023 18:34:46 +0000
ROA not before: Sat 25 Mar 2023 18:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61029
IP address blocks: 37.72.96.0/20 maxlen: 24
213.232.253.0/24 maxlen: 24
2a00:8240::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:0d:38:89:5f:51:7a:76:d0:55:75:0b:c6:7c:55:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66a1d1a017802e5c57da5978544fc537403da73a
Validity
Not Before: Mar 25 18:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42b585a5ece774cad2dadf1f87c46c242879a43a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0f:f9:4b:fa:db:62:06:30:99:72:8f:ae:68:
a6:80:84:c7:94:e8:e9:5d:b0:66:8f:3d:d1:cb:ff:
4c:b9:e1:f9:cb:ca:04:e8:c3:df:f5:1c:88:ad:1b:
3b:3a:91:4c:d9:ac:4c:23:cb:1b:df:b4:b6:8d:1f:
d1:bf:0b:37:9f:62:f0:ae:82:45:46:9a:12:e8:e8:
6e:d8:85:2a:58:c7:e2:52:c0:29:ce:2d:94:9e:fe:
d9:b5:5b:7d:3f:78:eb:c7:53:88:64:50:a6:75:6d:
27:f4:6d:05:b6:5a:7a:af:9d:6a:3d:b6:83:6e:b8:
a0:3a:87:ee:af:37:24:cc:01:78:ca:a7:50:55:62:
76:39:4b:f8:1f:cc:55:23:b4:5c:77:b7:d7:9a:66:
ed:45:11:b3:e1:9f:ed:5e:85:10:08:79:92:2f:bf:
44:be:ea:9f:68:5c:96:4f:4d:4d:0e:df:d1:8e:77:
52:96:d4:67:70:47:5b:f3:8a:df:f7:4a:16:6a:47:
3f:6d:ff:eb:a6:75:81:c1:6f:8a:57:af:88:57:b9:
f2:8b:aa:c7:27:8d:3c:ed:54:57:fe:56:c7:24:d9:
a8:e4:27:b3:07:0e:ec:99:63:fa:1f:26:63:0e:f8:
a5:29:cd:4f:0e:24:84:49:06:58:3f:d9:57:ed:2c:
ad:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B5:85:A5:EC:E7:74:CA:D2:DA:DF:1F:87:C4:6C:24:28:79:A4:3A
X509v3 Authority Key Identifier:
keyid:66:A1:D1:A0:17:80:2E:5C:57:DA:59:78:54:4F:C5:37:40:3D:A7:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZqHRoBeALlxX2ll4VE_FN0A9pzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/QrWFpezndMrS2t8fh8RsJCh5pDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/ZqHRoBeALlxX2ll4VE_FN0A9pzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.96.0/20
213.232.253.0/24
IPv6:
2a00:8240::/29
Signature Algorithm: sha256WithRSAEncryption
31:e9:5c:7e:c4:1e:fc:38:ac:73:4e:57:49:cc:dd:59:05:4d:
8b:f1:4b:d8:7b:f7:19:b6:2a:a0:82:d4:ad:03:8e:ca:fb:30:
2f:2d:00:b5:38:a1:55:d5:a2:18:ec:00:f1:35:71:43:b7:32:
96:4e:6e:5e:dd:34:f3:b7:98:96:f3:6e:4b:10:59:47:a2:fb:
3a:0f:09:23:c6:66:5b:1e:1a:e8:34:c6:da:9b:6d:47:ae:0e:
67:a2:16:59:46:31:af:cd:0c:a8:0e:57:a2:30:b4:ac:7a:f5:
02:97:d9:3e:b8:1c:e6:ab:71:b4:13:8e:57:a3:41:59:fe:ac:
a2:f6:65:fa:c6:2b:90:e1:f1:5b:8f:9d:0f:9d:81:9b:e1:33:
cc:08:2e:8b:dd:3c:a3:1a:a1:29:63:ec:b1:e6:31:59:94:b0:
82:65:1c:57:ab:26:b2:4e:f1:c0:1e:b6:ea:d4:ab:9e:d4:83:
ba:9b:56:02:0a:41:b8:0d:2d:92:ef:ee:11:0b:15:95:0a:8d:
e4:f2:0d:a0:c4:d2:25:cb:47:57:a9:28:65:1a:e4:bd:6b:23:
e5:fb:e1:49:4b:8b:01:36:ba:6b:3d:2f:5c:23:c6:19:88:45:
ed:b7:4c:88:01:cf:17:31:10:d4:2f:81:ab:97:5e:cf:6e:53:
6f:dd:6e:95
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcaDTiJX1F6dtBVdQvGfFXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YTFkMWEwMTc4MDJlNWM1N2RhNTk3ODU0NGZjNTM3NDAz
ZGE3M2EwHhcNMjMwMzI1MTgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmI1ODVhNWVjZTc3NGNhZDJkYWRmMWY4N2M0NmMyNDI4NzlhNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw/5S/rbYgYwmXKPrmimgITHlOjp
XbBmjz3Ry/9MueH5y8oE6MPf9RyIrRs7OpFM2axMI8sb37S2jR/Rvws3n2LwroJF
RpoS6Ohu2IUqWMfiUsApzi2Unv7ZtVt9P3jrx1OIZFCmdW0n9G0Ftlp6r51qPbaD
brigOofurzckzAF4yqdQVWJ2OUv4H8xVI7Rcd7fXmmbtRRGz4Z/tXoUQCHmSL79E
vuqfaFyWT01NDt/RjndSltRncEdb84rf90oWakc/bf/rpnWBwW+KV6+IV7nyi6rH
J4087VRX/lbHJNmo5CezBw7smWP6HyZjDvilKc1PDiSESQZYP9lX7SytwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEK1haXs53TK0trfH4fEbCQoeaQ6MB8GA1UdIwQY
MBaAFGah0aAXgC5cV9pZeFRPxTdAPac6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnFIUm9CZUFMbHhYMmxsNFZFX0ZOMEE5cHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85MTU0OGItYmFiNS00NTRjLWI2MGIt
MTlmMmExZDE2MDMzLzEvUXJXRnBlem5kTXJTMnQ4Zmg4UnNKQ2g1cERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85MTU0OGItYmFiNS00NTRjLWI2MGItMTlmMmExZDE2MDMz
LzEvWnFIUm9CZUFMbHhYMmxsNFZFX0ZOMEE5cHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEJUhgAwQA
1ej9MA0EAgACMAcDBQMqAIJAMA0GCSqGSIb3DQEBCwUAA4IBAQAx6Vx+xB78OKxz
TldJzN1ZBU2L8UvYe/cZtiqggtStA47K+zAvLQC1OKFV1aIY7ADxNXFDtzKWTm5e
3TTzt5iW825LEFlHovs6DwkjxmZbHhroNMbam21Hrg5nohZZRjGvzQyoDleiMLSs
evUCl9k+uBzmq3G0E45Xo0FZ/qyi9mX6xiuQ4fFbj50PnYGb4TPMCC6L3TyjGqEp
Y+yx5jFZlLCCZRxXqyayTvHAHrbq1Kue1IO6m1YCCkG4DS2S7+4RCxWVCo3k8g2g
xNIly0dXqShlGuS9ayPl++FJS4sBNrprPS9cI8YZiEXtt0yIAc8XMRDUL4Grl17P
blNv3W6V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:12 2024 by rpki-client on console-fra.rpki-client.org