Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/QCZnyQxl8Zqb1SvuTZYYzSjJ9Ao.roa
File: QCZnyQxl8Zqb1SvuTZYYzSjJ9Ao.roa (raw, json)
Hash identifier: jFBzlo7vdxdoeGK4ggeADH95QGnaHjvf5g/dXWgLczc=
Subject key identifier: 40:26:67:C9:0C:65:F1:9A:9B:D5:2B:EE:4D:96:18:CD:28:C9:F4:0A
Certificate issuer: /CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Certificate serial: 018CC3B71C9015A4D198213DC91CEE0B70BD
Authority key identifier: D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/QCZnyQxl8Zqb1SvuTZYYzSjJ9Ao.roa
Signing time: Mon 01 Jan 2024 06:30:06 +0000
ROA not before: Mon 01 Jan 2024 06:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8943
IP address blocks: 212.13.192.0/19 maxlen: 19
185.73.44.0/22 maxlen: 22
194.33.11.0/24 maxlen: 24
2001:ba8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Mar 2024 13:37:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:1c:90:15:a4:d1:98:21:3d:c9:1c:ee:0b:70:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Validity
Not Before: Jan 1 06:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=402667c90c65f19a9bd52bee4d9618cd28c9f40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bf:fb:97:40:34:bf:74:39:4f:82:34:1b:fa:
a1:aa:b7:02:ea:9a:7b:9d:88:f6:59:87:07:8c:39:
e5:87:ca:98:88:f4:45:b6:93:71:fc:d6:ab:5c:6c:
36:28:08:76:3f:90:4c:1d:c3:d6:90:a4:93:59:17:
36:86:41:af:50:c7:6b:15:7d:21:a9:67:05:be:74:
91:7b:4d:09:4b:17:74:8b:f0:b9:8e:75:ac:58:89:
84:5f:b1:5e:8f:2f:e8:19:18:d3:80:45:19:f3:f2:
b8:b1:8d:96:8c:06:b0:a9:b3:e9:a5:68:c8:5d:23:
a4:81:f2:52:1a:2b:50:ca:a1:3d:dd:7a:e2:62:3b:
96:d8:a7:a7:81:e4:8b:47:25:70:76:2b:b3:81:13:
24:5d:34:e5:ee:2e:27:0e:3b:32:ea:b5:9c:1a:90:
af:69:45:4d:38:01:96:20:9d:c8:1f:8f:73:19:0f:
78:b7:bb:7e:c8:d7:cf:95:3b:d1:92:ef:49:03:8b:
99:69:e3:f3:c6:0d:84:89:de:d2:4d:20:67:bc:92:
dc:42:c6:b9:5d:22:ff:06:e0:77:e8:3b:ea:e9:e6:
33:5c:29:e7:1f:d3:a3:d0:2c:2e:10:1a:61:0c:df:
e4:57:02:d7:12:06:54:17:19:ad:6d:00:9c:d3:68:
0c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:26:67:C9:0C:65:F1:9A:9B:D5:2B:EE:4D:96:18:CD:28:C9:F4:0A
X509v3 Authority Key Identifier:
keyid:D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/QCZnyQxl8Zqb1SvuTZYYzSjJ9Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.44.0/22
194.33.11.0/24
212.13.192.0/19
IPv6:
2001:ba8::/32
Signature Algorithm: sha256WithRSAEncryption
