Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/q3NqBtLfBnYZYGQg73HE7HyB0JQ.roa
File: q3NqBtLfBnYZYGQg73HE7HyB0JQ.roa (raw, json)
Hash identifier: CoJHqbc04moS7hnOw+N6WMZ9y9VLNnYTbPJ/53VuFMA=
Subject key identifier: AB:73:6A:06:D2:DF:06:76:19:60:64:20:EF:71:C4:EC:7C:81:D0:94
Certificate issuer: /CN=82d7fe7312efb42bd8d1ecd82ac76191ea26c356
Certificate serial: 01857295D1BB4FC5DB8D03A4A8B80AE247F9
Authority key identifier: 82:D7:FE:73:12:EF:B4:2B:D8:D1:EC:D8:2A:C7:61:91:EA:26:C3:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gtf-cxLvtCvY0ezYKsdhkeomw1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/q3NqBtLfBnYZYGQg73HE7HyB0JQ.roa
Signing time: Mon 02 Jan 2023 13:04:59 +0000
ROA not before: Mon 02 Jan 2023 13:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43766
IP address blocks: 92.43.171.0/24 maxlen: 24
92.43.170.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:d1:bb:4f:c5:db:8d:03:a4:a8:b8:0a:e2:47:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82d7fe7312efb42bd8d1ecd82ac76191ea26c356
Validity
Not Before: Jan 2 13:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab736a06d2df067619606420ef71c4ec7c81d094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d3:4f:14:12:0e:b6:01:42:c7:94:57:62:ee:
46:2a:76:1d:b7:fe:42:c0:c8:dc:74:c2:05:0d:18:
c5:33:23:f8:66:fb:dd:3d:c6:59:ac:56:aa:35:41:
b8:c4:09:ff:79:f1:6c:fc:4f:be:ed:46:98:da:ae:
31:89:d6:3c:f7:92:a4:40:40:48:e9:8f:cc:ed:5a:
f0:60:e6:70:74:ef:ef:ac:a8:cc:93:a1:11:61:ce:
53:6e:e1:4a:90:20:c5:c9:d7:4b:d3:60:d3:eb:d7:
c2:f6:a9:81:d6:c3:ad:f9:fa:34:08:fc:b0:96:78:
25:e5:7d:1b:d7:e4:09:5c:c8:af:b8:17:45:d2:72:
76:fd:89:25:82:d0:f3:ad:03:b0:8a:08:a8:d5:ed:
99:de:05:58:60:7b:94:ea:41:f6:3c:60:7e:e6:eb:
a0:3b:04:4d:52:37:c6:96:cf:56:8d:70:84:e3:4b:
59:c0:e1:a0:1c:7b:39:b1:7f:33:cc:d9:6e:99:e6:
53:69:b5:27:37:b5:50:9d:5e:0c:f3:ea:df:13:10:
8f:97:00:ba:bf:ed:02:0c:46:7c:7e:fe:9a:47:c7:
2c:93:3e:0e:ef:9b:ca:06:0c:02:98:61:90:a1:63:
32:54:40:89:04:cd:a0:f9:cf:c3:a0:71:bc:51:14:
93:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:73:6A:06:D2:DF:06:76:19:60:64:20:EF:71:C4:EC:7C:81:D0:94
X509v3 Authority Key Identifier:
keyid:82:D7:FE:73:12:EF:B4:2B:D8:D1:EC:D8:2A:C7:61:91:EA:26:C3:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gtf-cxLvtCvY0ezYKsdhkeomw1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/q3NqBtLfBnYZYGQg73HE7HyB0JQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/05d8ba-9433-4a2e-bfe6-37b21bab3b00/1/gtf-cxLvtCvY0ezYKsdhkeomw1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.170.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:6c:f0:dc:8f:45:88:21:e3:54:58:4c:1c:b6:a1:e8:0c:97:
