Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/qtOlGhtQVa7XFLNo8TktvlVpNik.roa
File: qtOlGhtQVa7XFLNo8TktvlVpNik.roa (raw, json)
Hash identifier: g5D8EgCP+ZXecvi9LrLZO+xvVDauJsxEIZcYIjs+Li4=
Subject key identifier: AA:D3:A5:1A:1B:50:55:AE:D7:14:B3:68:F1:39:2D:BE:55:69:36:29
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E5C5E433665D24876F7298C91CED396F4
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/qtOlGhtQVa7XFLNo8TktvlVpNik.roa
Signing time: Wed 20 Mar 2024 14:57:45 +0000
ROA not before: Wed 20 Mar 2024 14:57:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
2a02:26f0:9700::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Mar 2024 14:25:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:5e:43:36:65:d2:48:76:f7:29:8c:91:ce:d3:96:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 20 14:57:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aad3a51a1b5055aed714b368f1392dbe55693629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:14:8c:b8:9a:75:f9:09:c1:d0:3d:75:1e:26:
fb:75:48:9b:57:d7:c7:19:43:ca:58:3d:b9:50:5f:
a0:14:61:8e:24:82:42:1c:25:0d:05:df:9c:66:2f:
ec:ac:01:cd:86:46:3d:b9:76:e2:68:cd:72:08:ac:
dc:49:2e:f6:c4:06:9b:7f:1f:3f:56:8d:f1:83:53:
e7:ff:6e:7f:07:b7:9a:e1:80:3b:45:e5:79:75:8d:
ee:30:eb:92:97:74:5e:c4:e0:86:7d:78:1a:c2:ab:
37:77:91:2d:52:31:b5:be:40:83:28:30:48:7b:74:
7b:1f:0c:b9:68:af:f0:6b:38:af:22:94:39:a1:27:
e6:6d:14:93:5e:cb:5b:6d:ab:15:4a:a2:49:bf:e6:
93:db:5a:f9:94:7f:25:fa:97:1f:6c:98:ff:3c:81:
6f:85:81:6d:71:f1:52:7d:a2:d0:44:0c:8f:b4:3c:
c5:d2:3b:31:07:80:5e:fb:69:4e:f7:7c:e8:e1:77:
30:8b:99:3b:98:af:5b:5f:2c:3a:7b:cd:72:21:36:
a1:af:80:bc:3f:ee:bc:78:4a:43:e1:ee:d8:ef:5d:
4f:4a:d0:9f:47:6a:e1:b7:93:02:61:94:92:fc:ea:
9f:2c:53:f1:55:b7:e3:e0:55:c7:87:85:ea:da:21:
24:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D3:A5:1A:1B:50:55:AE:D7:14:B3:68:F1:39:2D:BE:55:69:36:29
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/qtOlGhtQVa7XFLNo8TktvlVpNik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.221.28.0/22
88.221.100.0/22
IPv6:
2a02:26f0:9700::/48
Signature Algorithm: sha256WithRSAEncryption
05:37:d7:d3:cc:3b:e3:eb:84:65:e0:df:66:1b:f3:1c:55:4a:
7f:48:4e:04:85:6f:42:57:bc:2b:7b:9b:23:14:44:e9:c6:0e:
3d:1f:66:f5:e7:b9:f6:76:08:9b:da:ec:6a:12:27:30:ec:34:
06:78:d1:91:5e:67:63:06:77:ae:14:aa:43:69:c8:de:a8:b0:
d2:be:fb:4d:14:73:f8:3d:b2:5c:81:16:84:6c:29:dd:b0:b2:
e6:13:bf:c0:89:fb:36:2b:3e:08:31:11:cd:7b:7a:03:4f:81:
92:21:37:3a:90:32:39:1f:6c:5a:75:5a:7e:82:ba:95:1e:1f:
72:3a:7c:2c:95:90:48:a9:fc:ae:fe:47:59:db:69:be:d6:27:
05:5d:81:b5:d6:f5:07:2d:f9:43:69:45:a9:78:89:54:60:84:
fd:65:f1:e8:69:24:85:1b:2b:96:55:45:6b:04:a0:aa:b4:b8:
82:f6:89:23:a8:e7:a5:1c:54:b1:9b:d5:46:46:00:27:ce:e9:
56:58:70:fd:24:9a:1e:9f:2a:e2:48:18:41:b4:12:06:e2:f1:
23:44:f6:1c:72:e1:11:a3:d6:37:85:56:31:14:da:2f:bb:36:
4e:66:ab:0a:05:04:aa:6f:e3:9a:5d:63:84:d0:33:b8:cf:4c:
df:43:f4:28
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY5cXkM2ZdJIdvcpjJHO05b0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzIwMTQ1NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQzYTUxYTFiNTA1NWFlZDcxNGIzNjhmMTM5MmRiZTU1NjkzNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxSMuJp1+QnB0D11Hib7dUibV9fH
GUPKWD25UF+gFGGOJIJCHCUNBd+cZi/srAHNhkY9uXbiaM1yCKzcSS72xAabfx8/
Vo3xg1Pn/25/B7ea4YA7ReV5dY3uMOuSl3RexOCGfXgawqs3d5EtUjG1vkCDKDBI
e3R7Hwy5aK/wazivIpQ5oSfmbRSTXstbbasVSqJJv+aT21r5lH8l+pcfbJj/PIFv
hYFtcfFSfaLQRAyPtDzF0jsxB4Be+2lO93zo4Xcwi5k7mK9bXyw6e81yITahr4C8
P+68eEpD4e7Y711PStCfR2rht5MCYZSS/OqfLFPxVbfj4FXHh4Xq2iEkYwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKrTpRobUFWu1xSzaPE5Lb5VaTYpMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvcXRPbEdodFFWYTdYRkxObzhUa3R2bFZwTmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCWN0cAwQC
WN1kMA8EAgACMAkDBwAqAibwlwAwDQYJKoZIhvcNAQELBQADggEBAAU319PMO+Pr
hGXg32Yb8xxVSn9ITgSFb0JXvCt7myMUROnGDj0fZvXnufZ2CJva7GoSJzDsNAZ4
0ZFeZ2MGd64UqkNpyN6osNK++00Uc/g9slyBFoRsKd2wsuYTv8CJ+zYrPggxEc17
egNPgZIhNzqQMjkfbFp1Wn6CupUeH3I6fCyVkEip/K7+R1nbab7WJwVdgbXW9Qct
+UNpRal4iVRghP1l8ehpJIUbK5ZVRWsEoKq0uIL2iSOo56UcVLGb1UZGACfO6VZY
cP0kmh6fKuJIGEG0Egbi8SNE9hxy4RGj1jeFVjEU2i+7Nk5mqwoFBKpv45pdY4TQ
M7jPTN9D9Cg=
-----END CERTIFICATE-----
Generated at Thu Mar 21 18:22:42 2024 by rpki-client on console-ams.rpki-client.org