Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Qft4BbjeKYcqdkqwjb3vC8Ob33Q.roa
File: Qft4BbjeKYcqdkqwjb3vC8Ob33Q.roa (raw, json)
Hash identifier: 3tXdKMzjT7gy5LWpjz0pBAtRXaoTMmG4j75wIQedZKU=
Subject key identifier: 41:FB:78:05:B8:DE:29:87:2A:76:4A:B0:8D:BD:EF:0B:C3:9B:DF:74
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018C86CBB53C80D006CD8DE2B64370D3F74F
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Qft4BbjeKYcqdkqwjb3vC8Ob33Q.roa
Signing time: Wed 20 Dec 2023 10:35:46 +0000
ROA not before: Wed 20 Dec 2023 10:35:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34471
IP address blocks: 176.227.155.0/24 maxlen: 24
178.156.34.0/24 maxlen: 24
84.236.158.0/24 maxlen: 24
84.232.104.0/24 maxlen: 24
37.72.16.0/24 maxlen: 24
84.232.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:cb:b5:3c:80:d0:06:cd:8d:e2:b6:43:70:d3:f7:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Dec 20 10:35:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41fb7805b8de29872a764ab08dbdef0bc39bdf74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5c:e6:44:ae:51:2b:2d:8f:ba:f2:93:79:e0:
76:de:46:0a:5d:2c:e5:7f:7c:87:52:80:57:46:0e:
63:cb:f8:b3:5c:fe:83:a6:6d:8c:00:8d:4d:d6:a1:
d2:2a:44:b4:a4:94:a4:1b:c0:3b:24:79:2f:84:61:
03:ce:b9:e2:29:0e:8c:c0:c2:16:87:5b:45:7e:42:
a8:31:2c:32:d8:02:f7:ca:b0:d1:90:ff:57:63:0f:
1c:31:73:de:89:6b:c1:80:d1:24:1b:7a:5d:29:74:
49:17:cc:5d:51:44:84:40:9a:eb:39:cb:5d:08:ec:
fa:df:9c:a5:c4:83:74:ee:eb:a2:f0:ca:c8:28:74:
7c:c7:56:e5:e6:44:e5:a2:15:5c:ff:7e:8f:06:0e:
88:7a:68:1f:cf:11:40:36:a7:a8:80:17:b4:3c:91:
bd:7a:ea:9a:34:da:f6:14:d9:57:d3:69:3c:d3:e7:
c6:63:a7:fc:f5:41:76:13:18:ea:27:89:67:41:2d:
23:60:0f:d0:b6:3a:a5:e0:f7:ca:84:cf:94:99:27:
42:f4:4a:85:d3:d6:02:78:5b:25:01:23:95:b2:cc:
d4:a0:ba:86:7e:6a:6b:2e:07:44:42:bc:41:28:88:
d9:45:10:78:2a:84:58:f8:fa:95:5a:c7:9f:5a:6d:
73:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FB:78:05:B8:DE:29:87:2A:76:4A:B0:8D:BD:EF:0B:C3:9B:DF:74
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/Qft4BbjeKYcqdkqwjb3vC8Ob33Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.16.0/24
84.232.39.0/24
84.232.104.0/24
84.236.158.0/24
176.227.155.0/24
178.156.34.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:24:4b:3f:1d:1d:e6:be:c6:72:60:dc:c2:e4:8c:c2:14:25:
35:be:39:7f:7f:f5:1e:59:b1:7c:ea:b0:f2:08:52:d6:05:a4:
f3:1e:dc:8e:d3:df:12:8d:92:4c:44:31:c4:fd:22:cd:db:31:
bb:5d:c3:77:6b:68:10:a5:e0:c5:79:52:1d:30:f6:dd:82:6d:
27:7f:15:1d:3d:31:f3:79:0a:d3:76:06:4e:7f:e7:5e:f4:c9:
0f:00:90:dd:55:9e:46:6a:34:e2:38:19:e9:6e:7b:56:fe:67:
46:e7:67:9a:9f:35:66:c0:dc:db:b7:b2:c6:72:e2:90:9c:ab:
d3:39:4a:eb:98:99:a9:c1:0d:eb:ff:e7:33:93:8a:29:e7:31:
e7:7d:cd:2d:57:e7:f6:56:f9:02:db:6b:7d:e7:e3:e7:11:4c:
b0:73:85:0e:f4:22:c4:9b:23:8b:ec:83:d4:b6:45:5d:53:3a:
60:81:94:9d:63:d8:e3:e3:09:9f:5a:7b:d5:9c:7f:fe:8e:a1:
c5:96:33:87:b2:07:a5:f2:7d:39:a3:4a:7b:eb:d6:04:d4:4c:
46:78:c1:61:82:ae:9e:17:2c:2c:c3:a3:7f:ed:54:04:4a:3a:
43:7a:1f:9f:ad:f6:71:80:67:5a:b7:47:1f:00:b3:e7:65:98:
57:c4:63:8f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYyGy7U8gNAGzY3itkNw0/dPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMxMjIwMTAzNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZiNzgwNWI4ZGUyOTg3MmE3NjRhYjA4ZGJkZWYwYmMzOWJkZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVzmRK5RKy2PuvKTeeB23kYKXSzl
f3yHUoBXRg5jy/izXP6Dpm2MAI1N1qHSKkS0pJSkG8A7JHkvhGEDzrniKQ6MwMIW
h1tFfkKoMSwy2AL3yrDRkP9XYw8cMXPeiWvBgNEkG3pdKXRJF8xdUUSEQJrrOctd
COz635ylxIN07uui8MrIKHR8x1bl5kTlohVc/36PBg6IemgfzxFANqeogBe0PJG9
euqaNNr2FNlX02k80+fGY6f89UF2ExjqJ4lnQS0jYA/Qtjql4PfKhM+UmSdC9EqF
09YCeFslASOVsszUoLqGfmprLgdEQrxBKIjZRRB4KoRY+PqVWsefWm1zbQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEH7eAW43imHKnZKsI297wvDm990MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvUWZ0NEJiamVLWWNxZGtxd2piM3ZDOE9iMzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJUgQAwQA
VOgnAwQAVOhoAwQAVOyeAwQAsOObAwQAspwiMA0GCSqGSIb3DQEBCwUAA4IBAQDU
JEs/HR3mvsZyYNzC5IzCFCU1vjl/f/UeWbF86rDyCFLWBaTzHtyO098SjZJMRDHE
/SLN2zG7XcN3a2gQpeDFeVIdMPbdgm0nfxUdPTHzeQrTdgZOf+de9MkPAJDdVZ5G
ajTiOBnpbntW/mdG52eanzVmwNzbt7LGcuKQnKvTOUrrmJmpwQ3r/+czk4op5zHn
fc0tV+f2VvkC22t95+PnEUywc4UO9CLEmyOL7IPUtkVdUzpggZSdY9jj4wmfWnvV
nH/+jqHFljOHsgel8n05o0p769YE1ExGeMFhgq6eFywsw6N/7VQESjpDeh+frfZx
gGdat0cfALPnZZhXxGOP
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:46 2024 by rpki-client on console-ams.rpki-client.org