Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/QBqrfS4Lzz88ZV4WXmcZM4HAHuU.roa
File: QBqrfS4Lzz88ZV4WXmcZM4HAHuU.roa (raw, json)
Hash identifier: b6GpStWAw7ZLfjAmIV4p+4qOETP8y8902I0M5bSzoyc=
Subject key identifier: 40:1A:AB:7D:2E:0B:CF:3F:3C:65:5E:16:5E:67:19:33:81:C0:1E:E5
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018705E32EB67C790C87DAB0F53680B8E19B
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/QBqrfS4Lzz88ZV4WXmcZM4HAHuU.roa
Signing time: Tue 21 Mar 2023 20:36:27 +0000
ROA not before: Tue 21 Mar 2023 20:36:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49453
IP address blocks: 178.20.31.0/24 maxlen: 24
178.20.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Mar 2023 22:10:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:05:e3:2e:b6:7c:79:0c:87:da:b0:f5:36:80:b8:e1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 21 20:36:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=401aab7d2e0bcf3f3c655e165e67193381c01ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:65:26:4a:12:92:3a:45:38:ca:df:8b:c2:76:
7a:d5:8e:b3:d3:e6:0d:c5:fb:fe:24:21:2c:ed:37:
80:5a:8a:55:25:c5:f5:15:83:38:7c:71:67:14:a6:
83:c8:e7:34:40:06:7b:be:a5:b3:80:59:85:e7:14:
44:7e:e6:de:fd:d5:e3:85:19:07:17:d7:d5:22:e7:
99:19:50:4d:44:78:39:54:1d:76:cf:b0:65:3c:51:
e6:15:0e:c0:4b:54:34:b2:2e:7d:e2:f9:3f:0e:ba:
a5:db:45:a4:ee:bc:b5:de:1b:a6:8e:94:9d:26:a7:
21:33:6b:c8:b4:44:d6:6e:ca:1c:27:2b:9e:c5:dc:
cc:cb:ea:a9:11:3b:6a:1b:d7:af:b5:93:6f:c7:f6:
0c:52:72:45:87:57:51:88:f3:cd:63:77:93:82:94:
68:5d:3b:13:92:47:46:0a:af:d0:03:69:7a:34:24:
9f:61:ad:0f:24:52:e9:ba:1f:cc:91:5b:44:0c:46:
7c:c6:90:eb:13:b9:38:82:01:61:e1:e9:eb:1a:7a:
06:4b:7f:ea:c0:1b:b2:02:5d:63:b4:d3:1d:f9:18:
84:c4:a8:f2:f9:cc:2c:2a:d7:9e:b1:e1:09:0e:29:
1e:7a:5d:33:ae:1b:8b:53:da:f8:94:57:9a:52:c2:
38:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1A:AB:7D:2E:0B:CF:3F:3C:65:5E:16:5E:67:19:33:81:C0:1E:E5
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/QBqrfS4Lzz88ZV4WXmcZM4HAHuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.29.0/24
178.20.31.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:04:3b:19:f4:e1:67:60:df:90:aa:5f:5d:89:5b:c4:98:6e:
a9:74:94:ee:48:7d:bf:8c:99:1f:35:60:be:54:21:ab:ae:38:
50:2f:a2:a1:4f:06:31:53:91:72:0a:05:3a:40:5c:37:b6:5d:
5a:13:ce:bf:3a:2a:58:d2:72:e3:fe:38:36:8e:3d:fd:5b:b1:
0b:8a:f3:33:d5:c8:41:9c:dc:b3:1f:e9:10:bc:7b:7f:c5:35:
42:79:9c:1c:8f:14:39:70:ec:74:4c:7c:77:7f:49:96:a9:36:
bb:e1:33:57:14:6d:3a:c9:71:14:b1:d5:c3:5f:94:41:a6:61:
f7:0b:79:07:8a:4c:de:15:ac:9c:7d:66:c7:af:2c:f2:66:30:
78:e0:c1:3b:9f:b6:4b:6c:85:e1:1c:b3:b7:c9:cd:f5:19:62:
30:aa:0e:68:32:67:8e:35:ae:e6:66:e5:3d:a8:3f:d4:86:b6:
4f:d7:0e:e5:72:5f:9a:14:7d:06:df:1a:c2:51:01:26:a6:11:
f0:05:74:b0:00:ac:50:7b:0e:59:86:fa:d9:c9:61:5a:0a:71:
cb:e4:c8:66:a9:4c:6e:45:6a:bb:ae:2e:58:8b:68:d9:2b:e1:
46:2a:5d:c3:13:2a:40:56:67:7e:3f:ca:50:20:0d:9e:ac:8c:
c6:77:bd:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcF4y62fHkMh9qw9TaAuOGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIxMjAzNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDFhYWI3ZDJlMGJjZjNmM2M2NTVlMTY1ZTY3MTkzMzgxYzAxZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGUmShKSOkU4yt+LwnZ61Y6z0+YN
xfv+JCEs7TeAWopVJcX1FYM4fHFnFKaDyOc0QAZ7vqWzgFmF5xREfube/dXjhRkH
F9fVIueZGVBNRHg5VB12z7BlPFHmFQ7AS1Q0si594vk/Drql20Wk7ry13humjpSd
JqchM2vItETWbsocJyuexdzMy+qpETtqG9evtZNvx/YMUnJFh1dRiPPNY3eTgpRo
XTsTkkdGCq/QA2l6NCSfYa0PJFLpuh/MkVtEDEZ8xpDrE7k4ggFh4enrGnoGS3/q
wBuyAl1jtNMd+RiExKjy+cwsKteeseEJDikeel0zrhuLU9r4lFeaUsI4bwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEAaq30uC88/PGVeFl5nGTOBwB7lMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvUUJxcmZTNEx6ejg4WlY0V1htY1pNNEhBSHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAshQdAwQA
shQfMA0GCSqGSIb3DQEBCwUAA4IBAQChBDsZ9OFnYN+Qql9diVvEmG6pdJTuSH2/
jJkfNWC+VCGrrjhQL6KhTwYxU5FyCgU6QFw3tl1aE86/OipY0nLj/jg2jj39W7EL
ivMz1chBnNyzH+kQvHt/xTVCeZwcjxQ5cOx0THx3f0mWqTa74TNXFG06yXEUsdXD
X5RBpmH3C3kHikzeFaycfWbHryzyZjB44ME7n7ZLbIXhHLO3yc31GWIwqg5oMmeO
Na7mZuU9qD/UhrZP1w7lcl+aFH0G3xrCUQEmphHwBXSwAKxQew5ZhvrZyWFaCnHL
5MhmqUxuRWq7ri5Yi2jZK+FGKl3DEypAVmd+P8pQIA2erIzGd730
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:20 2024 by rpki-client on console-ams.rpki-client.org