Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/qXBFXNjiFysOj0LnBFRptIDI_Cg.roa
File: qXBFXNjiFysOj0LnBFRptIDI_Cg.roa (raw, json)
Hash identifier: wty5hJVeE5zBQVjq3j/WXQ9R9T8ewuzU34HWRlDmyME=
Subject key identifier: A9:70:45:5C:D8:E2:17:2B:0E:8F:42:E7:04:54:69:B4:80:C8:FC:28
Certificate issuer: /CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Certificate serial: 01856CEF133152673123421A0401B271B3FC
Authority key identifier: 09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/qXBFXNjiFysOj0LnBFRptIDI_Cg.roa
Signing time: Sun 01 Jan 2023 10:44:45 +0000
ROA not before: Sun 01 Jan 2023 10:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41628
IP address blocks: 31.15.24.0/21 maxlen: 24
89.31.144.0/21 maxlen: 24
193.38.128.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:13:31:52:67:31:23:42:1a:04:01:b2:71:b3:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Validity
Not Before: Jan 1 10:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a970455cd8e2172b0e8f42e7045469b480c8fc28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fd:d5:52:21:d7:54:b1:fa:7b:73:dc:c2:80:
27:c7:85:b5:1e:f0:e9:0b:b4:57:db:08:85:4e:86:
be:f7:d6:70:8f:e2:d2:1d:50:aa:2a:62:a4:98:68:
cd:d5:24:2e:80:d7:57:0d:5f:1a:fa:c0:c1:68:c9:
11:b9:9e:46:48:9a:03:fe:a6:9b:61:d3:22:37:84:
ad:35:39:d1:19:52:ba:21:14:d7:ed:59:23:a0:82:
90:54:fa:5a:4a:e8:3c:03:bf:35:5a:62:88:db:1e:
17:06:77:a6:82:ef:c4:f8:8c:3f:81:d7:52:02:f8:
c8:95:09:a1:88:a8:78:de:5e:88:2b:0c:29:b0:75:
34:a5:bd:aa:53:0d:d1:62:fa:f9:25:0c:c1:11:e7:
ff:f0:11:d9:00:01:60:bc:4a:e7:c6:7f:66:1e:c4:
5b:4c:22:43:74:fd:5d:a4:a2:ee:dc:06:6b:c1:c5:
57:ed:c7:8c:4a:23:8d:dd:b8:92:36:e6:8a:89:5c:
08:d0:9e:12:7d:61:c9:d4:c4:14:ad:61:0f:93:58:
e5:60:86:5a:22:f6:7f:5b:2e:7c:72:eb:9b:3a:3a:
42:38:fc:f7:d1:ed:7a:b8:b5:69:d9:31:7c:c7:81:
e2:a9:4e:ed:13:aa:70:ec:99:d7:7c:81:b3:db:09:
6c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:70:45:5C:D8:E2:17:2B:0E:8F:42:E7:04:54:69:B4:80:C8:FC:28
X509v3 Authority Key Identifier:
keyid:09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/qXBFXNjiFysOj0LnBFRptIDI_Cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/CYsceb-uEqW4fzXJmLtgs_pOZiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.24.0/21
89.31.144.0/21
193.38.128.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:02:76:b2:86:4e:c7:23:3e:20:33:fe:8c:6a:78:39:a9:0f:
0b:01:7f:34:82:ac:49:30:01:e2:a6:d1:dd:f4:63:12:5b:f2:
15:62:e9:e9:d4:36:77:e6:27:56:87:0f:9f:9f:a0:11:ad:ab:
d2:a8:af:61:f1:09:a6:c7:ec:b0:22:71:fc:cd:65:00:d0:31:
17:f3:b9:43:19:8e:c6:af:ae:b6:cc:b0:d5:54:4a:3a:37:aa:
37:46:eb:bd:03:84:54:81:43:62:6b:19:b6:01:81:7f:84:88:
37:2c:d5:a3:9e:47:ec:8d:a4:d3:bd:e9:12:6c:ec:aa:f5:8b:
15:c8:45:82:6d:4e:8f:d4:42:3c:b2:bb:4b:8e:ee:3a:96:40:
97:00:f6:76:59:f9:74:67:5b:84:92:21:81:62:18:59:06:29:
c9:38:9f:01:8a:62:74:3a:5e:b2:bb:39:56:b9:1e:55:69:ee:
c7:c0:d0:39:7f:eb:e1:02:38:d7:a9:c9:5e:fe:bc:3b:35:0d:
da:7d:38:69:cc:3b:f6:b4:a3:6d:97:98:87:5c:ed:e0:0d:1e:
bd:33:9c:45:08:5f:d1:2d:c4:29:9b:2f:f0:a9:65:1d:dc:af:
e7:16:cb:4b:9d:59:15:fa:a2:76:1d:b0:8b:96:a0:d8:18:96:
50:e3:f1:72
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVs7xMxUmcxI0IaBAGycbP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGIxYzc5YmZhZTEyYTViODdmMzVjOTk4YmI2MGIzZmE0
ZTY2MjEwHhcNMjMwMTAxMTA0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTcwNDU1Y2Q4ZTIxNzJiMGU4ZjQyZTcwNDU0NjliNDgwYzhmYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP3VUiHXVLH6e3PcwoAnx4W1HvDp
C7RX2wiFToa+99Zwj+LSHVCqKmKkmGjN1SQugNdXDV8a+sDBaMkRuZ5GSJoD/qab
YdMiN4StNTnRGVK6IRTX7VkjoIKQVPpaSug8A781WmKI2x4XBnemgu/E+Iw/gddS
AvjIlQmhiKh43l6IKwwpsHU0pb2qUw3RYvr5JQzBEef/8BHZAAFgvErnxn9mHsRb
TCJDdP1dpKLu3AZrwcVX7ceMSiON3biSNuaKiVwI0J4SfWHJ1MQUrWEPk1jlYIZa
IvZ/Wy58cuubOjpCOPz30e16uLVp2TF8x4HiqU7tE6pw7JnXfIGz2wlsTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKlwRVzY4hcrDo9C5wRUabSAyPwoMB8GA1UdIwQY
MBaAFAmLHHm/rhKluH81yZi7YLP6TmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWIt
OWI3YzQ0ZGMxOTNiLzEvcVhCRlhOamlGeXNPajBMbkJGUnB0SURJX0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWItOWI3YzQ0ZGMxOTNi
LzEvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHw8YAwQD
WR+QAwQCwSaAMA0GCSqGSIb3DQEBCwUAA4IBAQC4Anayhk7HIz4gM/6Mang5qQ8L
AX80gqxJMAHiptHd9GMSW/IVYunp1DZ35idWhw+fn6ARravSqK9h8Qmmx+ywInH8
zWUA0DEX87lDGY7Gr662zLDVVEo6N6o3Ruu9A4RUgUNiaxm2AYF/hIg3LNWjnkfs
jaTTvekSbOyq9YsVyEWCbU6P1EI8srtLju46lkCXAPZ2Wfl0Z1uEkiGBYhhZBinJ
OJ8BimJ0Ol6yuzlWuR5Vae7HwNA5f+vhAjjXqcle/rw7NQ3afThpzDv2tKNtl5iH
XO3gDR69M5xFCF/RLcQpmy/wqWUd3K/nFstLnVkV+qJ2HbCLlqDYGJZQ4/Fy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:59 2024 by rpki-client on console-fra.rpki-client.org