Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/QCH1K8pUwiSFP8-Cq5g7mHiLgLI.roa
File: QCH1K8pUwiSFP8-Cq5g7mHiLgLI.roa (raw, json)
Hash identifier: 4VjA4+2PlD7llXQuzCDvnuOd9XMjRYXXUlTcMKFPCW0=
Subject key identifier: 40:21:F5:2B:CA:54:C2:24:85:3F:CF:82:AB:98:3B:98:78:8B:80:B2
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 0188283933E507CDABC90BB2E4A17F5132EF
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/QCH1K8pUwiSFP8-Cq5g7mHiLgLI.roa
Signing time: Wed 17 May 2023 05:40:17 +0000
ROA not before: Wed 17 May 2023 05:40:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202468
IP address blocks: 188.213.196.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:28:39:33:e5:07:cd:ab:c9:0b:b2:e4:a1:7f:51:32:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: May 17 05:40:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4021f52bca54c224853fcf82ab983b98788b80b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:14:09:0f:09:f0:2c:c2:a6:23:7e:3a:ef:9c:
31:aa:16:3d:ea:3e:0d:27:cf:58:4b:da:35:dd:4c:
f2:0a:4f:66:c0:1e:ac:4f:eb:9d:e5:25:1c:b2:c4:
fd:43:95:ad:35:18:b3:9f:7d:9c:7c:36:ee:03:fa:
12:1f:22:8c:9c:bc:d5:79:cc:eb:11:09:eb:38:8c:
c0:d2:cd:9b:c9:fe:e0:66:47:06:19:d2:f0:be:9a:
e1:e7:77:5e:f0:9d:2a:40:a3:06:28:69:f5:86:4a:
74:64:13:d8:c3:a1:4b:74:dc:92:40:f5:e0:f3:38:
db:7d:57:93:fe:0d:bb:4e:38:c3:23:17:e8:61:53:
0f:f3:ae:03:99:ea:d5:42:3b:83:2f:49:86:4f:6c:
93:23:b7:6c:5c:76:0a:ed:be:99:87:43:55:e2:a6:
66:e4:b1:35:5e:ef:da:6a:6f:38:88:22:8b:11:05:
95:7e:ff:17:18:05:fc:d6:f5:1a:f4:a7:08:b1:56:
6f:82:b9:48:71:88:4f:62:ca:1e:4b:ae:b5:40:47:
e4:20:99:8b:b6:20:52:04:df:a5:08:50:71:8e:e0:
74:e5:57:94:19:36:20:0d:37:e7:17:0e:87:b5:3d:
37:ef:48:2f:7b:ba:1b:4b:6b:69:42:fa:9e:ce:8c:
7b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:21:F5:2B:CA:54:C2:24:85:3F:CF:82:AB:98:3B:98:78:8B:80:B2
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/QCH1K8pUwiSFP8-Cq5g7mHiLgLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.213.196.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:65:a7:ac:bd:7c:8d:d7:77:91:35:3e:a8:23:70:e8:00:13:
e4:ef:d5:e4:7e:e9:3f:94:f6:5f:b9:8d:33:80:68:67:c6:b3:
8c:a6:70:ab:52:5c:b4:6b:4f:f6:e2:97:8e:b2:b6:b8:5b:59:
b3:8c:36:ce:58:3e:be:db:f3:15:e8:32:fb:38:a9:c7:89:88:
55:69:8a:8a:50:61:31:c1:3a:79:89:ad:49:9b:f1:60:06:94:
46:95:25:a2:6d:39:35:d8:df:b9:3c:3d:fa:a8:24:7c:6f:42:
d9:36:78:a6:68:0d:d3:cf:e2:12:fe:f3:cf:27:80:a5:57:f2:
63:6b:e1:ee:f6:8b:74:45:38:6c:c6:99:8e:bc:70:73:d7:98:
be:12:25:e3:ba:6f:eb:70:de:b9:db:9e:ac:c0:64:96:06:8a:
23:10:d6:4c:b6:47:43:51:b5:e9:86:2a:fd:c5:a5:f4:71:5d:
86:ce:df:1b:d7:65:0e:d3:3f:d8:e1:ee:6c:80:32:2f:75:b4:
78:3c:8d:a1:26:62:8c:dd:fa:e7:6b:ed:7f:af:45:48:59:c8:
9c:43:a5:ca:de:da:04:ac:81:45:07:11:75:d7:42:a9:ad:35:
c5:c3:51:cd:9a:42:28:2f:74:9d:99:22:7e:72:52:ec:0a:bf:
d3:c4:5f:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgoOTPlB82ryQuy5KF/UTLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjMwNTE3MDU0MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDIxZjUyYmNhNTRjMjI0ODUzZmNmODJhYjk4M2I5ODc4OGI4MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBQJDwnwLMKmI34675wxqhY96j4N
J89YS9o13UzyCk9mwB6sT+ud5SUcssT9Q5WtNRizn32cfDbuA/oSHyKMnLzVeczr
EQnrOIzA0s2byf7gZkcGGdLwvprh53de8J0qQKMGKGn1hkp0ZBPYw6FLdNySQPXg
8zjbfVeT/g27TjjDIxfoYVMP864DmerVQjuDL0mGT2yTI7dsXHYK7b6Zh0NV4qZm
5LE1Xu/aam84iCKLEQWVfv8XGAX81vUa9KcIsVZvgrlIcYhPYsoeS661QEfkIJmL
tiBSBN+lCFBxjuB05VeUGTYgDTfnFw6HtT0370gve7obS2tpQvqezox7VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAh9SvKVMIkhT/PgquYO5h4i4CyMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvUUNIMUs4cFV3aVNGUDgtQ3E1ZzdtSGlMZ0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNXEMA0G
CSqGSIb3DQEBCwUAA4IBAQCNZaesvXyN13eRNT6oI3DoABPk79Xkfuk/lPZfuY0z
gGhnxrOMpnCrUly0a0/24peOsra4W1mzjDbOWD6+2/MV6DL7OKnHiYhVaYqKUGEx
wTp5ia1Jm/FgBpRGlSWibTk12N+5PD36qCR8b0LZNnimaA3Tz+IS/vPPJ4ClV/Jj
a+Hu9ot0RThsxpmOvHBz15i+EiXjum/rcN65256swGSWBoojENZMtkdDUbXphir9
xaX0cV2Gzt8b12UO0z/Y4e5sgDIvdbR4PI2hJmKM3frna+1/r0VIWcicQ6XK3toE
rIFFBxF110KprTXFw1HNmkIoL3SdmSJ+clLsCr/TxF9M
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:23 2024 by rpki-client on console-fra.rpki-client.org