Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QkZfejtGCwmYa5N6W5q1aA-G9pk.roa
File: QkZfejtGCwmYa5N6W5q1aA-G9pk.roa (raw, json)
Hash identifier: 3tSt+3YnHuI0eYi4e9k5/7lveM0U1uAgH1oS/di0TEQ=
Subject key identifier: 42:46:5F:7A:3B:46:0B:09:98:6B:93:7A:5B:9A:B5:68:0F:86:F6:99
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018DBB5A1FEAC13F45573309009FFFE2D47E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QkZfejtGCwmYa5N6W5q1aA-G9pk.roa
Signing time: Sun 18 Feb 2024 08:34:22 +0000
ROA not before: Sun 18 Feb 2024 08:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62390
IP address blocks: 89.213.40.0/24 maxlen: 24
109.176.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 May 2024 07:24:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bb:5a:1f:ea:c1:3f:45:57:33:09:00:9f:ff:e2:d4:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 18 08:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42465f7a3b460b09986b937a5b9ab5680f86f699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:f1:f9:af:b4:e7:38:09:72:14:25:ab:3b:91:
64:84:20:4e:bd:74:23:0a:10:18:11:c7:1c:13:72:
07:da:e6:ba:6a:39:20:48:da:31:e3:96:3a:b3:15:
63:63:75:06:61:14:54:28:93:5e:49:21:45:24:ce:
77:04:d1:60:04:e1:18:7e:ff:f6:2e:17:a6:89:5a:
de:c8:c4:7b:57:9b:8c:e7:a2:57:c9:2f:b6:2a:58:
07:7c:44:b5:2e:0c:ba:65:ef:2a:7b:92:6a:ca:d3:
2c:b9:80:93:bc:fe:84:ce:ca:e9:5c:2b:0f:0f:ab:
48:97:91:48:e4:74:bb:0a:d6:46:69:ca:6b:6b:81:
78:7b:67:77:55:81:80:46:10:56:b4:d8:a6:34:4f:
ba:a6:0a:bf:96:a9:e5:b6:cb:4a:6f:93:11:e6:66:
b1:59:6c:7c:f2:de:9c:65:d6:e8:08:71:56:8d:00:
16:c5:cf:45:60:f4:cd:2e:7b:bf:f9:23:46:cd:2e:
0f:a3:d1:6c:bd:96:cc:b8:43:8d:7b:d8:87:51:a9:
36:57:b4:54:74:8d:0f:06:bb:8b:2b:2f:4f:7e:64:
d1:9c:70:68:9f:77:27:ff:22:fe:d5:91:84:3c:1d:
a1:13:13:5d:dd:c3:6c:cd:fe:78:b2:18:16:ba:ac:
c0:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:46:5F:7A:3B:46:0B:09:98:6B:93:7A:5B:9A:B5:68:0F:86:F6:99
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QkZfejtGCwmYa5N6W5q1aA-G9pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.40.0/24
109.176.246.0/24
Signature Algorithm: sha256WithRSAEncryption
05:03:fb:83:8c:f0:aa:63:19:76:d8:c2:15:0b:18:9a:38:1a:
d4:69:22:86:2b:85:51:b3:b1:cd:b0:63:4a:18:8a:23:e7:88:
18:3a:04:48:9e:44:6e:fc:a7:43:c2:1f:98:ac:1e:8f:68:d5:
7a:5f:a6:e4:6d:eb:55:30:2d:9f:32:c6:76:5e:83:a0:79:0b:
20:0b:24:80:b5:8f:65:63:8a:06:f3:70:c1:ed:12:19:a5:84:
73:46:9c:70:b0:66:75:03:a5:80:51:39:c2:85:ec:a8:61:ce:
a5:a7:58:a4:d7:35:ff:06:ca:83:a8:91:a3:9f:29:0e:e1:5e:
b7:df:12:88:a4:74:cb:68:c7:1e:34:bc:c1:83:69:56:1b:ff:
d6:97:e0:a0:76:9e:ec:c4:12:fa:35:01:ea:dd:7b:a9:6b:83:
e3:fa:f1:2b:74:b6:79:25:d3:75:bc:bc:76:11:62:a3:e0:4d:
58:39:4f:af:34:61:fe:f9:04:01:43:aa:81:31:ea:f9:9c:ac:
a9:13:d1:0e:6e:fe:97:87:78:a5:27:85:ac:e4:a3:de:08:55:
b4:2e:49:01:ec:33:f3:82:88:28:c1:64:04:0c:99:71:7d:a6:
bb:11:70:d4:2a:e8:e1:09:2e:41:0a:a8:ea:f3:c1:61:ad:24:
a9:e6:0a:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY27Wh/qwT9FVzMJAJ//4tR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjE4MDgzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ2NWY3YTNiNDYwYjA5OTg2YjkzN2E1YjlhYjU2ODBmODZmNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9vH5r7TnOAlyFCWrO5FkhCBOvXQj
ChAYEcccE3IH2ua6ajkgSNox45Y6sxVjY3UGYRRUKJNeSSFFJM53BNFgBOEYfv/2
LhemiVreyMR7V5uM56JXyS+2KlgHfES1Lgy6Ze8qe5JqytMsuYCTvP6EzsrpXCsP
D6tIl5FI5HS7CtZGacpra4F4e2d3VYGARhBWtNimNE+6pgq/lqnltstKb5MR5max
WWx88t6cZdboCHFWjQAWxc9FYPTNLnu/+SNGzS4Po9FsvZbMuEONe9iHUak2V7RU
dI0PBruLKy9PfmTRnHBon3cn/yL+1ZGEPB2hExNd3cNszf54shgWuqzAmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEJGX3o7RgsJmGuTeluatWgPhvaZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUWtaZmVqdEdDd21ZYTVONlc1cTFhQS1HOXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdUoAwQA
bbD2MA0GCSqGSIb3DQEBCwUAA4IBAQAFA/uDjPCqYxl22MIVCxiaOBrUaSKGK4VR
s7HNsGNKGIoj54gYOgRInkRu/KdDwh+YrB6PaNV6X6bkbetVMC2fMsZ2XoOgeQsg
CySAtY9lY4oG83DB7RIZpYRzRpxwsGZ1A6WAUTnCheyoYc6lp1ik1zX/BsqDqJGj
nykO4V633xKIpHTLaMceNLzBg2lWG//Wl+Cgdp7sxBL6NQHq3Xupa4Pj+vErdLZ5
JdN1vLx2EWKj4E1YOU+vNGH++QQBQ6qBMer5nKypE9EObv6Xh3ilJ4Ws5KPeCFW0
LkkB7DPzgogowWQEDJlxfaa7EXDUKujhCS5BCqjq88FhrSSp5gph
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org