Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Q68yMdIeBmDDU5qctDW8yJqtXfU.roa
File: Q68yMdIeBmDDU5qctDW8yJqtXfU.roa (raw, json)
Hash identifier: ZwCPhxEEgsJWebisY/P9JcrmSrGQ8L2okNsRhwFdy18=
Subject key identifier: 43:AF:32:31:D2:1E:06:60:C3:53:9A:9C:B4:35:BC:C8:9A:AD:5D:F5
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01882401DE6A127613212013D0D571B2E5CD
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Q68yMdIeBmDDU5qctDW8yJqtXfU.roa
Signing time: Tue 16 May 2023 10:01:22 +0000
ROA not before: Tue 16 May 2023 10:01:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 92.51.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:01:de:6a:12:76:13:21:20:13:d0:d5:71:b2:e5:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: May 16 10:01:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43af3231d21e0660c3539a9cb435bcc89aad5df5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:05:26:9e:93:9f:0d:fd:b8:b5:17:7d:f5:37:
29:7f:9e:35:43:fb:22:e4:09:82:e4:99:da:ca:a9:
fd:f0:78:ad:70:79:84:a3:23:f1:a2:67:0d:11:96:
b7:55:21:94:8e:92:a6:00:6f:19:eb:ab:3e:24:f0:
6b:be:5b:a4:fd:0e:0c:61:80:cb:14:17:e4:36:ca:
d3:28:85:ff:2f:12:0c:ef:6a:50:d5:da:75:3e:a9:
01:9e:79:11:27:5f:ea:f4:d2:56:05:10:26:f9:23:
5b:e8:c2:bd:1e:dd:32:cf:6d:f1:ed:05:83:d1:f7:
b9:b2:30:09:6c:23:49:8f:dd:2d:e6:0e:5c:1d:bb:
85:db:85:44:60:d9:e5:c0:21:67:3b:5a:56:d7:17:
c1:21:68:b5:3e:7b:1d:46:e2:3e:14:16:c1:f0:d6:
42:80:3a:28:22:24:7c:af:16:ff:7f:19:0e:99:ee:
03:31:5e:66:65:da:35:83:01:2a:f8:89:2d:11:63:
aa:5d:f4:0b:d4:7c:88:2c:f4:21:6d:67:6b:c3:a0:
0b:40:64:15:c6:75:2f:54:cc:7c:8d:9b:94:b0:90:
34:43:94:5f:2a:bb:a5:9d:37:20:98:13:f1:2c:87:
e1:e9:42:14:86:b6:10:fa:08:17:5f:23:78:f2:89:
83:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AF:32:31:D2:1E:06:60:C3:53:9A:9C:B4:35:BC:C8:9A:AD:5D:F5
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/Q68yMdIeBmDDU5qctDW8yJqtXfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.3.0/24
Signature Algorithm: sha256WithRSAEncryption
39:09:3c:b8:19:b6:8a:7d:8a:af:19:d1:e7:ac:12:5f:af:43:
2e:de:eb:bc:3d:76:a1:a2:d7:4f:2b:e3:92:41:02:fe:51:ee:
0a:a4:c6:46:bc:8e:29:05:a7:1d:a5:9e:0a:76:2b:d4:46:01:
8b:fc:55:2b:78:a2:2a:38:26:d6:c7:4c:9f:e0:e5:1c:34:9f:
ba:27:99:de:57:74:4f:bf:a2:f2:bd:91:ca:64:92:ae:e4:da:
e7:81:6f:ab:3b:5b:9c:d6:32:7d:d2:11:83:2b:84:2b:e9:cb:
11:8d:b2:62:3d:9e:1c:cc:37:24:5e:ad:09:38:4e:c5:85:8b:
7e:1d:9e:41:b7:70:09:86:e3:ea:f7:75:da:49:84:65:3c:ce:
f2:70:e9:aa:53:db:b1:77:86:ad:3f:13:46:b7:5a:b2:f9:70:
8c:09:0f:46:f1:ac:c9:f0:61:e4:fc:18:e2:a5:40:1f:40:72:
66:05:01:13:89:06:85:59:4a:90:f1:a4:fe:cc:55:db:04:8f:
d4:ba:90:c6:0f:8d:4e:8e:31:83:08:fe:ab:df:9f:17:13:af:
75:73:eb:d6:94:36:31:2b:40:fe:4e:de:01:2f:cd:ca:4a:61:
0b:b9:00:c7:76:8c:8d:96:87:4b:40:7c:aa:b7:82:34:b2:3e:
20:fa:59:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgkAd5qEnYTISAT0NVxsuXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjMwNTE2MTAwMTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FmMzIzMWQyMWUwNjYwYzM1MzlhOWNiNDM1YmNjODlhYWQ1ZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQUmnpOfDf24tRd99Tcpf541Q/si
5AmC5Jnayqn98HitcHmEoyPxomcNEZa3VSGUjpKmAG8Z66s+JPBrvluk/Q4MYYDL
FBfkNsrTKIX/LxIM72pQ1dp1PqkBnnkRJ1/q9NJWBRAm+SNb6MK9Ht0yz23x7QWD
0fe5sjAJbCNJj90t5g5cHbuF24VEYNnlwCFnO1pW1xfBIWi1PnsdRuI+FBbB8NZC
gDooIiR8rxb/fxkOme4DMV5mZdo1gwEq+IktEWOqXfQL1HyILPQhbWdrw6ALQGQV
xnUvVMx8jZuUsJA0Q5RfKrulnTcgmBPxLIfh6UIUhrYQ+ggXXyN48omDowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOvMjHSHgZgw1OanLQ1vMiarV31MB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvUTY4eU1kSWVCbUREVTVxY3REVzh5SnF0WGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXDMDMA0G
CSqGSIb3DQEBCwUAA4IBAQA5CTy4GbaKfYqvGdHnrBJfr0Mu3uu8PXahotdPK+OS
QQL+Ue4KpMZGvI4pBacdpZ4KdivURgGL/FUreKIqOCbWx0yf4OUcNJ+6J5neV3RP
v6LyvZHKZJKu5NrngW+rO1uc1jJ90hGDK4Qr6csRjbJiPZ4czDckXq0JOE7FhYt+
HZ5Bt3AJhuPq93XaSYRlPM7ycOmqU9uxd4atPxNGt1qy+XCMCQ9G8azJ8GHk/Bji
pUAfQHJmBQETiQaFWUqQ8aT+zFXbBI/UupDGD41OjjGDCP6r358XE691c+vWlDYx
K0D+Tt4BL83KSmELuQDHdoyNlodLQHyqt4I0sj4g+ln8
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:42 2024 by rpki-client on console-fra.rpki-client.org