Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/QzoBI-bxZukNDB2jrW2qybr_Gfk.roa
File: QzoBI-bxZukNDB2jrW2qybr_Gfk.roa (raw, json)
Hash identifier: cI3lAKLETeP6t+05BQN6Na2KIjr4GZ+uQQUfEDvmYN8=
Subject key identifier: 43:3A:01:23:E6:F1:66:E9:0D:0C:1D:A3:AD:6D:AA:C9:BA:FF:19:F9
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 01856D0AF411EB6922A24D61E58043C8AE79
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/QzoBI-bxZukNDB2jrW2qybr_Gfk.roa
Signing time: Sun 01 Jan 2023 11:15:12 +0000
ROA not before: Sun 01 Jan 2023 11:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202974
IP address blocks: 85.143.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:f4:11:eb:69:22:a2:4d:61:e5:80:43:c8:ae:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 11:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=433a0123e6f166e90d0c1da3ad6daac9baff19f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:01:22:ca:02:88:83:8e:ee:e0:81:da:f4:7e:
d4:4b:1d:47:92:a1:a3:45:cf:7d:4a:d8:b9:ac:10:
89:54:26:e6:2b:9d:64:c7:0c:b6:41:da:cb:55:9d:
47:77:29:f3:43:fe:d0:6a:70:c4:de:47:63:f1:a7:
1e:2f:98:9c:e2:bf:96:9c:1d:be:b2:5b:d9:53:e0:
44:46:c0:5c:50:de:55:c7:2e:07:c5:0b:0c:f1:e3:
ee:dd:91:82:63:72:fb:ea:7a:d4:02:d9:98:c8:cf:
34:b5:23:ba:41:60:75:96:02:07:fa:07:ab:a8:be:
d1:96:2c:d8:22:7b:a4:64:18:3e:f6:fe:47:01:a1:
85:5f:f8:78:b2:ef:95:91:10:ed:e9:6c:38:9b:b4:
64:7f:48:7d:c2:d5:2d:e1:1d:f6:9a:57:3a:82:46:
10:d6:c4:2e:49:6e:d1:e4:b8:ad:4b:2a:d0:3c:0e:
c8:f6:84:71:52:ea:20:10:be:36:03:67:86:53:84:
12:6d:3b:30:d1:ff:3e:d9:10:7d:8a:4d:bd:31:05:
9a:e8:a3:18:44:ab:fc:e8:e3:6d:2f:20:5d:a2:7e:
30:e8:f2:59:3e:b9:d2:db:ea:03:5e:8b:0b:30:18:
99:b4:f1:dc:28:89:f7:96:61:d3:68:77:9e:9b:c5:
16:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3A:01:23:E6:F1:66:E9:0D:0C:1D:A3:AD:6D:AA:C9:BA:FF:19:F9
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/QzoBI-bxZukNDB2jrW2qybr_Gfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.249.0/24
Signature Algorithm: sha256WithRSAEncryption
78:32:9b:04:e6:ed:c5:c7:a3:ff:69:9a:30:63:40:da:56:c3:
34:83:e6:43:17:40:25:91:29:95:c0:5a:be:54:30:72:bf:dd:
84:ec:c2:4d:a0:87:52:4a:7e:19:a2:f4:01:b4:29:f4:0c:f6:
d2:76:0b:3a:74:ac:bb:c2:69:a5:b6:38:7d:3e:9d:0c:95:a3:
4a:d6:4e:94:6b:2e:4b:c0:4d:a3:fa:54:97:87:f7:91:b3:0f:
87:59:87:aa:dc:c5:61:0c:3c:94:8d:61:1b:13:c6:1b:dc:6e:
87:08:4e:46:51:7a:9c:06:44:31:1d:56:16:9d:ae:e3:34:29:
60:a6:d3:1f:cf:3c:6b:03:7f:0e:32:c6:3e:d2:7b:81:68:45:
eb:2e:d5:89:69:83:30:8b:76:8d:51:f8:2d:4d:11:a9:13:0d:
69:54:73:5a:35:87:68:19:3c:62:15:c8:a3:8f:f2:24:07:4f:
f9:b0:4b:f1:52:09:48:56:d2:11:cd:36:55:f7:4e:d7:40:f1:
04:15:5a:32:71:8f:3f:05:b1:67:91:6d:a1:71:73:10:47:82:
14:d3:ef:6a:9c:fe:4f:13:7c:c4:71:6d:c9:5e:ce:b1:c9:15:
b1:44:62:a5:27:6f:6b:a1:b0:16:47:d1:29:16:6a:a3:4f:b9:
66:4c:cb:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCvQR62kiok1h5YBDyK55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMwMTAxMTExNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzNhMDEyM2U2ZjE2NmU5MGQwYzFkYTNhZDZkYWFjOWJhZmYxOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQEiygKIg47u4IHa9H7USx1HkqGj
Rc99Sti5rBCJVCbmK51kxwy2QdrLVZ1HdynzQ/7QanDE3kdj8aceL5ic4r+WnB2+
slvZU+BERsBcUN5Vxy4HxQsM8ePu3ZGCY3L76nrUAtmYyM80tSO6QWB1lgIH+ger
qL7RlizYInukZBg+9v5HAaGFX/h4su+VkRDt6Ww4m7Rkf0h9wtUt4R32mlc6gkYQ
1sQuSW7R5LitSyrQPA7I9oRxUuogEL42A2eGU4QSbTsw0f8+2RB9ik29MQWa6KMY
RKv86ONtLyBdon4w6PJZPrnS2+oDXosLMBiZtPHcKIn3lmHTaHeem8UWpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEM6ASPm8WbpDQwdo61tqsm6/xn5MB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvUXpvQkktYnhadWtOREIyanJXMnF5YnJfR2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVY/5MA0G
CSqGSIb3DQEBCwUAA4IBAQB4MpsE5u3Fx6P/aZowY0DaVsM0g+ZDF0AlkSmVwFq+
VDByv92E7MJNoIdSSn4ZovQBtCn0DPbSdgs6dKy7wmmltjh9Pp0MlaNK1k6Uay5L
wE2j+lSXh/eRsw+HWYeq3MVhDDyUjWEbE8Yb3G6HCE5GUXqcBkQxHVYWna7jNClg
ptMfzzxrA38OMsY+0nuBaEXrLtWJaYMwi3aNUfgtTRGpEw1pVHNaNYdoGTxiFcij
j/IkB0/5sEvxUglIVtIRzTZV907XQPEEFVoycY8/BbFnkW2hcXMQR4IU0+9qnP5P
E3zEcW3JXs6xyRWxRGKlJ29robAWR9EpFmqjT7lmTMtN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org