Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/QORJFsmxWYaNUA2sBcfi2MySGKA.roa
File: QORJFsmxWYaNUA2sBcfi2MySGKA.roa (raw, json)
Hash identifier: pShVD5s7k4lfn/YR4t5uwBiEpJ8wPbbevN43jlKEofg=
Subject key identifier: 40:E4:49:16:C9:B1:59:86:8D:50:0D:AC:05:C7:E2:D8:CC:92:18:A0
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A3C8E65E7CB966927B8B54091549AFA8A
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/QORJFsmxWYaNUA2sBcfi2MySGKA.roa
Signing time: Mon 28 Aug 2023 14:31:19 +0000
ROA not before: Mon 28 Aug 2023 14:31:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 109.166.38.0/24 maxlen: 24
109.166.37.0/24 maxlen: 24
109.166.36.0/24 maxlen: 24
151.248.68.0/24 maxlen: 24
151.248.69.0/24 maxlen: 24
91.232.185.0/24 maxlen: 24
91.233.192.0/24 maxlen: 24
91.219.17.0/24 maxlen: 24
91.219.18.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:8e:65:e7:cb:96:69:27:b8:b5:40:91:54:9a:fa:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 28 14:31:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e44916c9b159868d500dac05c7e2d8cc9218a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9c:cd:81:d7:cf:60:96:c9:c0:9a:98:59:30:
44:33:d4:fa:d3:f1:f6:5d:a1:9f:14:a3:fe:92:7b:
0d:08:97:99:b3:6a:81:14:25:1a:9a:b2:e0:a8:02:
a4:d9:9b:5f:34:77:ab:b9:8e:3d:81:de:d2:c1:3d:
15:7d:46:99:99:37:9d:d2:b0:5d:82:fb:b3:06:70:
67:95:bb:44:68:c7:4e:9b:42:66:5c:8d:70:3a:d6:
00:f3:db:8e:14:cd:fc:fc:cb:96:4b:3a:75:9e:c4:
30:e8:2a:a5:5f:49:ed:7d:d9:f7:34:dd:23:6b:9c:
ac:93:54:d4:27:57:2d:1e:5d:41:43:d9:60:c2:0c:
15:45:78:5b:bf:cd:ba:7b:86:74:62:13:fd:b2:6f:
0e:03:c1:cb:e3:03:5c:b0:0b:05:c4:29:59:9f:d7:
ff:db:ad:54:ae:57:13:7f:da:60:bd:40:9b:2f:7c:
e5:4a:00:4d:b5:1e:68:32:de:49:3c:6f:82:a9:74:
89:2b:1b:2e:09:3f:a5:24:66:22:63:d9:c0:f3:53:
9d:5a:57:d6:0a:36:c5:e1:73:b7:f5:f5:12:7e:96:
01:16:e7:a4:79:bf:18:b1:78:58:20:bf:68:1c:5c:
a6:82:75:37:49:68:41:23:6f:ac:f1:b0:9d:fd:02:
51:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E4:49:16:C9:B1:59:86:8D:50:0D:AC:05:C7:E2:D8:CC:92:18:A0
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/QORJFsmxWYaNUA2sBcfi2MySGKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.17.0-91.219.19.255
91.232.185.0/24
91.233.192.0/24
109.166.36.0-109.166.38.255
151.248.68.0/23
Signature Algorithm: sha256WithRSAEncryption
45:d9:00:ff:ea:57:b8:74:05:1b:d0:ee:91:78:a5:df:07:6a:
de:d3:a3:ae:1f:dd:ce:49:c1:df:a2:00:52:60:99:d2:da:d6:
bf:e3:d0:45:d4:f7:14:f5:1c:4c:61:ea:c1:bb:e2:f5:a5:11:
3c:19:2d:02:f1:b5:76:ac:0b:55:51:23:77:55:9c:c8:d4:e5:
9a:c5:83:bc:94:46:a9:2b:27:1d:e7:a6:60:90:a5:ca:97:06:
ee:ea:43:ab:e4:cc:64:a3:42:82:9e:04:34:6f:af:2a:b5:5f:
72:12:28:3f:f7:36:ac:5e:a5:23:76:71:72:5e:e6:2f:d2:6f:
2a:4b:c9:cd:ae:b1:b2:23:c1:65:f8:8c:1c:09:41:33:d8:57:
a0:72:d4:30:66:e2:9f:ab:9c:50:f1:fc:51:cc:aa:35:b2:fc:
79:b2:9e:e0:e0:d8:6e:bb:c8:3e:09:75:c3:06:7b:1c:08:29:
f7:0b:46:d6:36:ec:ac:d9:8f:9b:d0:08:51:8c:f7:be:4d:3a:
9f:78:1b:b1:33:e9:10:77:68:91:53:02:7a:cb:fb:e2:12:aa:
3b:e0:6d:ee:b7:5e:0c:5e:58:0c:a2:c7:28:fc:05:6d:a1:b0:
a5:ec:98:d1:c1:5f:77:cb:9c:9a:99:f5:0b:b9:a7:0c:71:68:
5b:ad:f3:fe
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYo8jmXny5ZpJ7i1QJFUmvqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQzMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU0NDkxNmM5YjE1OTg2OGQ1MDBkYWMwNWM3ZTJkOGNjOTIxOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopzNgdfPYJbJwJqYWTBEM9T60/H2
XaGfFKP+knsNCJeZs2qBFCUamrLgqAKk2ZtfNHeruY49gd7SwT0VfUaZmTed0rBd
gvuzBnBnlbtEaMdOm0JmXI1wOtYA89uOFM38/MuWSzp1nsQw6CqlX0ntfdn3NN0j
a5ysk1TUJ1ctHl1BQ9lgwgwVRXhbv826e4Z0YhP9sm8OA8HL4wNcsAsFxClZn9f/
261UrlcTf9pgvUCbL3zlSgBNtR5oMt5JPG+CqXSJKxsuCT+lJGYiY9nA81OdWlfW
CjbF4XO39fUSfpYBFuekeb8YsXhYIL9oHFymgnU3SWhBI2+s8bCd/QJRtwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEDkSRbJsVmGjVANrAXH4tjMkhigMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvUU9SSkZzbXhXWWFOVUEyc0JjZmkyTXlTR0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBABb2xED
BAJb2xADBABb6LkDBABb6cAwDAMEAm2mJAMEAG2mJgMEAZf4RDANBgkqhkiG9w0B
AQsFAAOCAQEARdkA/+pXuHQFG9DukXil3wdq3tOjrh/dzknB36IAUmCZ0trWv+PQ
RdT3FPUcTGHqwbvi9aURPBktAvG1dqwLVVEjd1WcyNTlmsWDvJRGqSsnHeemYJCl
ypcG7upDq+TMZKNCgp4ENG+vKrVfchIoP/c2rF6lI3Zxcl7mL9JvKkvJza6xsiPB
ZfiMHAlBM9hXoHLUMGbin6ucUPH8UcyqNbL8ebKe4ODYbrvIPgl1wwZ7HAgp9wtG
1jbsrNmPm9AIUYz3vk06n3gbsTPpEHdokVMCesv74hKqO+Bt7rdeDF5YDKLHKPwF
baGwpeyY0cFfd8ucmpn1C7mnDHFoW63z/g==
-----END CERTIFICATE-----
Generated at Mon Aug 28 15:22:10 2023 by rpki-client on console-fra.rpki-client.org