Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/qfxvedgG9P_3nghUIKFxrBhZg3s.roa
File: qfxvedgG9P_3nghUIKFxrBhZg3s.roa (raw, json)
Hash identifier: oFR8742y/pdJyYE4uLmrYv3JNxZO2gzKDtL041ot2t4=
Subject key identifier: A9:FC:6F:79:D8:06:F4:FF:F7:9E:08:54:20:A1:71:AC:18:59:83:7B
Certificate issuer: /CN=07f231365985828d5a9663ed1b440624b24fec13
Certificate serial: 018CC3B6A04261505ECD8682CA8E2DA4D0F6
Authority key identifier: 07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/qfxvedgG9P_3nghUIKFxrBhZg3s.roa
Signing time: Mon 01 Jan 2024 06:29:34 +0000
ROA not before: Mon 01 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.199.44.0/24 maxlen: 24
91.199.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Aug 2024 18:29:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a0:42:61:50:5e:cd:86:82:ca:8e:2d:a4:d0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f231365985828d5a9663ed1b440624b24fec13
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9fc6f79d806f4fff79e085420a171ac1859837b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cc:2a:62:05:17:b8:f3:a6:b6:d2:76:46:df:
cc:25:c9:23:0e:3b:a4:91:31:ec:96:56:35:db:00:
21:6e:aa:b2:79:32:e5:87:de:c8:30:f1:d3:4c:6d:
8f:50:41:cf:b0:ab:a1:9c:c5:33:84:85:f4:09:37:
53:78:a0:bb:6a:7b:f8:bb:3d:dd:db:8e:00:97:ed:
7d:db:39:2b:f6:51:97:1a:31:a8:d3:9a:ab:64:ab:
3c:80:76:4b:9b:44:9f:d8:62:bb:13:83:23:7d:d9:
aa:7f:1b:10:71:8b:fd:ad:5e:2e:5a:dc:d6:fb:63:
b7:b5:7e:e1:93:bc:3e:28:64:8b:01:f8:6e:3d:fc:
32:5a:83:0a:15:5c:cd:11:be:b6:8f:a8:c4:4a:c2:
a5:ee:30:fa:10:18:b3:d4:5d:03:c7:a3:61:fd:1b:
f6:bf:8f:24:36:45:26:21:65:27:ca:a2:56:19:ee:
8c:18:cf:37:4f:b5:6e:ab:5d:b9:a7:60:62:59:b1:
c3:7a:4c:e0:d3:6c:cf:71:e4:5c:57:2f:ba:64:a4:
c8:d6:b1:36:43:1d:aa:bb:17:24:bf:1c:17:1e:d5:
1c:5d:3b:4f:d5:78:19:cd:b3:c6:3e:78:43:e1:69:
90:5c:43:03:56:c3:21:d7:18:a1:3d:42:29:c7:e1:
b4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FC:6F:79:D8:06:F4:FF:F7:9E:08:54:20:A1:71:AC:18:59:83:7B
X509v3 Authority Key Identifier:
keyid:07:F2:31:36:59:85:82:8D:5A:96:63:ED:1B:44:06:24:B2:4F:EC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_IxNlmFgo1almPtG0QGJLJP7BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/qfxvedgG9P_3nghUIKFxrBhZg3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ef5fb3-3e56-4b77-aac7-085fa0a56052/1/B_IxNlmFgo1almPtG0QGJLJP7BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.44.0/24
91.199.47.0/24
