Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/QpgFlw0-DKUIva8O3uhtPm_FUZk.roa
File: QpgFlw0-DKUIva8O3uhtPm_FUZk.roa (raw, json)
Hash identifier: gh+lxhuX/59ZD/WA2cuSIw4CdW0ygArUittC+V8f6OM=
Subject key identifier: 42:98:05:97:0D:3E:0C:A5:08:BD:AF:0E:DE:E8:6D:3E:6F:C5:51:99
Certificate issuer: /CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Certificate serial: 018CEDB880D3ABC99D38A7BB5EF44C007DDB
Authority key identifier: A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/QpgFlw0-DKUIva8O3uhtPm_FUZk.roa
Signing time: Tue 09 Jan 2024 10:15:40 +0000
ROA not before: Tue 09 Jan 2024 10:15:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198213
IP address blocks: 109.202.121.0/24 maxlen: 24
109.202.120.0/24 maxlen: 24
109.202.122.0/24 maxlen: 24
109.202.124.0/24 maxlen: 24
109.202.123.0/24 maxlen: 24
109.202.125.0/24 maxlen: 24
109.202.127.0/24 maxlen: 24
109.202.126.0/24 maxlen: 24
2a03:e180::/32 maxlen: 32
2a03:e181::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Sep 2024 20:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:b8:80:d3:ab:c9:9d:38:a7:bb:5e:f4:4c:00:7d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Validity
Not Before: Jan 9 10:15:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=429805970d3e0ca508bdaf0edee86d3e6fc55199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cf:7f:66:66:57:06:c6:5d:a6:b4:07:ed:b0:
bf:ca:19:8b:61:0d:50:0a:53:9d:98:57:9d:8b:a9:
8c:57:19:5d:a4:62:c6:2e:55:31:79:e2:44:5a:47:
ad:b9:95:19:d1:54:b3:65:21:27:04:86:84:fa:44:
8d:d5:e5:4d:9d:1b:86:18:cc:d9:21:b1:d8:73:57:
60:72:89:3a:a5:b9:1d:02:31:bf:ed:24:c2:6d:43:
ab:f9:ac:5b:6c:6c:ac:91:cb:e9:af:33:db:e3:56:
b9:ae:d6:2c:b4:78:bc:aa:38:2e:83:ea:85:34:a9:
a7:ed:f6:f8:0a:b9:f5:1c:d7:68:7c:c9:be:8f:11:
f7:e0:f7:33:91:b6:20:30:0b:55:a5:74:e7:00:11:
93:50:1e:32:98:a9:77:9f:98:1c:07:2a:43:3e:13:
45:fa:2f:70:da:42:57:e4:cf:f0:3a:14:f1:c8:29:
f3:bf:b0:ae:8a:ac:8e:0e:8a:cd:de:67:67:97:25:
ed:d3:45:6c:16:50:42:f7:32:50:ab:53:57:da:42:
26:4c:ae:bc:aa:a4:18:aa:8d:ec:fd:52:02:9a:8c:
9c:3d:2a:2a:9d:5a:28:55:d5:6d:11:06:04:6b:83:
4d:19:a4:de:0d:ad:11:4c:9e:28:e6:bd:8e:b7:81:
06:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:98:05:97:0D:3E:0C:A5:08:BD:AF:0E:DE:E8:6D:3E:6F:C5:51:99
X509v3 Authority Key Identifier:
keyid:A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/QpgFlw0-DKUIva8O3uhtPm_FUZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.120.0/21
