Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Q3V6kNMUbfxELLhfmRdcy7sJmz4.roa
File: Q3V6kNMUbfxELLhfmRdcy7sJmz4.roa (raw, json)
Hash identifier: uaATctJlnxa2uqhXyUP7c8lylDQXo40bEIiiJoo8mJ8=
Subject key identifier: 43:75:7A:90:D3:14:6D:FC:44:2C:B8:5F:99:17:5C:CB:BB:09:9B:3E
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018EE6CDBF055A9C40E80B6C8703942B4A5C
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Q3V6kNMUbfxELLhfmRdcy7sJmz4.roa
Signing time: Tue 16 Apr 2024 12:07:07 +0000
ROA not before: Tue 16 Apr 2024 12:07:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 91.103.120.0/21 maxlen: 24
95.111.128.0/20 maxlen: 20
171.22.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 07:53:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:cd:bf:05:5a:9c:40:e8:0b:6c:87:03:94:2b:4a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Apr 16 12:07:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43757a90d3146dfc442cb85f99175ccbbb099b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:67:e2:13:3e:9a:18:8a:8b:75:1f:7c:f9:42:
96:67:2b:69:2e:f9:07:d4:3b:a9:3a:20:6e:19:b8:
69:bb:b3:b3:40:6c:e6:ca:e2:44:6a:93:12:ef:6e:
23:3d:ed:c5:70:8f:0f:1f:86:df:34:8e:de:ea:db:
5c:24:39:d6:68:9b:e7:72:3d:4b:f5:2d:ea:7c:5a:
5d:51:1a:b7:be:37:c3:ef:f7:48:de:51:c6:19:72:
7a:d6:0b:1d:04:2e:a2:78:70:7f:7f:ef:3c:e2:a7:
0e:bd:bf:d7:3f:8f:9c:aa:ef:ac:8b:ac:2a:b9:45:
5d:00:70:30:fb:8e:f6:a6:51:ba:ba:9b:ed:f1:8d:
4c:a3:e2:81:45:88:1b:57:7d:9d:6a:87:8e:ee:bd:
69:e1:22:03:5d:0c:ad:81:a0:0c:c6:a7:eb:9b:2e:
cd:65:ab:33:37:7d:50:59:7a:92:14:f5:24:f0:dc:
82:f5:bc:e0:f5:46:a6:e1:b5:4d:e9:6a:fc:8c:ed:
04:b3:49:d3:61:f3:15:ec:f9:2d:7e:85:7a:92:c6:
3e:31:69:66:be:44:0f:2c:9d:cf:2a:14:50:cc:3f:
59:b7:25:33:ce:cd:d8:11:24:06:31:89:94:fc:0c:
ff:5f:13:d4:8e:c6:1b:55:60:cc:2e:79:c5:dd:37:
71:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:75:7A:90:D3:14:6D:FC:44:2C:B8:5F:99:17:5C:CB:BB:09:9B:3E
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Q3V6kNMUbfxELLhfmRdcy7sJmz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.120.0/21
95.111.128.0/20
171.22.144.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:d4:b2:89:67:6d:eb:03:94:e9:b9:a0:23:03:e8:6b:85:77:
55:9c:9b:b1:3d:8d:fe:5a:65:2c:ef:3f:64:95:9b:53:d5:c7:
22:b6:28:25:e9:36:e8:fe:bc:7b:81:0c:20:06:85:69:45:1c:
f6:89:68:60:57:bb:cb:a6:c6:90:23:ee:55:8a:25:a8:da:f5:
bb:40:b9:bf:34:ec:fc:fb:82:c2:66:05:4c:2d:8c:6c:3a:29:
76:35:a1:37:77:b0:91:52:90:37:bc:27:fa:c2:9c:c2:0d:01:
e5:30:b3:36:4b:8b:45:68:f4:08:cc:89:aa:39:c1:2b:bf:54:
ba:ce:94:72:2a:1c:09:9a:18:87:b4:6e:96:41:9a:92:68:f8:
e1:4f:d2:5a:8a:e8:93:49:dc:84:06:61:77:c1:2f:71:01:e2:
4b:7e:98:75:c8:39:69:22:60:5a:9a:91:29:36:aa:6d:41:f8:
34:0d:2a:d1:b1:59:f0:16:59:6b:ac:fb:15:19:9b:74:42:8b:
97:09:6e:7e:fd:be:53:8b:a4:10:db:4b:d5:09:2d:04:a5:c4:
3a:5a:67:0d:2d:57:a4:77:1e:db:9f:5e:71:04:ac:7d:14:96:
2c:38:e8:62:6d:98:c0:03:55:59:c9:6e:34:bd:14:e9:ba:5b:
9b:df:ee:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7mzb8FWpxA6AtshwOUK0pcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjQwNDE2MTIwNzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzc1N2E5MGQzMTQ2ZGZjNDQyY2I4NWY5OTE3NWNjYmJiMDk5YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2fiEz6aGIqLdR98+UKWZytpLvkH
1DupOiBuGbhpu7OzQGzmyuJEapMS724jPe3FcI8PH4bfNI7e6ttcJDnWaJvncj1L
9S3qfFpdURq3vjfD7/dI3lHGGXJ61gsdBC6ieHB/f+884qcOvb/XP4+cqu+si6wq
uUVdAHAw+472plG6upvt8Y1Mo+KBRYgbV32daoeO7r1p4SIDXQytgaAMxqfrmy7N
ZaszN31QWXqSFPUk8NyC9bzg9Uam4bVN6Wr8jO0Es0nTYfMV7PktfoV6ksY+MWlm
vkQPLJ3PKhRQzD9ZtyUzzs3YESQGMYmU/Az/XxPUjsYbVWDMLnnF3TdxEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEN1epDTFG38RCy4X5kXXMu7CZs+MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvUTNWNmtOTVViZnhFTExoZm1SZGN5N3NKbXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW2d4AwQE
X2+AAwQAqxaQMA0GCSqGSIb3DQEBCwUAA4IBAQAe1LKJZ23rA5TpuaAjA+hrhXdV
nJuxPY3+WmUs7z9klZtT1ccitigl6Tbo/rx7gQwgBoVpRRz2iWhgV7vLpsaQI+5V
iiWo2vW7QLm/NOz8+4LCZgVMLYxsOil2NaE3d7CRUpA3vCf6wpzCDQHlMLM2S4tF
aPQIzImqOcErv1S6zpRyKhwJmhiHtG6WQZqSaPjhT9JaiuiTSdyEBmF3wS9xAeJL
fph1yDlpImBampEpNqptQfg0DSrRsVnwFllrrPsVGZt0QouXCW5+/b5Ti6QQ20vV
CS0EpcQ6WmcNLVekdx7bn15xBKx9FJYsOOhibZjAA1VZyW40vRTpulub3+4J
-----END CERTIFICATE-----
Generated at Thu Apr 18 11:24:57 2024 by rpki-client on console-fra.rpki-client.org