Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/QleYrcVGu7v-bbReGv2LQUoPMuM.roa
File: QleYrcVGu7v-bbReGv2LQUoPMuM.roa (raw, json)
Hash identifier: s+fWuxU97RV8mjhGojNnP42FfoZeiqEBXx9l/c2QnmA=
Subject key identifier: 42:57:98:AD:C5:46:BB:BB:FE:6D:B4:5E:1A:FD:8B:41:4A:0F:32:E3
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 01856ED4C75E1D436AF9025F80733173FAEC
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/QleYrcVGu7v-bbReGv2LQUoPMuM.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210703
IP address blocks: 152.89.192.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c7:5e:1d:43:6a:f9:02:5f:80:73:31:73:fa:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=425798adc546bbbbfe6db45e1afd8b414a0f32e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9d:c0:d8:b3:73:8e:a4:67:b9:97:c2:08:a9:
27:79:da:63:e7:e5:90:64:6b:43:67:a2:6e:8e:32:
be:13:26:40:0b:9c:53:b2:5f:92:1d:f9:a3:c2:10:
73:09:ce:44:50:bd:91:44:f7:b3:3a:de:3b:25:5d:
0f:c9:71:6d:ce:ed:65:be:6c:72:41:41:25:78:b1:
fb:d6:07:7f:58:27:9d:6b:17:87:6b:c0:41:4d:84:
d6:17:9b:d2:a1:d5:f1:e0:e3:0d:f6:3e:34:46:a7:
12:79:50:00:0a:15:7e:7d:e2:26:76:36:86:e8:70:
a8:f0:46:09:6b:4c:83:a5:25:13:43:68:3f:45:2f:
b8:36:49:1a:29:93:9e:91:b9:24:7f:94:4b:f8:fa:
36:c0:3c:bd:2c:05:40:52:6d:ed:df:34:0c:5e:c2:
1e:cc:28:9e:d1:3c:03:b9:00:90:4f:55:b9:d6:d9:
29:03:8c:d1:ea:4b:b7:1c:df:5d:75:52:a9:c2:d8:
b0:d8:50:20:27:18:5d:86:18:bc:26:4c:77:56:9d:
28:85:bc:33:be:62:0d:03:99:ad:f8:41:f9:70:96:
cf:cb:e7:d4:5e:3e:10:75:3d:2e:2b:6f:da:b7:0d:
1c:74:29:da:d0:83:9a:01:f0:95:78:7c:3e:cd:d4:
90:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:57:98:AD:C5:46:BB:BB:FE:6D:B4:5E:1A:FD:8B:41:4A:0F:32:E3
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/QleYrcVGu7v-bbReGv2LQUoPMuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.192.0/24
Signature Algorithm: sha256WithRSAEncryption
56:3a:4e:7d:fc:fb:04:76:ab:9c:23:dc:a2:22:9d:4e:bc:be:
1c:83:b4:92:ba:4e:6f:b8:52:14:61:4c:48:3c:8f:77:70:f8:
23:28:4f:fd:15:1a:87:bd:1b:58:b9:5c:0f:cb:d7:48:e4:1b:
47:5c:cd:7c:26:83:19:d7:4a:3f:75:2a:dc:0f:e7:02:10:26:
05:5c:d1:a8:f0:bc:ef:6d:3f:3c:81:0d:5c:55:7b:44:a2:8e:
cc:c5:b3:69:c9:68:49:61:3b:c1:d4:fb:ba:dd:06:73:96:70:
41:7c:91:5e:ba:b0:db:c6:cf:29:4a:58:54:22:61:ce:9f:df:
2e:c5:61:64:27:88:81:94:44:9e:8d:a6:08:ca:64:9e:ac:85:
b0:14:51:31:6c:20:cf:fb:43:48:6c:9b:65:40:e7:13:35:17:
85:f0:10:f2:0c:76:9f:f1:55:1c:2d:48:b8:9b:4e:e4:d6:67:
70:19:d1:7e:1b:9f:9f:51:8b:e9:34:45:04:97:db:19:30:1a:
dd:36:f9:74:1e:39:60:ed:01:82:5f:e4:e3:ba:3c:02:cd:a5:
66:9f:fa:8e:d9:cd:d7:41:c5:99:31:7e:ab:ab:ee:33:40:91:
77:9f:fd:3f:3e:fd:4d:f1:67:75:96:3b:26:9d:ee:55:c5:52:
0f:7f:c7:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1MdeHUNq+QJfgHMxc/rsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGNjOGJjZGI2Yzc0NGFjZGY0M2RkNzJkNjhkMjA0NTFh
MTc5ZjYwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjU3OThhZGM1NDZiYmJiZmU2ZGI0NWUxYWZkOGI0MTRhMGYzMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ3A2LNzjqRnuZfCCKknedpj5+WQ
ZGtDZ6JujjK+EyZAC5xTsl+SHfmjwhBzCc5EUL2RRPezOt47JV0PyXFtzu1lvmxy
QUEleLH71gd/WCedaxeHa8BBTYTWF5vSodXx4OMN9j40RqcSeVAAChV+feImdjaG
6HCo8EYJa0yDpSUTQ2g/RS+4NkkaKZOekbkkf5RL+Po2wDy9LAVAUm3t3zQMXsIe
zCie0TwDuQCQT1W51tkpA4zR6ku3HN9ddVKpwtiw2FAgJxhdhhi8Jkx3Vp0ohbwz
vmINA5mt+EH5cJbPy+fUXj4QdT0uK2/atw0cdCna0IOaAfCVeHw+zdSQIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJXmK3FRru7/m20Xhr9i0FKDzLjMB8GA1UdIwQY
MBaAFDzcyLzbbHRKzfQ91y1o0gRRoXn2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQt
NjM3YjM3MWRhOGU2LzEvUWxlWXJjVkd1N3YtYmJSZUd2MkxRVW9QTXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8zNTY4MjYtZmMxMC00YWE5LTk2YTQtNjM3YjM3MWRhOGU2
LzEvUE56SXZOdHNkRXJOOUQzWExXalNCRkdoZWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnAMA0G
CSqGSIb3DQEBCwUAA4IBAQBWOk59/PsEdqucI9yiIp1OvL4cg7SSuk5vuFIUYUxI
PI93cPgjKE/9FRqHvRtYuVwPy9dI5BtHXM18JoMZ10o/dSrcD+cCECYFXNGo8Lzv
bT88gQ1cVXtEoo7MxbNpyWhJYTvB1Pu63QZzlnBBfJFeurDbxs8pSlhUImHOn98u
xWFkJ4iBlESejaYIymSerIWwFFExbCDP+0NIbJtlQOcTNReF8BDyDHaf8VUcLUi4
m07k1mdwGdF+G5+fUYvpNEUEl9sZMBrdNvl0Hjlg7QGCX+TjujwCzaVmn/qO2c3X
QcWZMX6rq+4zQJF3n/0/Pv1N8Wd1ljsmne5VxVIPf8cv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:49 2023 by rpki-client on console-fra.rpki-client.org