Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e4bb51-b963-4b46-aa27-26bf8ccd7b74/1/qzBD2_eZA9vnAKmhREaJMMnvKeM.roa
File: qzBD2_eZA9vnAKmhREaJMMnvKeM.roa (raw, json)
Hash identifier: X8XieyOFw0Fmu49crEJ+70RUrQTu/ezUCatE5WQesGQ=
Subject key identifier: AB:30:43:DB:F7:99:03:DB:E7:00:A9:A1:44:46:89:30:C9:EF:29:E3
Certificate issuer: /CN=0ede17b8caf02461bf54c0964ed38a2590062f94
Certificate serial: 01856D4AB3A1F0010A00D1398BEA7DE138F0
Authority key identifier: 0E:DE:17:B8:CA:F0:24:61:BF:54:C0:96:4E:D3:8A:25:90:06:2F:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dt4XuMrwJGG_VMCWTtOKJZAGL5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e4bb51-b963-4b46-aa27-26bf8ccd7b74/1/qzBD2_eZA9vnAKmhREaJMMnvKeM.roa
Signing time: Sun 01 Jan 2023 12:24:50 +0000
ROA not before: Sun 01 Jan 2023 12:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196659
IP address blocks: 91.102.232.0/21 maxlen: 24
91.102.233.0/24 maxlen: 24
91.102.238.0/24 maxlen: 24
91.102.234.0/24 maxlen: 24
91.102.239.0/24 maxlen: 24
91.102.235.0/24 maxlen: 24
91.102.236.0/24 maxlen: 24
91.102.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:b3:a1:f0:01:0a:00:d1:39:8b:ea:7d:e1:38:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ede17b8caf02461bf54c0964ed38a2590062f94
Validity
Not Before: Jan 1 12:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab3043dbf79903dbe700a9a144468930c9ef29e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2f:2a:1d:ee:b0:f0:0c:b4:07:1f:b0:fb:cb:
0a:5a:13:57:03:93:f6:c6:69:f5:e5:e9:ec:72:06:
35:92:57:b1:be:ea:f4:8c:34:94:21:9a:9c:ae:34:
74:4c:91:f8:c4:8d:56:95:99:43:61:bb:d5:47:ff:
48:ea:c5:12:93:1c:ba:03:0a:8b:9a:22:af:7f:2e:
53:0a:3b:99:24:d1:46:56:f0:a9:e7:aa:62:fe:b2:
e4:22:8f:a1:66:af:92:3d:88:92:a7:39:8a:0a:32:
14:71:c0:c4:b8:29:ed:37:f1:7a:96:fe:56:3a:fc:
68:c1:56:f6:9c:0d:19:e2:f1:86:a3:31:26:ec:ed:
a2:4c:9c:7b:62:6b:b9:17:89:ac:1a:6a:de:79:a7:
35:40:64:6d:ed:9c:d0:09:4a:7e:1c:26:f4:cb:cf:
5a:7b:53:30:56:18:d7:75:65:38:9f:44:46:d5:fc:
0b:c6:58:1e:9c:03:4d:4a:44:de:c5:3a:f8:21:09:
2d:70:fb:34:5a:bc:58:38:b2:26:1d:b2:74:ba:8e:
f7:5f:40:a4:0d:da:09:53:b3:b0:e5:0c:2c:04:da:
63:92:0d:34:09:ba:9c:ca:de:aa:ba:00:75:33:10:
a4:2f:87:5e:2c:3d:d7:97:56:95:2e:9a:92:fa:30:
55:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:30:43:DB:F7:99:03:DB:E7:00:A9:A1:44:46:89:30:C9:EF:29:E3
X509v3 Authority Key Identifier:
keyid:0E:DE:17:B8:CA:F0:24:61:BF:54:C0:96:4E:D3:8A:25:90:06:2F:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dt4XuMrwJGG_VMCWTtOKJZAGL5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e4bb51-b963-4b46-aa27-26bf8ccd7b74/1/qzBD2_eZA9vnAKmhREaJMMnvKeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e4bb51-b963-4b46-aa27-26bf8ccd7b74/1/Dt4XuMrwJGG_VMCWTtOKJZAGL5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.232.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:7b:a8:4e:e3:cd:08:6b:6f:1b:5f:42:54:fb:97:43:42:bb:
