Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/345c9b-7b4a-4b21-9b00-4d301684c3bc/1/QFj6Kqo2X0rRwnS_roo3MIrjP2c.roa
File: QFj6Kqo2X0rRwnS_roo3MIrjP2c.roa (raw, json)
Hash identifier: BAXw8oVcSKf2Qlg7ZnxMNelyNpj67szvI2E2cA0rCdc=
Subject key identifier: 40:58:FA:2A:AA:36:5F:4A:D1:C2:74:BF:AE:8A:37:30:8A:E3:3F:67
Certificate issuer: /CN=a76abda90346d0cad25dca6f7450bccf8d08e771
Certificate serial: 01856ED4BD20685B7267C398AD89879BC41C
Authority key identifier: A7:6A:BD:A9:03:46:D0:CA:D2:5D:CA:6F:74:50:BC:CF:8D:08:E7:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2q9qQNG0MrSXcpvdFC8z40I53E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/345c9b-7b4a-4b21-9b00-4d301684c3bc/1/QFj6Kqo2X0rRwnS_roo3MIrjP2c.roa
Signing time: Sun 01 Jan 2023 19:35:13 +0000
ROA not before: Sun 01 Jan 2023 19:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.227.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:bd:20:68:5b:72:67:c3:98:ad:89:87:9b:c4:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76abda90346d0cad25dca6f7450bccf8d08e771
Validity
Not Before: Jan 1 19:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4058fa2aaa365f4ad1c274bfae8a37308ae33f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:91:e5:3f:c1:3f:f7:d4:55:fd:8d:02:41:bf:
73:7b:44:31:c0:6b:f7:f6:49:6f:8d:5c:e4:a2:38:
75:03:aa:4a:8a:38:d9:82:10:b0:09:a8:04:87:e0:
28:f8:a9:86:4f:79:57:37:4f:fd:7c:80:5a:61:d9:
6f:82:6d:d6:b5:fb:c4:ed:56:70:dc:1d:29:54:09:
a9:cd:4f:5d:76:4d:ae:08:df:32:99:79:e1:ad:b8:
8b:31:98:74:2c:7c:70:ce:77:13:dd:22:ec:88:e6:
46:44:f0:78:68:eb:d0:fd:6d:d8:2d:1b:a8:b2:27:
f6:d4:32:c0:a2:2d:e5:5a:1c:cc:ad:8a:73:84:56:
f4:b1:32:f9:01:d0:35:6a:f4:90:2e:f0:10:d7:6c:
30:16:3b:08:04:f5:1a:81:a2:4d:18:cd:e8:3f:cf:
18:75:94:97:34:f9:19:b8:fa:b2:63:b2:d9:59:be:
2a:30:cf:d0:ad:47:b8:ca:26:bf:c6:58:b1:8a:49:
44:33:db:be:e1:11:39:8a:6c:5b:de:7e:45:36:3c:
21:1e:ee:5e:74:ed:f3:97:39:e5:d8:b3:b7:fa:03:
5e:97:55:6d:7e:dc:a8:c1:45:85:e4:52:1e:76:b9:
1a:05:c1:95:0d:36:19:11:80:38:4b:65:d8:30:61:
4c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:58:FA:2A:AA:36:5F:4A:D1:C2:74:BF:AE:8A:37:30:8A:E3:3F:67
X509v3 Authority Key Identifier:
keyid:A7:6A:BD:A9:03:46:D0:CA:D2:5D:CA:6F:74:50:BC:CF:8D:08:E7:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2q9qQNG0MrSXcpvdFC8z40I53E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/345c9b-7b4a-4b21-9b00-4d301684c3bc/1/QFj6Kqo2X0rRwnS_roo3MIrjP2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/345c9b-7b4a-4b21-9b00-4d301684c3bc/1/p2q9qQNG0MrSXcpvdFC8z40I53E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.227.82.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:e3:61:4a:33:8e:3e:34:fa:0b:8e:dd:84:92:cd:d6:a7:69:
