Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/QUFALUnD60IgSYL21BFOVDI5VvU.roa
File: QUFALUnD60IgSYL21BFOVDI5VvU.roa (raw, json)
Hash identifier: 6vRP0pNaaHt1ao4bh/Po2dKfMw3GzabBQ9OLSdlicbw=
Subject key identifier: 41:41:40:2D:49:C3:EB:42:20:49:82:F6:D4:11:4E:54:32:39:56:F5
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CD045CFEF9A85F2C443BD4690FFB6B2E4
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/QUFALUnD60IgSYL21BFOVDI5VvU.roa
Signing time: Wed 03 Jan 2024 17:01:25 +0000
ROA not before: Wed 03 Jan 2024 17:01:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52468
IP address blocks: 46.29.28.0/24 maxlen: 24
94.125.137.0/24 maxlen: 24
201.77.53.0/24 maxlen: 24
201.77.55.0/24 maxlen: 24
201.77.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 10:46:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:45:cf:ef:9a:85:f2:c4:43:bd:46:90:ff:b6:b2:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 3 17:01:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4141402d49c3eb42204982f6d4114e54323956f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4d:8c:54:c6:a3:62:92:b8:3d:83:66:ff:dd:
50:6c:68:4c:8c:9e:75:f7:1e:00:08:eb:b1:11:fc:
5b:da:98:91:86:dc:4c:ac:4c:76:7c:20:05:da:dd:
b2:03:8a:8a:8b:8b:ca:e2:bf:18:ff:7b:62:bb:c8:
28:12:d6:10:54:51:db:53:f8:cb:4c:53:02:76:0f:
5c:dd:58:9d:96:ae:ba:2f:a3:2e:7a:6d:b1:3f:ba:
01:32:ad:f4:48:18:3d:8b:43:02:3d:3a:87:ae:79:
0d:8b:e8:98:fd:db:01:b1:e2:7f:56:8b:6b:ad:08:
3f:ec:17:1a:c2:44:76:32:70:e3:03:db:4e:e7:f0:
0d:6c:b8:bc:99:15:ce:29:1d:23:a0:ca:d2:86:45:
ca:08:d5:cd:e0:fd:04:e5:9b:17:3c:83:68:19:ea:
ce:b2:05:e5:14:68:49:88:f2:88:ff:22:ae:dd:45:
01:c7:5a:3f:50:a6:20:6e:93:db:c2:57:20:8b:40:
77:e0:54:21:ea:a0:ce:f1:26:0f:97:fe:c2:6d:c1:
dc:54:57:85:88:85:80:f3:78:4f:d2:fa:ca:21:c8:
ba:ed:93:5f:47:d1:ea:68:72:33:7a:c9:2d:2b:78:
65:a0:e3:b8:f5:25:3e:1e:a7:72:d9:50:08:17:63:
09:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:41:40:2D:49:C3:EB:42:20:49:82:F6:D4:11:4E:54:32:39:56:F5
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/QUFALUnD60IgSYL21BFOVDI5VvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.28.0/24
94.125.137.0/24
201.77.53.0/24
201.77.55.0/24
201.77.63.0/24
Signature Algorithm: sha256WithRSAEncryption
28:00:55:13:40:2a:cd:d6:b6:c8:75:c9:cd:e7:7d:f8:d5:ab:
d6:f9:60:d5:05:7a:43:1b:79:13:6f:5e:d2:e4:da:2d:24:e9:
2e:69:27:ba:45:ea:ff:c5:c5:87:45:89:33:e7:74:68:a0:78:
42:ba:da:78:84:40:2a:0d:94:5d:0c:b4:b5:7e:f6:0a:35:f4:
27:cf:eb:9f:07:51:d5:96:07:83:ac:9c:23:35:54:f0:57:1c:
96:29:3c:0e:ae:d1:eb:04:1e:79:9b:8d:b9:b3:f1:a1:83:6f:
13:62:fa:da:88:ca:d6:d1:42:b6:fc:2b:bd:a6:67:2b:6a:be:
01:fb:3a:01:4c:50:a3:ed:d8:01:fe:ef:92:07:8d:a2:eb:1f:
2b:25:44:5d:d5:8a:f9:27:46:47:44:82:6c:b3:27:db:2a:5e:
20:de:f7:65:01:cd:a5:ba:4d:8e:57:7f:61:79:f6:d5:3e:39:
05:b3:03:55:ad:32:b0:a9:9f:e4:ba:1b:b8:4b:0b:1c:51:2a:
51:65:98:cc:c4:6c:ff:bf:57:ff:f8:bd:88:1c:9b:8d:5c:77:
9f:9d:46:d1:b9:ce:3e:65:a7:57:f0:14:b8:4f:18:c6:c3:d1:
70:ab:15:ca:56:37:a0:bc:c6:35:a4:51:3a:b0:71:32:82:e1:
f8:c0:06:d3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzQRc/vmoXyxEO9RpD/trLkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAzMTcwMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQxNDAyZDQ5YzNlYjQyMjA0OTgyZjZkNDExNGU1NDMyMzk1NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp02MVMajYpK4PYNm/91QbGhMjJ51
9x4ACOuxEfxb2piRhtxMrEx2fCAF2t2yA4qKi4vK4r8Y/3tiu8goEtYQVFHbU/jL
TFMCdg9c3Vidlq66L6Muem2xP7oBMq30SBg9i0MCPTqHrnkNi+iY/dsBseJ/Votr
rQg/7BcawkR2MnDjA9tO5/ANbLi8mRXOKR0joMrShkXKCNXN4P0E5ZsXPINoGerO
sgXlFGhJiPKI/yKu3UUBx1o/UKYgbpPbwlcgi0B34FQh6qDO8SYPl/7CbcHcVFeF
iIWA83hP0vrKIci67ZNfR9HqaHIzesktK3hloOO49SU+Hqdy2VAIF2MJGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEFBQC1Jw+tCIEmC9tQRTlQyOVb1MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvUVVGQUxVbkQ2MElnU1lMMjFCRk9WREk1VnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALh0cAwQA
Xn2JAwQAyU01AwQAyU03AwQAyU0/MA0GCSqGSIb3DQEBCwUAA4IBAQAoAFUTQCrN
1rbIdcnN53341avW+WDVBXpDG3kTb17S5NotJOkuaSe6Rer/xcWHRYkz53RooHhC
utp4hEAqDZRdDLS1fvYKNfQnz+ufB1HVlgeDrJwjNVTwVxyWKTwOrtHrBB55m425
s/Ghg28TYvraiMrW0UK2/Cu9pmcrar4B+zoBTFCj7dgB/u+SB42i6x8rJURd1Yr5
J0ZHRIJssyfbKl4g3vdlAc2luk2OV39hefbVPjkFswNVrTKwqZ/kuhu4SwscUSpR
ZZjMxGz/v1f/+L2IHJuNXHefnUbRuc4+ZadX8BS4TxjGw9FwqxXKVjegvMY1pFE6
sHEyguH4wAbT
-----END CERTIFICATE-----
Generated at Mon Feb 5 14:22:07 2024 by rpki-client on console-ams.rpki-client.org