Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/1-eD40UtbIo38lnV6athcc0QHH-4.roa
File: 1-eD40UtbIo38lnV6athcc0QHH-4.roa (raw, json)
Hash identifier: ruQe34VBXdsds8boIbEtt9DmW2fzTzCx3F3yz44Z+QA=
Subject key identifier: F9:E0:F8:D1:4B:5B:22:8D:FC:96:75:7A:6A:D8:5C:73:44:07:1F:EE
Certificate issuer: /CN=406400d71d7edeb0eb305d4982ecf520b0f44e77
Certificate serial: 0185704BDF88D478C4793DD0CCBE1E488EF2
Authority key identifier: 40:64:00:D7:1D:7E:DE:B0:EB:30:5D:49:82:EC:F5:20:B0:F4:4E:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGQA1x1-3rDrMF1Jguz1ILD0Tnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/1-eD40UtbIo38lnV6athcc0QHH-4.roa
Signing time: Mon 02 Jan 2023 02:24:58 +0000
ROA not before: Mon 02 Jan 2023 02:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210018
IP address blocks: 194.124.148.0/23 maxlen: 23
194.124.150.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:df:88:d4:78:c4:79:3d:d0:cc:be:1e:48:8e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406400d71d7edeb0eb305d4982ecf520b0f44e77
Validity
Not Before: Jan 2 02:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9e0f8d14b5b228dfc96757a6ad85c7344071fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:14:bb:8b:56:5e:77:72:d3:de:cd:c6:d3:f0:
71:07:a0:a2:18:89:bd:90:ef:20:ab:f1:40:8d:b2:
cc:ec:21:38:7c:18:fd:a5:4e:98:05:5c:fa:14:1a:
d0:b8:a7:27:1f:08:37:b3:e5:87:df:44:c7:c4:99:
0a:ba:3e:13:27:95:d7:64:92:b3:1b:89:01:ce:87:
c2:4a:75:11:4b:92:82:4c:89:27:01:34:68:17:9f:
2a:99:37:6f:99:bc:05:4c:74:0f:88:67:32:4c:80:
ec:74:4a:43:03:a3:6d:d1:d2:21:5c:71:67:ab:32:
a1:c5:bf:41:9d:26:7e:20:fa:c3:76:43:79:74:47:
cd:6a:08:7a:39:20:1b:eb:c5:39:5e:b1:1c:ba:ba:
cd:2f:9c:63:04:64:9b:f9:c8:a2:f9:2f:5d:e7:d6:
55:44:8e:f1:c4:4e:ab:7b:01:51:6c:44:dd:ff:9a:
ee:07:48:65:63:5c:5a:83:9b:b1:f0:47:3d:92:3b:
d4:f3:d6:a0:b2:a9:0c:a4:b8:26:71:56:21:ba:a9:
5f:0a:ca:90:0e:09:29:fe:22:36:0d:ed:ae:fb:7d:
a9:c9:8d:21:37:45:9a:68:67:74:75:4e:e6:d6:b9:
1c:5d:a1:50:50:48:ab:0e:54:fe:94:3a:92:6a:cf:
67:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E0:F8:D1:4B:5B:22:8D:FC:96:75:7A:6A:D8:5C:73:44:07:1F:EE
X509v3 Authority Key Identifier:
keyid:40:64:00:D7:1D:7E:DE:B0:EB:30:5D:49:82:EC:F5:20:B0:F4:4E:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGQA1x1-3rDrMF1Jguz1ILD0Tnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/1-eD40UtbIo38lnV6athcc0QHH-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f0751d-d7b3-4701-a326-2148082c3533/1/QGQA1x1-3rDrMF1Jguz1ILD0Tnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.148.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:38:7c:3a:51:c9:2b:d0:ae:ab:81:84:69:ec:0f:0a:c1:9e:
