Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/QUPtxYZo1C0OJ6dNXVzDiS3SFdU.roa
File: QUPtxYZo1C0OJ6dNXVzDiS3SFdU.roa (raw, json)
Hash identifier: r0Fv689b2XeMYr60YgCqQYRjlhHMSxOfvfO8V8Frk5o=
Subject key identifier: 41:43:ED:C5:86:68:D4:2D:0E:27:A7:4D:5D:5C:C3:89:2D:D2:15:D5
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018D6AA9E7CD9481C8EB5E982087959AB535
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/QUPtxYZo1C0OJ6dNXVzDiS3SFdU.roa
Signing time: Fri 02 Feb 2024 16:32:16 +0000
ROA not before: Fri 02 Feb 2024 16:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 109.248.41.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 13 Feb 2024 16:55:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:a9:e7:cd:94:81:c8:eb:5e:98:20:87:95:9a:b5:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Feb 2 16:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4143edc58668d42d0e27a74d5d5cc3892dd215d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:dc:0a:a9:71:20:fe:24:a6:85:f9:ff:4b:b8:
a0:12:16:01:ce:f0:2b:29:43:e4:48:f2:5e:83:46:
a9:ed:e1:19:d2:98:c4:ed:41:f1:ed:81:b3:fb:c0:
dd:00:63:82:9c:b5:07:ef:55:b0:b1:ad:78:d7:4b:
22:da:30:5d:4a:69:84:22:0f:87:e3:3a:17:3b:b6:
07:6e:d7:63:b9:9d:6d:7c:7d:bb:fc:89:20:82:12:
2b:49:10:42:75:23:4f:34:fe:28:ef:b8:23:20:bc:
54:ca:c5:1c:a1:33:0e:41:67:0c:79:68:70:87:e6:
dc:76:c1:4a:59:9f:31:cc:d0:7e:18:d6:94:f5:c5:
83:24:e2:65:00:bb:2a:78:88:76:a8:a8:30:52:92:
34:04:b8:40:ec:27:e9:6b:8a:e4:72:df:c8:f8:27:
a9:b2:9a:2f:56:24:2c:fb:14:d5:0d:9a:9e:aa:16:
b3:b4:61:fd:ee:73:f6:da:1a:5c:28:6e:da:3c:99:
e2:ab:d5:ec:28:6f:c9:8f:38:46:5d:4d:6b:da:a7:
d3:03:32:90:cb:62:7d:4e:c5:38:67:19:33:c2:73:
93:03:95:2c:bf:f4:61:d1:09:5b:a2:fb:36:a3:28:
17:2c:bb:17:64:e9:43:c0:8a:77:f3:78:2f:a0:fa:
88:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:43:ED:C5:86:68:D4:2D:0E:27:A7:4D:5D:5C:C3:89:2D:D2:15:D5
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/QUPtxYZo1C0OJ6dNXVzDiS3SFdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.41.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
7c:2f:2a:72:cd:ba:e1:48:e9:b8:7d:18:55:37:9c:0b:84:05:
7b:e8:24:9e:95:59:8c:8f:e4:00:b2:01:50:b9:5c:80:66:75:
a7:8f:f9:be:e1:2b:09:a2:a9:60:5d:a4:58:57:75:08:ef:e8:
c3:3e:a4:9b:ea:46:f6:88:ea:91:6d:3e:f8:9f:d6:48:0b:cf:
d3:21:52:69:a3:cc:70:48:f0:c2:e3:ab:c4:c1:e9:24:bf:af:
1b:c9:09:b4:51:ce:d1:d0:f3:b0:ed:b3:6d:9b:e7:c5:02:7f:
ce:5b:54:86:68:9f:62:f3:0a:b2:2b:ab:32:5c:14:b6:86:a9:
12:47:d2:55:61:67:fb:f2:cc:8f:cd:97:16:f6:f0:36:cb:a4:
ca:64:b0:f3:d3:f5:df:72:a5:8b:17:ad:5d:10:9d:8b:68:28:
a2:2e:e8:22:57:25:59:b4:fc:0d:0e:9a:b8:9c:9e:41:7f:42:
f5:d7:35:e5:19:8e:70:2a:f2:d3:ec:69:11:4d:f8:e3:3b:56:
a0:70:ac:2d:ff:9c:a1:3c:ae:a7:6a:14:9b:79:87:46:0f:83:
74:02:75:f2:b8:25:ce:33:74:8d:61:12:a1:e4:d5:78:0d:f0:
be:18:af:07:f0:59:df:5b:72:5a:49:01:cf:f9:8c:90:f1:dc:
5b:16:6a:08
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY1qqefNlIHI616YIIeVmrU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMjAyMTYzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQzZWRjNTg2NjhkNDJkMGUyN2E3NGQ1ZDVjYzM4OTJkZDIxNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNwKqXEg/iSmhfn/S7igEhYBzvAr
KUPkSPJeg0ap7eEZ0pjE7UHx7YGz+8DdAGOCnLUH71Wwsa1410si2jBdSmmEIg+H
4zoXO7YHbtdjuZ1tfH27/IkgghIrSRBCdSNPNP4o77gjILxUysUcoTMOQWcMeWhw
h+bcdsFKWZ8xzNB+GNaU9cWDJOJlALsqeIh2qKgwUpI0BLhA7Cfpa4rkct/I+Cep
spovViQs+xTVDZqeqhaztGH97nP22hpcKG7aPJniq9XsKG/JjzhGXU1r2qfTAzKQ
y2J9TsU4ZxkzwnOTA5Usv/Rh0Qlbovs2oygXLLsXZOlDwIp383gvoPqI2QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEFD7cWGaNQtDienTV1cw4kt0hXVMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvUVVQdHhZWm8xQzBPSjZkTlhWekRpUzNTRmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAbfgpAwQA
vIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQB8Lypy
zbrhSOm4fRhVN5wLhAV76CSelVmMj+QAsgFQuVyAZnWnj/m+4SsJoqlgXaRYV3UI
7+jDPqSb6kb2iOqRbT74n9ZIC8/TIVJpo8xwSPDC46vEwekkv68byQm0Uc7R0POw
7bNtm+fFAn/OW1SGaJ9i8wqyK6syXBS2hqkSR9JVYWf78syPzZcW9vA2y6TKZLDz
0/XfcqWLF61dEJ2LaCiiLugiVyVZtPwNDpq4nJ5Bf0L11zXlGY5wKvLT7GkRTfjj
O1agcKwt/5yhPK6nahSbeYdGD4N0AnXyuCXOM3SNYRKh5NV4DfC+GK8H8FnfW3Ja
SQHP+YyQ8dxbFmoI
-----END CERTIFICATE-----
Generated at Tue Feb 13 20:34:25 2024 by rpki-client on console-fra.rpki-client.org