d5:6c:3d:c0:4a:70:1e:5e:f1:2e:05:16:1e:41:97:ef:44:42:
a5:61:ca:31:ca:cc:46:ca:b4:c5:97:20:52:5c:43:57:e7:36:
90:bd:01:93:e9:c2:de:6e:59:d8:d0:22:8c:c0:e7:32:5f:26:
1f:e9:31:d7:dd:ed:d6:d6:ca:a6:9c:b9:dd:3c:1d:8a:88:4c:
96:a5:03:10:8e:af:60:11:59:d7:9a:96:4f:c7:d8:2b:73:65:
8d:30:6c:51:a7:ce:d6:85:50:21:b9:86:1d:6c:bf:2a:01:df:
2f:c4:84:8d:31:29:14:94:b6:57:11:50:72:6d:be:42:b2:77:
48:da:92:13:80:36:c2:ba:07:92:2d:89:a9:ee:5f:5e:45:9e:
2a:4c:40:37:c5:ab:ba:a8:8d:92:95:f2:43:8d:85:0c:ac:ba:
4c:24:42:3d:cf:18:c2:df:da:88:84:b1:46:83:48:50:18:9c:
b1:dc:d2:64:ce:ee:0a:4f:54:ea:95:ec:6b:40:13:10:93:ad:
26:ef:55:f8:ae:9b:7d:27:48:64:92:10:78:f5:c7:12:70:69:
8a:e1:29:32:81:29:fe:75:6e:8b:4b:72:82:f8:c9:3a:0d:f7:
6f:fc:da:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSrOh8AEKANE5i+p94TjwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZGUxN2I4Y2FmMDI0NjFiZjU0YzA5NjRlZDM4YTI1OTAw
NjJmOTQwHhcNMjMwMTAxMTIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjMwNDNkYmY3OTkwM2RiZTcwMGE5YTE0NDQ2ODkzMGM5ZWYyOWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApC8qHe6w8Ay0Bx+w+8sKWhNXA5P2
xmn15enscgY1klexvur0jDSUIZqcrjR0TJH4xI1WlZlDYbvVR/9I6sUSkxy6AwqL
miKvfy5TCjuZJNFGVvCp56pi/rLkIo+hZq+SPYiSpzmKCjIUccDEuCntN/F6lv5W
OvxowVb2nA0Z4vGGozEm7O2iTJx7Ymu5F4msGmreeac1QGRt7ZzQCUp+HCb0y89a
e1MwVhjXdWU4n0RG1fwLxlgenANNSkTexTr4IQktcPs0WrxYOLImHbJ0uo73X0Ck
DdoJU7Ow5QwsBNpjkg00Cbqcyt6qugB1MxCkL4deLD3Xl1aVLpqS+jBVCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKswQ9v3mQPb5wCpoURGiTDJ7ynjMB8GA1UdIwQY
MBaAFA7eF7jK8CRhv1TAlk7TiiWQBi+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHQ0WHVNcndKR0dfVk1DV1R0T0tKWkFHTDVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNGJiNTEtYjk2My00YjQ2LWFhMjct
MjZiZjhjY2Q3Yjc0LzEvcXpCRDJfZVpBOXZuQUttaFJFYUpNTW52S2VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNGJiNTEtYjk2My00YjQ2LWFhMjctMjZiZjhjY2Q3Yjc0
LzEvRHQ0WHVNcndKR0dfVk1DV1R0T0tKWkFHTDVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW2boMA0G
CSqGSIb3DQEBCwUAA4IBAQCce6hO480Ia28bX0JU+5dDQrvVbD3ASnAeXvEuBRYe
QZfvREKlYcoxysxGyrTFlyBSXENX5zaQvQGT6cLeblnY0CKMwOcyXyYf6THX3e3W
1sqmnLndPB2KiEyWpQMQjq9gEVnXmpZPx9grc2WNMGxRp87WhVAhuYYdbL8qAd8v
xISNMSkUlLZXEVBybb5CsndI2pITgDbCugeSLYmp7l9eRZ4qTEA3xau6qI2SlfJD
jYUMrLpMJEI9zxjC39qIhLFGg0hQGJyx3NJkzu4KT1TqlexrQBMQk60m71X4rpt9
J0hkkhB49ccScGmK4SkygSn+dW6LS3KC+Mk6Dfdv/NqA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:37 2024 by rpki-client on console-fra.rpki-client.org