Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/f5210d-0590-43a3-9eed-6a83563b655b/1/qnmut6Dy6aF93D0fwiCZm5BbvWU.roa
File: qnmut6Dy6aF93D0fwiCZm5BbvWU.roa (raw, json)
Hash identifier: TqqL07ugMeWfibYz5iCpbu8Kdu2NR286r5iangKKjdc=
Subject key identifier: AA:79:AE:B7:A0:F2:E9:A1:7D:DC:3D:1F:C2:20:99:9B:90:5B:BD:65
Certificate issuer: /CN=b0340251f1826347f4e9645f6824d3b93f47e5de
Certificate serial: 018AA8B0BEC76203E8254B89C16A0D0F8268
Authority key identifier: B0:34:02:51:F1:82:63:47:F4:E9:64:5F:68:24:D3:B9:3F:47:E5:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sDQCUfGCY0f06WRfaCTTuT9H5d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/f5210d-0590-43a3-9eed-6a83563b655b/1/qnmut6Dy6aF93D0fwiCZm5BbvWU.roa
Signing time: Mon 18 Sep 2023 14:27:50 +0000
ROA not before: Mon 18 Sep 2023 14:27:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203930
IP address blocks: 89.207.152.0/24 maxlen: 24
2a13:5b00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:b0:be:c7:62:03:e8:25:4b:89:c1:6a:0d:0f:82:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0340251f1826347f4e9645f6824d3b93f47e5de
Validity
Not Before: Sep 18 14:27:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa79aeb7a0f2e9a17ddc3d1fc220999b905bbd65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:15:0f:4c:db:53:2a:4c:4c:74:9f:22:ed:c5:
1e:18:e9:b4:b0:6d:89:5a:38:59:70:61:d0:e9:b7:
ce:17:db:d0:37:8e:04:88:4b:5b:86:88:72:1c:b0:
73:00:8a:2a:07:81:af:e6:6c:41:4a:37:12:3a:19:
d4:5c:88:3f:26:03:91:cc:bb:60:37:09:94:b5:8e:
32:b4:21:d1:0c:78:b2:fb:66:1e:4e:1a:63:53:6a:
c3:80:db:01:08:14:c6:4c:99:82:9e:29:2b:b8:50:
f5:ea:4a:77:be:fb:5a:2c:3f:3d:17:ab:9b:45:b4:
f8:5b:15:bb:3e:20:a4:69:a3:e2:06:e0:9a:94:6a:
a9:49:1d:e8:f4:57:65:b4:b0:31:42:6c:c0:ea:7c:
65:08:aa:0e:f5:9c:bc:78:34:03:e6:3b:da:b2:22:
03:69:0f:b0:9c:13:f8:c9:59:b4:d5:c7:69:6e:00:
21:9e:9b:91:8c:c4:56:e5:96:06:44:9b:b9:2e:78:
86:c6:3a:e2:e8:ea:2e:45:14:61:0f:9e:57:c2:80:
69:c7:24:ac:ab:4c:09:3f:cb:46:79:29:f8:f4:c9:
30:e1:75:2d:12:a7:32:d3:57:5c:a7:12:a9:c0:ca:
7f:78:1b:9e:90:1b:88:c9:ec:56:1e:86:d6:86:70:
da:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:79:AE:B7:A0:F2:E9:A1:7D:DC:3D:1F:C2:20:99:9B:90:5B:BD:65
X509v3 Authority Key Identifier:
keyid:B0:34:02:51:F1:82:63:47:F4:E9:64:5F:68:24:D3:B9:3F:47:E5:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDQCUfGCY0f06WRfaCTTuT9H5d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f5210d-0590-43a3-9eed-6a83563b655b/1/qnmut6Dy6aF93D0fwiCZm5BbvWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f5210d-0590-43a3-9eed-6a83563b655b/1/sDQCUfGCY0f06WRfaCTTuT9H5d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.152.0/24
