Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/QzsQRbHzSKKep8_nqJDqywEDnEA.roa
File: QzsQRbHzSKKep8_nqJDqywEDnEA.roa (raw, json)
Hash identifier: aTvCHIaLcCSyY6v9n4ycNJTOKPe1Zpu3f3DRNfZg7e4=
Subject key identifier: 43:3B:10:45:B1:F3:48:A2:9E:A7:CF:E7:A8:90:EA:CB:01:03:9C:40
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018A5CDEDFA48E98BC5C611EBFC97E4F85E1
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/QzsQRbHzSKKep8_nqJDqywEDnEA.roa
Signing time: Sun 03 Sep 2023 21:07:04 +0000
ROA not before: Sun 03 Sep 2023 21:07:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Sep 2023 20:14:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5c:de:df:a4:8e:98:bc:5c:61:1e:bf:c9:7e:4f:85:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Sep 3 21:07:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=433b1045b1f348a29ea7cfe7a890eacb01039c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4d:3c:4e:d0:61:f8:8a:70:d8:5a:53:bb:a2:
5f:cd:46:f8:44:f3:59:fc:13:8c:06:2a:e9:85:74:
03:fb:da:da:a3:38:24:66:b0:62:4e:3c:24:bd:7e:
ba:d9:74:6f:0d:d6:3d:a2:ce:c7:ea:0e:84:46:5f:
8e:b9:1f:80:a1:84:8f:2c:4a:36:40:ca:cd:02:7d:
c0:ba:cd:c9:a8:0a:de:5f:cf:a5:ce:7c:a8:ca:3c:
88:33:39:19:7c:61:5c:91:8c:41:90:1f:be:f4:2f:
1a:dc:b2:32:22:97:e7:77:cd:cd:43:78:db:f0:7b:
25:b9:b3:88:d7:a4:2e:87:e0:1e:50:1c:45:af:56:
bc:d7:79:ec:76:a6:10:f4:df:18:03:d7:a3:ee:63:
3f:65:bd:e7:62:55:36:33:a6:37:b8:25:49:d8:50:
5e:e0:bd:d5:32:b0:de:7a:d0:0b:97:c1:76:4b:88:
03:82:c7:1f:72:b3:38:a8:73:b1:6c:58:b0:23:7a:
03:1b:cc:9e:b3:99:1d:dd:b0:31:ac:f0:f5:b9:fe:
32:22:61:a5:63:0c:63:bc:ab:81:9f:c3:9d:02:77:
0d:a4:47:c2:b5:94:04:1b:af:7a:d8:da:c5:cb:66:
3e:ae:7c:5b:e0:e9:9b:06:47:56:70:80:66:35:9e:
61:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3B:10:45:B1:F3:48:A2:9E:A7:CF:E7:A8:90:EA:CB:01:03:9C:40
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/QzsQRbHzSKKep8_nqJDqywEDnEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.216.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:6d:4a:b4:90:64:51:27:d6:3d:79:9c:7f:96:f1:62:e9:9f:
79:bb:1c:35:93:6b:ba:be:39:b0:03:dc:ab:75:06:06:1d:fd:
24:a4:2a:34:27:ab:18:c8:77:f4:7a:02:3d:82:4e:ad:a2:63:
ec:56:99:01:5e:fc:9f:5b:94:b6:86:f6:72:ee:6d:53:9c:a2:
9b:11:55:57:04:82:a2:92:99:48:2f:a1:59:09:80:7a:9d:5a:
71:42:72:fb:38:f1:2e:3a:4b:83:82:ba:1b:72:73:5e:6a:19:
96:04:6e:ef:f2:9b:fc:44:8b:19:db:01:a3:0c:6d:26:c5:58:
9b:53:53:b3:e7:40:b9:be:78:ed:01:5e:c5:3b:b5:f4:ad:38:
a0:4c:e8:07:cc:70:3e:5f:84:53:77:90:2a:19:ae:ae:20:00:
b3:1a:10:fd:95:fd:e4:fb:8b:3b:18:31:dd:04:e7:31:33:34:
a0:2c:43:43:cf:32:af:ea:35:7e:c8:be:b8:8d:6f:66:18:87:
00:da:6e:c6:29:88:d5:53:35:7a:79:ab:2e:fe:c0:8d:40:86:
c4:16:4d:13:fc:ac:43:32:1b:0e:ae:f1:ae:b6:41:86:e1:03:
1a:88:b7:2a:78:ad:19:50:25:de:43:6d:0b:41:80:3f:11:23:
6e:61:b9:ee
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpc3t+kjpi8XGEev8l+T4XhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwOTAzMjEwNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzNiMTA0NWIxZjM0OGEyOWVhN2NmZTdhODkwZWFjYjAxMDM5YzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU08TtBh+Ipw2FpTu6JfzUb4RPNZ
/BOMBirphXQD+9raozgkZrBiTjwkvX662XRvDdY9os7H6g6ERl+OuR+AoYSPLEo2
QMrNAn3Aus3JqAreX8+lznyoyjyIMzkZfGFckYxBkB++9C8a3LIyIpfnd83NQ3jb
8HslubOI16Quh+AeUBxFr1a813nsdqYQ9N8YA9ej7mM/Zb3nYlU2M6Y3uCVJ2FBe
4L3VMrDeetALl8F2S4gDgscfcrM4qHOxbFiwI3oDG8yes5kd3bAxrPD1uf4yImGl
YwxjvKuBn8OdAncNpEfCtZQEG6962NrFy2Y+rnxb4OmbBkdWcIBmNZ5hEQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEM7EEWx80iinqfP56iQ6ssBA5xAMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvUXpzUVJiSHpTS0tlcDhfbnFKRHF5d0VEbkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5P0AwQC
U5P8AwQCW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQBKbUq0kGRRJ9Y9eZx/
lvFi6Z95uxw1k2u6vjmwA9yrdQYGHf0kpCo0J6sYyHf0egI9gk6tomPsVpkBXvyf
W5S2hvZy7m1TnKKbEVVXBIKikplIL6FZCYB6nVpxQnL7OPEuOkuDgrobcnNeahmW
BG7v8pv8RIsZ2wGjDG0mxVibU1Oz50C5vnjtAV7FO7X0rTigTOgHzHA+X4RTd5Aq
Ga6uIACzGhD9lf3k+4s7GDHdBOcxMzSgLENDzzKv6jV+yL64jW9mGIcA2m7GKYjV
UzV6easu/sCNQIbEFk0T/KxDMhsOrvGutkGG4QMaiLcqeK0ZUCXeQ20LQYA/ESNu
Ybnu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org