Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QFOP0tF_3lWROVjCUGl8CQS5_KE.roa
File: QFOP0tF_3lWROVjCUGl8CQS5_KE.roa (raw, json)
Hash identifier: H16QR4Gb4DCBoa+4igxivLywvJO6PZS7HVJPMm7/sz8=
Subject key identifier: 40:53:8F:D2:D1:7F:DE:55:91:39:58:C2:50:69:7C:09:04:B9:FC:A1
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0186AB3EBEE12CFDD6769C66B8C667AA1C18
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QFOP0tF_3lWROVjCUGl8CQS5_KE.roa
Signing time: Sat 04 Mar 2023 06:11:01 +0000
ROA not before: Sat 04 Mar 2023 06:11:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 93.115.255.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.95.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
188.214.208.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ab:3e:be:e1:2c:fd:d6:76:9c:66:b8:c6:67:aa:1c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 4 06:11:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40538fd2d17fde55913958c250697c0904b9fca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:68:7f:f5:52:6f:c2:c8:00:26:83:de:bb:67:
8a:20:d9:37:2a:d1:99:69:3b:a8:d3:44:70:f9:03:
d7:17:0b:00:43:d8:51:0a:fd:88:0b:49:df:91:6c:
8e:1a:f7:9b:7c:a6:f0:e5:2d:b9:48:27:c3:bd:28:
31:02:72:af:aa:7b:1a:be:83:34:06:f3:a0:6f:aa:
96:90:85:70:c9:96:4e:de:0e:3e:0b:d6:3a:ff:43:
f6:f0:8e:31:8d:a8:1d:cc:f4:10:81:00:5e:be:0a:
42:14:c3:64:0d:74:ff:cd:ed:6d:97:73:70:d4:0c:
38:a1:6c:6c:d1:a8:d5:14:3f:21:7a:f6:45:c6:70:
21:22:11:93:fe:e8:53:76:78:bf:e8:1c:ee:af:23:
19:58:0d:db:a3:e1:31:2f:a0:f5:25:ec:b8:4f:40:
69:6d:9e:cc:42:4b:c4:34:00:73:c6:88:9d:15:b5:
f3:1e:73:52:d4:ee:6c:6d:46:28:94:9d:d5:f0:2c:
c3:9a:6b:35:c2:63:31:ce:9e:95:24:8d:e9:25:a7:
54:f0:b4:b5:2b:4e:c3:e3:17:79:f4:20:c5:6b:b3:
28:dc:89:87:dd:30:22:a0:59:5b:50:31:fd:99:8a:
35:6e:5e:23:f5:13:b3:b7:d5:80:f9:17:c6:65:65:
02:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:53:8F:D2:D1:7F:DE:55:91:39:58:C2:50:69:7C:09:04:B9:FC:A1
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QFOP0tF_3lWROVjCUGl8CQS5_KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.255.0/24
185.255.168.0/24
188.212.132.0/24
188.212.159.0/24
188.213.202.0/24
188.214.208.0/23
213.232.93.0/24
213.232.95.0/24
Signature Algorithm: sha256WithRSAEncryption
48:46:24:a4:8b:7c:27:6d:71:e1:b4:cf:39:1b:01:09:1e:d0:
e7:6a:0e:37:2a:7f:d3:ef:4b:79:8c:c9:8c:f6:5f:d6:24:6c:
03:57:28:7e:e7:45:bf:80:68:97:aa:8c:ff:3f:e4:d6:58:ad:
06:4a:0c:00:1e:e4:b1:0d:ad:00:9e:d8:55:70:f0:53:f3:93:
09:f4:4a:4a:54:24:c2:ce:3b:c9:99:58:1a:84:9b:8f:b9:7f:
c7:18:43:54:fa:60:84:27:1c:f1:4d:32:00:f7:45:86:52:87:
18:bc:2e:61:01:b7:08:3b:fa:13:24:6f:78:ae:94:de:1c:0b:
98:0c:8f:8c:21:3b:aa:b9:69:d5:85:55:28:f8:89:14:eb:84:
8e:85:94:3d:0b:1c:aa:02:9b:33:a0:18:ec:ef:be:cd:9e:05:
33:cb:2c:73:45:86:cf:26:97:aa:b0:0e:bc:56:2a:cf:7a:ff:
34:c8:5a:46:22:bb:76:e7:96:26:59:c5:00:54:8d:83:2a:a9:
c3:42:91:ad:c8:d3:66:73:e2:b5:6c:35:7a:94:57:87:f5:1c:
bb:da:d6:96:05:d4:e1:77:41:5b:9a:d1:0c:36:50:54:b6:09:
ae:3c:21:e7:6a:ac:ba:eb:cd:d6:75:95:26:67:3a:f9:49:8e:
28:37:3d:c9
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYarPr7hLP3WdpxmuMZnqhwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA0MDYxMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDUzOGZkMmQxN2ZkZTU1OTEzOTU4YzI1MDY5N2MwOTA0YjlmY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWh/9VJvwsgAJoPeu2eKINk3KtGZ
aTuo00Rw+QPXFwsAQ9hRCv2IC0nfkWyOGvebfKbw5S25SCfDvSgxAnKvqnsavoM0
BvOgb6qWkIVwyZZO3g4+C9Y6/0P28I4xjagdzPQQgQBevgpCFMNkDXT/ze1tl3Nw
1Aw4oWxs0ajVFD8hevZFxnAhIhGT/uhTdni/6BzuryMZWA3bo+ExL6D1Jey4T0Bp
bZ7MQkvENABzxoidFbXzHnNS1O5sbUYolJ3V8CzDmms1wmMxzp6VJI3pJadU8LS1
K07D4xd59CDFa7Mo3ImH3TAioFlbUDH9mYo1bl4j9ROzt9WA+RfGZWUCWwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEBTj9LRf95VkTlYwlBpfAkEufyhMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUUZPUDB0Rl8zbFdST1ZqQ1VHbDhDUVM1X0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAXXP/AwQA
uf+oAwQAvNSEAwQAvNSfAwQAvNXKAwQBvNbQAwQA1ehdAwQA1ehfMA0GCSqGSIb3
DQEBCwUAA4IBAQBIRiSki3wnbXHhtM85GwEJHtDnag43Kn/T70t5jMmM9l/WJGwD
Vyh+50W/gGiXqoz/P+TWWK0GSgwAHuSxDa0AnthVcPBT85MJ9EpKVCTCzjvJmVga
hJuPuX/HGENU+mCEJxzxTTIA90WGUocYvC5hAbcIO/oTJG94rpTeHAuYDI+MITuq
uWnVhVUo+IkU64SOhZQ9CxyqApszoBjs777NngUzyyxzRYbPJpeqsA68VirPev80
yFpGIrt255YmWcUAVI2DKqnDQpGtyNNmc+K1bDV6lFeH9Ry72taWBdThd0FbmtEM
NlBUtgmuPCHnaqy6683WdZUmZzr5SY4oNz3J
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org