Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/QLikjzzoK5nv_v-uKneJ169nlP8.roa
File: QLikjzzoK5nv_v-uKneJ169nlP8.roa (raw, json)
Hash identifier: GTjRD0xeuF4qrXi1J76Lu1yR0iAvzEot96EbNHag1UY=
Subject key identifier: 40:B8:A4:8F:3C:E8:2B:99:EF:FE:FF:AE:2A:77:89:D7:AF:67:94:FF
Certificate issuer: /CN=217b7ab062bc828b348d05306e65354748b9d6d6
Certificate serial: 0188552540C2FAC60AD4D0140819F03773AF
Authority key identifier: 21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/QLikjzzoK5nv_v-uKneJ169nlP8.roa
Signing time: Thu 25 May 2023 23:01:24 +0000
ROA not before: Thu 25 May 2023 23:01:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49778
IP address blocks: 91.219.23.32/27 maxlen: 27
91.219.23.0/24 maxlen: 24
2a13:7e00::/29 maxlen: 29
2a12:70c0::/29 maxlen: 29
2a11:e380::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:55:25:40:c2:fa:c6:0a:d4:d0:14:08:19:f0:37:73:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b7ab062bc828b348d05306e65354748b9d6d6
Validity
Not Before: May 25 23:01:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40b8a48f3ce82b99effeffae2a7789d7af6794ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:94:7f:c7:27:74:9a:a4:c3:a0:35:55:c5:f7:
ac:bd:00:54:a5:82:45:5d:17:58:12:8e:03:43:bf:
6b:99:db:10:b5:f8:66:84:bb:30:48:03:fb:c5:b9:
fb:61:77:b3:a2:e9:9b:17:83:a8:14:b4:4e:1e:9c:
7d:38:9f:21:54:6f:e9:9e:6b:87:87:14:b8:fd:0d:
39:d8:ac:c7:88:9e:d3:98:e7:28:1b:c1:58:4f:99:
0b:0f:ad:fb:36:88:91:60:85:1b:85:0e:4c:8c:be:
2e:ef:c5:62:fb:72:af:db:a7:56:f7:99:e3:ff:4b:
c3:e9:8c:dc:91:89:61:c4:c2:c4:f5:2a:6b:97:c3:
61:c5:94:33:94:9a:22:b4:b7:30:34:dd:cf:a9:39:
66:82:17:38:94:c8:f9:94:77:28:03:88:69:3b:d2:
ce:b9:e0:4e:8f:4e:b2:a0:b5:ef:16:b9:61:53:e9:
00:f0:e4:11:39:29:f8:77:20:ba:ed:6a:75:6f:88:
fc:37:f4:28:48:d0:ab:59:b5:5b:c6:0e:59:bb:71:
c9:fd:07:49:f7:b6:5a:cf:97:78:90:45:5d:73:bf:
bf:5d:49:39:ff:9a:d7:5e:a3:90:44:69:90:cb:6c:
a1:c5:67:61:d4:79:ea:82:77:54:97:7f:d5:1a:00:
58:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B8:A4:8F:3C:E8:2B:99:EF:FE:FF:AE:2A:77:89:D7:AF:67:94:FF
X509v3 Authority Key Identifier:
keyid:21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/QLikjzzoK5nv_v-uKneJ169nlP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.23.0/24
IPv6:
2a11:e380::/29
2a12:70c0::/29
2a13:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
05:62:95:50:ec:72:dc:e9:7a:c1:ff:65:ce:81:bf:84:0f:93:
01:ae:aa:f7:f4:08:94:43:3d:2a:6b:f9:78:bb:9e:f8:dd:76:
37:85:92:63:7d:f7:f4:c3:4f:17:8d:df:46:58:01:ac:b7:88:
fb:14:58:80:ac:1b:29:b5:58:c9:d7:42:bd:b9:41:c2:09:ed:
cb:9f:96:a9:b9:51:e1:77:dd:d2:86:fe:9c:0d:74:69:f2:ef:
7e:3e:c6:c4:e8:9a:ae:5f:5c:b5:14:c4:86:21:5e:bd:05:92:
c8:97:0f:58:ea:de:f8:13:86:4b:13:3c:c2:87:00:61:6f:dc:
e9:a4:be:30:a7:b5:3d:06:ee:c0:da:2d:89:d4:9d:19:ad:6c:
aa:a5:8e:72:d5:6c:19:b8:d9:67:11:4a:69:10:dc:f9:19:23:
11:fc:0d:ed:19:91:62:88:62:3a:3c:b3:5a:f3:41:b0:57:b7:
6f:eb:d6:de:2d:54:c2:b7:65:e8:41:9b:6a:aa:b4:f3:be:9b:
52:9c:36:76:85:aa:07:05:4a:d7:cd:51:bf:57:2a:26:da:26:
a3:b8:e0:16:a7:14:d4:d0:ab:ac:49:89:11:69:3e:12:3a:ea:
16:dc:14:b3:68:17:16:1b:03:29:43:68:22:17:77:cb:96:99:
a9:b3:1e:69
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYhVJUDC+sYK1NAUCBnwN3OvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I3YWIwNjJiYzgyOGIzNDhkMDUzMDZlNjUzNTQ3NDhi
OWQ2ZDYwHhcNMjMwNTI1MjMwMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGI4YTQ4ZjNjZTgyYjk5ZWZmZWZmYWUyYTc3ODlkN2FmNjc5NGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5R/xyd0mqTDoDVVxfesvQBUpYJF
XRdYEo4DQ79rmdsQtfhmhLswSAP7xbn7YXezoumbF4OoFLROHpx9OJ8hVG/pnmuH
hxS4/Q052KzHiJ7TmOcoG8FYT5kLD637NoiRYIUbhQ5MjL4u78Vi+3Kv26dW95nj
/0vD6YzckYlhxMLE9Sprl8NhxZQzlJoitLcwNN3PqTlmghc4lMj5lHcoA4hpO9LO
ueBOj06yoLXvFrlhU+kA8OQROSn4dyC67Wp1b4j8N/QoSNCrWbVbxg5Zu3HJ/QdJ
97Zaz5d4kEVdc7+/XUk5/5rXXqOQRGmQy2yhxWdh1HnqgndUl3/VGgBYXQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEC4pI886CuZ7/7/rip3idevZ5T/MB8GA1UdIwQY
MBaAFCF7erBivIKLNI0FMG5lNUdIudbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYt
NTViNjU5Y2Q4MmJiLzEvUUxpa2p6em9LNW52X3YtdUtuZUoxNjlubFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYtNTViNjU5Y2Q4MmJi
LzEvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAW9sXMBsE
AgACMBUDBQMqEeOAAwUDKhJwwAMFAyoTfgAwDQYJKoZIhvcNAQELBQADggEBAAVi
lVDsctzpesH/Zc6Bv4QPkwGuqvf0CJRDPSpr+Xi7nvjddjeFkmN99/TDTxeN30ZY
Aay3iPsUWICsGym1WMnXQr25QcIJ7cuflqm5UeF33dKG/pwNdGny734+xsTomq5f
XLUUxIYhXr0FksiXD1jq3vgThksTPMKHAGFv3OmkvjCntT0G7sDaLYnUnRmtbKql
jnLVbBm42WcRSmkQ3PkZIxH8De0ZkWKIYjo8s1rzQbBXt2/r1t4tVMK3ZehBm2qq
tPO+m1KcNnaFqgcFStfNUb9XKibaJqO44BanFNTQq6xJiRFpPhI66hbcFLNoFxYb
AylDaCIXd8uWmamzHmk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:08 2024 by rpki-client on console-ams.rpki-client.org