Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/QByIIYBm5dZfBJHV8yEL1GsgMAk.roa
File: QByIIYBm5dZfBJHV8yEL1GsgMAk.roa (raw, json)
Hash identifier: aPe0XnPxi8hssjVY+VwxKZ6pVb4MsPyMQ1tt/c+7l+M=
Subject key identifier: 40:1C:88:21:80:66:E5:D6:5F:04:91:D5:F3:21:0B:D4:6B:20:30:09
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 0186E4E39D8C1AFEE87C81D113805E12ABF3
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/QByIIYBm5dZfBJHV8yEL1GsgMAk.roa
Signing time: Wed 15 Mar 2023 10:49:27 +0000
ROA not before: Wed 15 Mar 2023 10:49:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 188.95.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Apr 2023 02:52:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:e3:9d:8c:1a:fe:e8:7c:81:d1:13:80:5e:12:ab:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: Mar 15 10:49:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=401c88218066e5d65f0491d5f3210bd46b203009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4b:af:c7:c4:27:36:10:70:da:07:5c:c6:ff:
b6:51:75:4c:3a:c6:02:6a:67:ba:a4:91:7b:94:49:
52:54:5e:ac:50:f3:2f:df:16:35:cb:f9:22:d2:39:
c4:2a:a0:f2:68:5d:fb:ae:2e:51:90:7d:4b:33:33:
e5:61:48:fc:69:66:96:f7:5d:96:0f:8a:71:12:f5:
dd:46:18:11:e2:3e:6e:cd:1f:c8:a8:bf:34:cb:35:
8b:81:1e:87:a5:64:0a:ed:28:d4:2a:1d:a1:5f:02:
f3:ee:a9:53:8c:86:6c:89:96:de:62:22:58:c8:e0:
79:e5:54:3b:54:2e:8d:16:57:27:4c:a2:4d:80:e6:
c1:69:ae:3d:ca:69:78:01:25:db:6e:f6:b8:28:4d:
bb:98:73:54:89:ed:90:e3:7f:82:c1:3b:9e:ea:f1:
36:de:25:de:22:92:96:56:13:57:d5:9f:b1:51:44:
db:0f:6b:d6:4b:d8:8c:bb:7a:ec:76:cc:86:3e:a2:
df:8a:eb:c1:d5:7f:09:c9:ef:a3:5a:09:ab:2a:6e:
22:09:71:31:0f:b6:ad:e6:17:02:fb:41:ec:c1:81:
5a:64:31:b7:af:b6:a3:b9:3b:b9:58:1e:5d:68:eb:
08:e8:f9:55:ef:ca:67:3e:ab:31:7e:7a:8b:e3:98:
62:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1C:88:21:80:66:E5:D6:5F:04:91:D5:F3:21:0B:D4:6B:20:30:09
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/QByIIYBm5dZfBJHV8yEL1GsgMAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.89.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:5d:f9:32:b4:d1:46:ba:9d:72:0e:47:4c:fd:46:92:a1:ba:
ce:ce:7a:b6:02:10:25:79:aa:9c:22:0d:01:41:c8:07:79:3b:
c3:af:fa:48:b8:c0:e2:e5:ff:76:df:e2:53:2e:41:eb:a0:23:
a2:f1:10:60:bb:c7:b2:db:ae:c3:ad:8b:5d:2e:db:75:13:45:
2e:34:fd:1c:8c:4f:19:9b:f2:f4:ee:83:7b:a2:90:e9:dd:be:
2d:e9:eb:d0:08:0a:4d:3c:b5:7d:55:c9:b9:e0:37:a7:ff:16:
4c:72:42:a2:f3:1d:82:b8:56:c2:21:0c:23:49:0b:5e:19:d0:
02:8e:2b:5f:0f:e2:c1:f3:be:a3:30:b5:26:82:43:ee:95:e5:
f2:55:35:66:7b:5c:73:47:8f:03:c8:46:4f:73:41:f5:d2:7b:
92:fc:fe:08:04:aa:ba:80:75:da:7b:ac:6d:27:9c:09:6f:a0:
5e:c9:26:b1:35:10:a0:3f:19:b4:6b:72:1f:e8:9f:df:7c:cf:
fe:15:af:ec:c5:b1:2b:86:25:50:1d:87:67:f0:87:9d:12:23:
5d:aa:30:35:c0:90:a1:ab:10:92:b5:a6:c4:8f:8d:c2:75:10:
bd:be:69:0d:57:51:ac:14:2b:f7:dd:54:f9:ea:a0:66:a4:44:
f9:48:f6:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbk452MGv7ofIHRE4BeEqvzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjMwMzE1MTA0OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDFjODgyMTgwNjZlNWQ2NWYwNDkxZDVmMzIxMGJkNDZiMjAzMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0uvx8QnNhBw2gdcxv+2UXVMOsYC
ame6pJF7lElSVF6sUPMv3xY1y/ki0jnEKqDyaF37ri5RkH1LMzPlYUj8aWaW912W
D4pxEvXdRhgR4j5uzR/IqL80yzWLgR6HpWQK7SjUKh2hXwLz7qlTjIZsiZbeYiJY
yOB55VQ7VC6NFlcnTKJNgObBaa49yml4ASXbbva4KE27mHNUie2Q43+CwTue6vE2
3iXeIpKWVhNX1Z+xUUTbD2vWS9iMu3rsdsyGPqLfiuvB1X8Jye+jWgmrKm4iCXEx
D7at5hcC+0HswYFaZDG3r7ajuTu5WB5daOsI6PlV78pnPqsxfnqL45hiKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAciCGAZuXWXwSR1fMhC9RrIDAJMB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEvUUJ5SUlZQm01ZFpmQkpIVjh5RUwxR3NnTUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9ZMA0G
CSqGSIb3DQEBCwUAA4IBAQDAXfkytNFGup1yDkdM/UaSobrOznq2AhAleaqcIg0B
QcgHeTvDr/pIuMDi5f923+JTLkHroCOi8RBgu8ey267DrYtdLtt1E0UuNP0cjE8Z
m/L07oN7opDp3b4t6evQCApNPLV9Vcm54Den/xZMckKi8x2CuFbCIQwjSQteGdAC
jitfD+LB876jMLUmgkPuleXyVTVme1xzR48DyEZPc0H10nuS/P4IBKq6gHXae6xt
J5wJb6BeySaxNRCgPxm0a3If6J/ffM/+Fa/sxbErhiVQHYdn8IedEiNdqjA1wJCh
qxCStabEj43CdRC9vmkNV1GsFCv33VT56qBmpET5SPYP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:05 2024 by rpki-client on console-ams.rpki-client.org