c5:ab:9d:ae:12:63:64:fd:15:86:4b:0e:df:b0:89:cb:1f:79:
64:30:64:78:bf:48:ff:9d:37:06:3b:d4:d9:38:97:cf:8f:40:
0b:c8:9f:f8:2c:bb:87:dd:bf:3c:96:9d:3a:ac:ce:18:e4:1a:
3e:1f:45:c6:09:96:8d:31:1d:ec:5a:f2:01:f7:a0:36:c9:2c:
c9:6c:58:8c:e8:7b:99:5d:88:4b:b2:3c:36:8b:22:4d:62:2e:
05:5d:4f:13:b0:4d:99:83:7e:6f:fd:da:1c:aa:67:88:26:04:
e8:25:21:19:ee:99:31:c3:d1:25:74:6f:98:a7:29:8a:19:fd:
bc:23:bd:f5:1a:da:dc:50:e4:81:29:c2:0c:2f:fd:ed:03:a7:
4b:15:b2:39:46:77:01:01:bf:63:e0:7e:fc:82:53:21:41:33:
be:43:68:21:f0:94:11:d9:cc:76:ca:25:bd:06:a1:f8:74:6e:
81:cd:6d:8a:cb:86:25:8b:06:4e:48:0e:84:39:a0:02:97:9c:
b8:ce:5c:ee:a1:de:9c:68:af:90:fc:56:4f:61:24:59:74:b0:
32:66:2e:d9:58:d5:05:65:a8:6b:51:16:d2:8d:07:f1:50:f2:
58:d6:d8:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyldG7T8XbjQOkqLgK4kf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZDdmZTczMTJlZmI0MmJkOGQxZWNkODJhYzc2MTkxZWEy
NmMzNTYwHhcNMjMwMTAyMTMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjczNmEwNmQyZGYwNjc2MTk2MDY0MjBlZjcxYzRlYzdjODFkMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NNPFBIOtgFCx5RXYu5GKnYdt/5C
wMjcdMIFDRjFMyP4ZvvdPcZZrFaqNUG4xAn/efFs/E++7UaY2q4xidY895KkQEBI
6Y/M7VrwYOZwdO/vrKjMk6ERYc5TbuFKkCDFyddL02DT69fC9qmB1sOt+fo0CPyw
lngl5X0b1+QJXMivuBdF0nJ2/YklgtDzrQOwigio1e2Z3gVYYHuU6kH2PGB+5uug
OwRNUjfGls9WjXCE40tZwOGgHHs5sX8zzNlumeZTabUnN7VQnV4M8+rfExCPlwC6
v+0CDEZ8fv6aR8cskz4O75vKBgwCmGGQoWMyVECJBM2g+c/DoHG8URST/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtzagbS3wZ2GWBkIO9xxOx8gdCUMB8GA1UdIwQY
MBaAFILX/nMS77Qr2NHs2CrHYZHqJsNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3RmLWN4THZ0Q3ZZMGV6WUtzZGhrZW9tdzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wNWQ4YmEtOTQzMy00YTJlLWJmZTYt
MzdiMjFiYWIzYjAwLzEvcTNOcUJ0TGZCbllaWUdRZzczSEU3SHlCMEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wNWQ4YmEtOTQzMy00YTJlLWJmZTYtMzdiMjFiYWIzYjAw
LzEvZ3RmLWN4THZ0Q3ZZMGV6WUtzZGhrZW9tdzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXCuqMA0G
CSqGSIb3DQEBCwUAA4IBAQClbPDcj0WIIeNUWEwctqHoDJfFq52uEmNk/RWGSw7f
sInLH3lkMGR4v0j/nTcGO9TZOJfPj0ALyJ/4LLuH3b88lp06rM4Y5Bo+H0XGCZaN
MR3sWvIB96A2ySzJbFiM6HuZXYhLsjw2iyJNYi4FXU8TsE2Zg35v/docqmeIJgTo
JSEZ7pkxw9EldG+YpymKGf28I731GtrcUOSBKcIML/3tA6dLFbI5RncBAb9j4H78
glMhQTO+Q2gh8JQR2cx2yiW9BqH4dG6BzW2Ky4YliwZOSA6EOaACl5y4zlzuod6c
aK+Q/FZPYSRZdLAyZi7ZWNUFZahrURbSjQfxUPJY1tj0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org