Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/CQFr1-IU_ZEP3FwNXakhOw-fJ-E.roa
File: CQFr1-IU_ZEP3FwNXakhOw-fJ-E.roa (raw, json)
Hash identifier: Vpb5FKQkaa78N16HJSw4ZWnhLVWJMtIKE5Px1Qy+TJI=
Subject key identifier: 09:01:6B:D7:E2:14:FD:91:0F:DC:5C:0D:5D:A9:21:3B:0F:9F:27:E1
Certificate issuer: /CN=d7401e0249418b357547268824f6244925d8db39
Certificate serial: 0189DF6A149E56436E8796AA419E8DFD2BDF
Authority key identifier: D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/CQFr1-IU_ZEP3FwNXakhOw-fJ-E.roa
Signing time: Thu 10 Aug 2023 12:26:58 +0000
ROA not before: Thu 10 Aug 2023 12:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60478
IP address blocks: 185.31.100.0/22 maxlen: 22
2a00:b420::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:6a:14:9e:56:43:6e:87:96:aa:41:9e:8d:fd:2b:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7401e0249418b357547268824f6244925d8db39
Validity
Not Before: Aug 10 12:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09016bd7e214fd910fdc5c0d5da9213b0f9f27e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:58:e0:f5:28:00:84:cb:17:c4:0a:b9:04:91:
45:c2:30:df:61:c1:41:86:ba:94:2a:04:4b:3d:62:
91:76:3e:d0:f5:97:47:aa:07:24:96:80:5c:7e:c4:
1b:71:9b:8d:4b:99:b3:06:95:28:d6:52:30:67:47:
da:58:3c:af:08:9e:53:8c:f5:05:6b:96:c1:9b:7f:
86:fe:7a:97:1a:96:e2:6e:c7:c1:f4:46:2e:1e:a8:
32:67:ae:ef:71:db:4e:9c:1c:96:a1:53:fa:01:bb:
73:04:9e:8f:f1:8a:96:ae:0a:25:66:90:a7:ba:a7:
db:b9:b2:fc:50:d5:ad:bb:42:fd:79:45:5c:5a:ab:
5e:b1:33:aa:06:e2:9e:3f:a6:14:36:e0:d5:b3:eb:
c4:e5:7a:99:43:1a:f1:f8:af:7e:1f:29:78:65:54:
54:30:5a:be:c5:91:7e:6d:97:f5:9c:5d:b3:d7:a0:
3f:d1:09:ab:66:96:b9:74:08:93:67:df:94:6a:12:
34:2b:79:6d:48:d0:92:7a:5e:b6:9c:18:6f:82:a0:
59:10:67:e2:c0:07:ae:49:f7:1a:c7:bc:42:7e:56:
2f:2c:dd:34:76:54:3d:64:b9:2d:3d:50:ac:68:0d:
d4:75:ed:b4:34:a0:bd:80:f3:fa:92:91:55:c6:84:
98:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:01:6B:D7:E2:14:FD:91:0F:DC:5C:0D:5D:A9:21:3B:0F:9F:27:E1
X509v3 Authority Key Identifier:
keyid:D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/CQFr1-IU_ZEP3FwNXakhOw-fJ-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.100.0/22
IPv6:
2a00:b420::/32
Signature Algorithm: sha256WithRSAEncryption
c8:c4:16:c7:d6:5d:82:9a:70:97:e3:39:d7:4e:43:05:6d:de:
92:e9:63:ae:68:7b:db:5a:e1:89:cd:91:ed:f3:cf:5b:5c:dc:
4a:45:07:e6:d2:96:36:38:9e:34:fc:aa:b5:bc:c3:6f:d5:e8:
be:c6:44:0c:e6:d1:3e:e7:9d:25:4c:a3:fe:6b:29:30:96:c4:
95:7a:85:7d:3c:f2:9a:7e:3f:e2:c9:17:64:e4:2d:79:d9:1c:
b9:2f:ac:3c:e6:be:52:36:4b:49:98:9c:2a:ef:88:d2:43:4b:
1d:84:57:84:29:f2:25:09:3b:05:00:fc:8b:d4:01:a1:ad:36:
11:38:c7:75:f6:bf:0a:b0:88:9e:98:57:84:11:73:52:8b:7b:
fd:d6:79:25:80:4a:09:8f:d0:ab:94:04:4e:30:42:3f:8f:e6:
ac:4c:51:83:23:70:89:b1:f6:46:f7:f8:0f:a4:8f:89:2b:76:
ee:7a:c3:47:7f:b1:e7:9f:1d:75:a7:19:8e:6f:b8:4d:ee:67:
de:a3:e6:44:85:b1:7b:a3:7f:0a:35:e4:c0:6b:9f:f5:12:90:
a4:cc:c8:ac:23:a3:5a:e5:37:31:8a:de:58:f6:fa:d2:9d:14:
e6:d2:33:10:b7:21:52:25:34:52:af:d1:b1:1a:8b:f6:89:c8:
53:d3:61:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYnfahSeVkNuh5aqQZ6N/SvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDAxZTAyNDk0MThiMzU3NTQ3MjY4ODI0ZjYyNDQ5MjVk
OGRiMzkwHhcNMjMwODEwMTIyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAxNmJkN2UyMTRmZDkxMGZkYzVjMGQ1ZGE5MjEzYjBmOWYyN2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFjg9SgAhMsXxAq5BJFFwjDfYcFB
hrqUKgRLPWKRdj7Q9ZdHqgckloBcfsQbcZuNS5mzBpUo1lIwZ0faWDyvCJ5TjPUF
a5bBm3+G/nqXGpbibsfB9EYuHqgyZ67vcdtOnByWoVP6AbtzBJ6P8YqWrgolZpCn
uqfbubL8UNWtu0L9eUVcWqtesTOqBuKeP6YUNuDVs+vE5XqZQxrx+K9+Hyl4ZVRU
MFq+xZF+bZf1nF2z16A/0QmrZpa5dAiTZ9+UahI0K3ltSNCSel62nBhvgqBZEGfi
wAeuSfcax7xCflYvLN00dlQ9ZLktPVCsaA3Ude20NKC9gPP6kpFVxoSYYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAkBa9fiFP2RD9xcDV2pITsPnyfhMB8GA1UdIwQY
MBaAFNdAHgJJQYs1dUcmiCT2JEkl2Ns5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjIt
NTA3ODkxMzk1NDE3LzEvQ1FGcjEtSVVfWkVQM0Z3Tlhha2hPdy1mSi1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjItNTA3ODkxMzk1NDE3
LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR9kMA0E
AgACMAcDBQAqALQgMA0GCSqGSIb3DQEBCwUAA4IBAQDIxBbH1l2CmnCX4znXTkMF
bd6S6WOuaHvbWuGJzZHt889bXNxKRQfm0pY2OJ40/Kq1vMNv1ei+xkQM5tE+550l
TKP+aykwlsSVeoV9PPKafj/iyRdk5C152Ry5L6w85r5SNktJmJwq74jSQ0sdhFeE
KfIlCTsFAPyL1AGhrTYROMd19r8KsIiemFeEEXNSi3v91nklgEoJj9CrlAROMEI/
j+asTFGDI3CJsfZG9/gPpI+JK3buesNHf7Hnnx11pxmOb7hN7mfeo+ZEhbF7o38K
NeTAa5/1EpCkzMisI6Na5Tcxit5Y9vrSnRTm0jMQtyFSJTRSr9GxGov2ichT02H1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:10 2024 by rpki-client on console-fra.rpki-client.org