Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/qd2_D4-l1izso7fTXtcEeMlbhTw.roa
File: qd2_D4-l1izso7fTXtcEeMlbhTw.roa (raw, json)
Hash identifier: efYt07LbpZF6JdGzXtvrKPejRdloIiWGNFRUKGNeYMI=
Subject key identifier: A9:DD:BF:0F:8F:A5:D6:2C:EC:A3:B7:D3:5E:D7:04:78:C9:5B:85:3C
Certificate issuer: /CN=6cfd360736f1fa6c9770fcb48be594be609e5b3e
Certificate serial: 01856E41C81EABB388C6705FC965276FA9D2
Authority key identifier: 6C:FD:36:07:36:F1:FA:6C:97:70:FC:B4:8B:E5:94:BE:60:9E:5B:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP02Bzbx-myXcPy0i-WUvmCeWz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/qd2_D4-l1izso7fTXtcEeMlbhTw.roa
Signing time: Sun 01 Jan 2023 16:54:42 +0000
ROA not before: Sun 01 Jan 2023 16:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43366
IP address blocks: 91.231.184.0/24 maxlen: 24
185.70.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:c8:1e:ab:b3:88:c6:70:5f:c9:65:27:6f:a9:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cfd360736f1fa6c9770fcb48be594be609e5b3e
Validity
Not Before: Jan 1 16:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9ddbf0f8fa5d62ceca3b7d35ed70478c95b853c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:de:5f:90:e0:22:fa:46:ef:3b:1e:1f:ec:d3:
5b:28:05:a2:79:d4:fc:fc:12:31:48:72:9d:79:51:
fb:70:ef:b0:a7:7c:25:fa:c7:8b:0c:f8:27:61:51:
08:98:9a:cf:9e:92:8a:48:2e:63:c1:1d:df:ea:cd:
15:5d:de:08:19:0f:34:33:5f:10:33:8b:31:a9:92:
0b:ec:cc:3b:c0:fa:80:cb:e2:16:66:5b:f4:b3:3e:
97:9c:5c:6a:ef:cd:76:fc:a2:6c:29:d6:cb:70:db:
b7:49:26:ca:c9:af:b1:69:53:66:09:e4:7e:36:7c:
22:68:af:4a:db:bd:39:16:05:c3:2a:af:c4:2c:19:
a4:7e:54:c1:9c:22:9e:8b:a4:63:97:95:e8:59:36:
1e:ff:44:9a:b3:f7:8a:5a:4d:40:bb:08:5b:da:c7:
90:37:5c:a6:ea:b9:b9:26:ea:1c:72:df:90:80:b0:
e2:6b:f2:b9:ee:b3:a1:1b:16:45:d1:1b:e0:44:1e:
ac:c0:3c:fe:b9:3d:4f:ff:90:ae:7a:9a:28:71:5f:
1f:af:54:d6:35:a2:c3:93:91:c9:0f:ce:4c:31:5c:
96:c9:67:6a:9e:4e:5a:30:b4:41:e9:05:1f:a5:13:
e4:09:74:d0:cb:26:90:7e:2c:ec:c3:74:63:12:f0:
e3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DD:BF:0F:8F:A5:D6:2C:EC:A3:B7:D3:5E:D7:04:78:C9:5B:85:3C
X509v3 Authority Key Identifier:
keyid:6C:FD:36:07:36:F1:FA:6C:97:70:FC:B4:8B:E5:94:BE:60:9E:5B:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP02Bzbx-myXcPy0i-WUvmCeWz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/qd2_D4-l1izso7fTXtcEeMlbhTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/bP02Bzbx-myXcPy0i-WUvmCeWz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.184.0/24
185.70.228.0/22
