Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Q5zw-QSwycV3JgJaoQmh4sQhclk.roa
File: Q5zw-QSwycV3JgJaoQmh4sQhclk.roa (raw, json)
Hash identifier: j3Dj4V2s9OKPdDRiWIRC1r74VSE+BCqe0haK+cqStuw=
Subject key identifier: 43:9C:F0:F9:04:B0:C9:C5:77:26:02:5A:A1:09:A1:E2:C4:21:72:59
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018571BA1362A8480112CC82EE88B0428885
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Q5zw-QSwycV3JgJaoQmh4sQhclk.roa
Signing time: Mon 02 Jan 2023 09:04:57 +0000
ROA not before: Mon 02 Jan 2023 09:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 188.191.106.0/24 maxlen: 24
188.191.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jan 2023 20:19:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:ba:13:62:a8:48:01:12:cc:82:ee:88:b0:42:88:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 2 09:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=439cf0f904b0c9c57726025aa109a1e2c4217259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:64:6c:07:6f:76:8d:b4:32:f0:17:84:08:ab:
43:bb:93:fd:53:7f:d6:29:f8:98:f1:13:a3:6d:87:
59:5b:ca:9e:94:de:c8:a4:ee:64:4d:ce:cc:58:da:
71:c4:ca:08:fd:d2:f2:91:74:6c:83:7e:55:2a:33:
37:f5:42:54:02:81:5a:31:17:6f:b5:ff:7c:8b:a7:
c1:0f:ee:84:c3:f0:a3:0d:09:cb:e1:c4:d8:fd:26:
f6:25:51:06:f3:65:fe:3b:a3:29:c3:28:eb:b1:76:
83:58:88:b5:53:23:4d:ef:a8:24:5d:c3:b3:5d:f0:
33:79:e5:ec:de:49:da:1b:c7:62:ce:ef:7c:b0:b6:
25:88:4f:2d:0d:c0:9a:b2:7e:9d:8e:e3:bb:45:5f:
6d:4c:4e:e7:f8:cf:32:b9:8e:26:2d:1d:64:2c:de:
88:0e:15:31:a1:f3:a1:e5:0a:fe:a5:49:fa:2f:fe:
8e:57:12:32:16:0d:e8:6c:be:e5:fc:6f:c4:ac:95:
37:d1:d2:ae:25:1f:17:6f:ce:95:6d:64:a6:55:f4:
f9:2d:af:f2:9a:11:5a:11:e2:37:6a:c7:b9:b3:a7:
d9:34:01:97:cc:70:55:a9:af:46:16:11:53:92:8d:
8f:14:55:d4:c5:ba:cc:9c:48:40:24:89:d7:72:94:
db:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9C:F0:F9:04:B0:C9:C5:77:26:02:5A:A1:09:A1:E2:C4:21:72:59
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Q5zw-QSwycV3JgJaoQmh4sQhclk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.106.0/24
188.191.108.0/24
Signature Algorithm: sha256WithRSAEncryption
09:8f:16:cb:08:8f:b0:23:b4:3a:bc:58:fc:99:73:f6:51:40:
0c:f3:41:fe:b8:0f:2a:a3:87:28:20:99:c5:a7:5b:5c:e9:9e:
85:95:40:bf:bc:9e:cd:af:92:89:cf:ab:2e:28:a7:5a:d6:b7:
06:9e:46:0b:ff:7d:00:6b:10:0d:0c:98:d0:4e:b3:28:9e:56:
c8:87:ef:a1:fe:2e:60:89:75:63:cc:81:6f:72:51:53:49:f3:
83:08:39:24:63:c0:22:8d:a9:b8:74:1c:34:6b:39:3c:3c:70:
b3:c6:d0:a2:e6:3b:73:0e:b9:25:4b:5a:5e:47:e2:97:71:d6:
11:ac:45:aa:ff:0c:e9:4b:b6:92:c5:f3:4d:0f:40:76:86:ee:
b2:c6:45:bf:1c:4d:43:a7:25:65:50:e9:d9:36:62:62:2e:26:
78:e9:0b:a6:1f:50:69:93:89:a6:c4:9e:65:99:65:13:6d:66:
90:0a:96:d5:85:a2:96:15:d5:da:c4:98:d6:56:20:55:19:42:
fb:d8:4a:af:fd:2e:05:13:0e:1a:88:e1:e9:42:ea:0d:cc:4c:
a7:44:dc:3b:0a:33:d7:fc:0e:d8:aa:22:c1:a6:47:f3:d3:d0:
4f:6a:72:95:dc:a7:ee:17:f6:f2:02:00:c2:91:25:a6:2d:47:
f4:be:a4:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxuhNiqEgBEsyC7oiwQoiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwMTAyMDkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzljZjBmOTA0YjBjOWM1NzcyNjAyNWFhMTA5YTFlMmM0MjE3MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWRsB292jbQy8BeECKtDu5P9U3/W
KfiY8ROjbYdZW8qelN7IpO5kTc7MWNpxxMoI/dLykXRsg35VKjM39UJUAoFaMRdv
tf98i6fBD+6Ew/CjDQnL4cTY/Sb2JVEG82X+O6MpwyjrsXaDWIi1UyNN76gkXcOz
XfAzeeXs3knaG8dizu98sLYliE8tDcCasn6djuO7RV9tTE7n+M8yuY4mLR1kLN6I
DhUxofOh5Qr+pUn6L/6OVxIyFg3obL7l/G/ErJU30dKuJR8Xb86VbWSmVfT5La/y
mhFaEeI3ase5s6fZNAGXzHBVqa9GFhFTko2PFFXUxbrMnEhAJInXcpTbgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEOc8PkEsMnFdyYCWqEJoeLEIXJZMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvUTV6dy1RU3d5Y1YzSmdKYW9RbWg0c1FoY2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvL9qAwQA
vL9sMA0GCSqGSIb3DQEBCwUAA4IBAQAJjxbLCI+wI7Q6vFj8mXP2UUAM80H+uA8q
o4coIJnFp1tc6Z6FlUC/vJ7Nr5KJz6suKKda1rcGnkYL/30AaxANDJjQTrMonlbI
h++h/i5giXVjzIFvclFTSfODCDkkY8Aijam4dBw0azk8PHCzxtCi5jtzDrklS1pe
R+KXcdYRrEWq/wzpS7aSxfNND0B2hu6yxkW/HE1DpyVlUOnZNmJiLiZ46QumH1Bp
k4mmxJ5lmWUTbWaQCpbVhaKWFdXaxJjWViBVGUL72Eqv/S4FEw4aiOHpQuoNzEyn
RNw7CjPX/A7YqiLBpkfz09BPanKV3KfuF/byAgDCkSWmLUf0vqTZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org