6b:98:32:f1:22:73:8e:f1:8f:b8:ff:b8:03:f9:31:2f:05:8d:
6e:dc:f9:06:8f:30:d7:3e:77:cb:0f:d6:b8:3d:6b:10:c2:92:
3b:e6:cc:e6:16:df:8d:32:ff:3c:0a:ff:f4:fb:09:33:80:5e:
1f:7f:68:63:4f:67:42:ea:9a:2f:fd:48:a6:1e:fc:8c:af:76:
6a:fe:21:b8:31:00:ee:28:bb:4f:5e:4b:e2:1f:89:89:d8:27:
1c:eb:92:b4:22:b1:1e:df:c8:18:6c:ab:0a:53:f7:b4:78:61:
91:fa:0c:95:a8:b5:94:63:69:3f:bf:dd:39:b6:25:d7:83:94:
b4:86:89:7a:55:a3:57:87:42:c1:e2:4d:a7:59:27:d3:5b:15:
4b:4a:82:49:75:e5:0c:1e:cc:e3:7b:f5:9b:2f:99:9c:16:a6:
43:99:ea:bc:b5:2a:30:72:d9:19:dc:5f:98:6c:fd:d5:e2:1e:
c4:eb:ec:b5:e1:21:5e:60:b6:39:84:cf:21:e1:cb:cc:b7:ab:
6e:51:a9:d0:21:19:92:c0:d5:03:a3:97:a4:9d:06:e3:42:a4:
63:39:39:94:4d:50:14:bf:76:2f:f8:5c:b0:82:a5:c7:00:bf:
14:77:eb:2d:24:e6:90:6d:1b:d6:c6:ac:2f:9c:dc:5a:22:b5:
10:5f:68:af
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtxyQFaTRmCE9yRzuC3C9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzNiZmEwMTRiOTE5MmYyNzAwYWNhZjZmMjc5ZGJlZjhh
MGFmZjIwHhcNMjQwMTAxMDYzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDI2NjdjOTBjNjVmMTlhOWJkNTJiZWU0ZDk2MThjZDI4YzlmNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb/7l0A0v3Q5T4I0G/qhqrcC6pp7
nYj2WYcHjDnlh8qYiPRFtpNx/NarXGw2KAh2P5BMHcPWkKSTWRc2hkGvUMdrFX0h
qWcFvnSRe00JSxd0i/C5jnWsWImEX7Fejy/oGRjTgEUZ8/K4sY2WjAawqbPppWjI
XSOkgfJSGitQyqE93XriYjuW2KengeSLRyVwdiuzgRMkXTTl7i4nDjsy6rWcGpCv
aUVNOAGWIJ3IH49zGQ94t7t+yNfPlTvRku9JA4uZaePzxg2Eid7STSBnvJLcQsa5
XSL/BuB36Dvq6eYzXCnnH9Oj0CwuEBphDN/kVwLXEgZUFxmtbQCc02gMaQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEAmZ8kMZfGam9Ur7k2WGM0oyfQKMB8GA1UdIwQY
MBaAFNgzv6AUuRkvJwCsr28nnb74oK/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEt
NWMwMTdiZDQzNjYzLzEvUUNabnlReGw4WnFiMVN2dVRaWVl6U2pKOUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEtNWMwMTdiZDQzNjYz
LzEvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUksAwQA
wiELAwQF1A3AMA0EAgACMAcDBQAgAQuoMA0GCSqGSIb3DQEBCwUAA4IBAQBrmDLx
InOO8Y+4/7gD+TEvBY1u3PkGjzDXPnfLD9a4PWsQwpI75szmFt+NMv88Cv/0+wkz
gF4ff2hjT2dC6pov/UimHvyMr3Zq/iG4MQDuKLtPXkviH4mJ2Ccc65K0IrEe38gY
bKsKU/e0eGGR+gyVqLWUY2k/v905tiXXg5S0hol6VaNXh0LB4k2nWSfTWxVLSoJJ
deUMHszje/WbL5mcFqZDmeq8tSowctkZ3F+YbP3V4h7E6+y14SFeYLY5hM8h4cvM
t6tuUanQIRmSwNUDo5eknQbjQqRjOTmUTVAUv3Yv+FywgqXHAL8Ud+stJOaQbRvW
xqwvnNxaIrUQX2iv
-----END CERTIFICATE-----
Generated at Tue Mar 12 17:31:51 2024 by rpki-client on console-ams.rpki-client.org