Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/QMX7FjiSpyJn95OxCfyuKdpPBTg.roa
File: QMX7FjiSpyJn95OxCfyuKdpPBTg.roa (raw, json)
Hash identifier: jHgbehv5tIkSyAr/cyIOt2ZLRfo3BfYNYe9b8sxAqws=
Subject key identifier: 40:C5:FB:16:38:92:A7:22:67:F7:93:B1:09:FC:AE:29:DA:4F:05:38
Certificate issuer: /CN=0c202663de852c7060fdea0298b490d5edcc0f24
Certificate serial: 0189FEDCB659282BD30F256A9B05C9F25125
Authority key identifier: 0C:20:26:63:DE:85:2C:70:60:FD:EA:02:98:B4:90:D5:ED:CC:0F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/QMX7FjiSpyJn95OxCfyuKdpPBTg.roa
Signing time: Wed 16 Aug 2023 15:00:24 +0000
ROA not before: Wed 16 Aug 2023 15:00:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8368
IP address blocks: 194.32.168.0/22 maxlen: 24
176.125.224.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:dc:b6:59:28:2b:d3:0f:25:6a:9b:05:c9:f2:51:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c202663de852c7060fdea0298b490d5edcc0f24
Validity
Not Before: Aug 16 15:00:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40c5fb163892a72267f793b109fcae29da4f0538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6b:16:83:09:bb:fe:28:a1:c9:c3:9e:e5:0e:
bc:b1:53:95:0d:b2:23:6d:a9:48:7c:6d:d8:8e:03:
22:12:3d:96:d7:82:93:76:dd:88:ce:c5:61:22:25:
e1:37:7e:23:38:df:44:6d:d0:c7:6b:b5:ab:21:4f:
b5:58:ba:49:03:1e:47:af:e7:72:1f:2b:70:32:2b:
ac:b2:56:37:c8:d2:1a:8b:65:8d:97:04:61:b2:51:
3d:b1:61:6f:02:9b:3a:50:d1:8f:ef:f1:cb:d5:84:
51:8c:6b:09:42:58:32:6d:72:61:f0:b0:32:25:fd:
f2:17:2d:2b:dd:2f:e4:b1:36:42:e8:36:b7:ff:01:
48:d0:67:a3:64:c3:6c:6b:06:03:85:96:c0:9d:41:
5e:2c:75:73:c8:d5:2e:86:cd:b8:1b:20:b8:8f:ae:
c9:08:a2:6c:08:be:d1:43:24:95:74:96:e0:16:d2:
24:02:09:31:69:b6:dc:f4:2e:4a:68:7d:94:21:ba:
67:4a:32:77:3c:63:35:0c:b5:44:2e:52:bd:5e:0b:
f6:31:59:3d:54:5c:1f:bc:30:69:09:36:e1:c6:35:
26:69:7c:24:cd:7d:ae:96:d4:31:35:99:4b:67:ac:
8d:f1:96:0a:d5:fa:25:42:79:9e:df:17:65:37:06:
2f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C5:FB:16:38:92:A7:22:67:F7:93:B1:09:FC:AE:29:DA:4F:05:38
X509v3 Authority Key Identifier:
keyid:0C:20:26:63:DE:85:2C:70:60:FD:EA:02:98:B4:90:D5:ED:CC:0F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/QMX7FjiSpyJn95OxCfyuKdpPBTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.224.0/22
194.32.168.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:a2:18:88:ca:95:87:7f:33:78:7a:36:c2:a3:fe:85:3f:74:
ea:c8:5c:88:67:21:7b:65:d0:03:26:ce:03:fc:51:fc:30:b7:
