Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/qcbmr8of-5UXUe1nyzWJT2FaZ7w.roa
File: qcbmr8of-5UXUe1nyzWJT2FaZ7w.roa (raw, json)
Hash identifier: Mhx3VeXmrFzmOYaYJOUevU81w+mmPqn+G6I29XR2gc0=
Subject key identifier: A9:C6:E6:AF:CA:1F:FB:95:17:51:ED:67:CB:35:89:4F:61:5A:67:BC
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01856DAF665888081CB517FA0E49C76FE88E
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/qcbmr8of-5UXUe1nyzWJT2FaZ7w.roa
Signing time: Sun 01 Jan 2023 14:14:49 +0000
ROA not before: Sun 01 Jan 2023 14:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207429
IP address blocks: 213.142.135.0/24 maxlen: 24
213.142.143.0/24 maxlen: 24
80.253.245.0/24 maxlen: 24
80.253.244.0/24 maxlen: 24
80.253.247.0/24 maxlen: 24
91.151.81.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:66:58:88:08:1c:b5:17:fa:0e:49:c7:6f:e8:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 14:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9c6e6afca1ffb951751ed67cb35894f615a67bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:db:fe:78:52:e0:90:40:02:a3:b1:a6:52:dd:
0b:78:01:b4:f8:52:09:a8:1f:ca:81:d9:52:b8:80:
53:4c:34:68:29:0c:09:1e:b5:e0:ad:d1:fc:4f:3f:
af:50:ca:38:63:ba:a8:f7:a1:42:b1:2c:49:4b:6c:
90:53:5c:c5:52:4f:d3:c8:69:85:2f:81:d3:47:e3:
7d:ed:fd:48:1c:71:16:dc:4e:c6:09:f2:6a:f6:85:
a8:0e:4a:10:ee:09:31:65:a3:15:7b:20:3e:77:80:
61:12:5e:b3:77:89:92:47:a0:7e:02:a1:f8:f2:9b:
c0:32:7e:22:13:51:26:93:69:7b:bc:9a:02:09:73:
79:08:07:2d:cf:e6:8e:c2:cd:df:64:d5:b9:50:59:
01:7a:a3:a6:4b:e7:fb:e8:ae:b2:da:44:c7:33:bd:
a0:73:42:ac:86:52:61:76:57:18:69:4a:e7:b6:fd:
37:90:4e:13:30:dd:f9:06:55:75:ba:04:97:31:0e:
ff:59:41:e5:4e:c0:4a:ef:6e:9e:33:ec:78:08:7b:
72:90:55:85:d4:7b:b2:94:b0:ed:04:40:0a:6d:ff:
a4:be:7f:cc:97:14:ce:fd:91:e1:ad:23:58:a7:67:
18:b0:d4:34:09:44:32:9c:9d:82:e3:f4:2e:4e:8c:
de:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C6:E6:AF:CA:1F:FB:95:17:51:ED:67:CB:35:89:4F:61:5A:67:BC
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/qcbmr8of-5UXUe1nyzWJT2FaZ7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.244.0/23
80.253.247.0/24
91.151.81.0/24
213.142.135.0/24
213.142.143.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:a7:d3:ca:4f:13:61:ab:5c:61:47:8d:e1:3d:3a:0a:d4:91:
29:5f:e0:0e:93:d3:7a:9b:c2:13:c5:84:37:88:33:ad:b9:ec:
c4:b4:f4:d7:c2:9b:8b:82:26:19:ab:65:a3:0c:99:6b:f2:06:
40:c1:b9:be:06:fc:d2:e4:3e:0b:14:56:62:83:48:6f:ce:97:
4e:16:d4:5d:93:7c:57:f5:29:37:eb:6c:29:18:c6:f2:5b:06:
d7:4e:51:16:23:64:0b:10:20:54:45:bf:ba:c0:bb:1f:19:26:
d0:72:ce:2a:82:4f:a6:62:bf:5e:1d:7a:11:f4:e8:f3:aa:c8:
83:29:14:21:45:92:45:27:d6:84:33:57:e0:a2:07:5e:b3:44:
4e:08:a9:c8:6b:5b:97:5c:9d:27:02:90:80:b6:27:4e:fd:53:
7f:a5:f2:88:d1:b4:2b:7c:44:d2:84:79:f0:2a:b6:6f:6b:00:
78:09:b1:38:1a:b7:7b:10:67:cb:a8:ec:90:f3:5c:e6:1f:ae:
55:a3:c0:86:15:d1:4a:c1:52:09:9b:17:6e:3b:6f:4b:2e:6d:
29:3a:32:a4:fa:ba:01:37:ca:87:39:fd:c1:85:07:40:c7:0a:
21:3e:ac:05:2a:fa:0d:4c:28:3e:f3:3a:a3:d0:ed:52:6f:7b:
c7:a3:32:fe
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVtr2ZYiAgctRf6DknHb+iOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwMTAxMTQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWM2ZTZhZmNhMWZmYjk1MTc1MWVkNjdjYjM1ODk0ZjYxNWE2N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9v+eFLgkEACo7GmUt0LeAG0+FIJ
qB/KgdlSuIBTTDRoKQwJHrXgrdH8Tz+vUMo4Y7qo96FCsSxJS2yQU1zFUk/TyGmF
L4HTR+N97f1IHHEW3E7GCfJq9oWoDkoQ7gkxZaMVeyA+d4BhEl6zd4mSR6B+AqH4
8pvAMn4iE1Emk2l7vJoCCXN5CActz+aOws3fZNW5UFkBeqOmS+f76K6y2kTHM72g
c0KshlJhdlcYaUrntv03kE4TMN35BlV1ugSXMQ7/WUHlTsBK726eM+x4CHtykFWF
1HuylLDtBEAKbf+kvn/MlxTO/ZHhrSNYp2cYsNQ0CUQynJ2C4/QuToze8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKnG5q/KH/uVF1HtZ8s1iU9hWme8MB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvcWNibXI4b2YtNVVYVWUxbnl6V0pUMkZhWjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUP30AwQA
UP33AwQAW5dRAwQA1Y6HAwQA1Y6PMA0GCSqGSIb3DQEBCwUAA4IBAQBup9PKTxNh
q1xhR43hPToK1JEpX+AOk9N6m8ITxYQ3iDOtuezEtPTXwpuLgiYZq2WjDJlr8gZA
wbm+BvzS5D4LFFZig0hvzpdOFtRdk3xX9Sk362wpGMbyWwbXTlEWI2QLECBURb+6
wLsfGSbQcs4qgk+mYr9eHXoR9OjzqsiDKRQhRZJFJ9aEM1fgogdes0ROCKnIa1uX
XJ0nApCAtidO/VN/pfKI0bQrfETShHnwKrZvawB4CbE4Grd7EGfLqOyQ81zmH65V
o8CGFdFKwVIJmxduO29LLm0pOjKk+roBN8qHOf3BhQdAxwohPqwFKvoNTCg+8zqj
0O1Sb3vHozL+
-----END CERTIFICATE-----
Generated at Fri Dec 15 20:07:52 2023 by rpki-client on console-ams.rpki-client.org