Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/qxGqrUh8q9LB5hmycOElVtSk-O8.roa
File: qxGqrUh8q9LB5hmycOElVtSk-O8.roa (raw, json)
Hash identifier: ZPi+1RqBoNUdaL9kQ7t1LHv8ZgH66iDMeL9v1xLmyf8=
Subject key identifier: AB:11:AA:AD:48:7C:AB:D2:C1:E6:19:B2:70:E1:25:56:D4:A4:F8:EF
Certificate issuer: /CN=40339d304499d069aecd8bd0e8fba02e522f576a
Certificate serial: 018626E7C8C1C7DEC6F021C394BFA1382525
Authority key identifier: 40:33:9D:30:44:99:D0:69:AE:CD:8B:D0:E8:FB:A0:2E:52:2F:57:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QDOdMESZ0GmuzYvQ6PugLlIvV2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/qxGqrUh8q9LB5hmycOElVtSk-O8.roa
Signing time: Mon 06 Feb 2023 13:26:09 +0000
ROA not before: Mon 06 Feb 2023 13:26:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52063
IP address blocks: 185.109.116.0/22 maxlen: 24
46.254.184.0/21 maxlen: 24
2a00:9400::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:e7:c8:c1:c7:de:c6:f0:21:c3:94:bf:a1:38:25:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40339d304499d069aecd8bd0e8fba02e522f576a
Validity
Not Before: Feb 6 13:26:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab11aaad487cabd2c1e619b270e12556d4a4f8ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:c2:63:b6:0c:f4:5f:62:81:19:5d:39:7a:
a2:e3:b0:14:56:58:1d:3e:75:54:b5:cd:a0:65:ae:
9f:7d:cc:ed:f2:7f:8f:2a:d5:52:7a:71:89:4b:2d:
fe:28:7f:ab:f8:30:64:ef:1e:07:65:f4:3a:b9:a2:
72:79:fd:90:b0:b4:6b:cb:76:8e:83:10:7d:92:81:
c8:d1:89:66:3f:16:81:5d:f6:2b:69:a9:67:9c:7f:
df:e6:79:f9:66:ae:6d:8a:c6:47:ae:df:95:18:01:
67:94:cd:52:71:2c:f6:0c:ed:bb:54:61:dd:07:5d:
49:5a:97:2d:0d:d1:6b:17:c4:bb:5a:2e:01:3d:18:
82:d3:7e:d0:92:ec:a3:7a:29:dd:ee:92:4a:32:5d:
f3:b9:39:3e:55:e1:38:91:b6:09:08:0f:a3:47:06:
c5:d3:e1:45:f0:29:02:02:e9:3f:48:d9:84:68:5b:
8a:ca:d0:98:68:55:c2:0d:4a:47:94:62:aa:47:ad:
95:93:3c:91:c4:7f:5d:74:a9:8a:75:5b:92:e4:e9:
2c:ac:c7:22:6d:1a:84:ed:ce:ba:c1:8d:1d:1a:8f:
07:7e:67:e5:10:fd:c1:dc:62:77:46:1f:a3:d9:d6:
ec:27:7b:3a:63:be:5c:f6:9e:59:84:2f:0b:89:2b:
77:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:11:AA:AD:48:7C:AB:D2:C1:E6:19:B2:70:E1:25:56:D4:A4:F8:EF
X509v3 Authority Key Identifier:
keyid:40:33:9D:30:44:99:D0:69:AE:CD:8B:D0:E8:FB:A0:2E:52:2F:57:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QDOdMESZ0GmuzYvQ6PugLlIvV2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/qxGqrUh8q9LB5hmycOElVtSk-O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/QDOdMESZ0GmuzYvQ6PugLlIvV2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.184.0/21
185.109.116.0/22
IPv6:
2a00:9400::/32
