Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/cb0d91-8270-4550-8fac-0ce2038aaa7b/1/QNzdFj_l4LXY-KxCdRCrOCE605k.roa
File: QNzdFj_l4LXY-KxCdRCrOCE605k.roa (raw, json)
Hash identifier: MpkArB7hFXbuKHNfXKcBrBvAut6otUukylL/DBXg1Z4=
Subject key identifier: 40:DC:DD:16:3F:E5:E0:B5:D8:F8:AC:42:75:10:AB:38:21:3A:D3:99
Certificate issuer: /CN=63b82772af3d611b99b1ba6e3eb6cbfd16965363
Certificate serial: 01856DB88565EBA672410CB372B82DDEFBE8
Authority key identifier: 63:B8:27:72:AF:3D:61:1B:99:B1:BA:6E:3E:B6:CB:FD:16:96:53:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y7gncq89YRuZsbpuPrbL_RaWU2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/cb0d91-8270-4550-8fac-0ce2038aaa7b/1/QNzdFj_l4LXY-KxCdRCrOCE605k.roa
Signing time: Sun 01 Jan 2023 14:24:47 +0000
ROA not before: Sun 01 Jan 2023 14:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209716
IP address blocks: 88.218.235.0/25 maxlen: 25
2a0c:ad80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:85:65:eb:a6:72:41:0c:b3:72:b8:2d:de:fb:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63b82772af3d611b99b1ba6e3eb6cbfd16965363
Validity
Not Before: Jan 1 14:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40dcdd163fe5e0b5d8f8ac427510ab38213ad399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a3:bd:8b:da:c4:7e:4b:ff:df:6f:16:fa:c3:
79:bd:83:d3:2c:03:3f:a5:24:ed:7f:9e:91:71:4a:
28:ff:da:02:ca:8d:f5:63:40:9d:c7:85:44:63:ea:
cd:98:45:68:71:80:b2:98:ba:e9:e8:8c:e2:a7:92:
57:e7:b7:80:d1:8d:11:4f:05:8f:e6:35:7d:6a:17:
73:65:6f:2f:04:75:de:4f:e6:47:86:55:d2:57:8d:
07:ce:cd:33:09:f4:ed:dd:a0:24:76:0e:a8:a2:91:
86:ed:22:54:f4:2f:8e:bf:3e:5f:7b:76:ad:11:bf:
b6:4f:b9:ca:28:ff:a5:31:65:99:81:eb:e3:5e:1b:
08:1d:cc:93:51:bf:bb:4e:69:80:62:06:83:9b:82:
e0:05:a8:b6:d1:a4:91:a9:f8:4d:55:b0:76:59:0e:
59:36:d5:86:7b:2e:19:56:fa:2a:d4:ee:ed:f8:42:
8e:54:76:53:46:a1:c1:7d:c9:e4:01:05:df:7a:d0:
7e:f6:0c:89:28:bd:83:94:0c:97:b1:40:a3:89:d2:
6f:64:f3:67:2a:e2:d8:bb:2e:04:26:c6:0d:34:cf:
42:67:8c:e3:53:fb:5d:4e:24:ca:46:97:9e:e0:ff:
74:89:3b:4c:ab:8c:ea:e2:57:83:eb:a5:bf:f9:24:
3f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:DC:DD:16:3F:E5:E0:B5:D8:F8:AC:42:75:10:AB:38:21:3A:D3:99
X509v3 Authority Key Identifier:
keyid:63:B8:27:72:AF:3D:61:1B:99:B1:BA:6E:3E:B6:CB:FD:16:96:53:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y7gncq89YRuZsbpuPrbL_RaWU2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/cb0d91-8270-4550-8fac-0ce2038aaa7b/1/QNzdFj_l4LXY-KxCdRCrOCE605k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/cb0d91-8270-4550-8fac-0ce2038aaa7b/1/Y7gncq89YRuZsbpuPrbL_RaWU2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.235.0/25
