Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/QLl5A1TE7Ci2V1bFQHRqulTHiVQ.roa
File: QLl5A1TE7Ci2V1bFQHRqulTHiVQ.roa (raw, json)
Hash identifier: XnIJvynuaU5LuOI8vfQ0kcCUc3KNWdhGSIaGhbUEPg0=
Subject key identifier: 40:B9:79:03:54:C4:EC:28:B6:57:56:C5:40:74:6A:BA:54:C7:89:54
Certificate issuer: /CN=351a14ce9d25239b92fe5abce532515044c1aba4
Certificate serial: 0185C2356FC60D7F9615B16CDBA1544B707C
Authority key identifier: 35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/QLl5A1TE7Ci2V1bFQHRqulTHiVQ.roa
Signing time: Wed 18 Jan 2023 00:09:19 +0000
ROA not before: Wed 18 Jan 2023 00:09:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42405
IP address blocks: 89.42.200.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c2:35:6f:c6:0d:7f:96:15:b1:6c:db:a1:54:4b:70:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a14ce9d25239b92fe5abce532515044c1aba4
Validity
Not Before: Jan 18 00:09:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40b9790354c4ec28b65756c540746aba54c78954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ad:fb:22:90:b7:49:6c:65:d0:c1:2b:e4:d3:
87:45:17:e1:34:aa:5b:f0:90:9f:a9:c8:a7:a2:46:
68:f1:37:eb:5a:17:3b:79:9c:c1:f0:6e:71:fa:6f:
7e:b2:2f:b9:f5:bb:38:bd:03:74:8d:98:39:e0:d0:
e3:38:83:3b:3e:34:0a:91:fd:4c:19:9a:13:09:ce:
c7:8f:91:32:03:dc:4e:1a:41:6c:e8:16:17:2d:5f:
2d:e1:38:b4:41:82:e7:21:df:a1:19:8f:d5:de:03:
79:04:0a:be:21:24:61:ae:68:44:b0:6d:89:d3:c6:
84:9e:69:38:5c:99:45:19:bc:44:ff:c1:66:66:0d:
d7:67:00:27:5b:ac:49:11:8d:f5:28:aa:23:b2:68:
17:67:3b:c2:d9:ba:a6:0b:a3:88:c1:69:74:36:7d:
0c:06:e9:52:9b:7f:23:5a:94:f6:5f:4f:2b:3c:da:
8a:af:ee:2d:f3:03:03:08:4e:93:b8:f6:98:21:cc:
c1:16:0e:b2:de:f6:b5:1a:e6:84:d6:01:25:7c:17:
49:6e:86:60:57:e8:8c:68:a5:c3:8b:c3:22:38:ea:
a6:62:6e:67:d1:e7:f3:a1:b5:ba:b7:c9:c9:f9:42:
8b:86:ec:a5:6b:79:2f:d0:0e:b2:da:88:d9:96:9d:
ff:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B9:79:03:54:C4:EC:28:B6:57:56:C5:40:74:6A:BA:54:C7:89:54
X509v3 Authority Key Identifier:
keyid:35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/QLl5A1TE7Ci2V1bFQHRqulTHiVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.200.0/22
Signature Algorithm: sha256WithRSAEncryption
52:29:de:e2:ea:7c:95:84:ac:90:76:d5:52:7d:f2:63:45:8c:
43:5f:1e:81:bd:16:80:6a:53:47:c0:19:8e:47:4f:a3:27:2b:
04:e0:f0:0a:dc:81:ca:83:61:11:ce:98:ce:8b:53:25:2c:08:
1f:d5:49:29:b5:cd:c1:99:20:0b:53:16:42:b2:f2:e6:9c:a4:
95:c7:d0:b1:2b:ee:35:3b:1c:51:aa:96:5c:7e:59:b4:ee:87:
0d:bb:75:e6:be:56:72:f1:2a:c2:bb:5c:2b:43:01:ba:f2:bb:
36:ab:63:d0:69:a8:d5:c0:d6:db:af:11:0b:aa:b7:67:0e:0d:
81:40:77:f4:cd:ae:ef:77:5f:4c:96:4e:be:01:9e:6b:84:90:
ad:a6:98:9e:dc:4c:cf:f1:d9:18:cf:59:17:c1:03:06:e9:f8:
a3:8b:18:99:fc:8d:68:8f:57:07:99:67:a1:d3:b3:62:72:d6:
39:0c:32:d1:c6:69:cd:ab:e8:45:a8:25:1b:3c:58:b8:d3:b9:
14:e5:e5:0c:e7:a6:8d:0f:fe:16:4d:87:d7:f8:7e:b1:46:6a:
99:8b:f3:95:fd:2e:10:74:ac:18:07:2d:af:4f:69:74:d4:91:
0a:d1:5b:ec:71:24:32:0e:8f:59:b1:94:bf:7d:29:1a:19:9a:
53:d6:e6:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXCNW/GDX+WFbFs26FUS3B8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWExNGNlOWQyNTIzOWI5MmZlNWFiY2U1MzI1MTUwNDRj
MWFiYTQwHhcNMjMwMTE4MDAwOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGI5NzkwMzU0YzRlYzI4YjY1NzU2YzU0MDc0NmFiYTU0Yzc4OTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk637IpC3SWxl0MEr5NOHRRfhNKpb
8JCfqcinokZo8TfrWhc7eZzB8G5x+m9+si+59bs4vQN0jZg54NDjOIM7PjQKkf1M
GZoTCc7Hj5EyA9xOGkFs6BYXLV8t4Ti0QYLnId+hGY/V3gN5BAq+ISRhrmhEsG2J
08aEnmk4XJlFGbxE/8FmZg3XZwAnW6xJEY31KKojsmgXZzvC2bqmC6OIwWl0Nn0M
BulSm38jWpT2X08rPNqKr+4t8wMDCE6TuPaYIczBFg6y3va1GuaE1gElfBdJboZg
V+iMaKXDi8MiOOqmYm5n0efzobW6t8nJ+UKLhuyla3kv0A6y2ojZlp3/LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEC5eQNUxOwotldWxUB0arpUx4lUMB8GA1UdIwQY
MBaAFDUaFM6dJSObkv5avOUyUVBEwaukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEt
Mjk1Mzg5NGIxZjZkLzEvUUxsNUExVEU3Q2kyVjFiRlFIUnF1bFRIaVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEtMjk1Mzg5NGIxZjZk
LzEvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSrIMA0G
CSqGSIb3DQEBCwUAA4IBAQBSKd7i6nyVhKyQdtVSffJjRYxDXx6BvRaAalNHwBmO
R0+jJysE4PAK3IHKg2ERzpjOi1MlLAgf1Ukptc3BmSALUxZCsvLmnKSVx9CxK+41
OxxRqpZcflm07ocNu3XmvlZy8SrCu1wrQwG68rs2q2PQaajVwNbbrxELqrdnDg2B
QHf0za7vd19Mlk6+AZ5rhJCtppie3EzP8dkYz1kXwQMG6fijixiZ/I1oj1cHmWeh
07NictY5DDLRxmnNq+hFqCUbPFi407kU5eUM56aND/4WTYfX+H6xRmqZi/OV/S4Q
dKwYBy2vT2l01JEK0VvscSQyDo9ZsZS/fSkaGZpT1ubw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:27 2024 by rpki-client on console-fra.rpki-client.org