Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/QZ3NoUowr2B8rKpjVMTVhDXulxk.roa
File: QZ3NoUowr2B8rKpjVMTVhDXulxk.roa (raw, json)
Hash identifier: Xo4JmngnEQtQy3rLmXr3VHR8QynKD1K7eaNBISZOlUc=
Subject key identifier: 41:9D:CD:A1:4A:30:AF:60:7C:AC:AA:63:54:C4:D5:84:35:EE:97:19
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018D89D3CC61B70996FA1A49DF556B8C04D0
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/QZ3NoUowr2B8rKpjVMTVhDXulxk.roa
Signing time: Thu 08 Feb 2024 17:46:15 +0000
ROA not before: Thu 08 Feb 2024 17:46:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 62.164.224.0/20 maxlen: 20
66.9.96.0/20 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
93.119.184.0/21 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
176.222.48.0/22 maxlen: 24
198.145.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 20:22:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:89:d3:cc:61:b7:09:96:fa:1a:49:df:55:6b:8c:04:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Feb 8 17:46:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=419dcda14a30af607cacaa6354c4d58435ee9719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6c:42:8f:ad:5c:2f:60:93:c9:cf:8a:19:9e:
39:30:70:ca:28:4c:a6:50:f1:ab:d6:1b:97:6c:52:
01:47:60:ef:fa:20:b6:dd:07:99:3e:fa:43:75:6c:
a4:4c:fe:be:6a:23:4b:07:82:2b:83:89:1b:1d:ae:
50:fa:08:86:99:b6:17:ce:e9:fe:6f:4b:5e:90:ff:
db:49:26:2f:44:58:48:08:25:19:c3:5b:9e:14:dd:
ad:c8:da:2b:41:3f:75:33:ad:d2:3c:29:52:fa:b5:
0c:be:b8:de:d0:8f:45:20:6a:27:6e:d2:e8:a8:e9:
47:52:be:60:6c:56:57:a0:84:f0:58:9b:8d:05:96:
c2:03:6d:97:28:cb:88:23:bd:d2:06:cf:3c:5e:54:
88:80:34:e1:86:a6:d1:b2:a7:9a:7d:67:58:be:5f:
b5:7b:84:68:08:c9:fd:bc:d9:f1:e6:d8:0e:a1:59:
b7:96:48:00:88:33:22:5b:18:6b:65:49:21:b8:89:
70:e5:df:ab:ef:bf:d3:55:c3:a6:4d:a4:0f:47:a9:
55:a0:b4:d3:d2:3e:20:75:aa:1a:60:1a:0c:ac:5e:
76:68:33:03:81:af:98:14:a4:eb:ae:43:15:78:b1:
55:17:7c:45:ca:f5:70:4d:fa:29:f9:f5:6b:fe:97:
ae:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9D:CD:A1:4A:30:AF:60:7C:AC:AA:63:54:C4:D5:84:35:EE:97:19
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/QZ3NoUowr2B8rKpjVMTVhDXulxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.224.0/20
66.9.96.0/20
77.223.200.0/23
79.139.64.0/23
93.119.184.0/21
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
198.145.112.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:ea:ec:26:24:0c:f1:b8:95:3d:bc:d7:14:3e:70:d5:d7:a2:
0a:27:a1:5e:f1:18:59:ce:0f:41:64:30:64:20:ce:6c:f8:8d:
a2:ee:69:09:c2:f4:b7:5b:e8:01:c9:b6:82:2b:96:18:d7:10:
ef:f0:68:e6:0b:ef:fb:28:64:e4:d6:ab:c2:4f:87:b7:37:4c:
2e:c0:28:5a:22:a7:08:0d:f2:ec:ec:49:6e:6b:e8:07:63:6d:
b6:52:75:d8:7f:92:48:06:6c:f5:2c:dc:99:08:07:e1:bb:d8:
45:59:41:13:9e:f3:a6:6d:f7:e1:3a:c4:a7:32:4a:72:69:dc:
74:cd:65:77:05:28:01:c4:6a:5b:4a:21:b7:b5:a0:5d:31:57:
2b:1a:ea:ea:99:dc:0b:06:b3:5a:ca:a2:80:29:3f:f3:dd:61:
fd:4a:0a:80:01:32:7d:9a:3e:17:89:dd:cc:e8:e0:37:ab:f9:
d3:5e:f0:ad:de:4b:0c:c1:97:99:42:9b:d7:5e:75:56:9c:f2:
6b:b4:23:f9:7f:b2:2b:d8:f9:e3:da:10:64:7d:d2:28:d9:a6:
60:98:cb:71:7d:48:65:86:3c:02:e0:9e:3f:e4:99:fa:a5:f3:
66:ce:36:61:90:0f:fc:3c:6d:cb:e0:f4:20:42:b0:5c:dd:ba:
bd:0a:1f:b9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY2J08xhtwmW+hpJ31VrjATQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwMjA4MTc0NjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTlkY2RhMTRhMzBhZjYwN2NhY2FhNjM1NGM0ZDU4NDM1ZWU5NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWxCj61cL2CTyc+KGZ45MHDKKEym
UPGr1huXbFIBR2Dv+iC23QeZPvpDdWykTP6+aiNLB4Irg4kbHa5Q+giGmbYXzun+
b0tekP/bSSYvRFhICCUZw1ueFN2tyNorQT91M63SPClS+rUMvrje0I9FIGonbtLo
qOlHUr5gbFZXoITwWJuNBZbCA22XKMuII73SBs88XlSIgDThhqbRsqeafWdYvl+1
e4RoCMn9vNnx5tgOoVm3lkgAiDMiWxhrZUkhuIlw5d+r77/TVcOmTaQPR6lVoLTT
0j4gdaoaYBoMrF52aDMDga+YFKTrrkMVeLFVF3xFyvVwTfop+fVr/peu0wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEGdzaFKMK9gfKyqY1TE1YQ17pcZMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvUVozTm9Vb3dyMkI4cktwalZNVFZoRFh1bHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQEPqTgAwQE
QglgAwQBTd/IAwQBT4tAAwQDXXe4AwQDX7IIAwQDdDIQAwQDeX84AwQCsN4wAwQC
xpFwMA0GCSqGSIb3DQEBCwUAA4IBAQAe6uwmJAzxuJU9vNcUPnDV16IKJ6Fe8RhZ
zg9BZDBkIM5s+I2i7mkJwvS3W+gBybaCK5YY1xDv8GjmC+/7KGTk1qvCT4e3N0wu
wChaIqcIDfLs7Elua+gHY222UnXYf5JIBmz1LNyZCAfhu9hFWUETnvOmbffhOsSn
Mkpyadx0zWV3BSgBxGpbSiG3taBdMVcrGurqmdwLBrNayqKAKT/z3WH9SgqAATJ9
mj4Xid3M6OA3q/nTXvCt3ksMwZeZQpvXXnVWnPJrtCP5f7Ir2Pnj2hBkfdIo2aZg
mMtxfUhlhjwC4J4/5Jn6pfNmzjZhkA/8PG3L4PQgQrBc3bq9Ch+5
-----END CERTIFICATE-----
Generated at Tue Feb 13 00:10:41 2024 by rpki-client on console-ams.rpki-client.org