Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/qBWXN_QRqmTzP5euGRdIbpeHeOo.roa
File: qBWXN_QRqmTzP5euGRdIbpeHeOo.roa (raw, json)
Hash identifier: mXZwP5pxPsuwYWKFs4dI2+P9napJoS+dPY2F8EzpKY0=
Subject key identifier: A8:15:97:37:F4:11:AA:64:F3:3F:97:AE:19:17:48:6E:97:87:78:EA
Certificate issuer: /CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Certificate serial: 0185723A396DC6F456CABDA6B534BC1BB34B
Authority key identifier: AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/qBWXN_QRqmTzP5euGRdIbpeHeOo.roa
Signing time: Mon 02 Jan 2023 11:24:56 +0000
ROA not before: Mon 02 Jan 2023 11:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43554
IP address blocks: 178.209.64.0/22 maxlen: 22
178.209.69.0/24 maxlen: 24
178.209.70.0/23 maxlen: 23
178.209.72.0/22 maxlen: 22
178.209.76.0/22 maxlen: 22
178.209.80.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 06 Mar 2023 20:55:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:39:6d:c6:f4:56:ca:bd:a6:b5:34:bc:1b:b3:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Validity
Not Before: Jan 2 11:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8159737f411aa64f33f97ae1917486e978778ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7e:9f:ee:fc:20:87:8c:0a:39:f5:d7:a2:9c:
31:ee:92:60:0f:c0:47:91:e6:e1:8b:b6:f2:bb:54:
e0:73:c7:b3:3f:d3:da:0d:46:c3:c4:bf:80:06:47:
67:9c:8f:44:22:b4:91:19:9d:5d:dc:e4:e9:17:af:
80:37:b8:a5:93:7d:2f:68:b6:64:5d:e6:d2:4d:4b:
0f:74:43:0e:f4:65:93:b8:67:06:de:dc:3f:06:37:
58:d6:93:e5:fe:66:59:e6:31:b7:6b:99:6c:0f:5e:
c4:c1:66:d9:c5:6f:9f:6e:a4:b9:7c:9e:bb:04:89:
f0:0f:ff:fe:39:88:44:ed:c2:3c:df:1c:9c:99:c6:
70:9c:81:29:c1:4f:e9:f7:9d:73:6d:6d:57:c3:98:
3a:c0:90:30:35:81:ac:4d:cb:1f:67:a8:4d:f7:80:
6a:61:44:32:6b:52:a3:4a:b9:b2:ff:7c:d7:a9:d6:
6b:09:76:90:85:88:d8:19:7e:2a:02:f7:d1:f4:bb:
fe:94:be:2b:e5:23:4c:3c:27:4f:62:da:70:c2:42:
7b:79:a9:ab:be:36:3c:24:2a:04:cb:6b:04:88:93:
80:b6:1f:42:5a:0f:4f:e2:42:37:c8:a0:24:5c:68:
47:f2:ae:fe:32:9f:6b:c7:29:79:d8:6a:14:79:3a:
0b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:15:97:37:F4:11:AA:64:F3:3F:97:AE:19:17:48:6E:97:87:78:EA
X509v3 Authority Key Identifier:
keyid:AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/qBWXN_QRqmTzP5euGRdIbpeHeOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/q08A9cOrPfTGdKQQ2KDwGC-16Rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.209.64.0/22
178.209.69.0-178.209.87.255
Signature Algorithm: sha256WithRSAEncryption