IPv6:
2a03:e180::/31
Signature Algorithm: sha256WithRSAEncryption
2d:c3:de:b0:ce:c6:7d:8f:ef:5e:b9:f8:7e:6c:cc:ef:e1:ac:
60:89:fd:d3:fd:a3:0f:50:ba:5f:b7:07:e8:78:67:d5:78:2e:
02:14:04:ae:c0:d2:8d:4e:77:3a:c9:05:16:35:69:71:8c:8c:
88:13:b5:28:96:29:f5:04:ce:a4:c1:76:6a:3d:db:56:7f:c8:
58:3e:88:6f:19:d8:2d:56:61:f0:22:12:56:1f:8f:9b:22:28:
26:97:10:96:9b:60:72:d4:ba:ee:1d:21:9d:a4:98:e8:02:c5:
46:6d:f0:ab:51:75:f2:a6:ee:9e:cd:44:40:c5:90:99:f9:61:
20:ea:aa:3f:77:d4:87:bf:61:cc:96:af:56:cc:47:44:fb:d2:
f4:64:de:82:8f:03:e2:b4:22:b9:6b:4e:e9:23:49:30:6a:48:
35:8e:96:72:00:95:a6:54:55:4e:15:20:ee:ed:4a:61:87:d6:
9d:49:38:c0:cc:19:e6:c1:5c:96:0e:ee:8e:63:17:f6:48:52:
d1:f4:37:b9:cc:97:42:70:09:70:2b:77:38:58:67:95:d5:a2:
2a:70:65:30:8a:f4:96:19:fb:56:a8:64:15:11:68:ee:fb:8a:
fd:a4:ce:80:e9:2f:f0:45:bc:bf:2e:f5:2e:25:1e:c1:6e:4f:
2c:f5:f9:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYztuIDTq8mdOKe7XvRMAH3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2Y3MDhjMzRhNWU3MWRhZjNkMmU1NGI5OWFiNzRmMDY5
ZWY4MGIwHhcNMjQwMTA5MTAxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk4MDU5NzBkM2UwY2E1MDhiZGFmMGVkZWU4NmQzZTZmYzU1MTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAns9/ZmZXBsZdprQH7bC/yhmLYQ1Q
ClOdmFedi6mMVxldpGLGLlUxeeJEWketuZUZ0VSzZSEnBIaE+kSN1eVNnRuGGMzZ
IbHYc1dgcok6pbkdAjG/7STCbUOr+axbbGyskcvprzPb41a5rtYstHi8qjgug+qF
NKmn7fb4Crn1HNdofMm+jxH34PczkbYgMAtVpXTnABGTUB4ymKl3n5gcBypDPhNF
+i9w2kJX5M/wOhTxyCnzv7CuiqyODorN3mdnlyXt00VsFlBC9zJQq1NX2kImTK68
qqQYqo3s/VICmoycPSoqnVooVdVtEQYEa4NNGaTeDa0RTJ4o5r2Ot4EGdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEKYBZcNPgylCL2vDt7obT5vxVGZMB8GA1UdIwQY
MBaAFKR/cIw0pecdrz0uVLmat08GnvgLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMt
NmIyN2ZmMjI1N2M2LzEvUXBnRmx3MC1ES1VJdmE4TzN1aHRQbV9GVVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMtNmIyN2ZmMjI1N2M2
LzEvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbcp4MA0E
AgACMAcDBQEqA+GAMA0GCSqGSIb3DQEBCwUAA4IBAQAtw96wzsZ9j+9eufh+bMzv
4axgif3T/aMPULpftwfoeGfVeC4CFASuwNKNTnc6yQUWNWlxjIyIE7Uolin1BM6k
wXZqPdtWf8hYPohvGdgtVmHwIhJWH4+bIigmlxCWm2By1LruHSGdpJjoAsVGbfCr
UXXypu6ezURAxZCZ+WEg6qo/d9SHv2HMlq9WzEdE+9L0ZN6CjwPitCK5a07pI0kw
akg1jpZyAJWmVFVOFSDu7Uphh9adSTjAzBnmwVyWDu6OYxf2SFLR9De5zJdCcAlw
K3c4WGeV1aIqcGUwivSWGftWqGQVEWju+4r9pM6A6S/wRby/LvUuJR7Bbk8s9fmH
-----END CERTIFICATE-----
Generated at Tue Sep 17 22:38:11 2024 by rpki-client on console-ams.rpki-client.org