IPv6:
2a13:5b00::/32
Signature Algorithm: sha256WithRSAEncryption
1f:cc:68:59:6f:bd:fd:ec:e0:54:57:b4:62:97:ee:a6:a7:f5:
cb:0a:f3:1c:d7:6a:a4:80:49:98:65:a3:93:b4:84:ee:2a:c6:
5a:00:a7:d0:e8:e3:77:01:15:c8:c6:54:fb:35:45:33:a4:4c:
3c:29:97:e7:35:d3:72:f0:54:ef:29:31:a8:64:24:5a:0b:9d:
dd:8d:a2:49:34:b7:dc:78:20:85:df:5f:b6:e2:88:6e:06:04:
c9:c6:af:87:59:bb:ba:77:69:bd:42:8f:58:77:9d:07:26:6e:
45:cc:70:bb:b8:29:04:20:c1:ee:ca:0e:d2:2f:cf:c9:cc:18:
10:86:8e:03:93:76:da:0a:0b:d2:c2:34:59:11:a5:36:cd:4c:
dd:27:61:1f:32:b0:e8:97:9a:b5:7a:0e:89:b4:6d:c6:f3:6c:
bb:f3:c1:82:e5:4f:9e:3d:d2:2c:98:f7:de:bb:3a:57:06:cb:
7e:41:89:07:56:fe:7c:51:d4:a3:dd:35:96:9c:8d:20:4b:09:
7b:75:89:ea:51:70:9c:d5:46:0c:7f:50:a8:63:26:d2:73:a8:
6d:18:51:7f:9a:2f:c1:29:1f:fb:f5:ae:36:75:2a:de:26:60:
86:82:e8:6e:01:39:d8:a2:e0:65:d2:20:d4:72:8f:03:e3:2b:
07:8d:a7:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYqosL7HYgPoJUuJwWoND4JoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMzQwMjUxZjE4MjYzNDdmNGU5NjQ1ZjY4MjRkM2I5M2Y0
N2U1ZGUwHhcNMjMwOTE4MTQyNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTc5YWViN2EwZjJlOWExN2RkYzNkMWZjMjIwOTk5YjkwNWJiZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBUPTNtTKkxMdJ8i7cUeGOm0sG2J
WjhZcGHQ6bfOF9vQN44EiEtbhohyHLBzAIoqB4Gv5mxBSjcSOhnUXIg/JgORzLtg
NwmUtY4ytCHRDHiy+2YeThpjU2rDgNsBCBTGTJmCnikruFD16kp3vvtaLD89F6ub
RbT4WxW7PiCkaaPiBuCalGqpSR3o9FdltLAxQmzA6nxlCKoO9Zy8eDQD5jvasiID
aQ+wnBP4yVm01cdpbgAhnpuRjMRW5ZYGRJu5LniGxjri6OouRRRhD55XwoBpxySs
q0wJP8tGeSn49Mkw4XUtEqcy01dcpxKpwMp/eBuekBuIyexWHobWhnDaHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKp5rreg8umhfdw9H8IgmZuQW71lMB8GA1UdIwQY
MBaAFLA0AlHxgmNH9OlkX2gk07k/R+XeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0RRQ1VmR0NZMGYwNldSZmFDVFR1VDlINWQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mNTIxMGQtMDU5MC00M2EzLTllZWQt
NmE4MzU2M2I2NTViLzEvcW5tdXQ2RHk2YUY5M0QwZndpQ1ptNUJidldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mNTIxMGQtMDU5MC00M2EzLTllZWQtNmE4MzU2M2I2NTVi
LzEvc0RRQ1VmR0NZMGYwNldSZmFDVFR1VDlINWQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWc+YMA0E
AgACMAcDBQAqE1sAMA0GCSqGSIb3DQEBCwUAA4IBAQAfzGhZb7397OBUV7Ril+6m
p/XLCvMc12qkgEmYZaOTtITuKsZaAKfQ6ON3ARXIxlT7NUUzpEw8KZfnNdNy8FTv
KTGoZCRaC53djaJJNLfceCCF31+24ohuBgTJxq+HWbu6d2m9Qo9Yd50HJm5FzHC7
uCkEIMHuyg7SL8/JzBgQho4Dk3baCgvSwjRZEaU2zUzdJ2EfMrDol5q1eg6JtG3G
82y788GC5U+ePdIsmPfeuzpXBst+QYkHVv58UdSj3TWWnI0gSwl7dYnqUXCc1UYM
f1CoYybSc6htGFF/mi/BKR/79a42dSreJmCGguhuATnYouBl0iDUco8D4ysHjadg
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:04 2024 by rpki-client on console-fra.rpki-client.org