82:88:4a:fb:55:b3:16:a4:10:a4:09:95:e8:f4:7a:81:c6:7b:
d4:e9:f8:42:ef:c3:65:d3:79:49:73:ac:b9:e8:3a:df:34:cf:
ba:53:a6:e2:97:a5:d9:f9:79:93:b4:70:e0:7f:be:b1:f6:42:
4a:11:1d:82:9c:c4:d7:2a:5d:f1:c6:bb:40:ec:50:96:34:ea:
20:b3:d8:10:61:15:50:c9:fd:97:3d:d7:f6:50:2e:09:eb:f0:
84:02:49:53:d3:7d:18:bc:34:b8:fb:b2:36:8b:af:98:b3:b8:
d6:64:dc:83:28:85:04:ff:dd:58:8e:11:b9:4f:bb:43:b1:4d:
73:c8:69:dd:74:dd:89:c3:b8:11:1b:87:42:60:c6:d3:79:b7:
5a:43:ed:40:b1:77:01:07:35:12:c1:74:26:c1:36:75:26:6d:
8a:dd:bc:5b:b2:63:6d:93:ac:87:5f:fd:e8:db:07:05:30:04:
7c:ad:5c:34:3c:ee:3a:b5:d8:bd:75:e5:23:b6:bb:9b:2b:02:
16:5f:00:7e:f9:d0:53:68:23:0e:01:6f:ba:9b:d1:1a:8a:72:
da:2f:ef:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn+3LZZKCvTDyVqmwXJ8lElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjAyNjYzZGU4NTJjNzA2MGZkZWEwMjk4YjQ5MGQ1ZWRj
YzBmMjQwHhcNMjMwODE2MTUwMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM1ZmIxNjM4OTJhNzIyNjdmNzkzYjEwOWZjYWUyOWRhNGYwNTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2sWgwm7/iihycOe5Q68sVOVDbIj
balIfG3YjgMiEj2W14KTdt2IzsVhIiXhN34jON9EbdDHa7WrIU+1WLpJAx5Hr+dy
HytwMiusslY3yNIai2WNlwRhslE9sWFvAps6UNGP7/HL1YRRjGsJQlgybXJh8LAy
Jf3yFy0r3S/ksTZC6Da3/wFI0GejZMNsawYDhZbAnUFeLHVzyNUuhs24GyC4j67J
CKJsCL7RQySVdJbgFtIkAgkxabbc9C5KaH2UIbpnSjJ3PGM1DLVELlK9Xgv2MVk9
VFwfvDBpCTbhxjUmaXwkzX2ultQxNZlLZ6yN8ZYK1folQnme3xdlNwYvYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDF+xY4kqciZ/eTsQn8rinaTwU4MB8GA1UdIwQY
MBaAFAwgJmPehSxwYP3qApi0kNXtzA8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENBbVk5NkZMSEJnX2VvQ21MU1ExZTNNRHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wOTEwZTYtYzA3NC00MGQwLWI3ODkt
YTE3ODA0NDM5ODk1LzEvUU1YN0ZqaVNweUpuOTVPeENmeXVLZHBQQlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wOTEwZTYtYzA3NC00MGQwLWI3ODktYTE3ODA0NDM5ODk1
LzEvRENBbVk5NkZMSEJnX2VvQ21MU1ExZTNNRHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsH3gAwQC
wiCoMA0GCSqGSIb3DQEBCwUAA4IBAQA9ohiIypWHfzN4ejbCo/6FP3TqyFyIZyF7
ZdADJs4D/FH8MLeCiEr7VbMWpBCkCZXo9HqBxnvU6fhC78Nl03lJc6y56DrfNM+6
U6bil6XZ+XmTtHDgf76x9kJKER2CnMTXKl3xxrtA7FCWNOogs9gQYRVQyf2XPdf2
UC4J6/CEAklT030YvDS4+7I2i6+Ys7jWZNyDKIUE/91YjhG5T7tDsU1zyGnddN2J
w7gRG4dCYMbTebdaQ+1AsXcBBzUSwXQmwTZ1Jm2K3bxbsmNtk6yHX/3o2wcFMAR8
rVw0PO46tdi9deUjtrubKwIWXwB++dBTaCMOAW+6m9EainLaL+8b
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:26 2024 by rpki-client on console-fra.rpki-client.org