Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/QjVyhkgEQDTKeLI-M7LsqfTq_d0.roa
File: QjVyhkgEQDTKeLI-M7LsqfTq_d0.roa (raw, json)
Hash identifier: ldJR1Lh5uxVq5/p/rUKwrW9L2Wt1iZvMFW3fEBPR6W4=
Subject key identifier: 42:35:72:86:48:04:40:34:CA:78:B2:3E:33:B2:EC:A9:F4:EA:FD:DD
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 0188283933841968EB49526EFAA36EFA9F5E
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/QjVyhkgEQDTKeLI-M7LsqfTq_d0.roa
Signing time: Wed 17 May 2023 05:40:17 +0000
ROA not before: Wed 17 May 2023 05:40:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50810
IP address blocks: 93.117.176.0/20 maxlen: 22
93.119.208.0/20 maxlen: 22
188.213.192.0/22 maxlen: 22
188.212.240.0/21 maxlen: 21
37.98.114.0/24 maxlen: 24
188.211.0.0/20 maxlen: 20
94.101.248.0/21 maxlen: 21
178.131.0.0/16 maxlen: 22
37.98.64.0/18 maxlen: 22
62.102.128.0/20 maxlen: 22
Validation: Failed, certificate revoked on Sat 27 May 2023 15:23:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:28:39:33:84:19:68:eb:49:52:6e:fa:a3:6e:fa:9f:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: May 17 05:40:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4235728648044034ca78b23e33b2eca9f4eafddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f9:f3:29:c7:c2:1e:c7:cb:72:71:d4:9f:cf:
d3:79:d9:ba:5d:97:85:ae:9d:e5:75:b3:25:83:54:
64:02:d3:60:75:3c:03:eb:f3:3c:cb:77:5e:32:bd:
53:b8:eb:97:ff:13:19:16:00:8d:c0:19:58:d9:2a:
21:48:5d:23:53:d8:da:a0:f7:ff:c5:90:96:b7:70:
6d:f5:6f:51:5a:7e:ec:8b:e7:98:70:c5:ec:99:a4:
5f:bb:57:a3:d3:21:9f:ed:d0:2b:da:70:e0:49:cb:
b1:ce:b7:dc:11:9f:ff:ed:cf:d0:86:40:89:45:08:
7b:1a:b3:8f:1a:68:1e:a0:73:b2:bd:a3:69:ad:49:
33:a1:d7:24:95:36:79:89:ea:51:15:81:a8:ef:7e:
7f:d7:cf:ab:7b:9b:d5:6f:9a:06:e4:bb:99:2d:9b:
a7:29:76:6a:87:e8:04:c9:87:8c:52:ac:7f:f6:fa:
c7:cf:72:1f:77:08:ae:5d:d1:83:7b:34:af:3a:58:
24:6d:70:ae:1e:a2:8d:bf:69:f6:6e:c4:22:83:15:
e7:86:ef:5b:cf:89:ae:b6:e7:23:d4:05:15:18:7e:
c6:7d:22:67:47:f2:32:cc:87:04:04:5e:7a:83:1a:
82:49:83:a7:8a:b2:32:f3:b1:c6:48:c4:98:c9:dd:
4d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:35:72:86:48:04:40:34:CA:78:B2:3E:33:B2:EC:A9:F4:EA:FD:DD
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/QjVyhkgEQDTKeLI-M7LsqfTq_d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.64.0/18
62.102.128.0/20
93.117.176.0/20
93.119.208.0/20
94.101.248.0/21
178.131.0.0/16
188.211.0.0/20
188.212.240.0/21
188.213.192.0/22
Signature Algorithm: sha256WithRSAEncryption
56:da:b0:ae:a1:ca:f7:73:9a:c5:20:59:b3:1f:db:c6:f4:9b:
62:5b:aa:ff:86:fa:59:3d:2a:81:c5:2c:38:65:a4:c7:1a:26:
78:4a:e3:d4:a6:73:0a:46:93:01:16:6b:e4:4a:d0:b4:dc:cc:
1f:71:67:b7:03:7f:93:91:ce:5c:9c:e0:af:94:b6:31:c8:fb:
f5:e3:bd:30:f1:4e:a4:56:c4:5f:07:20:41:a5:83:18:0f:23:
a4:84:5a:4f:33:ee:24:e6:34:77:31:58:29:29:21:df:e7:9b:
9a:f4:e5:0d:c4:23:56:8d:ee:c3:5f:b9:3a:59:95:ac:43:37:
b5:de:88:c4:d2:6a:d2:44:80:83:9f:46:ad:80:df:1b:e4:dc:
9c:2c:b8:3c:67:69:8d:1c:f2:6e:5c:f9:bf:c3:4b:46:a3:69:
7c:73:03:b8:50:98:c9:00:01:d8:e2:da:ff:bb:89:2e:af:0e:
b6:54:00:9a:94:46:10:79:c2:a7:78:55:e2:c5:7b:fa:35:8d:
3f:45:8c:a9:16:42:d7:bb:f4:a5:fd:60:b5:dc:94:43:65:02:
cd:98:76:c7:35:0c:6a:72:e1:0b:dd:71:a7:64:25:d0:9e:d4:
d9:99:98:af:36:5d:e8:33:cc:8c:29:05:85:4b:06:cc:f6:18:
16:32:20:f3
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYgoOTOEGWjrSVJu+qNu+p9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjMwNTE3MDU0MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjM1NzI4NjQ4MDQ0MDM0Y2E3OGIyM2UzM2IyZWNhOWY0ZWFmZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfnzKcfCHsfLcnHUn8/Tedm6XZeF
rp3ldbMlg1RkAtNgdTwD6/M8y3deMr1TuOuX/xMZFgCNwBlY2SohSF0jU9jaoPf/
xZCWt3Bt9W9RWn7si+eYcMXsmaRfu1ej0yGf7dAr2nDgScuxzrfcEZ//7c/QhkCJ
RQh7GrOPGmgeoHOyvaNprUkzodcklTZ5iepRFYGo735/18+re5vVb5oG5LuZLZun
KXZqh+gEyYeMUqx/9vrHz3IfdwiuXdGDezSvOlgkbXCuHqKNv2n2bsQigxXnhu9b
z4mutucj1AUVGH7GfSJnR/IyzIcEBF56gxqCSYOnirIy87HGSMSYyd1NhwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFEI1coZIBEA0yniyPjOy7Kn06v3dMB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvUWpWeWhrZ0VRRFRLZUxJLU03THNxZlRxX2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1AwQGJWJAAwQE
PmaAAwQEXXWwAwQEXXfQAwQDXmX4AwMAsoMDBAS80wADBAO81PADBAK81cAwDQYJ
KoZIhvcNAQELBQADggEBAFbasK6hyvdzmsUgWbMf28b0m2Jbqv+G+lk9KoHFLDhl
pMcaJnhK49SmcwpGkwEWa+RK0LTczB9xZ7cDf5ORzlyc4K+UtjHI+/XjvTDxTqRW
xF8HIEGlgxgPI6SEWk8z7iTmNHcxWCkpId/nm5r05Q3EI1aN7sNfuTpZlaxDN7Xe
iMTSatJEgIOfRq2A3xvk3JwsuDxnaY0c8m5c+b/DS0ajaXxzA7hQmMkAAdji2v+7
iS6vDrZUAJqURhB5wqd4VeLFe/o1jT9FjKkWQte79KX9YLXclENlAs2Ydsc1DGpy
4QvdcadkJdCe1NmZmK82XegzzIwpBYVLBsz2GBYyIPM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:15 2024 by rpki-client on console-fra.rpki-client.org