Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/Qf6fkXlVIHkoQZQau-yt4a4xp3k.roa
File: Qf6fkXlVIHkoQZQau-yt4a4xp3k.roa (raw, json)
Hash identifier: jjzFVo+BH+G6laCjc18MrIJ3OaQb9pxO72/5pd+wim4=
Subject key identifier: 41:FE:9F:91:79:55:20:79:28:41:94:1A:BB:EC:AD:E1:AE:31:A7:79
Certificate issuer: /CN=f374f734c3695e67906a7032eb2e59fb3eb41b22
Certificate serial: 018790FCD4C74226925197BEB126585C892F
Authority key identifier: F3:74:F7:34:C3:69:5E:67:90:6A:70:32:EB:2E:59:FB:3E:B4:1B:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83T3NMNpXmeQanAy6y5Z-z60GyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/Qf6fkXlVIHkoQZQau-yt4a4xp3k.roa
Signing time: Mon 17 Apr 2023 20:51:41 +0000
ROA not before: Mon 17 Apr 2023 20:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56638
IP address blocks: 192.162.219.0/24 maxlen: 24
192.162.218.0/24 maxlen: 24
192.162.217.0/24 maxlen: 24
192.162.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:fc:d4:c7:42:26:92:51:97:be:b1:26:58:5c:89:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f374f734c3695e67906a7032eb2e59fb3eb41b22
Validity
Not Before: Apr 17 20:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41fe9f91795520792841941abbecade1ae31a779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ce:b6:3a:8c:76:20:7f:10:74:7d:e6:ca:36:
21:a5:9c:b6:b7:08:a8:9c:94:07:3d:1f:ca:d6:a6:
78:08:bb:0f:93:49:74:83:81:6b:33:24:76:81:5c:
ad:4a:02:39:91:27:ae:a6:4e:7a:ac:56:89:95:2b:
b6:df:86:14:b1:3f:1e:eb:ed:d3:7e:36:02:6e:43:
47:a7:d0:a3:3d:8e:b1:2b:0e:a8:b9:30:21:04:41:
f1:cd:d7:38:0f:04:b0:bb:52:bf:55:64:f8:1e:52:
9c:c4:84:7b:c7:1c:44:c5:09:23:00:94:40:33:36:
ba:ac:79:f4:58:15:2e:0f:8c:e9:9e:b6:6b:a6:d5:
06:7e:4c:f8:be:e7:bf:9a:55:c6:95:1f:53:08:19:
e9:8f:38:fb:f0:89:44:c4:f4:f3:71:1d:0c:ed:ef:
da:59:bb:d1:ef:23:ba:57:98:8f:ac:a5:a4:c5:10:
0b:fd:23:b2:9f:54:82:70:3d:6b:1a:18:6e:15:97:
ad:c5:02:fa:69:ed:bd:f6:4b:a8:20:ca:6c:ba:28:
70:5a:cb:08:db:5d:1e:4a:a7:a8:1a:48:db:73:be:
55:8a:23:ed:34:23:83:c1:e0:82:c0:4f:3c:d1:82:
df:39:65:ee:02:c6:c5:f5:5d:74:67:fb:fd:5c:57:
59:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FE:9F:91:79:55:20:79:28:41:94:1A:BB:EC:AD:E1:AE:31:A7:79
X509v3 Authority Key Identifier:
keyid:F3:74:F7:34:C3:69:5E:67:90:6A:70:32:EB:2E:59:FB:3E:B4:1B:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83T3NMNpXmeQanAy6y5Z-z60GyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/Qf6fkXlVIHkoQZQau-yt4a4xp3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/83T3NMNpXmeQanAy6y5Z-z60GyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.216.0/22
