Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/QW7xGtA-nPZJmk2W57y0p1wr8w4.roa
File: QW7xGtA-nPZJmk2W57y0p1wr8w4.roa (raw, json)
Hash identifier: 7FhMsrR3/4mx2phM/bPXjpFHfcBFIKM3ZpUucMWxNUc=
Subject key identifier: 41:6E:F1:1A:D0:3E:9C:F6:49:9A:4D:96:E7:BC:B4:A7:5C:2B:F3:0E
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0187108E8065CF736EBB58BF609ECB8FEF6D
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/QW7xGtA-nPZJmk2W57y0p1wr8w4.roa
Signing time: Thu 23 Mar 2023 22:19:47 +0000
ROA not before: Thu 23 Mar 2023 22:19:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14576
IP address blocks: 194.110.150.0/24 maxlen: 24
45.159.23.0/24 maxlen: 24
88.218.46.0/24 maxlen: 24
89.19.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Mar 2023 21:09:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:8e:80:65:cf:73:6e:bb:58:bf:60:9e:cb:8f:ef:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 23 22:19:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=416ef11ad03e9cf6499a4d96e7bcb4a75c2bf30e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:71:54:81:f8:f9:6b:de:f6:91:c2:9b:23:32:
df:8c:86:89:b8:d9:64:da:ff:d6:c3:ff:e7:78:b7:
55:db:fa:bb:55:46:63:e6:91:79:19:17:57:71:c7:
70:9f:1f:e8:f8:69:3c:ee:48:af:37:8c:5b:7b:75:
e5:26:8b:41:04:20:14:90:31:8b:b8:1d:12:8b:56:
27:85:85:60:4f:7b:81:07:bb:f5:0b:3d:4b:46:cc:
06:8a:f8:9c:41:52:c6:c3:d9:0e:db:fa:ee:ad:b8:
c8:f7:b4:c8:e8:83:a3:d3:3f:ec:18:f7:7d:4a:8f:
d6:99:53:e2:b7:63:c2:af:41:ea:bc:32:d0:8f:8e:
c4:2a:b9:88:4c:ee:ba:c6:d9:96:18:27:3e:97:9e:
a0:9e:ec:f7:02:55:3f:58:a3:23:f7:19:93:12:99:
57:e6:12:23:95:eb:af:51:96:ce:1f:2d:77:d9:4a:
ca:4d:ce:c1:07:46:e9:8b:dd:86:7b:72:35:b7:cc:
ed:ff:13:ea:b3:40:c6:02:a5:5b:60:58:a6:82:d0:
fa:7c:95:48:35:30:80:1a:9c:35:d4:1a:1d:0f:8c:
6a:46:96:c5:0b:fb:fc:02:43:77:fb:17:66:62:d7:
b5:db:f4:fb:a1:6f:e0:2f:90:e2:4b:c9:5f:6e:9a:
19:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6E:F1:1A:D0:3E:9C:F6:49:9A:4D:96:E7:BC:B4:A7:5C:2B:F3:0E
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/QW7xGtA-nPZJmk2W57y0p1wr8w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.23.0/24
88.218.46.0/24
89.19.34.0/24
194.110.150.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:1e:c5:cd:4d:66:f9:95:90:fc:ec:35:0e:3c:cc:07:d7:94:
72:8d:d1:92:4c:8c:76:2a:cc:02:d7:69:b7:ad:e4:63:7e:d6:
fa:88:ff:d6:ab:52:da:ca:53:ca:1e:0c:3f:76:e7:b8:09:94:
3d:38:cd:e8:b3:f9:68:ec:00:9a:58:fc:97:a5:3c:ba:1f:86:
00:a5:33:4c:6b:f9:bf:0f:be:0a:15:46:41:b6:e7:c3:fe:d1:
61:3a:06:43:59:9b:b8:0f:8e:9b:1f:d7:05:b8:61:11:62:0a:
2b:9e:21:c7:32:2e:b9:48:51:5e:75:35:71:27:b4:51:64:dd:
28:8b:aa:4a:c0:63:be:fc:30:02:b0:b0:ae:fa:6a:b3:12:84:
4d:6a:67:27:a1:f5:90:cb:ea:d3:0e:58:89:00:c1:d9:9c:8d:
f3:6d:7c:73:88:e9:c6:c6:40:cb:c7:df:61:92:27:47:90:f4:
63:11:eb:53:57:dd:57:43:68:17:ad:54:00:67:8e:df:5f:5c:
b4:ee:21:ae:d5:cd:d6:3f:2e:07:10:2d:6f:56:da:54:59:ef:
2e:5d:4e:25:2f:cc:33:3a:03:e6:56:e4:4a:65:0a:db:cc:b6:
1f:68:12:7c:cc:7c:00:a0:f9:fe:76:86:68:cd:86:75:82:1c:
8e:5f:c2:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYcQjoBlz3Nuu1i/YJ7Lj+9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIzMjIxOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTZlZjExYWQwM2U5Y2Y2NDk5YTRkOTZlN2JjYjRhNzVjMmJmMzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknFUgfj5a972kcKbIzLfjIaJuNlk
2v/Ww//neLdV2/q7VUZj5pF5GRdXccdwnx/o+Gk87kivN4xbe3XlJotBBCAUkDGL
uB0Si1YnhYVgT3uBB7v1Cz1LRswGivicQVLGw9kO2/rurbjI97TI6IOj0z/sGPd9
So/WmVPit2PCr0HqvDLQj47EKrmITO66xtmWGCc+l56gnuz3AlU/WKMj9xmTEplX
5hIjleuvUZbOHy132UrKTc7BB0bpi92Ge3I1t8zt/xPqs0DGAqVbYFimgtD6fJVI
NTCAGpw11BodD4xqRpbFC/v8AkN3+xdmYte12/T7oW/gL5DiS8lfbpoZ6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEFu8RrQPpz2SZpNlue8tKdcK/MOMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvUVc3eEd0QS1uUFpKbWsyVzU3eTBwMXdyOHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZ8XAwQA
WNouAwQAWRMiAwQAwm6WMA0GCSqGSIb3DQEBCwUAA4IBAQCoHsXNTWb5lZD87DUO
PMwH15RyjdGSTIx2KswC12m3reRjftb6iP/Wq1LaylPKHgw/due4CZQ9OM3os/lo
7ACaWPyXpTy6H4YApTNMa/m/D74KFUZBtufD/tFhOgZDWZu4D46bH9cFuGERYgor
niHHMi65SFFedTVxJ7RRZN0oi6pKwGO+/DACsLCu+mqzEoRNamcnofWQy+rTDliJ
AMHZnI3zbXxziOnGxkDLx99hkidHkPRjEetTV91XQ2gXrVQAZ47fX1y07iGu1c3W
Py4HEC1vVtpUWe8uXU4lL8wzOgPmVuRKZQrbzLYfaBJ8zHwAoPn+doZozYZ1ghyO
X8Le
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:20 2024 by rpki-client on console-ams.rpki-client.org