Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/qmLWjN9a3YdQ0_bYQDDRrSqXHpk.roa
File: qmLWjN9a3YdQ0_bYQDDRrSqXHpk.roa (raw, json)
Hash identifier: CwNaNNuw7nP6SEKZRXy2vlvuIvHGDDV2SpHFcOhe8Yw=
Subject key identifier: AA:62:D6:8C:DF:5A:DD:87:50:D3:F6:D8:40:30:D1:AD:2A:97:1E:99
Certificate issuer: /CN=65179265803b7804d0fccf5962a8b163743e0d1e
Certificate serial: 018CC42534828FA29DCA56596C0504C39B33
Authority key identifier: 65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/qmLWjN9a3YdQ0_bYQDDRrSqXHpk.roa
Signing time: Mon 01 Jan 2024 08:30:21 +0000
ROA not before: Mon 01 Jan 2024 08:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 160.214.96.0/24 maxlen: 24
160.214.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 11:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:34:82:8f:a2:9d:ca:56:59:6c:05:04:c3:9b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65179265803b7804d0fccf5962a8b163743e0d1e
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa62d68cdf5add8750d3f6d84030d1ad2a971e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6e:bc:99:3d:0a:c3:a7:79:94:c3:de:a6:df:
03:bd:a2:4f:c8:03:a8:59:b0:5f:eb:72:c8:da:f7:
77:0e:59:ab:84:a8:a8:58:66:b7:0c:60:fb:2a:ef:
08:19:18:fd:00:bc:69:9a:0e:24:64:33:cc:8a:0a:
3a:a5:fd:0f:f7:a3:8e:cc:dd:97:c1:38:ee:05:88:
36:8a:55:0c:16:78:32:30:62:e8:73:bb:88:5c:89:
fd:7c:23:2d:b7:7c:d8:f1:4d:45:81:9a:a7:d3:1b:
a0:3e:39:36:9a:36:49:05:16:ba:3f:58:b8:68:8c:
92:f4:2e:33:a8:34:62:32:ec:17:b2:21:ce:2f:25:
7d:2d:90:bc:51:3e:3f:ca:1b:08:3f:44:e5:52:c0:
ef:ce:b0:73:e1:38:00:ef:9b:ef:4e:da:0f:da:23:
b7:87:11:55:97:e3:b4:0d:eb:0c:51:c8:bb:6a:fe:
b4:a3:6f:f5:cf:cd:63:a2:3f:4c:b9:31:03:e4:15:
61:61:91:79:f0:f4:e9:4b:8d:a3:ec:1b:0a:9c:1a:
42:1b:89:7a:40:61:66:e7:47:11:3f:1a:a2:85:6d:
5f:1f:51:19:9a:74:8d:9d:9e:02:8e:20:7b:b4:e5:
62:86:7a:06:81:8e:f1:3c:39:65:08:a8:08:a6:d4:
72:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:62:D6:8C:DF:5A:DD:87:50:D3:F6:D8:40:30:D1:AD:2A:97:1E:99
X509v3 Authority Key Identifier:
keyid:65:17:92:65:80:3B:78:04:D0:FC:CF:59:62:A8:B1:63:74:3E:0D:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/qmLWjN9a3YdQ0_bYQDDRrSqXHpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/dbe865-6c06-4d9a-8db1-f7bb6d9a3be8/1/ZReSZYA7eATQ_M9ZYqixY3Q-DR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.214.96.0/24
160.214.108.0/24
Signature Algorithm: sha256WithRSAEncryption
