Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/QQUDXKisx6ffV-pL6k6iJYU6OLI.roa
File: QQUDXKisx6ffV-pL6k6iJYU6OLI.roa (raw, json)
Hash identifier: SiwFxRql04kk4QlR0idENfw+qLIdGLg2WBSWwszaScI=
Subject key identifier: 41:05:03:5C:A8:AC:C7:A7:DF:57:EA:4B:EA:4E:A2:25:85:3A:38:B2
Certificate issuer: /CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
Certificate serial: 01857246A337F2CDE4644B3606C60B27990C
Authority key identifier: CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/QQUDXKisx6ffV-pL6k6iJYU6OLI.roa
Signing time: Mon 02 Jan 2023 11:38:29 +0000
ROA not before: Mon 02 Jan 2023 11:38:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200924
IP address blocks: 217.147.48.0/20 maxlen: 24
217.147.60.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:a3:37:f2:cd:e4:64:4b:36:06:c6:0b:27:99:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
Validity
Not Before: Jan 2 11:38:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4105035ca8acc7a7df57ea4bea4ea225853a38b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:63:ac:38:18:4f:e9:26:d9:12:23:30:5b:d4:
a0:18:90:fb:84:fd:91:fe:58:6f:76:eb:61:f3:0a:
8e:f6:9e:c3:4f:9d:e1:10:f3:8b:06:5e:57:b1:6d:
3a:f2:ea:0a:78:ac:94:b4:f9:2a:17:e6:f8:dd:38:
39:a8:1f:b2:cc:27:9b:ee:8f:9a:02:88:53:cb:35:
e5:26:fb:6c:3a:14:0e:07:76:a1:3c:17:5f:a7:0e:
d0:0f:ad:f6:66:ec:19:48:fd:69:e8:78:2f:1f:22:
5d:c2:bc:bf:ce:1d:e5:f5:98:e1:fa:23:d8:fa:69:
24:03:88:79:c7:bb:88:e1:0c:ba:a9:d1:fe:f8:fb:
59:2e:e1:15:e7:2b:2c:82:28:77:2b:fb:6e:5a:2b:
65:aa:15:d6:d3:a4:ab:c4:90:c9:6c:ea:94:a9:1e:
db:65:1a:b0:52:51:dd:6a:f1:87:12:bf:4b:0a:59:
41:69:da:b7:46:b3:c9:fe:ee:6e:59:1e:a9:7c:9c:
5e:4b:28:a6:8f:27:b3:c1:c9:50:18:69:1c:26:a5:
f6:ee:a0:48:9e:8d:89:36:32:8a:6c:48:08:7a:ab:
33:7b:88:94:91:23:b4:78:de:a7:88:f7:b2:eb:3b:
03:ee:94:d1:54:bb:6d:52:f0:8c:f5:b6:20:9a:26:
9b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:05:03:5C:A8:AC:C7:A7:DF:57:EA:4B:EA:4E:A2:25:85:3A:38:B2
X509v3 Authority Key Identifier:
keyid:CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/QQUDXKisx6ffV-pL6k6iJYU6OLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.48.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:90:a0:de:26:53:4e:60:45:20:4f:fa:d0:26:bc:3f:74:f9:
59:ed:7e:5f:17:8c:b0:ad:e0:fb:69:bd:df:97:18:4f:29:05:
71:25:e3:6a:a3:2d:30:75:cd:e7:3b:af:9a:5c:1b:d2:80:6f:
ea:b5:1c:7a:61:55:f2:4e:8f:49:2a:fa:86:8d:b9:99:c1:e4:
ef:a8:82:19:3f:9f:58:04:15:57:9f:f6:22:87:f6:0a:09:81:
fc:2d:e2:4b:c4:fb:77:71:4a:36:24:cc:0a:84:6e:ff:a0:c3:
5e:cc:a6:01:d1:42:98:66:b7:03:0c:01:45:c6:bc:20:d1:64:
d4:07:37:b0:5a:57:57:6f:22:fc:a6:cf:d6:75:8d:43:47:84:
0a:b0:42:64:9b:23:db:d9:35:3d:93:2a:c5:09:bc:05:31:70:
b8:1b:4f:9c:fa:35:09:33:66:d9:e5:3d:f7:28:e7:60:d2:33:
49:c7:44:5f:a5:65:62:7f:ae:30:fa:eb:6a:bf:c0:61:28:70:
6f:b3:be:c1:d4:53:1b:93:59:ca:02:75:63:30:7c:dd:5b:98:
a4:7b:4e:e8:20:a5:19:c5:d3:71:a4:2c:62:4a:01:dd:b0:82:
39:73:a3:a8:e2:e2:17:ba:4c:b0:22:1e:7f:92:52:2c:aa:43:
f5:63:63:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRqM38s3kZEs2BsYLJ5kMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjY2E3NjNmM2RiMjk2NWExZTRlYjBiZjc2YzFjYjg2OGJh
YWU0NmQwHhcNMjMwMTAyMTEzODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTA1MDM1Y2E4YWNjN2E3ZGY1N2VhNGJlYTRlYTIyNTg1M2EzOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2OsOBhP6SbZEiMwW9SgGJD7hP2R
/lhvduth8wqO9p7DT53hEPOLBl5XsW068uoKeKyUtPkqF+b43Tg5qB+yzCeb7o+a
AohTyzXlJvtsOhQOB3ahPBdfpw7QD632ZuwZSP1p6HgvHyJdwry/zh3l9Zjh+iPY
+mkkA4h5x7uI4Qy6qdH++PtZLuEV5yssgih3K/tuWitlqhXW06SrxJDJbOqUqR7b
ZRqwUlHdavGHEr9LCllBadq3RrPJ/u5uWR6pfJxeSyimjyezwclQGGkcJqX27qBI
no2JNjKKbEgIeqsze4iUkSO0eN6niPey6zsD7pTRVLttUvCM9bYgmiab5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEFA1yorMen31fqS+pOoiWFOjiyMB8GA1UdIwQY
MBaAFMzKdj89spZaHk6wv3bBy4aLquRtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1wMlB6MnlsbG9lVHJDX2RzSExob3VxNUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xYzA5MGMtNzRkYi00NTMxLTk2Zjct
ZmFjNjNjMDNjMjVhLzEvUVFVRFhLaXN4NmZmVi1wTDZrNmlKWVU2T0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xYzA5MGMtNzRkYi00NTMxLTk2ZjctZmFjNjNjMDNjMjVh
LzEvek1wMlB6MnlsbG9lVHJDX2RzSExob3VxNUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZMwMA0G
CSqGSIb3DQEBCwUAA4IBAQCmkKDeJlNOYEUgT/rQJrw/dPlZ7X5fF4ywreD7ab3f
lxhPKQVxJeNqoy0wdc3nO6+aXBvSgG/qtRx6YVXyTo9JKvqGjbmZweTvqIIZP59Y
BBVXn/Yih/YKCYH8LeJLxPt3cUo2JMwKhG7/oMNezKYB0UKYZrcDDAFFxrwg0WTU
BzewWldXbyL8ps/WdY1DR4QKsEJkmyPb2TU9kyrFCbwFMXC4G0+c+jUJM2bZ5T33
KOdg0jNJx0RfpWVif64w+utqv8BhKHBvs77B1FMbk1nKAnVjMHzdW5ike07oIKUZ
xdNxpCxiSgHdsII5c6Oo4uIXukywIh5/klIsqkP1Y2Mv
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:47 2024 by rpki-client on console-fra.rpki-client.org