Signature Algorithm: sha256WithRSAEncryption
50:d4:55:d9:04:9f:87:90:51:82:47:ff:ec:9c:fb:28:67:11:
2d:39:76:3b:39:0f:7a:c0:5b:89:84:b1:1e:6a:d6:a2:5e:f8:
0e:d0:20:34:c0:aa:26:b8:70:5e:55:e6:fe:7e:cd:85:4a:d4:
96:b7:ba:42:a9:28:bc:0e:bb:c1:43:01:ac:81:cd:32:a0:63:
eb:6a:d4:e0:e9:95:e7:3f:19:57:19:01:18:e0:a2:79:ff:23:
b4:80:85:92:0c:f3:a4:76:d5:d8:6f:e7:2e:d5:e5:a5:21:81:
32:66:bf:4c:ef:40:42:ab:fe:6c:d5:58:f4:19:bf:64:d4:be:
32:1a:c9:37:9b:64:ee:e2:32:c7:88:bd:de:8b:df:c0:80:c2:
6f:1a:e4:76:93:54:19:18:60:c2:3a:92:81:94:7f:4a:0d:4b:
d2:3f:83:3d:92:2f:cb:7a:81:09:15:59:c2:ae:9a:37:c1:65:
98:de:64:72:7e:7c:93:8b:58:41:5e:af:79:98:50:03:90:7c:
aa:3b:f3:14:4d:1d:09:2b:fc:3b:4a:2b:12:55:78:8f:3f:37:
cf:9d:65:49:f3:c5:26:96:ce:55:12:8f:7d:c9:25:70:a6:12:
c4:03:df:25:e6:fe:3a:ce:b1:09:81:bd:b2:0a:7f:f3:e4:74:
1b:74:08:0d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYYm58jBx97G8CHDlL+hOCUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMzM5ZDMwNDQ5OWQwNjlhZWNkOGJkMGU4ZmJhMDJlNTIy
ZjU3NmEwHhcNMjMwMjA2MTMyNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjExYWFhZDQ4N2NhYmQyYzFlNjE5YjI3MGUxMjU1NmQ0YTRmOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoLCY7YM9F9igRldOXqi47AUVlgd
PnVUtc2gZa6ffczt8n+PKtVSenGJSy3+KH+r+DBk7x4HZfQ6uaJyef2QsLRry3aO
gxB9koHI0YlmPxaBXfYraalnnH/f5nn5Zq5tisZHrt+VGAFnlM1ScSz2DO27VGHd
B11JWpctDdFrF8S7Wi4BPRiC037Qkuyjeind7pJKMl3zuTk+VeE4kbYJCA+jRwbF
0+FF8CkCAuk/SNmEaFuKytCYaFXCDUpHlGKqR62VkzyRxH9ddKmKdVuS5OksrMci
bRqE7c66wY0dGo8HfmflEP3B3GJ3Rh+j2dbsJ3s6Y75c9p5ZhC8LiSt34wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKsRqq1IfKvSweYZsnDhJVbUpPjvMB8GA1UdIwQY
MBaAFEAznTBEmdBprs2L0Oj7oC5SL1dqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUURPZE1FU1owR211ell2UTZQdWdMbEl2VjJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS81ZmU4OGEtMTZlMS00ODFmLTk4ZTgt
MDMxZTU4OTA1OTIzLzEvcXhHcXJVaDhxOUxCNWhteWNPRWxWdFNrLU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS81ZmU4OGEtMTZlMS00ODFmLTk4ZTgtMDMxZTU4OTA1OTIz
LzEvUURPZE1FU1owR211ell2UTZQdWdMbEl2VjJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLv64AwQC
uW10MA0EAgACMAcDBQAqAJQAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ1FXZBJ+HkFGC
R//snPsoZxEtOXY7OQ96wFuJhLEeataiXvgO0CA0wKomuHBeVeb+fs2FStSWt7pC
qSi8DrvBQwGsgc0yoGPratTg6ZXnPxlXGQEY4KJ5/yO0gIWSDPOkdtXYb+cu1eWl
IYEyZr9M70BCq/5s1Vj0Gb9k1L4yGsk3m2Tu4jLHiL3ei9/AgMJvGuR2k1QZGGDC
OpKBlH9KDUvSP4M9ki/LeoEJFVnCrpo3wWWY3mRyfnyTi1hBXq95mFADkHyqO/MU
TR0JK/w7SisSVXiPPzfPnWVJ88Umls5VEo99ySVwphLEA98l5v46zrEJgb2yCn/z
5HQbdAgN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:12 2024 by rpki-client on console-fra.rpki-client.org