Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/qUZ65udH55YOIl-x5EfUPNEv8qw.roa
File: qUZ65udH55YOIl-x5EfUPNEv8qw.roa (raw, json)
Hash identifier: hFZR7uCSwvCQcJkYe0ssZDcZFbrxlOL1aKVFAmthZT0=
Subject key identifier: A9:46:7A:E6:E7:47:E7:96:0E:22:5F:B1:E4:47:D4:3C:D1:2F:F2:AC
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 0188475EA46DA138C40080CA505B8C4EC25D
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/qUZ65udH55YOIl-x5EfUPNEv8qw.roa
Signing time: Tue 23 May 2023 06:49:24 +0000
ROA not before: Tue 23 May 2023 06:49:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133499
IP address blocks: 94.139.40.0/21 maxlen: 32
185.101.68.0/22 maxlen: 32
121.91.176.0/20 maxlen: 32
212.70.4.0/22 maxlen: 32
212.70.0.0/23 maxlen: 32
212.70.16.0/20 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Sep 2023 18:07:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:5e:a4:6d:a1:38:c4:00:80:ca:50:5b:8c:4e:c2:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: May 23 06:49:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9467ae6e747e7960e225fb1e447d43cd12ff2ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:aa:09:f5:9e:c7:28:ce:16:2b:8f:a8:ad:20:
4f:bc:1d:82:28:43:ae:4c:84:bd:ab:f4:f4:36:e5:
9c:57:7a:ce:5f:15:72:74:0c:52:14:7b:29:fa:ef:
c4:df:99:f4:44:63:7a:9b:7f:41:a6:d1:9c:a7:9c:
8a:8e:3b:37:80:e5:5b:82:07:90:a2:0b:4e:b6:45:
d3:c0:f6:c3:71:6c:09:2d:19:b8:c6:c3:9f:b5:fd:
22:c7:03:57:0e:7d:39:5d:e3:d0:00:c3:2f:17:4f:
5f:94:ae:c2:74:6d:1e:11:f2:b9:38:e5:82:18:64:
29:ce:e9:7c:44:31:7c:31:17:8d:43:97:ae:d6:05:
db:6c:4c:0e:68:0d:e3:50:f2:83:9f:64:b8:c0:d3:
bb:22:ff:00:c5:ca:1a:12:14:72:58:9f:e4:17:0e:
5c:65:4b:d2:0d:27:99:f8:18:15:4c:4a:ac:75:aa:
3a:ac:31:04:76:96:9f:9a:f8:b5:48:8f:ae:ce:66:
ab:4a:84:9f:a5:80:26:4f:cb:ee:b7:ac:fb:04:30:
6f:9c:f8:5b:8e:3c:f4:f2:96:c9:0d:29:35:7d:3c:
46:bb:37:47:fb:9e:a9:36:90:ef:a9:93:4f:3e:a2:
a0:50:96:8d:36:ed:19:5b:77:72:70:28:a3:99:48:
c4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:46:7A:E6:E7:47:E7:96:0E:22:5F:B1:E4:47:D4:3C:D1:2F:F2:AC
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/qUZ65udH55YOIl-x5EfUPNEv8qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.40.0/21
121.91.176.0/20
185.101.68.0/22
212.70.0.0/23
212.70.4.0/22
212.70.16.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:cc:2e:ee:77:ea:19:81:49:08:b7:02:c5:88:40:4b:56:28:
6b:67:fc:57:ad:49:03:c7:b2:75:41:65:73:85:6d:f4:cd:8a:
d5:87:f4:aa:e6:d7:2a:e0:a2:5a:e4:7c:80:56:00:90:13:b6:
3a:1c:6c:59:57:95:be:e1:40:d5:95:58:37:cf:50:8e:66:65:
66:9e:10:0c:c6:1b:b9:93:7d:57:d3:73:1e:d5:52:a2:e9:dc:
28:8f:69:ed:4f:64:06:df:a2:b4:b6:3c:86:0b:d0:c8:47:d2:
51:f8:92:4e:94:2a:62:85:36:4b:63:19:a5:93:04:54:43:60:
f9:cc:40:4b:71:a9:ca:7f:3c:9f:88:5c:dd:2d:01:bc:07:d6:
e3:2f:4c:e8:ac:67:10:ff:0c:92:40:fe:a1:10:39:1f:44:f5:
3a:33:c7:6b:32:b1:5b:99:02:af:e9:6a:ec:7f:58:db:c0:b1:
8e:f3:78:6d:f8:f0:ce:74:19:4e:28:3e:4f:77:e1:a9:3a:a6:
63:35:00:cb:9c:05:6f:d7:71:41:c3:25:34:70:7c:17:05:93:
6d:fd:9b:ac:28:43:7b:86:e6:0e:8d:35:65:1f:d0:5b:d7:7b:
61:b8:e0:e1:1b:f8:45:1e:e4:b0:69:76:b7:d1:55:08:90:54:
91:c4:bb:fd
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYhHXqRtoTjEAIDKUFuMTsJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjMwNTIzMDY0OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQ2N2FlNmU3NDdlNzk2MGUyMjVmYjFlNDQ3ZDQzY2QxMmZmMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqoJ9Z7HKM4WK4+orSBPvB2CKEOu
TIS9q/T0NuWcV3rOXxVydAxSFHsp+u/E35n0RGN6m39BptGcp5yKjjs3gOVbggeQ
ogtOtkXTwPbDcWwJLRm4xsOftf0ixwNXDn05XePQAMMvF09flK7CdG0eEfK5OOWC
GGQpzul8RDF8MReNQ5eu1gXbbEwOaA3jUPKDn2S4wNO7Iv8AxcoaEhRyWJ/kFw5c
ZUvSDSeZ+BgVTEqsdao6rDEEdpafmvi1SI+uzmarSoSfpYAmT8vut6z7BDBvnPhb
jjz08pbJDSk1fTxGuzdH+56pNpDvqZNPPqKgUJaNNu0ZW3dycCijmUjEzQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKlGeubnR+eWDiJfseRH1DzRL/KsMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvcVVaNjV1ZEg1NVlPSWwteDVFZlVQTkV2OHF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDXosoAwQE
eVuwAwQCuWVEAwQB1EYAAwQC1EYEAwQE1EYQMA0GCSqGSIb3DQEBCwUAA4IBAQBe
zC7ud+oZgUkItwLFiEBLVihrZ/xXrUkDx7J1QWVzhW30zYrVh/Sq5tcq4KJa5HyA
VgCQE7Y6HGxZV5W+4UDVlVg3z1COZmVmnhAMxhu5k31X03Me1VKi6dwoj2ntT2QG
36K0tjyGC9DIR9JR+JJOlCpihTZLYxmlkwRUQ2D5zEBLcanKfzyfiFzdLQG8B9bj
L0zorGcQ/wySQP6hEDkfRPU6M8drMrFbmQKv6Wrsf1jbwLGO83ht+PDOdBlOKD5P
d+GpOqZjNQDLnAVv13FBwyU0cHwXBZNt/ZusKEN7huYOjTVlH9Bb13thuODhG/hF
HuSwaXa30VUIkFSRxLv9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:45 2024 by rpki-client on console-ams.rpki-client.org