Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/824652-56e4-4be5-9be3-d04ded7ded00/1/QjII1JW-HclNQjiE4Kf6lyDXdzw.roa
File: QjII1JW-HclNQjiE4Kf6lyDXdzw.roa (raw, json)
Hash identifier: 4FBAxbNF0AGplpzib4Hz5cHzu0369ACTaODePX2KBNA=
Subject key identifier: 42:32:08:D4:95:BE:1D:C9:4D:42:38:84:E0:A7:FA:97:20:D7:77:3C
Certificate issuer: /CN=29851f7ae610b1d0061500b343a4868f3256066e
Certificate serial: 018B8C19B157B4ED5F4E25559FBF55D56C73
Authority key identifier: 29:85:1F:7A:E6:10:B1:D0:06:15:00:B3:43:A4:86:8F:32:56:06:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYUfeuYQsdAGFQCzQ6SGjzJWBm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/824652-56e4-4be5-9be3-d04ded7ded00/1/QjII1JW-HclNQjiE4Kf6lyDXdzw.roa
Signing time: Wed 01 Nov 2023 18:16:15 +0000
ROA not before: Wed 01 Nov 2023 18:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199851
IP address blocks: 91.220.186.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:19:b1:57:b4:ed:5f:4e:25:55:9f:bf:55:d5:6c:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29851f7ae610b1d0061500b343a4868f3256066e
Validity
Not Before: Nov 1 18:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=423208d495be1dc94d423884e0a7fa9720d7773c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e5:93:69:ff:dd:08:ba:3b:e7:d5:f8:f1:9a:
7f:f0:aa:4d:bf:a0:a6:ee:54:92:4a:67:12:d5:7d:
d4:b8:87:a5:68:63:79:52:85:ae:99:82:1b:c0:81:
a3:c6:55:ab:69:cd:de:45:f4:f8:05:48:90:73:17:
87:1e:05:d9:34:64:b0:85:be:27:6d:16:67:c9:66:
b5:ee:d2:fb:4e:7a:1c:10:92:67:ab:a5:a4:39:e8:
cd:a1:ed:e8:de:39:ce:f0:13:d9:ef:43:ae:69:f3:
4e:2a:12:d1:99:94:25:7b:5e:5b:32:1c:0c:b0:ab:
7c:c6:fb:29:27:1c:af:b6:77:53:3b:2d:53:7b:c5:
68:b1:b2:7d:e6:92:45:ed:95:e9:9e:13:11:17:96:
8f:c4:b7:38:ea:ad:a0:98:16:31:f8:65:63:cb:89:
42:59:84:71:09:38:72:a6:38:f7:d8:44:12:04:15:
1f:48:eb:77:64:45:36:01:0d:cf:26:ff:56:92:f5:
f3:fe:04:0f:55:42:6f:d5:28:2f:f4:04:38:17:2a:
88:36:4e:c2:a5:29:e0:26:78:a4:ac:67:47:fe:30:
ac:4a:67:c7:5a:2b:72:55:73:41:65:06:36:c2:4a:
e6:7c:6c:60:fa:e7:b6:a2:75:ba:39:58:03:16:99:
61:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:32:08:D4:95:BE:1D:C9:4D:42:38:84:E0:A7:FA:97:20:D7:77:3C
X509v3 Authority Key Identifier:
keyid:29:85:1F:7A:E6:10:B1:D0:06:15:00:B3:43:A4:86:8F:32:56:06:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYUfeuYQsdAGFQCzQ6SGjzJWBm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/824652-56e4-4be5-9be3-d04ded7ded00/1/QjII1JW-HclNQjiE4Kf6lyDXdzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/824652-56e4-4be5-9be3-d04ded7ded00/1/KYUfeuYQsdAGFQCzQ6SGjzJWBm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.186.0/24