IPv6:
2a0c:ad80::/29
Signature Algorithm: sha256WithRSAEncryption
18:e2:72:d3:18:ec:38:82:74:59:91:64:8d:85:5d:df:c5:3c:
8c:17:8f:12:80:bd:34:c7:8e:c6:7c:3f:df:50:a7:a4:ca:f4:
f0:c5:78:e6:34:bd:d0:62:ac:dc:2f:0e:18:9e:92:c5:b0:c8:
af:35:b7:87:72:5b:a0:a8:c6:12:57:42:25:c6:59:56:f5:de:
3c:87:e3:d4:0a:cb:4e:98:4f:09:b7:fd:8a:38:d8:7c:55:65:
c1:1a:25:b0:a0:5b:fb:d2:9c:0f:c5:8c:7d:ac:0f:33:e3:d5:
ce:a7:63:54:ca:e4:18:dc:25:68:f6:52:7b:3e:68:94:78:33:
1b:49:fd:b9:67:88:2d:70:fc:63:f3:7e:29:fa:92:7d:1f:58:
a1:3a:a8:fa:79:c0:9c:fa:4e:82:68:b4:da:c6:d4:fe:42:39:
e9:47:01:3c:ee:dc:ba:de:0a:a4:c0:58:db:2b:29:f4:62:7a:
f1:fd:67:c9:4b:45:de:1d:ee:1e:e7:46:bf:31:15:31:0a:32:
04:54:5d:d3:59:1e:b6:a8:14:b3:5b:3c:6d:61:52:55:e8:bc:
c9:df:59:95:4a:b5:1a:14:d0:5b:5c:5d:4e:ed:d5:e9:c9:ec:
2c:2f:65:dd:5e:4d:69:a3:e5:ed:65:cb:d0:06:24:a1:3c:78:
2b:4b:5a:ab
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVtuIVl66ZyQQyzcrgt3vvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYjgyNzcyYWYzZDYxMWI5OWIxYmE2ZTNlYjZjYmZkMTY5
NjUzNjMwHhcNMjMwMTAxMTQyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGRjZGQxNjNmZTVlMGI1ZDhmOGFjNDI3NTEwYWIzODIxM2FkMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqO9i9rEfkv/328W+sN5vYPTLAM/
pSTtf56RcUoo/9oCyo31Y0Cdx4VEY+rNmEVocYCymLrp6Izip5JX57eA0Y0RTwWP
5jV9ahdzZW8vBHXeT+ZHhlXSV40Hzs0zCfTt3aAkdg6oopGG7SJU9C+Ovz5fe3at
Eb+2T7nKKP+lMWWZgevjXhsIHcyTUb+7TmmAYgaDm4LgBai20aSRqfhNVbB2WQ5Z
NtWGey4ZVvoq1O7t+EKOVHZTRqHBfcnkAQXfetB+9gyJKL2DlAyXsUCjidJvZPNn
KuLYuy4EJsYNNM9CZ4zjU/tdTiTKRpee4P90iTtMq4zq4leD66W/+SQ/4wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEDc3RY/5eC12PisQnUQqzghOtOZMB8GA1UdIwQY
MBaAFGO4J3KvPWEbmbG6bj62y/0WllNjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTdnbmNxODlZUnVac2JwdVByYkxfUmFXVTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9jYjBkOTEtODI3MC00NTUwLThmYWMt
MGNlMjAzOGFhYTdiLzEvUU56ZEZqX2w0TFhZLUt4Q2RSQ3JPQ0U2MDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9jYjBkOTEtODI3MC00NTUwLThmYWMtMGNlMjAzOGFhYTdi
LzEvWTdnbmNxODlZUnVac2JwdVByYkxfUmFXVTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjANBAIAATAHAwUHWNrrADAN
BAIAAjAHAwUDKgytgDANBgkqhkiG9w0BAQsFAAOCAQEAGOJy0xjsOIJ0WZFkjYVd
38U8jBePEoC9NMeOxnw/31CnpMr08MV45jS90GKs3C8OGJ6SxbDIrzW3h3JboKjG
EldCJcZZVvXePIfj1ArLTphPCbf9ijjYfFVlwRolsKBb+9KcD8WMfawPM+PVzqdj
VMrkGNwlaPZSez5olHgzG0n9uWeILXD8Y/N+KfqSfR9YoTqo+nnAnPpOgmi02sbU
/kI56UcBPO7cut4KpMBY2ysp9GJ68f1nyUtF3h3uHudGvzEVMQoyBFRd01ketqgU
s1s8bWFSVei8yd9ZlUq1GhTQW1xdTu3V6cnsLC9l3V5NaaPl7WXL0AYkoTx4K0ta
qw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:26 2024 by rpki-client on console-fra.rpki-client.org