Signature Algorithm: sha256WithRSAEncryption
10:c3:f2:7e:b2:22:f1:59:4e:01:c4:bf:2c:09:e2:88:c8:3a:
02:a1:d7:ba:7f:a8:21:75:53:be:98:d4:74:85:ef:be:91:bc:
17:2f:c4:be:62:54:57:56:42:da:1b:77:59:a5:e8:ba:3b:46:
e9:cf:e0:ec:02:57:ce:cb:64:6f:e6:55:6f:22:c4:61:86:36:
16:ef:9c:47:3e:01:ea:29:f1:12:3a:68:a9:7d:63:97:6b:a7:
10:6f:96:08:b4:b1:46:dc:47:84:77:1e:23:b0:2c:38:2a:cf:
34:95:c1:89:7b:d7:14:3b:f5:52:79:b6:f1:fa:0a:ed:75:a2:
ad:6b:96:44:35:b3:6a:a8:19:df:86:47:d1:6d:cf:05:16:f2:
fd:95:aa:81:b9:58:d6:fb:e2:f5:f4:2c:c8:58:d9:cd:f6:c4:
22:b4:0c:08:8e:03:c7:45:c2:98:57:70:f2:d1:fd:62:11:20:
d9:64:ad:d8:0c:59:3d:aa:ed:77:8f:a4:44:c5:1a:f9:f6:0a:
e8:e8:ab:0e:45:28:70:e7:79:bc:22:a6:c2:cf:d3:bf:c2:a1:
37:7b:a8:34:17:d0:3e:86:8c:32:02:41:06:76:a3:38:19:89:
50:96:c8:c4:00:fa:e6:8c:b7:b0:3a:f5:9e:2c:73:ba:29:8f:
cd:ea:79:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtqBCYVBezYaCyo4tpND2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjIzMTM2NTk4NTgyOGQ1YTk2NjNlZDFiNDQwNjI0YjI0
ZmVjMTMwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWZjNmY3OWQ4MDZmNGZmZjc5ZTA4NTQyMGExNzFhYzE4NTk4MzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArswqYgUXuPOmttJ2Rt/MJckjDjuk
kTHsllY12wAhbqqyeTLlh97IMPHTTG2PUEHPsKuhnMUzhIX0CTdTeKC7anv4uz3d
244Al+192zkr9lGXGjGo05qrZKs8gHZLm0Sf2GK7E4MjfdmqfxsQcYv9rV4uWtzW
+2O3tX7hk7w+KGSLAfhuPfwyWoMKFVzNEb62j6jESsKl7jD6EBiz1F0Dx6Nh/Rv2
v48kNkUmIWUnyqJWGe6MGM83T7Vuq125p2BiWbHDekzg02zPceRcVy+6ZKTI1rE2
Qx2quxckvxwXHtUcXTtP1XgZzbPGPnhD4WmQXEMDVsMh1xihPUIpx+G0pQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKn8b3nYBvT/954IVCChcawYWYN7MB8GA1UdIwQY
MBaAFAfyMTZZhYKNWpZj7RtEBiSyT+wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzct
MDg1ZmEwYTU2MDUyLzEvcWZ4dmVkZ0c5UF8zbmdoVUlLRnhyQmhaZzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lZjVmYjMtM2U1Ni00Yjc3LWFhYzctMDg1ZmEwYTU2MDUy
LzEvQl9JeE5sbUZnbzFhbG1QdEcwUUdKTEpQN0JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8csAwQA
W8cvMA0GCSqGSIb3DQEBCwUAA4IBAQAQw/J+siLxWU4BxL8sCeKIyDoCode6f6gh
dVO+mNR0he++kbwXL8S+YlRXVkLaG3dZpei6O0bpz+DsAlfOy2Rv5lVvIsRhhjYW
75xHPgHqKfESOmipfWOXa6cQb5YItLFG3EeEdx4jsCw4Ks80lcGJe9cUO/VSebbx
+grtdaKta5ZENbNqqBnfhkfRbc8FFvL9laqBuVjW++L19CzIWNnN9sQitAwIjgPH
RcKYV3Dy0f1iESDZZK3YDFk9qu13j6RExRr59gro6KsORShw53m8IqbCz9O/wqE3
e6g0F9A+howyAkEGdqM4GYlQlsjEAPrmjLewOvWeLHO6KY/N6nm4
-----END CERTIFICATE-----
Generated at Wed Aug 7 20:23:13 2024 by rpki-client on console-fra.rpki-client.org