Signature Algorithm: sha256WithRSAEncryption
39:c0:18:4f:d3:9a:44:b5:38:cd:9c:c3:2d:f6:18:87:1d:f0:
65:5d:19:3b:20:30:e3:72:c3:2c:92:e8:4f:31:2b:b5:e1:a8:
3b:fe:a0:ad:0c:ec:e1:82:e2:f7:6a:3f:1e:04:ed:1e:6c:f5:
fc:98:82:ab:78:98:26:f8:88:17:86:91:e1:73:96:2e:81:93:
75:d2:2a:a5:37:b6:ee:31:53:97:e8:1f:60:6d:9b:50:9d:34:
bf:1f:2c:1d:6e:fe:fc:95:f9:71:a4:b9:da:46:07:23:1c:bf:
0f:72:0f:78:c3:58:a7:d8:cc:21:46:a1:b2:7a:2e:03:aa:1a:
d3:bc:53:c9:1e:92:77:e1:ec:f0:de:46:3e:49:87:2e:66:2f:
2c:8f:7d:8b:0d:68:06:44:26:35:72:04:df:68:66:ce:34:12:
4f:84:89:6d:4e:36:ac:f5:c2:ce:bb:e0:41:e6:bb:38:4c:7a:
aa:03:de:29:c9:33:0d:3d:83:2e:53:18:f7:37:0f:33:56:bc:
e0:9e:e6:ea:f4:4e:2e:f8:cf:ce:1f:25:c6:4f:94:dd:9a:39:
a8:b2:d1:11:21:1b:a5:51:c2:80:37:7f:fa:3a:bf:bb:eb:43:
51:44:ef:60:0d:eb:ed:c1:e0:31:89:89:dd:dc:b6:49:a4:9f:
2c:ef:e3:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuMGbFXtO1fTiVVn79V1WxzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODUxZjdhZTYxMGIxZDAwNjE1MDBiMzQzYTQ4NjhmMzI1
NjA2NmUwHhcNMjMxMTAxMTgxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjMyMDhkNDk1YmUxZGM5NGQ0MjM4ODRlMGE3ZmE5NzIwZDc3NzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouWTaf/dCLo759X48Zp/8KpNv6Cm
7lSSSmcS1X3UuIelaGN5UoWumYIbwIGjxlWrac3eRfT4BUiQcxeHHgXZNGSwhb4n
bRZnyWa17tL7TnocEJJnq6WkOejNoe3o3jnO8BPZ70OuafNOKhLRmZQle15bMhwM
sKt8xvspJxyvtndTOy1Te8VosbJ95pJF7ZXpnhMRF5aPxLc46q2gmBYx+GVjy4lC
WYRxCThypjj32EQSBBUfSOt3ZEU2AQ3PJv9WkvXz/gQPVUJv1Sgv9AQ4FyqINk7C
pSngJnikrGdH/jCsSmfHWityVXNBZQY2wkrmfGxg+ue2onW6OVgDFplh8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIyCNSVvh3JTUI4hOCn+pcg13c8MB8GA1UdIwQY
MBaAFCmFH3rmELHQBhUAs0Okho8yVgZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lVZmV1WVFzZEFHRlFDelE2U0dqekpXQm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84MjQ2NTItNTZlNC00YmU1LTliZTMt
ZDA0ZGVkN2RlZDAwLzEvUWpJSTFKVy1IY2xOUWppRTRLZjZseURYZHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84MjQ2NTItNTZlNC00YmU1LTliZTMtZDA0ZGVkN2RlZDAw
LzEvS1lVZmV1WVFzZEFHRlFDelE2U0dqekpXQm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9y6MA0G
CSqGSIb3DQEBCwUAA4IBAQA5wBhP05pEtTjNnMMt9hiHHfBlXRk7IDDjcsMskuhP
MSu14ag7/qCtDOzhguL3aj8eBO0ebPX8mIKreJgm+IgXhpHhc5YugZN10iqlN7bu
MVOX6B9gbZtQnTS/Hywdbv78lflxpLnaRgcjHL8Pcg94w1in2MwhRqGyei4DqhrT
vFPJHpJ34ezw3kY+SYcuZi8sj32LDWgGRCY1cgTfaGbONBJPhIltTjas9cLOu+BB
5rs4THqqA94pyTMNPYMuUxj3Nw8zVrzgnubq9E4u+M/OHyXGT5TdmjmostERIRul
UcKAN3/6Or+760NRRO9gDevtweAxiYnd3LZJpJ8s7+Pw
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:54 2024 by rpki-client on console-ams.rpki-client.org