Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/QFot-2l9SebE_AjO4LbAYZ2HKbE.roa
File: QFot-2l9SebE_AjO4LbAYZ2HKbE.roa (raw, json)
Hash identifier: 7NlVnitX70PGsU2mE23BF00NPRXx3PHG2z+N8SBZRl4=
Subject key identifier: 40:5A:2D:FB:69:7D:49:E6:C4:FC:08:CE:E0:B6:C0:61:9D:87:29:B1
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018C1CABE2006AF4997927E3D5CEADFCD909
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/QFot-2l9SebE_AjO4LbAYZ2HKbE.roa
Signing time: Wed 29 Nov 2023 20:01:15 +0000
ROA not before: Wed 29 Nov 2023 20:01:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 83.97.100.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1c:ab:e2:00:6a:f4:99:79:27:e3:d5:ce:ad:fc:d9:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 29 20:01:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=405a2dfb697d49e6c4fc08cee0b6c0619d8729b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3c:9e:c5:94:d2:37:36:79:55:2b:8b:56:65:
15:8a:a5:de:e9:07:29:d5:05:31:f8:51:76:88:d9:
67:11:67:27:bb:ef:50:00:0d:ba:bc:4d:c3:40:36:
89:6e:22:b1:07:cb:c7:3d:fc:6b:a7:9f:70:f8:0b:
89:bf:f6:28:5b:34:95:d2:f9:91:f7:0d:7c:b3:54:
aa:f1:ed:e7:5f:da:82:9e:41:4b:34:d8:42:aa:49:
31:30:b1:16:23:11:f1:0f:cc:da:37:22:06:cc:70:
11:a4:11:24:79:7a:64:77:aa:52:c8:cb:f4:06:a3:
d6:a9:69:07:7f:69:76:a3:c3:02:7a:33:8d:1f:45:
bd:0f:98:a7:4d:c1:db:0d:fb:3f:36:65:9a:d1:5a:
1b:5d:a3:19:d5:c8:6b:3a:0e:bc:e9:1c:0e:13:39:
22:e4:72:d9:fb:a7:56:27:e3:4e:21:48:7e:ec:0f:
c6:81:33:8e:6a:30:1e:80:d8:d7:cf:58:9f:c2:88:
f8:b8:76:15:7e:a4:2c:91:8b:14:d8:51:5d:8f:bd:
1e:97:4d:74:db:c5:05:82:27:06:4a:33:20:93:c4:
42:da:87:52:ef:41:63:7c:b0:39:67:8c:7b:dd:d0:
98:d1:16:66:31:aa:53:f2:46:fd:e4:26:5e:3b:3c:
b0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5A:2D:FB:69:7D:49:E6:C4:FC:08:CE:E0:B6:C0:61:9D:87:29:B1
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/QFot-2l9SebE_AjO4LbAYZ2HKbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.100.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:70:ea:d2:68:1b:7a:6d:e6:0d:3a:d4:24:fa:33:0b:68:89:
c2:17:da:55:ad:1b:f1:83:92:b1:97:f3:99:e3:2f:7e:f7:0e:
6b:94:45:27:f1:61:cd:e8:a9:c1:23:ca:f6:de:97:9e:3e:f8:
67:15:88:92:2e:aa:21:ea:3e:16:ed:93:6d:d2:04:f0:40:df:
95:72:3b:ae:09:24:8c:04:61:b2:0c:75:b7:14:07:f4:0f:81:
eb:16:57:b4:95:e7:33:22:45:2b:b3:e0:2f:66:aa:e5:ae:ff:
2d:20:6a:02:53:51:65:40:c4:91:70:b9:04:cb:fc:f5:f6:4a:
eb:74:7f:10:76:2a:b9:2f:ca:86:ff:08:4f:ef:91:9f:d5:10:
1f:f5:18:8e:b6:a4:cf:92:5f:ce:39:a5:12:a3:6f:51:cc:78:
da:d6:63:a4:c6:d5:e6:86:a3:ac:be:60:4b:4c:5e:9e:34:97:
65:47:1c:41:6f:2c:56:be:e6:28:90:04:a8:58:f7:e1:ec:3a:
ce:25:17:31:bb:c8:59:26:9e:25:1c:9f:ea:c5:75:1d:ed:6c:
0b:24:af:65:69:ec:73:2d:dd:f5:a9:f8:df:dc:fe:af:f5:da:
d5:c8:78:eb:59:33:4f:d3:63:da:23:bb:05:c0:1e:b3:b5:a1:
df:5b:03:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwcq+IAavSZeSfj1c6t/NkJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMxMTI5MjAwMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDVhMmRmYjY5N2Q0OWU2YzRmYzA4Y2VlMGI2YzA2MTlkODcyOWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzyexZTSNzZ5VSuLVmUViqXe6Qcp
1QUx+FF2iNlnEWcnu+9QAA26vE3DQDaJbiKxB8vHPfxrp59w+AuJv/YoWzSV0vmR
9w18s1Sq8e3nX9qCnkFLNNhCqkkxMLEWIxHxD8zaNyIGzHARpBEkeXpkd6pSyMv0
BqPWqWkHf2l2o8MCejONH0W9D5inTcHbDfs/NmWa0VobXaMZ1chrOg686RwOEzki
5HLZ+6dWJ+NOIUh+7A/GgTOOajAegNjXz1ifwoj4uHYVfqQskYsU2FFdj70el010
28UFgicGSjMgk8RC2odS70FjfLA5Z4x73dCY0RZmMapT8kb95CZeOzywTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBaLftpfUnmxPwIzuC2wGGdhymxMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvUUZvdC0ybDlTZWJFX0FqTzRMYkFZWjJIS2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU2FkMA0G
CSqGSIb3DQEBCwUAA4IBAQAtcOrSaBt6beYNOtQk+jMLaInCF9pVrRvxg5Kxl/OZ
4y9+9w5rlEUn8WHN6KnBI8r23peePvhnFYiSLqoh6j4W7ZNt0gTwQN+VcjuuCSSM
BGGyDHW3FAf0D4HrFle0leczIkUrs+AvZqrlrv8tIGoCU1FlQMSRcLkEy/z19krr
dH8Qdiq5L8qG/whP75Gf1RAf9RiOtqTPkl/OOaUSo29RzHja1mOkxtXmhqOsvmBL
TF6eNJdlRxxBbyxWvuYokASoWPfh7DrOJRcxu8hZJp4lHJ/qxXUd7WwLJK9laexz
Ld31qfjf3P6v9drVyHjrWTNP02PaI7sFwB6ztaHfWwPb
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:12 2024 by rpki-client on console-fra.rpki-client.org