07:e0:47:61:8d:4f:ed:6f:b2:36:d6:7d:de:90:26:61:eb:1c:
17:0a:a2:7f:19:95:04:49:93:32:a0:45:7d:e9:ff:c2:a6:81:
a8:ed:e6:72:8e:b8:03:c8:c6:9e:8c:63:f9:9f:36:e5:74:bf:
51:48:cf:48:08:c0:bd:1f:a9:cb:7e:2e:3f:71:f9:71:0f:1f:
b0:e6:e7:5a:25:40:1b:6a:4f:a0:ab:58:2f:2e:cf:1d:f5:8e:
d5:66:a3:0d:69:da:fc:4b:3f:c1:37:8e:06:97:d5:7f:d2:d9:
5e:27:c0:5e:8a:29:32:ef:9d:8c:7b:44:28:93:b7:3b:40:cc:
5d:31:4b:67:b3:03:13:1d:fc:3f:28:3c:98:43:af:d9:e4:06:
dc:35:40:1c:14:4a:44:4a:ff:5e:5e:1e:53:a9:e0:d1:30:49:
5f:30:1e:68:85:a9:91:15:22:93:9f:9b:43:41:3d:d0:44:ff:
ae:a9:92:7a:c5:57:ad:d2:39:0c:e2:24:c3:d2:69:c4:ae:fa:
ce:4b:88:39:38:e3:e2:1b:b1:76:d5:86:fd:31:31:ba:f3:49:
64:e6:fe:77:a7:ba:f9:aa:a4:d0:93:37:1d:72:3b:98:dd:85:
df:74:bb:5e:9c:a3:30:eb:88:6c:d1:c6:db:27:67:59:23:81:
2b:02:61:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJTSCj6KdylZZbAUEw5szMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTc5MjY1ODAzYjc4MDRkMGZjY2Y1OTYyYThiMTYzNzQz
ZTBkMWUwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTYyZDY4Y2RmNWFkZDg3NTBkM2Y2ZDg0MDMwZDFhZDJhOTcxZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm68mT0Kw6d5lMPept8DvaJPyAOo
WbBf63LI2vd3DlmrhKioWGa3DGD7Ku8IGRj9ALxpmg4kZDPMigo6pf0P96OOzN2X
wTjuBYg2ilUMFngyMGLoc7uIXIn9fCMtt3zY8U1FgZqn0xugPjk2mjZJBRa6P1i4
aIyS9C4zqDRiMuwXsiHOLyV9LZC8UT4/yhsIP0TlUsDvzrBz4TgA75vvTtoP2iO3
hxFVl+O0DesMUci7av60o2/1z81joj9MuTED5BVhYZF58PTpS42j7BsKnBpCG4l6
QGFm50cRPxqihW1fH1EZmnSNnZ4CjiB7tOVihnoGgY7xPDllCKgIptRysQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKpi1ozfWt2HUNP22EAw0a0qlx6ZMB8GA1UdIwQY
MBaAFGUXkmWAO3gE0PzPWWKosWN0Pg0eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEt
ZjdiYjZkOWEzYmU4LzEvcW1MV2pOOWEzWWRRMF9iWVFERFJyU3FYSHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kYmU4NjUtNmMwNi00ZDlhLThkYjEtZjdiYjZkOWEzYmU4
LzEvWlJlU1pZQTdlQVRRX005WllxaXhZM1EtRFI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAoNZgAwQA
oNZsMA0GCSqGSIb3DQEBCwUAA4IBAQAH4EdhjU/tb7I21n3ekCZh6xwXCqJ/GZUE
SZMyoEV96f/CpoGo7eZyjrgDyMaejGP5nzbldL9RSM9ICMC9H6nLfi4/cflxDx+w
5udaJUAbak+gq1gvLs8d9Y7VZqMNadr8Sz/BN44Gl9V/0tleJ8Beiiky752Me0Qo
k7c7QMxdMUtnswMTHfw/KDyYQ6/Z5AbcNUAcFEpESv9eXh5TqeDRMElfMB5ohamR
FSKTn5tDQT3QRP+uqZJ6xVet0jkM4iTD0mnErvrOS4g5OOPiG7F21Yb9MTG680lk
5v53p7r5qqTQkzcdcjuY3YXfdLtenKMw64hs0cbbJ2dZI4ErAmE9
-----END CERTIFICATE-----
Generated at Fri Jan 19 15:23:00 2024 by rpki-client on console-fra.rpki-client.org