Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/QRVqH-nCK3BveNN6LzMR41MO0DE.roa
File: QRVqH-nCK3BveNN6LzMR41MO0DE.roa (raw, json)
Hash identifier: O0F3Z4GT3GwuIHXRZYATnL+S851fi6usFAqnj0eKbLE=
Subject key identifier: 41:15:6A:1F:E9:C2:2B:70:6F:78:D3:7A:2F:33:11:E3:53:0E:D0:31
Certificate issuer: /CN=4c3789ecf67e04298c5ee44c67d8fb7f5d6d95a1
Certificate serial: 018B48DEB183841495E8B034883A84AC1779
Authority key identifier: 4C:37:89:EC:F6:7E:04:29:8C:5E:E4:4C:67:D8:FB:7F:5D:6D:95:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/QRVqH-nCK3BveNN6LzMR41MO0DE.roa
Signing time: Thu 19 Oct 2023 16:57:15 +0000
ROA not before: Thu 19 Oct 2023 16:57:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35583
IP address blocks: 185.191.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:48:de:b1:83:84:14:95:e8:b0:34:88:3a:84:ac:17:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3789ecf67e04298c5ee44c67d8fb7f5d6d95a1
Validity
Not Before: Oct 19 16:57:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41156a1fe9c22b706f78d37a2f3311e3530ed031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2d:b6:09:bc:f1:55:d9:ee:7a:01:f6:f6:27:
df:b2:1a:f8:d1:39:5c:d1:0c:03:bb:f9:bb:d5:04:
37:4f:f5:ce:f7:89:be:b9:8e:ee:8d:06:11:18:02:
7b:54:cd:96:83:47:66:78:bd:0d:e6:52:77:55:a2:
78:2f:df:2d:00:7b:03:f9:29:e6:d4:b8:aa:7b:e8:
9e:cb:96:7b:fa:e4:1b:52:47:3e:8d:9f:a2:44:5d:
3b:38:0f:01:d7:69:c6:04:19:a2:01:2e:e2:62:b5:
7d:9a:be:95:b0:e2:20:53:0d:fe:25:b7:f4:21:1e:
f2:8e:f9:94:d1:6a:57:3d:a1:bb:0b:08:6d:eb:0b:
8a:5e:f3:20:09:92:f8:f8:30:97:7a:75:29:80:40:
d6:dd:0e:58:27:49:92:85:fe:59:14:94:17:33:e3:
96:49:10:fd:83:50:33:80:44:e7:75:ac:73:04:63:
c3:78:fa:e4:7a:1b:83:58:ac:d7:b5:0b:53:96:9b:
60:dc:6f:ff:3d:09:46:f9:df:cb:94:5e:e7:9b:e5:
10:4d:f3:1b:6a:31:06:79:aa:bc:b5:58:cb:cb:65:
d8:66:09:6e:7d:c3:ec:6c:43:22:fc:f7:25:f0:a0:
e1:38:1a:b0:af:ff:60:aa:82:7a:e4:72:82:37:e8:
cd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:15:6A:1F:E9:C2:2B:70:6F:78:D3:7A:2F:33:11:E3:53:0E:D0:31
X509v3 Authority Key Identifier:
keyid:4C:37:89:EC:F6:7E:04:29:8C:5E:E4:4C:67:D8:FB:7F:5D:6D:95:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/QRVqH-nCK3BveNN6LzMR41MO0DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.150.0/24
Signature Algorithm: sha256WithRSAEncryption
92:15:85:73:21:73:6d:03:f3:1d:51:a3:cb:86:ff:9e:ae:bc:
33:4a:f7:42:90:42:df:e3:a9:1f:0c:d0:da:2b:bd:f9:da:da:
