Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/QDzQ2HUimlfYZvbKIoVjpAYqkfM.roa
File: QDzQ2HUimlfYZvbKIoVjpAYqkfM.roa (raw, json)
Hash identifier: SHGeXjmjwEOLZWA1Gn67mH/z6Qzfmh0JQiLwOruSpm0=
Subject key identifier: 40:3C:D0:D8:75:22:9A:57:D8:66:F6:CA:22:85:63:A4:06:2A:91:F3
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018CCA2A4280DF2E45A0157AE24027A54F82
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/QDzQ2HUimlfYZvbKIoVjpAYqkfM.roa
Signing time: Tue 02 Jan 2024 12:33:36 +0000
ROA not before: Tue 02 Jan 2024 12:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 80.71.225.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:42:80:df:2e:45:a0:15:7a:e2:40:27:a5:4f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 2 12:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=403cd0d875229a57d866f6ca228563a4062a91f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f5:13:0a:b6:0e:3c:8c:11:9e:1c:0d:68:99:
d7:b3:a8:7b:52:a4:bd:1d:94:bd:2b:6b:15:cb:00:
24:8c:38:ba:60:b9:85:b6:5e:0e:98:97:45:91:ee:
46:f6:c4:36:bd:10:e9:26:ec:b2:5b:d8:0f:e5:53:
26:d8:48:87:47:b2:b0:4c:a7:dc:9a:3a:95:de:0e:
75:69:94:8d:8e:2b:51:65:de:86:c9:60:ea:eb:40:
f3:71:d9:c2:5d:82:9f:de:76:f8:98:13:1f:b0:e0:
ae:dd:62:42:42:3f:24:55:7d:4b:35:ed:1d:1a:b7:
eb:b6:47:47:da:5f:04:36:7e:1a:b2:37:2f:65:64:
05:18:0c:ee:d6:b6:1e:73:b6:03:58:26:8b:f3:9b:
68:2d:91:aa:e2:0e:6d:48:0b:9a:2f:5d:11:76:45:
10:9c:4a:fb:d4:c1:f3:e6:75:17:63:9d:ce:ec:39:
29:3e:3c:58:d2:26:8f:06:a2:56:c7:7b:9b:e7:3a:
1d:09:58:64:41:4e:b3:78:16:4f:ba:eb:07:7c:e0:
0e:50:dd:9e:34:2b:44:14:5d:cd:04:51:5c:a8:8e:
a6:79:ec:90:db:51:46:44:04:ad:e1:81:94:25:4a:
2e:d7:ac:e7:fe:bf:9d:82:cf:c0:ef:1b:eb:d2:eb:
99:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3C:D0:D8:75:22:9A:57:D8:66:F6:CA:22:85:63:A4:06:2A:91:F3
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/QDzQ2HUimlfYZvbKIoVjpAYqkfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.225.0/24
81.29.149.0/24
Signature Algorithm: sha256WithRSAEncryption
10:8c:dd:4e:31:32:32:41:46:1a:24:c1:d7:f6:83:15:e0:38:
4d:85:7c:95:cd:77:5b:5b:05:e8:fb:76:bc:ea:6b:53:2f:0a:
e3:8a:4f:39:75:54:ea:ee:f8:d8:3f:07:ea:8b:9c:da:32:0c:
fe:38:27:93:3b:4b:ef:d4:92:49:e2:0a:53:20:7e:e3:77:ff:
87:21:e9:c6:99:43:d8:13:2d:c9:99:8f:7f:3d:53:c0:53:1f:
d7:67:4a:fe:ad:d8:92:56:fe:67:51:53:35:e8:ca:d1:a6:31:
5b:8d:3a:5c:ce:2a:dd:63:9b:a4:4e:50:95:e1:8f:5a:74:e7:
3c:79:ee:4b:f4:c5:e8:5e:fc:43:91:80:e1:e1:d3:99:73:29:
99:7e:b2:2c:cb:5b:65:aa:16:46:6b:96:f5:df:20:83:12:58:
7b:33:66:69:2a:30:c9:58:08:e2:67:88:41:4f:04:6c:c9:e6:
a8:7a:bf:8c:ae:39:66:16:c1:7e:87:cd:dd:f4:5f:1f:32:c3:
4d:88:80:d2:0d:10:78:09:7a:e4:b7:9b:d9:9e:d3:08:e8:2f:
b1:f8:7f:28:ca:9a:e5:79:09:33:ce:f5:72:3f:b1:13:1e:5c:
1e:e2:80:ed:86:70:be:5c:c7:d6:48:28:aa:9c:f0:fb:3c:81:
bf:96:44:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKkKA3y5FoBV64kAnpU+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMTAyMTIzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDNjZDBkODc1MjI5YTU3ZDg2NmY2Y2EyMjg1NjNhNDA2MmE5MWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/UTCrYOPIwRnhwNaJnXs6h7UqS9
HZS9K2sVywAkjDi6YLmFtl4OmJdFke5G9sQ2vRDpJuyyW9gP5VMm2EiHR7KwTKfc
mjqV3g51aZSNjitRZd6GyWDq60DzcdnCXYKf3nb4mBMfsOCu3WJCQj8kVX1LNe0d
GrfrtkdH2l8ENn4asjcvZWQFGAzu1rYec7YDWCaL85toLZGq4g5tSAuaL10RdkUQ
nEr71MHz5nUXY53O7DkpPjxY0iaPBqJWx3ub5zodCVhkQU6zeBZPuusHfOAOUN2e
NCtEFF3NBFFcqI6meeyQ21FGRASt4YGUJUou16zn/r+dgs/A7xvr0uuZvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEA80Nh1IppX2Gb2yiKFY6QGKpHzMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvUUR6UTJIVWltbGZZWnZiS0lvVmpwQVlxa2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEfhAwQA
UR2VMA0GCSqGSIb3DQEBCwUAA4IBAQAQjN1OMTIyQUYaJMHX9oMV4DhNhXyVzXdb
WwXo+3a86mtTLwrjik85dVTq7vjYPwfqi5zaMgz+OCeTO0vv1JJJ4gpTIH7jd/+H
IenGmUPYEy3JmY9/PVPAUx/XZ0r+rdiSVv5nUVM16MrRpjFbjTpczirdY5ukTlCV
4Y9adOc8ee5L9MXoXvxDkYDh4dOZcymZfrIsy1tlqhZGa5b13yCDElh7M2ZpKjDJ
WAjiZ4hBTwRsyeaoer+MrjlmFsF+h83d9F8fMsNNiIDSDRB4CXrkt5vZntMI6C+x
+H8oyprleQkzzvVyP7ETHlwe4oDthnC+XMfWSCiqnPD7PIG/lkTt
-----END CERTIFICATE-----
Generated at Wed Jan 3 07:52:37 2024 by rpki-client on console-ams.rpki-client.org