Signature Algorithm: sha256WithRSAEncryption
79:c4:9b:c5:e3:73:7c:75:84:5c:bb:fd:f0:64:89:5d:ec:85:
b0:c2:5f:dd:9d:5a:59:6f:68:ed:59:b5:08:32:f6:68:f0:44:
74:3c:98:31:91:e0:a3:60:c7:07:71:af:72:71:0c:ea:57:ed:
7b:ef:2f:4d:a6:01:9c:c1:c8:f0:4d:7e:45:ac:db:70:a0:a7:
31:65:6f:fa:38:e0:72:50:c6:72:28:2f:29:9b:c7:1d:a7:ce:
82:d4:03:e2:4e:7c:0e:10:17:2a:f6:23:70:6b:e0:f8:e0:81:
47:93:8b:b3:6a:ce:d4:04:b8:c3:c4:25:d5:06:9b:5b:ed:aa:
04:ec:9f:88:a4:81:56:1d:5d:39:d3:5a:70:9a:73:0e:d0:ca:
b6:ba:de:1b:47:55:da:c0:1f:0d:50:33:21:79:59:b9:67:42:
86:33:a8:75:29:a1:f7:ad:b5:22:97:4b:98:7d:e5:25:46:5f:
05:bf:71:5f:9e:37:8a:02:0d:72:22:5f:ef:0d:23:da:35:52:
e9:d0:d5:a9:9d:3e:38:33:2e:07:05:ad:eb:90:1c:d7:ec:de:
f9:0e:a5:76:f8:de:60:7f:4f:28:45:31:32:46:ed:bd:6e:64:
e2:37:6a:e2:f0:51:06:b9:d6:6b:bb:6e:49:ea:06:7c:2c:44:
ac:6c:3d:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeQ/NTHQiaSUZe+sSZYXIkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzRmNzM0YzM2OTVlNjc5MDZhNzAzMmViMmU1OWZiM2Vi
NDFiMjIwHhcNMjMwNDE3MjA1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZlOWY5MTc5NTUyMDc5Mjg0MTk0MWFiYmVjYWRlMWFlMzFhNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy862Oox2IH8QdH3myjYhpZy2twio
nJQHPR/K1qZ4CLsPk0l0g4FrMyR2gVytSgI5kSeupk56rFaJlSu234YUsT8e6+3T
fjYCbkNHp9CjPY6xKw6ouTAhBEHxzdc4DwSwu1K/VWT4HlKcxIR7xxxExQkjAJRA
Mza6rHn0WBUuD4zpnrZrptUGfkz4vue/mlXGlR9TCBnpjzj78IlExPTzcR0M7e/a
WbvR7yO6V5iPrKWkxRAL/SOyn1SCcD1rGhhuFZetxQL6ae299kuoIMpsuihwWssI
210eSqeoGkjbc75ViiPtNCODweCCwE880YLfOWXuAsbF9V10Z/v9XFdZ/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEH+n5F5VSB5KEGUGrvsreGuMad5MB8GA1UdIwQY
MBaAFPN09zTDaV5nkGpwMusuWfs+tBsiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNUM05NTnBYbWVRYW5BeTZ5NVotejYwR3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNzQ5MTQtZGRhOC00ZDQ1LTk5OTIt
NGJlZjgzMjhhYWFiLzEvUWY2ZmtYbFZJSGtvUVpRYXUteXQ0YTR4cDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNzQ5MTQtZGRhOC00ZDQ1LTk5OTItNGJlZjgzMjhhYWFi
LzEvODNUM05NTnBYbWVRYW5BeTZ5NVotejYwR3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKLYMA0G
CSqGSIb3DQEBCwUAA4IBAQB5xJvF43N8dYRcu/3wZIld7IWwwl/dnVpZb2jtWbUI
MvZo8ER0PJgxkeCjYMcHca9ycQzqV+177y9NpgGcwcjwTX5FrNtwoKcxZW/6OOBy
UMZyKC8pm8cdp86C1APiTnwOEBcq9iNwa+D44IFHk4uzas7UBLjDxCXVBptb7aoE
7J+IpIFWHV0501pwmnMO0Mq2ut4bR1XawB8NUDMheVm5Z0KGM6h1KaH3rbUil0uY
feUlRl8Fv3FfnjeKAg1yIl/vDSPaNVLp0NWpnT44My4HBa3rkBzX7N75DqV2+N5g
f08oRTEyRu29bmTiN2ri8FEGudZru25J6gZ8LESsbD3r
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:06 2024 by rpki-client on console-ams.rpki-client.org