Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/QlUsONC5IIjpoLro4Hv9ncdra9U.roa
File: QlUsONC5IIjpoLro4Hv9ncdra9U.roa (raw, json)
Hash identifier: bf1zr9kW37YKC0+CfxFVx5/A+kkKA8hetTI/OXygCzo=
Subject key identifier: 42:55:2C:38:D0:B9:20:88:E9:A0:BA:E8:E0:7B:FD:9D:C7:6B:6B:D5
Certificate issuer: /CN=9514df9fdc3a0b128c20ee8c06628c43c958bbf0
Certificate serial: 018AF5B43A9867FBB074D281A42F63D01B5E
Authority key identifier: 95:14:DF:9F:DC:3A:0B:12:8C:20:EE:8C:06:62:8C:43:C9:58:BB:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/QlUsONC5IIjpoLro4Hv9ncdra9U.roa
Signing time: Tue 03 Oct 2023 13:22:23 +0000
ROA not before: Tue 03 Oct 2023 13:22:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42402
IP address blocks: 91.189.56.0/22 maxlen: 22
91.189.56.0/21 maxlen: 21
91.189.62.0/23 maxlen: 23
91.189.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:b4:3a:98:67:fb:b0:74:d2:81:a4:2f:63:d0:1b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9514df9fdc3a0b128c20ee8c06628c43c958bbf0
Validity
Not Before: Oct 3 13:22:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42552c38d0b92088e9a0bae8e07bfd9dc76b6bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4c:bf:6f:50:38:f3:0b:f4:ab:0b:34:2e:65:
23:0b:be:85:1c:6c:b5:ee:c0:3f:d2:3f:c4:7c:75:
5e:0a:f7:9a:01:e8:1d:ee:44:87:ec:f3:ff:75:58:
1a:01:8f:70:5d:62:84:8c:f1:0e:b2:ae:96:75:c2:
31:cc:81:ea:2a:6d:72:95:b4:c8:4e:9e:d8:c4:5a:
4b:a4:e2:cc:19:3d:a5:ce:16:76:56:d4:f2:4b:af:
53:db:71:c8:8a:56:9e:de:07:57:90:23:79:1e:59:
0d:fe:ae:f9:9e:80:38:53:da:90:10:4e:e1:1e:18:
35:e4:66:69:1f:40:b8:10:c0:fc:69:17:49:0c:49:
bc:b5:7b:7a:53:f6:a6:88:e2:53:e9:3f:ba:1e:c0:
31:d6:f2:6b:1d:ae:61:3d:22:9a:57:54:c3:47:45:
c0:56:bc:1f:6e:e8:09:c0:63:d2:ec:9c:00:2f:85:
3c:3e:0d:b4:7f:cb:b9:9b:f9:9c:24:60:f3:22:78:
07:80:b8:1b:27:d9:f5:e9:79:c8:b0:d5:03:5e:9d:
b2:16:17:db:11:e0:d7:1b:66:c4:d0:3f:6e:46:65:
fb:3e:45:a3:56:8c:87:01:b1:06:53:02:47:69:97:
4c:56:49:c1:48:91:d0:e1:56:f2:b3:ba:c8:f2:82:
e1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:55:2C:38:D0:B9:20:88:E9:A0:BA:E8:E0:7B:FD:9D:C7:6B:6B:D5
X509v3 Authority Key Identifier:
keyid:95:14:DF:9F:DC:3A:0B:12:8C:20:EE:8C:06:62:8C:43:C9:58:BB:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/QlUsONC5IIjpoLro4Hv9ncdra9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.56.0/21
Signature Algorithm: sha256WithRSAEncryption
02:b1:c7:ce:35:2e:ed:b5:d4:f7:61:06:7d:24:22:44:97:5b:
4d:75:80:11:0a:c2:e7:34:12:cd:b0:ac:d2:42:fa:dd:6a:85:
40:48:39:c3:6f:e7:89:58:0f:8a:24:ea:89:41:01:7e:39:7f:
fc:ec:ca:2d:3c:0c:23:8a:3f:8e:31:fb:83:41:0e:96:15:cc:
ec:9a:79:34:f0:f8:82:07:6c:6e:14:d8:57:6c:69:f9:98:94:
51:5b:57:c1:19:81:88:b4:99:e6:54:19:28:4b:12:56:47:51:
62:d4:62:7d:36:fc:57:41:ed:34:1b:77:5d:7c:62:c4:b9:05:
b7:9e:db:ec:3d:6c:84:b8:ff:9b:3a:f9:cc:7a:83:47:09:a0:
a0:c5:e0:cf:3a:bb:5a:f2:c7:bd:0c:81:c5:ee:56:f4:d7:31:
fa:5b:d7:bc:df:7c:76:3e:53:02:90:44:29:39:2b:07:b4:da:
34:37:5b:c8:ae:92:e1:6b:6d:cb:ee:b9:8b:7b:0f:56:9b:ed:
d0:16:5d:c3:f1:ed:1a:cb:47:5a:bf:99:48:d8:4d:66:0b:d4:
cf:e4:09:fa:62:28:f2:b0:b2:9e:ae:0c:ec:39:59:64:c6:97:
b2:4d:49:c5:c3:39:23:1d:60:00:d6:25:03:fb:f2:0c:03:62:
1a:d5:da:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr1tDqYZ/uwdNKBpC9j0BteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MTRkZjlmZGMzYTBiMTI4YzIwZWU4YzA2NjI4YzQzYzk1
OGJiZjAwHhcNMjMxMDAzMTMyMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjU1MmMzOGQwYjkyMDg4ZTlhMGJhZThlMDdiZmQ5ZGM3NmI2YmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0y/b1A48wv0qws0LmUjC76FHGy1
7sA/0j/EfHVeCveaAegd7kSH7PP/dVgaAY9wXWKEjPEOsq6WdcIxzIHqKm1ylbTI
Tp7YxFpLpOLMGT2lzhZ2VtTyS69T23HIilae3gdXkCN5HlkN/q75noA4U9qQEE7h
Hhg15GZpH0C4EMD8aRdJDEm8tXt6U/amiOJT6T+6HsAx1vJrHa5hPSKaV1TDR0XA
VrwfbugJwGPS7JwAL4U8Pg20f8u5m/mcJGDzIngHgLgbJ9n16XnIsNUDXp2yFhfb
EeDXG2bE0D9uRmX7PkWjVoyHAbEGUwJHaZdMVknBSJHQ4Vbys7rI8oLhxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJVLDjQuSCI6aC66OB7/Z3Ha2vVMB8GA1UdIwQY
MBaAFJUU35/cOgsSjCDujAZijEPJWLvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFJUZm45dzZDeEtNSU82TUJtS01ROGxZdV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85N2ZiMGQtZDc3Zi00NDY3LTg2Mjct
ZTIyMmJmODUyOWI4LzEvUWxVc09OQzVJSWpwb0xybzRIdjluY2RyYTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85N2ZiMGQtZDc3Zi00NDY3LTg2MjctZTIyMmJmODUyOWI4
LzEvbFJUZm45dzZDeEtNSU82TUJtS01ROGxZdV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW704MA0G
CSqGSIb3DQEBCwUAA4IBAQACscfONS7ttdT3YQZ9JCJEl1tNdYARCsLnNBLNsKzS
QvrdaoVASDnDb+eJWA+KJOqJQQF+OX/87MotPAwjij+OMfuDQQ6WFczsmnk08PiC
B2xuFNhXbGn5mJRRW1fBGYGItJnmVBkoSxJWR1Fi1GJ9NvxXQe00G3ddfGLEuQW3
ntvsPWyEuP+bOvnMeoNHCaCgxeDPOrta8se9DIHF7lb01zH6W9e833x2PlMCkEQp
OSsHtNo0N1vIrpLha23L7rmLew9Wm+3QFl3D8e0ay0dav5lI2E1mC9TP5An6Yijy
sLKergzsOVlkxpeyTUnFwzkjHWAA1iUD+/IMA2Ia1dqG
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:21 2024 by rpki-client on console-ams.rpki-client.org