Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/QtLsF4iOt-QsGSJO-h8KQLfBbd4.roa
File: QtLsF4iOt-QsGSJO-h8KQLfBbd4.roa (raw, json)
Hash identifier: roVfVa4l87E9LsZfMHO25cHnOKH5g3Edn7TkBx+fOv8=
Subject key identifier: 42:D2:EC:17:88:8E:B7:E4:2C:19:22:4E:FA:1F:0A:40:B7:C1:6D:DE
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A4C1F7533CABA889C6D9806C5BCBFAF1C
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/QtLsF4iOt-QsGSJO-h8KQLfBbd4.roa
Signing time: Thu 31 Aug 2023 15:04:04 +0000
ROA not before: Thu 31 Aug 2023 15:04:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56887
IP address blocks: 31.131.44.0/23 maxlen: 24
176.124.72.0/22 maxlen: 22
176.124.76.0/22 maxlen: 22
176.113.108.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:1f:75:33:ca:ba:88:9c:6d:98:06:c5:bc:bf:af:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 31 15:04:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42d2ec17888eb7e42c19224efa1f0a40b7c16dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d3:98:ab:a9:9d:fa:43:d0:fb:9a:9e:ff:28:
6d:bd:08:95:81:60:7c:8b:ef:c0:fe:a1:5b:49:42:
67:5e:19:fb:42:c1:0c:84:44:4d:ed:e9:d6:c7:0a:
20:0f:80:d6:09:47:d4:03:b0:e5:f0:d0:79:40:9a:
41:2b:61:e5:7f:62:61:03:31:e0:93:0e:68:8d:a8:
31:c7:d7:d5:55:8d:90:c6:24:92:db:a6:4d:0f:f8:
28:d7:82:13:da:1d:c6:4f:2c:f4:d4:07:ec:e4:e9:
01:c9:a6:39:c2:98:58:68:e7:c2:96:0c:be:f6:ea:
95:4e:a2:5a:3c:cc:01:4f:40:9f:58:1c:ad:af:4e:
85:8f:b9:9e:8a:cc:e9:eb:f6:6d:32:48:d2:7d:cd:
5a:fc:cf:79:48:fc:40:4e:45:b7:e1:67:a0:87:14:
00:92:51:79:73:9c:16:f8:93:ab:6b:5e:ef:6e:3f:
72:47:9c:71:9f:a1:80:d6:b1:f4:f4:a7:f1:ef:77:
94:46:e4:93:a9:f9:71:e5:99:06:85:34:ce:e4:45:
00:84:16:67:69:81:76:61:a1:83:23:29:f3:2b:5b:
3a:27:6a:c0:a5:fc:0d:ed:8d:07:b6:85:7a:52:50:
b1:31:ec:ca:81:37:4b:c0:20:46:01:fb:f3:6e:35:
56:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D2:EC:17:88:8E:B7:E4:2C:19:22:4E:FA:1F:0A:40:B7:C1:6D:DE
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/QtLsF4iOt-QsGSJO-h8KQLfBbd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.44.0/23
176.113.108.0/22
176.124.72.0/21
Signature Algorithm: sha256WithRSAEncryption
7e:d7:e8:26:55:53:1b:7c:f1:3f:d2:8a:9b:c0:ea:46:71:f3:
03:b4:d5:21:c4:cb:b5:80:2c:f4:aa:d3:f8:56:e3:51:70:55:
e5:70:7e:c2:04:16:de:82:fe:bf:c0:64:01:9a:7f:5a:7f:30:
22:24:bc:c3:e0:8c:30:66:09:35:47:a7:d1:7b:09:40:3b:be:
a7:a0:60:b0:d0:48:6b:41:35:3c:27:20:1b:22:6f:1b:4b:fc:
cd:09:ca:24:63:62:a9:fc:d0:29:d4:af:dc:29:21:dd:63:dd:
55:a8:cf:38:c3:e8:6f:af:5b:f7:0f:1b:3f:08:01:59:50:d5:
1b:f9:48:c0:5f:4f:79:ab:7b:b7:63:8d:c6:88:73:2d:c1:b4:
89:71:8b:59:26:a4:e2:41:64:49:0e:4b:b0:2c:d5:a1:79:90:
28:64:62:6c:ac:c7:bd:54:d7:a0:59:d5:13:6f:14:f9:f9:03:
96:e6:8d:82:d4:ed:22:24:e1:bc:d8:c2:b3:51:6c:62:0c:8e:
65:23:9c:08:50:b8:e9:a6:6b:1a:c6:29:67:18:23:b3:99:b5:
ad:83:a8:08:6a:4a:c6:e7:69:95:dd:89:cd:59:af:22:ae:bc:
0d:d4:ed:a9:65:c6:a1:f4:76:f3:a7:84:8c:e6:38:4e:cb:5f:
8b:e6:91:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpMH3UzyrqInG2YBsW8v68cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODMxMTUwNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQyZWMxNzg4OGViN2U0MmMxOTIyNGVmYTFmMGE0MGI3YzE2ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNOYq6md+kPQ+5qe/yhtvQiVgWB8
i+/A/qFbSUJnXhn7QsEMhERN7enWxwogD4DWCUfUA7Dl8NB5QJpBK2Hlf2JhAzHg
kw5ojagxx9fVVY2QxiSS26ZND/go14IT2h3GTyz01Afs5OkByaY5wphYaOfClgy+
9uqVTqJaPMwBT0CfWBytr06Fj7meiszp6/ZtMkjSfc1a/M95SPxATkW34WeghxQA
klF5c5wW+JOra17vbj9yR5xxn6GA1rH09Kfx73eURuSTqflx5ZkGhTTO5EUAhBZn
aYF2YaGDIynzK1s6J2rApfwN7Y0HtoV6UlCxMezKgTdLwCBGAfvzbjVW5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFELS7BeIjrfkLBkiTvofCkC3wW3eMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvUXRMc0Y0aU90LVFzR1NKTy1oOEtRTGZCYmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH4MsAwQC
sHFsAwQDsHxIMA0GCSqGSIb3DQEBCwUAA4IBAQB+1+gmVVMbfPE/0oqbwOpGcfMD
tNUhxMu1gCz0qtP4VuNRcFXlcH7CBBbegv6/wGQBmn9afzAiJLzD4IwwZgk1R6fR
ewlAO76noGCw0EhrQTU8JyAbIm8bS/zNCcokY2Kp/NAp1K/cKSHdY91VqM84w+hv
r1v3Dxs/CAFZUNUb+UjAX095q3u3Y43GiHMtwbSJcYtZJqTiQWRJDkuwLNWheZAo
ZGJsrMe9VNegWdUTbxT5+QOW5o2C1O0iJOG82MKzUWxiDI5lI5wIULjppmsaxiln
GCOzmbWtg6gIakrG52mV3YnNWa8irrwN1O2pZcah9Hbzp4SM5jhOy1+L5pGR
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:06 2024 by rpki-client on console-ams.rpki-client.org