a5:43:3a:48:d3:9b:d5:1e:b7:09:0c:1f:50:d6:e4:b6:31:a8:
de:84:78:79:d4:52:4a:03:8a:5a:9f:c1:96:ff:ba:db:c5:2f:
55:08:d9:c2:96:1f:82:02:4e:a1:2e:e7:1a:96:4d:39:c2:6c:
f7:84:2c:30:1b:d7:91:0b:7d:45:d6:c0:6a:e7:91:0c:4d:c0:
e0:28:31:14:57:3b:6d:4a:1b:7f:d0:a8:4d:05:64:a6:98:34:
b9:9c:06:cd:86:7e:da:96:5f:a3:6a:6b:4a:29:8e:6c:03:f6:
10:42:53:5d:d1:e1:b8:af:c5:e9:59:e7:a6:2d:4d:92:53:eb:
e0:af:3f:4f:89:a2:fc:21:c2:79:fb:d6:84:82:a1:af:c6:aa:
76:d9:06:a7:98:73:f5:f3:6a:2f:1d:a7:20:ec:a1:d4:fb:30:
c6:64:54:57:c6:3b:64:d2:73:92:51:b1:0d:c2:21:5e:67:14:
17:65:2e:ec:57:19:54:bb:06:7f:61:0e:73:0f:4e:23:77:3e:
3b:56:49:d1:89:51:d2:27:76:23:ec:43:60:14:60:e3:a2:61:
ed:b7:1e:04:8d:61:fe:6d:a4:6d:f2:d5:e1:e3:49:dd:5c:5b:
45:a7:5b:0f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwS9+I1HjEeT3QzL4eSI7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNjQwMGQ3MWQ3ZWRlYjBlYjMwNWQ0OTgyZWNmNTIwYjBm
NDRlNzcwHhcNMjMwMTAyMDIyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWUwZjhkMTRiNWIyMjhkZmM5Njc1N2E2YWQ4NWM3MzQ0MDcxZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphS7i1Zed3LT3s3G0/BxB6CiGIm9
kO8gq/FAjbLM7CE4fBj9pU6YBVz6FBrQuKcnHwg3s+WH30THxJkKuj4TJ5XXZJKz
G4kBzofCSnURS5KCTIknATRoF58qmTdvmbwFTHQPiGcyTIDsdEpDA6Nt0dIhXHFn
qzKhxb9BnSZ+IPrDdkN5dEfNagh6OSAb68U5XrEcurrNL5xjBGSb+cii+S9d59ZV
RI7xxE6rewFRbETd/5ruB0hlY1xag5ux8Ec9kjvU89agsqkMpLgmcVYhuqlfCsqQ
Dgkp/iI2De2u+32pyY0hN0WaaGd0dU7m1rkcXaFQUEirDlT+lDqSas9nPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPng+NFLWyKN/JZ1emrYXHNEBx/uMB8GA1UdIwQY
MBaAFEBkANcdft6w6zBdSYLs9SCw9E53MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdRQTF4MS0zckRyTUYxSmd1ejFJTEQwVG5jLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9mMDc1MWQtZDdiMy00NzAxLWEzMjYt
MjE0ODA4MmMzNTMzLzEvMS1lRDQwVXRiSW8zOGxuVjZhdGhjYzBRSEgtNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvZjA3NTFkLWQ3YjMtNDcwMS1hMzI2LTIxNDgwODJjMzUz
My8xL1FHUUExeDEtM3JEck1GMUpndXoxSUxEMFRuYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsJ8lDAN
BgkqhkiG9w0BAQsFAAOCAQEAbzh8OlHJK9Cuq4GEaewPCsGepUM6SNOb1R63CQwf
UNbktjGo3oR4edRSSgOKWp/Blv+628UvVQjZwpYfggJOoS7nGpZNOcJs94QsMBvX
kQt9RdbAaueRDE3A4CgxFFc7bUobf9CoTQVkppg0uZwGzYZ+2pZfo2prSimObAP2
EEJTXdHhuK/F6Vnnpi1NklPr4K8/T4mi/CHCefvWhIKhr8aqdtkGp5hz9fNqLx2n
IOyh1PswxmRUV8Y7ZNJzklGxDcIhXmcUF2Uu7FcZVLsGf2EOcw9OI3c+O1ZJ0YlR
0id2I+xDYBRg46Jh7bceBI1h/m2kbfLV4eNJ3VxbRadbDw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:44 2024 by rpki-client on console-fra.rpki-client.org