1f:97:8c:70:ee:43:ef:52:a3:3b:c7:2b:4c:9d:4f:88:d5:0f:
26:7c:3c:dd:f9:4c:e1:a0:7c:76:a3:f8:38:5c:b7:9c:09:2a:
96:f5:e0:70:81:5b:bb:a2:68:71:2a:2b:13:bc:b4:4a:48:6d:
75:6c:1c:98:18:f4:0f:29:ab:fa:3f:90:c1:6f:ac:72:42:2e:
3b:84:1f:dd:77:43:fd:69:97:2c:28:8a:ad:3e:83:98:c7:fe:
8e:94:50:2d:ce:77:5d:7d:78:34:c6:6d:81:1d:1b:fb:4b:ce:
32:22:42:cf:79:34:df:46:92:be:c0:ef:5b:bf:62:32:80:07:
f8:18:19:c4:2e:21:d2:0b:fb:37:4a:ae:95:46:8e:a0:2d:39:
25:63:04:0a:2b:a4:ad:9c:0a:bf:37:fe:4d:2f:9a:41:95:c8:
de:76:94:c0:99:30:03:87:cd:f4:fd:d9:44:f2:84:52:2f:17:
80:fb:a6:73:e4:c1:ee:a3:46:f3:e3:22:61:1e:8a:18:0f:d3:
dc:88:60:4c:bd:07:85:7c:a9:db:a1:12:16:4a:51:34:3e:8e:
ef:e7:ee:db:45:8a:96:8b:af:8e:49:7f:42:56:c0:62:bf:c4:
80:3d:43:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1L0gaFtyZ8OYrYmHm8QcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmFiZGE5MDM0NmQwY2FkMjVkY2E2Zjc0NTBiY2NmOGQw
OGU3NzEwHhcNMjMwMTAxMTkzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDU4ZmEyYWFhMzY1ZjRhZDFjMjc0YmZhZThhMzczMDhhZTMzZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpHlP8E/99RV/Y0CQb9ze0QxwGv3
9klvjVzkojh1A6pKijjZghCwCagEh+Ao+KmGT3lXN0/9fIBaYdlvgm3WtfvE7VZw
3B0pVAmpzU9ddk2uCN8ymXnhrbiLMZh0LHxwzncT3SLsiOZGRPB4aOvQ/W3YLRuo
sif21DLAoi3lWhzMrYpzhFb0sTL5AdA1avSQLvAQ12wwFjsIBPUagaJNGM3oP88Y
dZSXNPkZuPqyY7LZWb4qMM/QrUe4yia/xlixiklEM9u+4RE5imxb3n5FNjwhHu5e
dO3zlznl2LO3+gNel1VtftyowUWF5FIedrkaBcGVDTYZEYA4S2XYMGFM3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBY+iqqNl9K0cJ0v66KNzCK4z9nMB8GA1UdIwQY
MBaAFKdqvakDRtDK0l3Kb3RQvM+NCOdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJxOXFRTkcwTXJTWGNwdmRGQzh6NDBJNTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zNDVjOWItN2I0YS00YjIxLTliMDAt
NGQzMDE2ODRjM2JjLzEvUUZqNktxbzJYMHJSd25TX3JvbzNNSXJqUDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zNDVjOWItN2I0YS00YjIxLTliMDAtNGQzMDE2ODRjM2Jj
LzEvcDJxOXFRTkcwTXJTWGNwdmRGQzh6NDBJNTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAweNSMA0G
CSqGSIb3DQEBCwUAA4IBAQB+42FKM44+NPoLjt2Eks3Wp2kfl4xw7kPvUqM7xytM
nU+I1Q8mfDzd+UzhoHx2o/g4XLecCSqW9eBwgVu7omhxKisTvLRKSG11bByYGPQP
Kav6P5DBb6xyQi47hB/dd0P9aZcsKIqtPoOYx/6OlFAtznddfXg0xm2BHRv7S84y
IkLPeTTfRpK+wO9bv2IygAf4GBnELiHSC/s3Sq6VRo6gLTklYwQKK6StnAq/N/5N
L5pBlcjedpTAmTADh830/dlE8oRSLxeA+6Zz5MHuo0bz4yJhHooYD9PciGBMvQeF
fKnboRIWSlE0Po7v5+7bRYqWi6+OSX9CVsBiv8SAPUPm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:36 2024 by rpki-client on console-fra.rpki-client.org