Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/QvtBp8ph3kcFOEaS2h-Z9iz26ZA.roa
File: QvtBp8ph3kcFOEaS2h-Z9iz26ZA.roa (raw, json)
Hash identifier: zzKSYXNLp+0XCYqmvjQqnl80HvhRJ8HnLL98/Cm/Xyo=
Subject key identifier: 42:FB:41:A7:CA:61:DE:47:05:38:46:92:DA:1F:99:F6:2C:F6:E9:90
Certificate issuer: /CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Certificate serial: 01856E38DAEFB0BD78FA97EC7CE9D4470D61
Authority key identifier: D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/QvtBp8ph3kcFOEaS2h-Z9iz26ZA.roa
Signing time: Sun 01 Jan 2023 16:44:57 +0000
ROA not before: Sun 01 Jan 2023 16:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203321
IP address blocks: 94.142.254.0/24 maxlen: 24
2a12:5c40::/48 maxlen: 48
2a12:5c40:3::/48 maxlen: 48
2a12:5c40:1::/48 maxlen: 48
2a12:5c40:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:da:ef:b0:bd:78:fa:97:ec:7c:e9:d4:47:0d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Validity
Not Before: Jan 1 16:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42fb41a7ca61de4705384692da1f99f62cf6e990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:62:4f:21:aa:12:bf:69:87:e8:b5:70:57:94:
74:2b:90:63:61:01:c5:0f:2c:ca:b0:81:4e:df:38:
19:43:eb:90:80:5e:32:43:95:a4:1a:2d:a9:28:dc:
3c:19:6f:d6:e4:89:7d:31:17:4c:40:35:b2:72:d5:
82:91:07:71:7f:1d:1c:22:73:6c:a8:0a:ab:60:54:
55:61:80:f9:d5:06:ef:e3:ae:4d:1b:2d:e3:43:d5:
18:8f:c4:9d:96:d1:7e:e0:1f:aa:4b:6b:c6:32:b1:
11:e6:a2:98:3b:ed:43:2c:9d:b6:3d:ca:77:71:31:
30:85:1b:7a:ff:f2:0f:3d:e7:50:0a:6f:9e:54:98:
66:23:51:57:9a:cf:af:c1:b8:19:c4:2b:03:91:95:
99:18:25:0f:cd:a1:d0:f7:72:93:ed:a1:84:42:23:
52:d3:99:11:c9:89:0a:3c:09:21:dd:ad:88:99:e9:
5d:bd:9a:82:9f:4a:0f:3a:d3:b8:3c:61:8c:da:7e:
06:c6:63:1f:85:9a:be:a1:30:62:12:40:f8:81:16:
ee:e8:a9:42:be:d8:71:49:f9:df:8b:d5:be:e3:a7:
64:ce:d7:93:96:9e:e5:aa:ac:98:31:aa:6b:81:cd:
02:0d:39:ba:90:6e:7d:a6:c1:4e:75:78:76:d4:88:
ca:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FB:41:A7:CA:61:DE:47:05:38:46:92:DA:1F:99:F6:2C:F6:E9:90
X509v3 Authority Key Identifier:
keyid:D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/QvtBp8ph3kcFOEaS2h-Z9iz26ZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.254.0/24
IPv6:
2a12:5c40::/46
Signature Algorithm: sha256WithRSAEncryption
20:8e:e7:42:9a:94:d9:3b:e8:de:75:f7:be:a0:f4:9b:cc:9a:
0b:ea:7e:2a:16:33:42:99:f5:11:fa:93:93:1c:65:6a:06:af:
37:3b:fd:d1:05:9c:39:ff:8e:b9:c4:f4:a5:a3:38:b9:8b:70:
bc:fd:a0:1f:05:61:c3:70:13:28:cf:92:b3:a3:04:7d:f8:69:
c4:89:47:54:a9:f5:6f:53:aa:5c:db:9c:ce:98:f3:84:ad:8f:
1e:44:43:ba:a7:97:49:01:f2:84:37:83:83:08:aa:55:82:a4:
a2:51:1c:33:10:bf:85:e1:1f:b8:24:1b:ed:59:7c:ec:39:d9:
49:b6:66:12:ad:e3:04:3e:df:47:3d:0b:f2:f3:1a:93:64:7e:
c9:60:39:bf:73:0f:f7:51:39:23:b7:39:ab:ec:f3:e5:a9:73:
ea:9a:11:35:5a:4d:03:c4:9b:d5:73:51:3a:9b:96:43:bd:70:
ab:c2:53:8f:d6:ce:29:4c:4f:8d:02:3e:dd:f5:a6:85:93:40:
6a:c9:1b:9d:c5:ec:4a:4e:10:3b:14:9f:5b:54:55:10:d2:5a:
36:2c:e3:72:d1:2e:38:b7:cb:da:63:21:f8:61:32:28:1a:73:
7e:5f:87:07:5b:fe:62:bf:b5:b5:7b:32:01:b6:88:b3:6d:b3:
64:6e:4f:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuONrvsL14+pfsfOnURw1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OWI0NGUyYzA1N2YwMWE5OTI2MWY5NGJiZjZkYTFiZjE4
NjVmMzkwHhcNMjMwMTAxMTY0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZiNDFhN2NhNjFkZTQ3MDUzODQ2OTJkYTFmOTlmNjJjZjZlOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWJPIaoSv2mH6LVwV5R0K5BjYQHF
DyzKsIFO3zgZQ+uQgF4yQ5WkGi2pKNw8GW/W5Il9MRdMQDWyctWCkQdxfx0cInNs
qAqrYFRVYYD51Qbv465NGy3jQ9UYj8SdltF+4B+qS2vGMrER5qKYO+1DLJ22Pcp3
cTEwhRt6//IPPedQCm+eVJhmI1FXms+vwbgZxCsDkZWZGCUPzaHQ93KT7aGEQiNS
05kRyYkKPAkh3a2ImeldvZqCn0oPOtO4PGGM2n4GxmMfhZq+oTBiEkD4gRbu6KlC
vthxSfnfi9W+46dkzteTlp7lqqyYMaprgc0CDTm6kG59psFOdXh21IjKNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEL7QafKYd5HBThGktofmfYs9umQMB8GA1UdIwQY
MBaAFNibROLAV/AamSYflLv22hvxhl85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTkt
YjYwZmJiMTRjMTlkLzEvUXZ0QnA4cGgza2NGT0VhUzJoLVo5aXoyNlpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTktYjYwZmJiMTRjMTlk
LzEvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXo7+MA8E
AgACMAkDBwIqElxAAAAwDQYJKoZIhvcNAQELBQADggEBACCO50KalNk76N51976g
9JvMmgvqfioWM0KZ9RH6k5McZWoGrzc7/dEFnDn/jrnE9KWjOLmLcLz9oB8FYcNw
EyjPkrOjBH34acSJR1Sp9W9TqlzbnM6Y84Stjx5EQ7qnl0kB8oQ3g4MIqlWCpKJR
HDMQv4XhH7gkG+1ZfOw52Um2ZhKt4wQ+30c9C/LzGpNkfslgOb9zD/dROSO3Oavs
8+Wpc+qaETVaTQPEm9VzUTqblkO9cKvCU4/WzilMT40CPt31poWTQGrJG53F7EpO
EDsUn1tUVRDSWjYs43LRLji3y9pjIfhhMigac35fhwdb/mK/tbV7MgG2iLNts2Ru
Tzs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:57 2024 by rpki-client on console-ams.rpki-client.org