Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/QgjYqTaHBsFftfYKsxQNiHgOQTk.roa
File: QgjYqTaHBsFftfYKsxQNiHgOQTk.roa (raw, json)
Hash identifier: DPTXeQc+6hKKJ/F2Juscofa3ROG4BckMXlS5Hp0NBeo=
Subject key identifier: 42:08:D8:A9:36:87:06:C1:5F:B5:F6:0A:B3:14:0D:88:78:0E:41:39
Certificate issuer: /CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Certificate serial: 0185728C77E1CF02106160F1CDDD18B775D2
Authority key identifier: B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/QgjYqTaHBsFftfYKsxQNiHgOQTk.roa
Signing time: Mon 02 Jan 2023 12:54:46 +0000
ROA not before: Mon 02 Jan 2023 12:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27281
IP address blocks: 91.228.74.0/24 maxlen: 24
91.228.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:77:e1:cf:02:10:61:60:f1:cd:dd:18:b7:75:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e
Validity
Not Before: Jan 2 12:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4208d8a9368706c15fb5f60ab3140d88780e4139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:db:14:a0:11:b9:76:30:a0:b7:28:ff:83:59:
11:81:ac:44:ec:ed:75:b2:df:dd:98:8d:32:6c:b8:
10:3d:23:0e:b8:c0:be:a6:ed:9d:f4:de:00:bd:4c:
f0:da:ca:d5:05:df:87:a2:27:e5:db:f6:22:57:25:
e6:27:e0:44:e2:56:44:97:a0:c8:c9:51:46:29:83:
3f:3c:7c:c8:79:d4:4b:0c:ae:54:cb:16:5a:0a:4b:
c6:7a:93:32:2c:ae:38:ae:6f:b8:08:b7:b7:fc:44:
ef:65:49:fc:33:1b:f7:c0:47:65:25:7d:da:ec:b5:
55:e5:24:60:52:6d:6f:1d:00:a3:15:51:df:70:55:
21:38:1e:80:7a:b5:07:18:6e:a9:00:1d:dc:f4:eb:
67:09:be:08:c0:d7:bc:3f:ce:52:87:f3:36:d6:19:
7d:0f:e0:16:77:c2:52:a7:98:04:95:1b:3e:2a:78:
68:52:af:b1:c5:1b:ed:52:ad:28:f2:62:fa:a5:8a:
89:57:46:c5:d1:43:ef:98:04:8c:ea:05:6b:50:d1:
75:78:11:99:fa:d2:7b:d8:d2:85:1e:50:23:e1:cc:
cf:3e:c5:d2:7c:d6:66:01:39:0a:b0:e3:c5:1e:a8:
1d:c1:b3:0a:19:f3:7b:f7:6c:ea:67:7e:90:ec:f6:
45:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:08:D8:A9:36:87:06:C1:5F:B5:F6:0A:B3:14:0D:88:78:0E:41:39
X509v3 Authority Key Identifier:
keyid:B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/QgjYqTaHBsFftfYKsxQNiHgOQTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.72.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:94:00:fc:7d:a5:53:11:db:54:87:cc:ea:69:ad:bd:5c:a8:
f9:36:c6:06:89:a9:c4:80:69:c2:8a:0f:59:28:79:d0:fa:9a:
26:0c:09:be:eb:ca:04:03:13:c2:63:a7:72:cb:14:52:ba:8a:
a0:fa:78:9d:95:05:86:e5:0b:09:3b:4d:41:de:8f:04:a1:dc:
eb:d7:2e:6c:a6:45:46:40:a3:2d:d8:12:23:5e:d9:df:ff:15:
9d:3d:0d:47:42:2a:e9:81:f3:ec:7b:2a:1b:d1:67:d9:17:a1:
eb:aa:4a:98:2b:93:67:47:5b:55:e5:cf:28:c1:61:bb:e0:a9:
ec:92:a4:09:f7:1c:f9:7e:61:18:af:f2:a6:59:da:40:22:dd:
51:df:4b:a1:89:8e:96:f1:57:42:a9:3d:f5:06:52:97:2b:43:
95:f3:e7:88:82:9e:13:81:2b:51:94:f3:69:16:2f:95:f2:f0:
5d:21:bc:a2:51:fd:f1:81:56:68:01:13:cd:0d:67:3e:3a:8e:
0b:c6:eb:4b:55:e4:13:98:16:d1:2c:ce:fa:87:45:81:03:4f:
c8:4a:8c:59:28:c8:60:1b:1b:3d:85:98:c3:cc:67:51:b9:e0:
4f:36:8b:34:1e:80:a8:da:b8:7a:aa:04:b3:24:50:02:3b:ed:
74:89:9a:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjHfhzwIQYWDxzd0Yt3XSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYmM4NTBkMTdjYTZkM2M3YjRkMDBlNTAxZTJkMzU2ZjA4
YTU4NWUwHhcNMjMwMTAyMTI1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA4ZDhhOTM2ODcwNmMxNWZiNWY2MGFiMzE0MGQ4ODc4MGU0MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9sUoBG5djCgtyj/g1kRgaxE7O11
st/dmI0ybLgQPSMOuMC+pu2d9N4AvUzw2srVBd+Hoifl2/YiVyXmJ+BE4lZEl6DI
yVFGKYM/PHzIedRLDK5UyxZaCkvGepMyLK44rm+4CLe3/ETvZUn8Mxv3wEdlJX3a
7LVV5SRgUm1vHQCjFVHfcFUhOB6AerUHGG6pAB3c9OtnCb4IwNe8P85Sh/M21hl9
D+AWd8JSp5gElRs+KnhoUq+xxRvtUq0o8mL6pYqJV0bF0UPvmASM6gVrUNF1eBGZ
+tJ72NKFHlAj4czPPsXSfNZmATkKsOPFHqgdwbMKGfN792zqZ36Q7PZF+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEII2Kk2hwbBX7X2CrMUDYh4DkE5MB8GA1UdIwQY
MBaAFLG8hQ0Xym08e00A5QHi01bwilheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMt
MTdmYjRmZmI5ZmFkLzEvUWdqWXFUYUhCc0ZmdGZZS3N4UU5pSGdPUVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMtMTdmYjRmZmI5ZmFk
LzEvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+RIMA0G
CSqGSIb3DQEBCwUAA4IBAQAvlAD8faVTEdtUh8zqaa29XKj5NsYGianEgGnCig9Z
KHnQ+pomDAm+68oEAxPCY6dyyxRSuoqg+nidlQWG5QsJO01B3o8Eodzr1y5spkVG
QKMt2BIjXtnf/xWdPQ1HQirpgfPseyob0WfZF6HrqkqYK5NnR1tV5c8owWG74Kns
kqQJ9xz5fmEYr/KmWdpAIt1R30uhiY6W8VdCqT31BlKXK0OV8+eIgp4TgStRlPNp
Fi+V8vBdIbyiUf3xgVZoARPNDWc+Oo4LxutLVeQTmBbRLM76h0WBA0/ISoxZKMhg
Gxs9hZjDzGdRueBPNos0HoCo2rh6qgSzJFACO+10iZok
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:42 2024 by rpki-client on console-fra.rpki-client.org