Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/qAUWXapfM_lmgDQSSy4HgP3ZzzA.roa
File: qAUWXapfM_lmgDQSSy4HgP3ZzzA.roa (raw, json)
Hash identifier: mq3T4drW62F+Aw1/G0gcKOO6XPQyurXSQZm/Tl2FC7I=
Subject key identifier: A8:05:16:5D:AA:5F:33:F9:66:80:34:12:4B:2E:07:80:FD:D9:CF:30
Certificate issuer: /CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Certificate serial: 018571BA0E00319996CC49524C21707623FC
Authority key identifier: CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/qAUWXapfM_lmgDQSSy4HgP3ZzzA.roa
Signing time: Mon 02 Jan 2023 09:04:56 +0000
ROA not before: Mon 02 Jan 2023 09:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 91.102.189.0/24 maxlen: 24
91.102.191.0/24 maxlen: 24
91.102.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:0e:00:31:99:96:cc:49:52:4c:21:70:76:23:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Validity
Not Before: Jan 2 09:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a805165daa5f33f9668034124b2e0780fdd9cf30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4c:64:0a:f9:d4:f2:6e:76:a6:f8:c3:72:53:
d4:21:2d:c6:d8:f0:ee:11:37:9d:be:99:69:8f:4a:
74:7b:bc:c8:39:af:96:b8:9b:ac:be:de:b3:8d:5c:
11:03:40:d8:f2:71:aa:29:69:eb:57:f1:35:29:d3:
5b:35:32:7a:e7:ac:f1:a4:97:7d:b4:85:d3:0c:24:
79:08:69:a6:64:16:10:77:74:3f:c2:8b:7b:67:7a:
a3:1d:f6:f5:9c:92:75:e5:35:46:35:13:99:13:9e:
02:9a:19:8b:75:f8:11:76:83:b8:4c:21:a3:70:15:
f3:c1:d4:c4:4b:54:bf:5d:66:73:dd:74:11:80:2b:
50:66:03:15:37:67:f1:81:4e:76:d2:55:50:fe:ea:
46:6e:57:97:51:d4:7b:fd:f5:4d:cb:55:dc:d9:5b:
25:df:d1:df:12:c5:b4:6e:95:fa:5b:fe:db:96:28:
25:f4:18:4a:55:c0:08:b8:e4:33:31:d1:90:3d:12:
6d:32:ad:57:e1:e3:91:67:cd:f0:8f:85:27:fe:4c:
3f:ca:de:6c:80:c0:46:f8:22:c5:99:31:98:09:20:
57:c4:17:a9:f3:f1:72:d0:41:8e:1c:db:5e:71:b9:
c8:93:6c:e9:e8:09:e3:e5:2c:c5:4e:fd:c5:27:7f:
10:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:05:16:5D:AA:5F:33:F9:66:80:34:12:4B:2E:07:80:FD:D9:CF:30
X509v3 Authority Key Identifier:
keyid:CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/qAUWXapfM_lmgDQSSy4HgP3ZzzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/zsOzR6IWvEN7C9TPC8jNpl6MLTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.189.0-91.102.191.255
Signature Algorithm: sha256WithRSAEncryption
92:9c:02:e4:e5:92:c7:5d:a5:8d:cd:50:f9:68:dd:85:b3:b2:
b7:2c:61:bc:47:62:47:d4:68:02:85:8d:9a:02:a6:e7:fa:23:
30:95:cf:97:3b:2d:8a:61:9c:4b:14:b9:7b:45:b2:97:f7:dd:
05:62:87:81:c4:87:29:2a:18:09:cc:43:b0:c4:9d:32:28:0d:
03:ce:02:6d:68:b0:8a:f8:62:6c:bf:e7:17:5d:af:b6:94:f4:
6a:58:b2:02:20:e2:3b:48:a2:47:db:a2:8a:5f:7a:34:37:64:
8e:47:cb:b7:64:00:e5:a0:d2:33:65:f9:1c:6f:cf:20:e1:b6:
38:db:e1:0a:b5:0a:aa:17:d1:1b:24:e7:b4:c9:c8:d8:14:df:
10:88:56:3c:c8:40:f8:57:ae:c3:37:ab:19:b2:e6:0a:f6:52:
69:50:21:03:95:6a:75:68:a0:38:48:3f:86:b0:15:8b:9c:7f:
ce:4a:8c:3b:79:06:d1:f8:a8:cf:54:7a:c5:41:f5:38:5e:41:
f6:40:4b:2b:af:4d:04:14:b2:07:6b:ad:60:f4:8f:39:77:6b:
28:63:b4:e1:15:4d:51:67:17:ed:c9:67:b0:8a:a5:0e:dc:b8:
33:c7:f8:92:17:1c:65:f4:57:75:fb:17:2a:ee:5f:7f:d6:46:
7a:80:3c:77
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxug4AMZmWzElSTCFwdiP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzNiMzQ3YTIxNmJjNDM3YjBiZDRjZjBiYzhjZGE2NWU4
YzJkM2IwHhcNMjMwMTAyMDkwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA1MTY1ZGFhNWYzM2Y5NjY4MDM0MTI0YjJlMDc4MGZkZDljZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApExkCvnU8m52pvjDclPUIS3G2PDu
ETedvplpj0p0e7zIOa+WuJusvt6zjVwRA0DY8nGqKWnrV/E1KdNbNTJ656zxpJd9
tIXTDCR5CGmmZBYQd3Q/wot7Z3qjHfb1nJJ15TVGNROZE54CmhmLdfgRdoO4TCGj
cBXzwdTES1S/XWZz3XQRgCtQZgMVN2fxgU520lVQ/upGbleXUdR7/fVNy1Xc2Vsl
39HfEsW0bpX6W/7bligl9BhKVcAIuOQzMdGQPRJtMq1X4eORZ83wj4Un/kw/yt5s
gMBG+CLFmTGYCSBXxBep8/Fy0EGOHNtecbnIk2zp6Anj5SzFTv3FJ38QwwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKgFFl2qXzP5ZoA0EksuB4D92c8wMB8GA1UdIwQY
MBaAFM7Ds0eiFrxDewvUzwvIzaZejC07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYt
MTU1ZmIzZmUyODdlLzEvcUFVV1hhcGZNX2xtZ0RRU1N5NEhnUDNaenpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny83YTY4M2ItZmE3OC00MTEyLWI2YjYtMTU1ZmIzZmUyODdl
LzEvenNPelI2SVd2RU43QzlUUEM4ak5wbDZNTFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABbZr0D
BAZbZoAwDQYJKoZIhvcNAQELBQADggEBAJKcAuTlksddpY3NUPlo3YWzsrcsYbxH
YkfUaAKFjZoCpuf6IzCVz5c7LYphnEsUuXtFspf33QVih4HEhykqGAnMQ7DEnTIo
DQPOAm1osIr4Ymy/5xddr7aU9GpYsgIg4jtIokfboopfejQ3ZI5Hy7dkAOWg0jNl
+RxvzyDhtjjb4Qq1CqoX0Rsk57TJyNgU3xCIVjzIQPhXrsM3qxmy5gr2UmlQIQOV
anVooDhIP4awFYucf85KjDt5BtH4qM9UesVB9TheQfZASyuvTQQUsgdrrWD0jzl3
ayhjtOEVTVFnF+3JZ7CKpQ7cuDPH+JIXHGX0V3X7FyruX3/WRnqAPHc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:31 2024 by rpki-client on console-fra.rpki-client.org