Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/QG9GlMEJUA1WenRqlxxKckWvOHI.roa
File: QG9GlMEJUA1WenRqlxxKckWvOHI.roa (raw, json)
Hash identifier: HpzuSIGIVifSf8JM6VTWUqiIQHaWxLgWLmoL2qXa0WE=
Subject key identifier: 40:6F:46:94:C1:09:50:0D:56:7A:74:6A:97:1C:4A:72:45:AF:38:72
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018571D7CACC97E8A0F6128016B0C14832EB
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/QG9GlMEJUA1WenRqlxxKckWvOHI.roa
Signing time: Mon 02 Jan 2023 09:37:25 +0000
ROA not before: Mon 02 Jan 2023 09:37:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35758
IP address blocks: 147.78.2.0/24 maxlen: 24
2a11:840:30::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:ca:cc:97:e8:a0:f6:12:80:16:b0:c1:48:32:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 2 09:37:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=406f4694c109500d567a746a971c4a7245af3872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:13:6d:81:31:df:1d:4c:20:f6:be:2a:9f:7d:
59:67:ee:50:3d:80:e6:30:89:bc:b3:e9:da:06:b1:
96:9f:9c:ae:ef:db:54:6d:92:03:ff:1b:1c:40:3f:
f9:c3:91:38:2a:ba:69:56:91:98:e6:4d:0a:af:16:
84:7c:52:51:93:3d:c1:49:30:05:18:88:c7:49:cf:
28:31:94:33:4a:78:b2:81:fb:58:84:df:23:06:ad:
13:50:3b:3c:a0:75:09:a6:eb:91:17:d9:5d:eb:b5:
16:06:c3:b6:48:07:80:95:04:0e:fa:d1:5f:20:54:
f3:1c:44:b9:87:36:a2:eb:05:be:93:ad:6b:1e:66:
89:b9:f7:35:02:ba:f7:b8:66:15:48:0d:b0:e8:20:
be:93:14:e9:48:f2:72:51:fa:15:23:23:00:f8:5d:
e9:e5:bd:82:ea:81:a4:9f:94:2d:26:27:f3:db:b0:
3d:0b:99:15:63:d3:7c:e4:a2:c7:24:41:73:d7:a7:
41:92:1d:59:9a:53:06:ee:01:3a:68:85:97:ed:0b:
69:40:e1:60:b4:ef:eb:20:e1:1c:6c:1a:36:34:9f:
9b:aa:e5:4a:3e:15:4b:98:42:dc:cf:da:fb:30:55:
3a:ca:c3:0f:33:1d:0e:13:c7:10:9c:b0:89:c7:90:
f4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6F:46:94:C1:09:50:0D:56:7A:74:6A:97:1C:4A:72:45:AF:38:72
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/QG9GlMEJUA1WenRqlxxKckWvOHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.2.0/24
IPv6:
2a11:840:30::/48
Signature Algorithm: sha256WithRSAEncryption
1e:5e:c6:47:86:78:52:bf:bd:01:bd:5e:d5:6a:19:65:4c:50:
5f:b2:e0:49:38:05:96:dc:23:81:37:69:41:8d:7d:75:29:55:
41:31:02:be:8c:bb:fa:fc:fc:f0:80:da:0a:96:65:e8:d2:18:
10:97:08:83:1e:ec:aa:95:3a:e3:69:44:27:b1:db:aa:8b:1d:
72:9a:05:15:61:e4:b5:47:a0:9f:48:7a:9b:5d:f8:0b:1a:fb:
dc:ad:c5:60:01:7d:85:cd:d6:75:1c:0a:0d:6c:f4:cb:3f:2d:
6e:a6:3a:6f:c3:46:70:50:1d:18:ed:d2:c8:45:82:ae:27:b0:
87:46:69:9e:5e:c6:4f:f7:2e:8e:bf:41:66:e2:8d:20:33:97:
6c:ab:81:a1:e8:31:c9:9f:9d:ed:ae:21:59:a6:ec:3b:15:c5:
f9:98:1e:fe:3b:05:d5:f6:26:fc:a8:96:04:73:2a:39:1c:3c:
f2:37:52:20:89:a5:de:49:a1:35:e3:17:e8:11:49:7e:01:6e:
b1:8c:bf:4c:7f:fb:bb:6d:2b:63:18:5e:d1:dc:d3:33:4b:96:
1e:cb:fa:30:54:ee:ef:32:25:8c:68:3c:3d:b7:02:82:b0:d8:
71:cd:d6:5d:f8:11:0e:f7:f3:6a:c7:d5:41:6e:a7:26:39:55:
5c:f6:49:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVx18rMl+ig9hKAFrDBSDLrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjMwMTAyMDkzNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDZmNDY5NGMxMDk1MDBkNTY3YTc0NmE5NzFjNGE3MjQ1YWYzODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhNtgTHfHUwg9r4qn31ZZ+5QPYDm
MIm8s+naBrGWn5yu79tUbZID/xscQD/5w5E4KrppVpGY5k0KrxaEfFJRkz3BSTAF
GIjHSc8oMZQzSniygftYhN8jBq0TUDs8oHUJpuuRF9ld67UWBsO2SAeAlQQO+tFf
IFTzHES5hzai6wW+k61rHmaJufc1Arr3uGYVSA2w6CC+kxTpSPJyUfoVIyMA+F3p
5b2C6oGkn5QtJifz27A9C5kVY9N85KLHJEFz16dBkh1ZmlMG7gE6aIWX7QtpQOFg
tO/rIOEcbBo2NJ+bquVKPhVLmELcz9r7MFU6ysMPMx0OE8cQnLCJx5D0rwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEBvRpTBCVANVnp0apccSnJFrzhyMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvUUc5R2xNRUpVQTFXZW5ScWx4eEtja1d2T0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAk04CMA8E
AgACMAkDBwAqEQhAADAwDQYJKoZIhvcNAQELBQADggEBAB5exkeGeFK/vQG9XtVq
GWVMUF+y4Ek4BZbcI4E3aUGNfXUpVUExAr6Mu/r8/PCA2gqWZejSGBCXCIMe7KqV
OuNpRCex26qLHXKaBRVh5LVHoJ9Ieptd+Asa+9ytxWABfYXN1nUcCg1s9Ms/LW6m
Om/DRnBQHRjt0shFgq4nsIdGaZ5exk/3Lo6/QWbijSAzl2yrgaHoMcmfne2uIVmm
7DsVxfmYHv47BdX2JvyolgRzKjkcPPI3UiCJpd5JoTXjF+gRSX4BbrGMv0x/+7tt
K2MYXtHc0zNLlh7L+jBU7u8yJYxoPD23AoKw2HHN1l34EQ7382rH1UFupyY5VVz2
Sb8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org