Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/a2eb5a-0962-45bc-a637-f0104ddf2811/1/QLMRenVsmBvGrd5De8c-uhRbVcU.roa
File: QLMRenVsmBvGrd5De8c-uhRbVcU.roa (raw, json)
Hash identifier: v7ayhMOnoF34Oqa52GlN+OJWcZNiZypiwUORg9tDpUE=
Subject key identifier: 40:B3:11:7A:75:6C:98:1B:C6:AD:DE:43:7B:C7:3E:BA:14:5B:55:C5
Certificate issuer: /CN=3adfd48a97720cd854029ddb266c51f91f07670d
Certificate serial: 01857203389B87EC292DFCAEEC116634E9DE
Authority key identifier: 3A:DF:D4:8A:97:72:0C:D8:54:02:9D:DB:26:6C:51:F9:1F:07:67:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ot_UipdyDNhUAp3bJmxR-R8HZw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/a2eb5a-0962-45bc-a637-f0104ddf2811/1/QLMRenVsmBvGrd5De8c-uhRbVcU.roa
Signing time: Mon 02 Jan 2023 10:24:51 +0000
ROA not before: Mon 02 Jan 2023 10:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51410
IP address blocks: 91.217.137.0/24 maxlen: 24
2001:67c:13e4::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:38:9b:87:ec:29:2d:fc:ae:ec:11:66:34:e9:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3adfd48a97720cd854029ddb266c51f91f07670d
Validity
Not Before: Jan 2 10:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40b3117a756c981bc6adde437bc73eba145b55c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cd:16:ff:ba:ad:14:48:2a:11:84:36:ce:f1:
e0:1c:b4:dd:ca:f1:73:76:d5:54:5d:5d:5a:45:26:
64:6c:bf:e8:43:c3:56:e0:77:d8:8e:c9:3f:58:59:
31:11:90:ff:cd:d6:b1:3c:0b:df:f0:18:59:40:65:
67:f6:a0:6e:a5:68:ef:b6:ef:21:35:9f:aa:cc:6f:
98:10:e2:9f:0f:96:aa:91:85:c3:9d:2e:73:fb:95:
c1:40:7e:4e:3b:ec:d9:40:b1:4b:b5:74:f4:8c:42:
0e:1f:24:f9:13:aa:4e:60:71:68:d3:77:56:a4:7a:
28:19:14:d7:1f:9b:dc:61:c3:64:53:71:64:10:2d:
05:b4:9f:5e:18:e8:d2:d1:5f:fc:d7:84:84:33:d3:
c0:82:21:c6:06:ef:82:12:34:18:60:6e:e7:00:18:
9b:c3:04:60:e8:25:a5:8d:17:9e:2a:61:91:e5:f0:
41:5f:f3:b6:db:63:1a:36:0d:0e:e4:62:3e:c2:a7:
6d:bb:05:c1:29:c2:58:e4:d7:40:06:e9:f9:f9:e1:
90:d5:96:c3:71:17:c2:bc:2a:16:57:9a:6a:61:e2:
8b:83:68:d1:87:49:8c:ce:07:f9:4a:85:98:07:bd:
76:15:a2:b4:95:3e:6e:cd:ec:0e:41:b4:59:68:0f:
7f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B3:11:7A:75:6C:98:1B:C6:AD:DE:43:7B:C7:3E:BA:14:5B:55:C5
X509v3 Authority Key Identifier:
keyid:3A:DF:D4:8A:97:72:0C:D8:54:02:9D:DB:26:6C:51:F9:1F:07:67:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ot_UipdyDNhUAp3bJmxR-R8HZw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a2eb5a-0962-45bc-a637-f0104ddf2811/1/QLMRenVsmBvGrd5De8c-uhRbVcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a2eb5a-0962-45bc-a637-f0104ddf2811/1/Ot_UipdyDNhUAp3bJmxR-R8HZw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.137.0/24
