Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/qa70xHQRy6SI0TiwcD1kWcdiG-M.roa
File: qa70xHQRy6SI0TiwcD1kWcdiG-M.roa (raw, json)
Hash identifier: KLtHwkNhNyXONNV4uBXe0u9v5GtRcB374GOcird8nDQ=
Subject key identifier: A9:AE:F4:C4:74:11:CB:A4:88:D1:38:B0:70:3D:64:59:C7:62:1B:E3
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018896F2C4029D55F90670B40F90D711EFB3
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/qa70xHQRy6SI0TiwcD1kWcdiG-M.roa
Signing time: Wed 07 Jun 2023 17:41:12 +0000
ROA not before: Wed 07 Jun 2023 17:41:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49453
IP address blocks: 178.20.31.0/24 maxlen: 24
178.20.29.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:96:f2:c4:02:9d:55:f9:06:70:b4:0f:90:d7:11:ef:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jun 7 17:41:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9aef4c47411cba488d138b0703d6459c7621be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:17:47:b3:4e:88:ba:8c:bf:bd:3d:ea:36:94:
fb:b0:5c:02:e2:87:99:28:9b:fb:b7:5c:ee:77:ed:
36:40:08:98:c1:f7:72:f8:13:41:f3:8c:e4:0b:8f:
71:17:2f:f7:0f:14:1c:11:6f:65:fc:61:c8:63:18:
14:2e:0b:05:f3:66:60:68:ec:52:62:0e:01:ee:c9:
19:a1:6b:f9:8c:28:f0:f4:b0:39:23:0c:0e:1c:b7:
ea:fe:4e:62:bb:77:bd:d2:9b:83:0e:11:d3:13:35:
55:e0:83:91:3d:4c:a5:e8:76:b5:8c:c0:07:5a:b4:
7a:96:45:7e:b6:73:ff:d2:b0:a2:53:90:3e:7b:4f:
08:f4:79:4f:73:93:ea:30:9f:c6:b0:ed:fa:09:7a:
7f:cc:05:f8:11:b7:0f:f8:5c:3e:cc:be:30:cb:0b:
92:92:95:41:45:cd:06:cd:85:97:e4:9c:a8:63:e3:
6c:2b:2b:17:ea:74:2c:92:1e:35:89:5f:18:4f:e6:
a8:cb:cd:db:e1:51:b9:00:b9:47:33:6b:6b:bf:bc:
13:bf:77:f6:95:0d:7a:a3:25:46:0f:22:9c:06:e6:
0c:f2:c2:a8:55:13:c8:fe:75:13:44:0b:c3:fb:65:
bf:49:c5:31:a9:e6:70:a2:99:36:f0:ec:00:de:3b:
df:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AE:F4:C4:74:11:CB:A4:88:D1:38:B0:70:3D:64:59:C7:62:1B:E3
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/qa70xHQRy6SI0TiwcD1kWcdiG-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.29.0/24
178.20.31.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:2c:bd:52:b4:8c:23:a2:6d:85:57:ac:65:4a:62:aa:c9:0c:
21:ec:5a:f9:e5:5b:4c:ae:55:99:85:f9:ee:22:35:3b:2c:88:
81:69:75:e7:da:0c:65:48:4d:f1:d0:a4:2d:4d:c5:f2:a1:ac:
02:9c:4e:4c:2a:91:dc:d6:b0:2b:41:29:1c:99:c9:d4:5a:de:
fb:91:66:fd:6e:ec:0e:04:da:ac:2f:09:81:6a:37:67:a4:1a:
c4:52:bf:25:81:4c:4c:33:8f:a6:99:e8:e9:d9:21:13:44:40:
63:5c:3a:4d:77:da:f4:f0:8e:b1:e7:ad:23:f6:5d:d0:7c:aa:
1c:6d:73:53:b4:8c:ee:77:e9:7b:d1:5b:2f:e9:e9:b7:cc:aa:
5f:ce:44:a1:d7:c9:dd:17:06:a0:c8:c0:52:ca:ac:03:39:59:
19:55:a2:fc:8d:2e:dd:63:7b:d8:46:46:be:c6:c3:cc:61:99:
d1:de:74:5b:98:ed:fc:9f:1e:c6:bd:be:60:e2:00:71:da:f3:
8a:f7:20:84:17:6b:c1:7b:cf:21:25:28:d7:6f:0b:37:d1:32:
d7:b2:c5:86:76:27:d7:05:16:43:7a:ef:f1:a0:af:6d:e6:98:
3d:40:f7:33:2a:60:91:82:16:45:b7:03:5c:fe:a0:ac:a4:6a:
32:02:83:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiW8sQCnVX5BnC0D5DXEe+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwNjA3MTc0MTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFlZjRjNDc0MTFjYmE0ODhkMTM4YjA3MDNkNjQ1OWM3NjIxYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhdHs06Iuoy/vT3qNpT7sFwC4oeZ
KJv7t1zud+02QAiYwfdy+BNB84zkC49xFy/3DxQcEW9l/GHIYxgULgsF82ZgaOxS
Yg4B7skZoWv5jCjw9LA5IwwOHLfq/k5iu3e90puDDhHTEzVV4IORPUyl6Ha1jMAH
WrR6lkV+tnP/0rCiU5A+e08I9HlPc5PqMJ/GsO36CXp/zAX4EbcP+Fw+zL4wywuS
kpVBRc0GzYWX5JyoY+NsKysX6nQskh41iV8YT+aoy83b4VG5ALlHM2trv7wTv3f2
lQ16oyVGDyKcBuYM8sKoVRPI/nUTRAvD+2W/ScUxqeZwopk28OwA3jvfSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKmu9MR0EcukiNE4sHA9ZFnHYhvjMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvcWE3MHhIUVJ5NlNJMFRpd2NEMWtXY2RpRy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAshQdAwQA
shQfMA0GCSqGSIb3DQEBCwUAA4IBAQCKLL1StIwjom2FV6xlSmKqyQwh7Fr55VtM
rlWZhfnuIjU7LIiBaXXn2gxlSE3x0KQtTcXyoawCnE5MKpHc1rArQSkcmcnUWt77
kWb9buwOBNqsLwmBajdnpBrEUr8lgUxMM4+mmejp2SETREBjXDpNd9r08I6x560j
9l3QfKocbXNTtIzud+l70Vsv6em3zKpfzkSh18ndFwagyMBSyqwDOVkZVaL8jS7d
Y3vYRka+xsPMYZnR3nRbmO38nx7Gvb5g4gBx2vOK9yCEF2vBe88hJSjXbws30TLX
ssWGdifXBRZDeu/xoK9t5pg9QPczKmCRghZFtwNc/qCspGoyAoOH
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:39 2024 by rpki-client on console-ams.rpki-client.org