Signature Algorithm: sha256WithRSAEncryption
22:66:02:f6:4d:2e:3d:10:0e:da:7c:a7:1d:2c:25:d8:10:df:
e8:b4:f1:a2:31:0a:8f:54:40:99:d6:45:a8:b8:55:d4:31:d5:
5a:73:a8:a9:70:be:a1:53:2c:7c:98:ec:61:92:65:b0:33:0e:
5e:67:67:65:26:16:d0:91:53:d2:f6:2f:1a:14:61:b9:88:ee:
b4:b4:7c:1a:e4:f5:a1:86:db:e9:d3:07:53:d2:27:a8:20:12:
20:5d:e1:92:89:5f:84:19:4c:6f:f0:f8:6a:0f:7d:c5:14:b1:
66:cd:33:d6:41:c6:d7:cc:ae:50:e5:96:e5:a7:86:fe:cd:92:
74:2c:ce:a5:71:16:85:75:56:a9:3b:a8:fa:da:eb:46:1f:15:
ce:d5:de:62:fe:61:48:2b:c8:cd:1c:fc:f6:7e:90:93:df:ac:
39:7d:25:2f:c8:b5:a5:67:8a:15:b3:de:37:39:e2:23:3d:ac:
30:b1:01:0a:85:bb:29:e7:1b:fb:3d:f5:45:df:e4:7a:01:88:
79:61:c3:8f:98:10:2c:05:cd:03:36:f9:5e:a9:c1:bd:6a:df:
82:53:73:93:7c:fe:36:fe:b2:c0:6d:53:6d:6e:0f:e7:f9:72:
32:34:cd:10:56:a4:1d:ae:29:ff:1b:4a:f5:38:9d:7e:1e:36:
99:0a:6d:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuQcgeq7OIxnBfyWUnb6nSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmQzNjA3MzZmMWZhNmM5NzcwZmNiNDhiZTU5NGJlNjA5
ZTViM2UwHhcNMjMwMTAxMTY1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRkYmYwZjhmYTVkNjJjZWNhM2I3ZDM1ZWQ3MDQ3OGM5NWI4NTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN5fkOAi+kbvOx4f7NNbKAWiedT8
/BIxSHKdeVH7cO+wp3wl+seLDPgnYVEImJrPnpKKSC5jwR3f6s0VXd4IGQ80M18Q
M4sxqZIL7Mw7wPqAy+IWZlv0sz6XnFxq7812/KJsKdbLcNu3SSbKya+xaVNmCeR+
NnwiaK9K2705FgXDKq/ELBmkflTBnCKei6Rjl5XoWTYe/0Sas/eKWk1Auwhb2seQ
N1ym6rm5Juocct+QgLDia/K57rOhGxZF0RvgRB6swDz+uT1P/5CuepoocV8fr1TW
NaLDk5HJD85MMVyWyWdqnk5aMLRB6QUfpRPkCXTQyyaQfizsw3RjEvDjqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKndvw+PpdYs7KO3017XBHjJW4U8MB8GA1UdIwQY
MBaAFGz9Ngc28fpsl3D8tIvllL5gnls+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAwMkJ6YngtbXlYY1B5MGktV1V2bUNlV3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8zNDRlMmMtMWM1Ni00M2FiLTgxMDgt
ZWFmNjhiNTllNTk5LzEvcWQyX0Q0LWwxaXpzbzdmVFh0Y0VlTWxiaFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8zNDRlMmMtMWM1Ni00M2FiLTgxMDgtZWFmNjhiNTllNTk5
LzEvYlAwMkJ6YngtbXlYY1B5MGktV1V2bUNlV3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+e4AwQC
uUbkMA0GCSqGSIb3DQEBCwUAA4IBAQAiZgL2TS49EA7afKcdLCXYEN/otPGiMQqP
VECZ1kWouFXUMdVac6ipcL6hUyx8mOxhkmWwMw5eZ2dlJhbQkVPS9i8aFGG5iO60
tHwa5PWhhtvp0wdT0ieoIBIgXeGSiV+EGUxv8PhqD33FFLFmzTPWQcbXzK5Q5Zbl
p4b+zZJ0LM6lcRaFdVapO6j62utGHxXO1d5i/mFIK8jNHPz2fpCT36w5fSUvyLWl
Z4oVs943OeIjPawwsQEKhbsp5xv7PfVF3+R6AYh5YcOPmBAsBc0DNvleqcG9at+C
U3OTfP42/rLAbVNtbg/n+XIyNM0QVqQdrin/G0r1OJ1+HjaZCm29
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:55 2024 by rpki-client on console-ams.rpki-client.org