55:30:29:12:37:ff:0c:dc:20:7d:5c:cd:5a:3e:62:0d:cd:84:
b8:04:cc:51:44:1c:3d:b8:b1:09:37:6a:ae:01:88:7f:a2:64:
a6:ca:cf:bc:8a:aa:ef:19:f0:a8:7f:b7:15:af:1a:64:15:61:
e1:91:0e:11:43:09:ad:fa:e7:00:e7:e8:fd:9f:6c:f7:3a:c9:
14:c8:c7:d0:56:e4:dc:4e:58:90:b2:0c:9f:ab:85:52:e9:d3:
b6:b0:f9:e1:96:40:f7:83:17:2e:f2:c1:79:eb:22:49:a8:a3:
47:be:80:72:be:ab:1b:f9:bb:e0:1b:c4:44:43:c1:03:93:9c:
6b:73:38:2d:c4:d6:c8:b6:7e:22:45:8b:0e:f7:f7:81:aa:92:
e2:b9:a6:05:51:98:dc:fb:04:02:1a:f5:4e:fa:7e:f9:02:0a:
47:e6:2a:5f:67:a5:7b:e2:7e:ac:08:3c:9e:e6:cc:8b:e7:8f:
15:44:a5:e7:79:dc:62:dc:88:fa:23:e5:e3:82:82:5d:36:03:
16:e6:0c:e6:c2:59:76:10:71:d3:f5:d4:25:87:77:f2:36:93:
a7:40:40:4c:99:13:76:bb:fc:5a:6a:3b:c0:5b:cd:57:5b:e9:
d6:22:46:04:80:f9:45:1d:ad:aa:a9:d7:f5:2c:fd:c5:8c:41:
5f:d7:c4:9f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyOjltxvRWyr2mtTS8G7NLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNGYwMGY1YzNhYjNkZjRjNjc0YTQxMGQ4YTBmMDE4MmZi
NWU5MTgwHhcNMjMwMTAyMTEyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODE1OTczN2Y0MTFhYTY0ZjMzZjk3YWUxOTE3NDg2ZTk3ODc3OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln6f7vwgh4wKOfXXopwx7pJgD8BH
kebhi7byu1Tgc8ezP9PaDUbDxL+ABkdnnI9EIrSRGZ1d3OTpF6+AN7ilk30vaLZk
XebSTUsPdEMO9GWTuGcG3tw/BjdY1pPl/mZZ5jG3a5lsD17EwWbZxW+fbqS5fJ67
BInwD//+OYhE7cI83xycmcZwnIEpwU/p951zbW1Xw5g6wJAwNYGsTcsfZ6hN94Bq
YUQya1KjSrmy/3zXqdZrCXaQhYjYGX4qAvfR9Lv+lL4r5SNMPCdPYtpwwkJ7eamr
vjY8JCoEy2sEiJOAth9CWg9P4kI3yKAkXGhH8q7+Mp9rxyl52GoUeToLGQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKgVlzf0Eapk8z+XrhkXSG6Xh3jqMB8GA1UdIwQY
MBaAFKtPAPXDqz30xnSkENig8BgvtekYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTA4QTljT3JQZlRHZEtRUTJLRHdHQy0xNlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hMWYyMTItYmEzNS00NjZiLWI1MmUt
Mzg1M2QzNDBjOWE2LzEvcUJXWE5fUVJxbVR6UDVldUdSZElicGVIZU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hMWYyMTItYmEzNS00NjZiLWI1MmUtMzg1M2QzNDBjOWE2
LzEvcTA4QTljT3JQZlRHZEtRUTJLRHdHQy0xNlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCstFAMAwD
BACy0UUDBAOy0VAwDQYJKoZIhvcNAQELBQADggEBAFUwKRI3/wzcIH1czVo+Yg3N
hLgEzFFEHD24sQk3aq4BiH+iZKbKz7yKqu8Z8Kh/txWvGmQVYeGRDhFDCa365wDn
6P2fbPc6yRTIx9BW5NxOWJCyDJ+rhVLp07aw+eGWQPeDFy7ywXnrIkmoo0e+gHK+
qxv5u+AbxERDwQOTnGtzOC3E1si2fiJFiw7394GqkuK5pgVRmNz7BAIa9U76fvkC
CkfmKl9npXvifqwIPJ7mzIvnjxVEped53GLciPoj5eOCgl02AxbmDObCWXYQcdP1
1CWHd/I2k6dAQEyZE3a7/FpqO8BbzVdb6dYiRgSA+UUdraqp1/Us/cWMQV/XxJ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org