Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/QeN7q8jspcTq8-BA2vxrpgZ-7PQ.roa
File: QeN7q8jspcTq8-BA2vxrpgZ-7PQ.roa (raw, json)
Hash identifier: A+XePVus811cSEnJWCkUhBVdH3bYPGhA0wX+4QpDZ44=
Subject key identifier: 41:E3:7B:AB:C8:EC:A5:C4:EA:F3:E0:40:DA:FC:6B:A6:06:7E:EC:F4
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018C3EE09553DC42D3F1782E24983B31B730
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/QeN7q8jspcTq8-BA2vxrpgZ-7PQ.roa
Signing time: Wed 06 Dec 2023 11:25:54 +0000
ROA not before: Wed 06 Dec 2023 11:25:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202242
IP address blocks: 195.231.0.0/18 maxlen: 24
195.231.64.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:e0:95:53:dc:42:d3:f1:78:2e:24:98:3b:31:b7:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Dec 6 11:25:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41e37babc8eca5c4eaf3e040dafc6ba6067eecf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cb:77:dd:05:fc:e9:bb:5d:a3:ac:9e:95:2c:
a3:32:d8:19:31:bf:65:1b:5e:50:b9:cc:e9:b1:b4:
c2:e6:7e:02:4d:37:42:d5:0e:e0:9c:41:e7:fe:c5:
cb:92:c6:2a:27:e2:69:d0:3d:a1:63:f6:d7:21:a3:
9c:ac:2d:04:53:e9:9a:0c:03:38:a8:37:5d:60:10:
df:30:a9:81:e5:00:08:c3:32:ed:36:15:96:43:57:
66:eb:b1:c6:7d:ea:de:d8:7e:6c:86:34:39:5b:cb:
72:f4:fb:ab:d1:f7:11:0a:9d:72:33:d4:05:59:8e:
82:04:a4:5f:51:75:2b:07:f9:26:fc:9c:a3:ab:9c:
b6:70:da:9a:c1:10:c8:8f:e4:cf:72:59:8c:97:55:
d3:40:56:44:ad:78:e3:f0:46:a1:67:5f:5e:fa:a1:
04:40:bb:71:24:b9:93:49:24:71:ef:b0:0b:10:02:
58:3f:cd:8a:26:2f:68:f3:60:c7:19:8b:a9:94:5d:
eb:80:ac:46:20:93:32:6c:45:3e:51:1c:96:3e:83:
ee:44:e8:36:ba:ec:e6:b8:1e:ce:ab:4b:c7:96:87:
d0:4c:6b:7d:d1:27:32:12:1e:2b:e6:22:9f:b5:f2:
da:7f:97:3f:8b:52:50:30:bb:b6:31:71:3b:83:cc:
35:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E3:7B:AB:C8:EC:A5:C4:EA:F3:E0:40:DA:FC:6B:A6:06:7E:EC:F4
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/QeN7q8jspcTq8-BA2vxrpgZ-7PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.231.0.0-195.231.79.255
Signature Algorithm: sha256WithRSAEncryption
a0:7e:ec:61:79:88:f1:07:a8:cd:be:8c:b2:5c:37:fd:90:f6:
9a:95:1c:f6:73:99:61:91:e9:91:30:f1:69:81:1c:47:57:94:
44:23:a4:81:d8:e4:cb:dc:e2:ad:c7:3b:bd:70:59:af:03:39:
a7:5c:07:4c:a3:c6:b6:36:8d:e7:22:06:fa:7c:e0:67:96:c2:
d9:3c:6e:62:12:68:98:08:fa:cd:74:cf:98:0e:b6:ef:f1:51:
43:39:ad:90:5b:96:72:eb:57:cd:18:5d:74:93:22:10:44:e3:
64:f9:91:a1:40:e1:bd:76:44:f9:5e:54:7b:e5:5b:8c:7b:5f:
c3:73:85:51:d1:68:ed:6f:7a:0c:45:c6:22:dc:b1:5e:90:82:
db:e9:17:71:73:c3:f9:96:d2:14:2c:8a:60:5a:2a:f7:08:70:
7f:7a:0d:a4:34:7a:6c:7f:13:49:12:7c:87:b2:8f:76:66:87:
43:83:f8:6a:05:ff:9c:1a:12:58:c8:90:7a:95:07:5b:cf:b2:
61:30:eb:13:d8:62:fe:89:45:63:e9:73:02:e1:33:3b:10:15:
8e:f4:a1:5f:95:33:05:52:8e:67:48:d9:a3:8a:28:42:55:d2:
8f:5a:09:15:af:81:95:0d:a2:dc:74:01:37:44:39:ad:17:b7:
a8:c3:f0:39
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYw+4JVT3ELT8XguJJg7MbcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMxMjA2MTEyNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWUzN2JhYmM4ZWNhNWM0ZWFmM2UwNDBkYWZjNmJhNjA2N2VlY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkct33QX86btdo6yelSyjMtgZMb9l
G15QuczpsbTC5n4CTTdC1Q7gnEHn/sXLksYqJ+Jp0D2hY/bXIaOcrC0EU+maDAM4
qDddYBDfMKmB5QAIwzLtNhWWQ1dm67HGfere2H5shjQ5W8ty9Pur0fcRCp1yM9QF
WY6CBKRfUXUrB/km/Jyjq5y2cNqawRDIj+TPclmMl1XTQFZErXjj8EahZ19e+qEE
QLtxJLmTSSRx77ALEAJYP82KJi9o82DHGYuplF3rgKxGIJMybEU+URyWPoPuROg2
uuzmuB7Oq0vHlofQTGt90ScyEh4r5iKftfLaf5c/i1JQMLu2MXE7g8w19QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFEHje6vI7KXE6vPgQNr8a6YGfuz0MB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvUWVON3E4anNwY1RxOC1CQTJ2eHJwZ1otN1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwDD5wME
BMPnQDANBgkqhkiG9w0BAQsFAAOCAQEAoH7sYXmI8Qeozb6Mslw3/ZD2mpUc9nOZ
YZHpkTDxaYEcR1eURCOkgdjky9zircc7vXBZrwM5p1wHTKPGtjaN5yIG+nzgZ5bC
2TxuYhJomAj6zXTPmA627/FRQzmtkFuWcutXzRhddJMiEETjZPmRoUDhvXZE+V5U
e+VbjHtfw3OFUdFo7W96DEXGItyxXpCC2+kXcXPD+ZbSFCyKYFoq9whwf3oNpDR6
bH8TSRJ8h7KPdmaHQ4P4agX/nBoSWMiQepUHW8+yYTDrE9hi/olFY+lzAuEzOxAV
jvShX5UzBVKOZ0jZo4ooQlXSj1oJFa+BlQ2i3HQBN0Q5rRe3qMPwOQ==
-----END CERTIFICATE-----
Generated at Mon Dec 11 17:08:21 2023 by rpki-client on console-fra.rpki-client.org