IPv6:
2001:67c:13e4::/48
Signature Algorithm: sha256WithRSAEncryption
1a:d8:57:7f:1c:08:bc:40:18:47:e0:d7:8d:7e:85:85:4a:b7:
c7:19:71:10:0c:50:0a:c1:fe:b9:c6:1e:8b:08:c0:e1:c7:39:
82:78:e0:13:a8:d2:b2:c8:29:1a:f4:17:aa:2a:7a:d4:f0:0b:
c1:e1:3d:b6:17:ac:86:f8:23:cd:e6:04:21:84:1d:7c:f7:00:
db:90:50:d8:37:e5:3a:05:82:74:ed:b1:9d:32:fe:bd:a4:de:
71:e7:c6:45:bb:24:f9:a8:26:57:67:7b:a5:e9:1a:c8:5d:31:
52:52:c6:6f:ae:2c:53:00:40:a9:b8:a1:c1:2b:da:b4:e9:88:
03:59:99:53:b9:bf:eb:13:bf:33:0c:4e:e5:20:da:37:9e:39:
e8:19:01:66:45:0f:ad:42:f8:e4:98:b2:09:61:0f:6c:ae:fe:
6c:10:f2:c2:89:a4:7f:0c:54:91:4d:2e:cd:42:1f:df:ca:27:
35:7d:9f:f3:10:2c:2d:57:3b:17:d5:f8:49:84:cb:ff:e5:73:
c4:aa:58:52:6b:1d:e6:87:10:1f:4c:67:eb:3c:de:f7:b3:4f:
f1:89:68:01:17:4d:3d:1c:03:77:17:59:f0:ce:44:0e:b6:09:
31:51:f8:d3:e3:c8:df:b1:6f:fa:34:00:f9:81:0d:f1:c5:64:
16:7f:1b:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyAzibh+wpLfyu7BFmNOneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZGZkNDhhOTc3MjBjZDg1NDAyOWRkYjI2NmM1MWY5MWYw
NzY3MGQwHhcNMjMwMTAyMTAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGIzMTE3YTc1NmM5ODFiYzZhZGRlNDM3YmM3M2ViYTE0NWI1NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc0W/7qtFEgqEYQ2zvHgHLTdyvFz
dtVUXV1aRSZkbL/oQ8NW4HfYjsk/WFkxEZD/zdaxPAvf8BhZQGVn9qBupWjvtu8h
NZ+qzG+YEOKfD5aqkYXDnS5z+5XBQH5OO+zZQLFLtXT0jEIOHyT5E6pOYHFo03dW
pHooGRTXH5vcYcNkU3FkEC0FtJ9eGOjS0V/814SEM9PAgiHGBu+CEjQYYG7nABib
wwRg6CWljReeKmGR5fBBX/O222MaNg0O5GI+wqdtuwXBKcJY5NdABun5+eGQ1ZbD
cRfCvCoWV5pqYeKLg2jRh0mMzgf5SoWYB712FaK0lT5uzewOQbRZaA9/uwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFECzEXp1bJgbxq3eQ3vHProUW1XFMB8GA1UdIwQY
MBaAFDrf1IqXcgzYVAKd2yZsUfkfB2cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RfVWlwZHlETmhVQXAzYkpteFItUjhIWncwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9hMmViNWEtMDk2Mi00NWJjLWE2Mzct
ZjAxMDRkZGYyODExLzEvUUxNUmVuVnNtQnZHcmQ1RGU4Yy11aFJiVmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9hMmViNWEtMDk2Mi00NWJjLWE2MzctZjAxMDRkZGYyODEx
LzEvT3RfVWlwZHlETmhVQXAzYkpteFItUjhIWncwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9mJMA8E
AgACMAkDBwAgAQZ8E+QwDQYJKoZIhvcNAQELBQADggEBABrYV38cCLxAGEfg141+
hYVKt8cZcRAMUArB/rnGHosIwOHHOYJ44BOo0rLIKRr0F6oqetTwC8HhPbYXrIb4
I83mBCGEHXz3ANuQUNg35ToFgnTtsZ0y/r2k3nHnxkW7JPmoJldne6XpGshdMVJS
xm+uLFMAQKm4ocEr2rTpiANZmVO5v+sTvzMMTuUg2jeeOegZAWZFD61C+OSYsglh
D2yu/mwQ8sKJpH8MVJFNLs1CH9/KJzV9n/MQLC1XOxfV+EmEy//lc8SqWFJrHeaH
EB9MZ+s83vezT/GJaAEXTT0cA3cXWfDORA62CTFR+NPjyN+xb/o0APmBDfHFZBZ/
G9o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:57 2024 by rpki-client on console-ams.rpki-client.org