Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/QBqEt95V3B9GZJjYmofjvyJhWVU.roa
File: QBqEt95V3B9GZJjYmofjvyJhWVU.roa (raw, json)
Hash identifier: /ZxQT1pd4N5DHLBgk+duzRGyjd6eeUJvBNOh0gccE04=
Subject key identifier: 40:1A:84:B7:DE:55:DC:1F:46:64:98:D8:9A:87:E3:BF:22:61:59:55
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 0185703969B31FAC7157E1CBB0ADEEBDE365
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/QBqEt95V3B9GZJjYmofjvyJhWVU.roa
Signing time: Mon 02 Jan 2023 02:04:48 +0000
ROA not before: Mon 02 Jan 2023 02:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58224
IP address blocks: 109.95.66.0/24 maxlen: 24
109.95.65.0/24 maxlen: 24
109.95.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:69:b3:1f:ac:71:57:e1:cb:b0:ad:ee:bd:e3:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Jan 2 02:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=401a84b7de55dc1f466498d89a87e3bf22615955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:35:4f:cb:d0:3d:80:69:39:f5:5d:64:b9:e2:
53:77:d4:e1:98:91:4b:dd:aa:cb:f2:7c:81:16:fb:
c5:6a:07:76:60:b7:ef:46:fa:f2:d5:ee:8b:d6:c0:
91:ca:78:c4:78:49:0c:fc:f0:ff:28:a2:9d:ab:37:
6b:9d:1d:ce:05:c4:2c:60:c8:09:f1:bf:be:5e:d1:
a1:0e:00:c6:45:8f:ca:6d:76:4d:36:53:4d:b0:e4:
fe:b7:ec:93:76:d7:9f:4c:3d:09:5e:f7:7a:fc:cd:
d8:7a:ac:03:a2:df:a1:53:87:14:e4:cf:64:1a:08:
68:41:bc:8d:ba:4d:d0:e7:f6:2a:f8:f3:e9:b0:a9:
7a:40:fa:72:41:d5:21:66:8c:34:8c:ac:66:e9:6a:
26:bf:eb:bd:48:05:6c:db:e7:f5:d5:32:97:ba:09:
35:da:b2:8e:64:de:52:4e:19:32:65:df:bd:54:19:
9f:a9:4c:dd:f3:7b:55:83:70:44:37:4a:5a:57:af:
8c:7c:d6:26:cb:e7:7a:ec:d6:36:8b:a2:5c:ca:cb:
c4:41:66:a8:c6:bc:c9:92:b1:d8:0a:da:83:02:f2:
18:e6:16:e5:33:5e:43:04:14:38:a8:88:b4:67:b5:
92:21:a9:66:ae:9f:10:a3:a8:b4:9c:f9:88:5c:87:
e6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1A:84:B7:DE:55:DC:1F:46:64:98:D8:9A:87:E3:BF:22:61:59:55
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/QBqEt95V3B9GZJjYmofjvyJhWVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.65.0-109.95.66.255
109.95.68.0/24
Signature Algorithm: sha256WithRSAEncryption
37:f1:1a:5f:32:ed:4f:eb:b4:a2:f5:85:2a:b5:af:e0:26:74:
f1:85:75:cf:d7:3a:e1:5a:a9:c1:37:23:b4:6e:b9:97:0d:f0:
5e:d1:35:cf:96:1c:43:9f:d9:e6:c2:d9:a1:42:e8:6b:c7:9a:
84:2a:a6:7b:9c:a3:9a:37:6c:53:e5:c9:98:b6:e3:c2:27:91:
43:5d:13:7e:a6:3d:1b:3e:b8:fa:74:e7:4e:bb:0b:0d:c8:36:
dc:d2:f3:c0:71:8a:c9:95:d7:1d:8f:3f:ff:90:ca:25:e4:d2:
0d:52:4b:aa:47:28:fd:f0:a7:2b:c4:53:bb:fa:07:d5:b1:11:
29:58:2a:fb:72:60:08:90:77:bb:9c:b2:c7:52:8d:7d:13:9b:
23:1d:c9:f0:39:7b:47:24:cf:96:dc:b5:d3:1a:6d:34:02:8c:
32:f6:53:05:58:35:08:e5:7c:c0:ab:18:b8:f2:24:ad:44:1f:
75:c6:af:b8:6d:94:04:b9:e6:c6:4a:a7:e8:18:aa:01:bc:2d:
5e:11:5a:fc:c7:7d:e4:96:9c:f3:c0:88:0b:d3:90:61:a4:8b:
0c:4b:4a:8b:60:70:dc:f0:df:cf:37:e3:d9:38:ac:06:29:98:
90:3a:07:10:28:e7:71:7a:f9:92:b4:1c:8e:83:7e:1a:3a:2a:
e3:67:a7:84
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwOWmzH6xxV+HLsK3uveNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjMwMTAyMDIwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDFhODRiN2RlNTVkYzFmNDY2NDk4ZDg5YTg3ZTNiZjIyNjE1OTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjVPy9A9gGk59V1kueJTd9ThmJFL
3arL8nyBFvvFagd2YLfvRvry1e6L1sCRynjEeEkM/PD/KKKdqzdrnR3OBcQsYMgJ
8b++XtGhDgDGRY/KbXZNNlNNsOT+t+yTdtefTD0JXvd6/M3YeqwDot+hU4cU5M9k
GghoQbyNuk3Q5/Yq+PPpsKl6QPpyQdUhZow0jKxm6Womv+u9SAVs2+f11TKXugk1
2rKOZN5SThkyZd+9VBmfqUzd83tVg3BEN0paV6+MfNYmy+d67NY2i6JcysvEQWao
xrzJkrHYCtqDAvIY5hblM15DBBQ4qIi0Z7WSIalmrp8Qo6i0nPmIXIfmxwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEAahLfeVdwfRmSY2JqH478iYVlVMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvUUJxRXQ5NVYzQjlHWkpqWW1vZmp2eUpoV1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABtX0ED
BABtX0IDBABtX0QwDQYJKoZIhvcNAQELBQADggEBADfxGl8y7U/rtKL1hSq1r+Am
dPGFdc/XOuFaqcE3I7RuuZcN8F7RNc+WHEOf2ebC2aFC6GvHmoQqpnuco5o3bFPl
yZi248InkUNdE36mPRs+uPp05067Cw3INtzS88BxismV1x2PP/+QyiXk0g1SS6pH
KP3wpyvEU7v6B9WxESlYKvtyYAiQd7ucssdSjX0TmyMdyfA5e0ckz5bctdMabTQC
jDL2UwVYNQjlfMCrGLjyJK1EH3XGr7htlAS55sZKp+gYqgG8LV4RWvzHfeSWnPPA
iAvTkGGkiwxLSotgcNzw388349k4rAYpmJA6BxAo53F6+ZK0HI6Dfho6KuNnp4Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:42 2024 by rpki-client on console-fra.rpki-client.org