c3:55:d7:08:70:39:14:b3:5b:82:9f:30:ab:61:30:7d:86:c2:
a4:9d:97:3d:db:a5:2c:80:dc:e4:28:5d:18:83:c3:d4:f5:44:
0c:9d:f4:56:b9:9b:27:66:dd:2c:7f:6c:66:e4:60:67:90:96:
9a:23:10:46:e1:0a:15:02:84:a4:f8:1b:24:cb:89:e1:3a:5a:
b4:b6:4d:f4:81:11:4e:16:e6:79:ac:b6:6a:36:52:21:4e:b2:
12:e7:df:84:a4:0c:b0:46:b0:8f:06:90:f3:0e:f0:8a:57:6c:
4f:22:49:10:f8:38:5a:1d:d7:81:10:5e:9e:ee:42:88:e8:3c:
f8:1f:c6:11:97:6d:ca:71:18:77:99:9f:65:67:df:c4:fb:c2:
1a:da:20:63:6a:71:b1:3b:5d:de:62:4e:67:80:27:4e:c4:d7:
6b:e2:45:4c:c1:eb:ac:dc:1c:d8:f8:3a:c2:9d:d1:7e:4f:f9:
e8:e5:20:02:43:b4:32:58:95:a0:76:11:9b:da:59:d4:51:71:
91:b9:74:11:a7:af:d8:ef:36:4c:95:c0:9e:85:1c:fe:b5:a7:
fb:48:00:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtI3rGDhBSV6LA0iDqErBd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzc4OWVjZjY3ZTA0Mjk4YzVlZTQ0YzY3ZDhmYjdmNWQ2
ZDk1YTEwHhcNMjMxMDE5MTY1NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTE1NmExZmU5YzIyYjcwNmY3OGQzN2EyZjMzMTFlMzUzMGVkMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy22CbzxVdnuegH29iffshr40Tlc
0QwDu/m71QQ3T/XO94m+uY7ujQYRGAJ7VM2Wg0dmeL0N5lJ3VaJ4L98tAHsD+Snm
1Liqe+iey5Z7+uQbUkc+jZ+iRF07OA8B12nGBBmiAS7iYrV9mr6VsOIgUw3+Jbf0
IR7yjvmU0WpXPaG7Cwht6wuKXvMgCZL4+DCXenUpgEDW3Q5YJ0mShf5ZFJQXM+OW
SRD9g1AzgETndaxzBGPDePrkehuDWKzXtQtTlptg3G//PQlG+d/LlF7nm+UQTfMb
ajEGeaq8tVjLy2XYZglufcPsbEMi/Pcl8KDhOBqwr/9gqoJ65HKCN+jNUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEVah/pwitwb3jTei8zEeNTDtAxMB8GA1UdIwQY
MBaAFEw3iez2fgQpjF7kTGfY+39dbZWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERlSjdQWi1CQ21NWHVSTVo5ajdmMTF0bGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83ZWQ3YjEtYjhmMy00M2YzLTk2ZTMt
MWRjNTRkMWMwM2EzLzEvUVJWcUgtbkNLM0J2ZU5ONkx6TVI0MU1PMERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83ZWQ3YjEtYjhmMy00M2YzLTk2ZTMtMWRjNTRkMWMwM2Ez
LzEvVERlSjdQWi1CQ21NWHVSTVo5ajdmMTF0bGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+WMA0G
CSqGSIb3DQEBCwUAA4IBAQCSFYVzIXNtA/MdUaPLhv+errwzSvdCkELf46kfDNDa
K7352trDVdcIcDkUs1uCnzCrYTB9hsKknZc926UsgNzkKF0Yg8PU9UQMnfRWuZsn
Zt0sf2xm5GBnkJaaIxBG4QoVAoSk+Bsky4nhOlq0tk30gRFOFuZ5rLZqNlIhTrIS
59+EpAywRrCPBpDzDvCKV2xPIkkQ+DhaHdeBEF6e7kKI6Dz4H8YRl23KcRh3mZ9l
Z9/E+8Ia2iBjanGxO13eYk5ngCdOxNdr4kVMweus3BzY+DrCndF+T/no5SACQ7Qy
WJWgdhGb2lnUUXGRuXQRp6/Y7zZMlcCehRz+taf7SADi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:56 2024 by rpki-client on console-fra.rpki-client.org