Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/q-ZUqAl5RL5aekwVsrFOCNMt43c.roa
File: q-ZUqAl5RL5aekwVsrFOCNMt43c.roa (raw, json)
Hash identifier: 9sFbW+07q06l43pOCShnLR85MEf9gTidwpm2xmseyxI=
Subject key identifier: AB:E6:54:A8:09:79:44:BE:5A:7A:4C:15:B2:B1:4E:08:D3:2D:E3:77
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 01856B8108A014F8056C755F3267A3949661
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/q-ZUqAl5RL5aekwVsrFOCNMt43c.roa
Signing time: Sun 01 Jan 2023 04:04:56 +0000
ROA not before: Sun 01 Jan 2023 04:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54203
IP address blocks: 176.67.85.0/24 maxlen: 24
176.67.83.0/24 maxlen: 24
176.67.80.0/23 maxlen: 23
176.67.86.0/24 maxlen: 24
185.91.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 03 Mar 2023 21:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:08:a0:14:f8:05:6c:75:5f:32:67:a3:94:96:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Jan 1 04:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abe654a8097944be5a7a4c15b2b14e08d32de377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b2:87:b0:25:84:14:de:11:49:29:8f:de:84:
74:70:f0:74:40:61:ca:cb:3e:15:61:59:0d:11:67:
e1:3d:1b:76:3a:9b:81:cf:50:83:e6:35:70:64:6d:
8e:97:a3:1a:b1:0d:55:5d:5e:d3:85:79:cb:4f:2c:
d4:86:7f:c2:3e:7a:7b:23:a2:e0:6e:a2:77:9f:06:
d1:2b:67:7b:b8:ca:80:44:7b:00:6f:73:b4:6b:16:
76:7d:14:87:75:97:f1:2b:f8:5d:61:4e:34:02:c2:
8f:ad:bd:33:4d:b8:84:12:a1:c8:dc:08:58:7e:28:
75:ee:16:3a:88:72:16:79:d0:5f:93:30:49:09:d7:
ed:1a:cd:d0:e4:c5:ce:b4:fc:a7:23:e0:97:92:77:
93:9d:ce:82:9d:eb:1f:61:1a:e4:22:61:a0:c6:53:
3c:5c:60:0a:c2:ea:6f:b6:61:4d:f2:75:5d:a3:77:
58:d3:1a:1c:bc:69:4a:90:f4:10:2a:e6:2f:87:64:
aa:c0:e1:91:91:97:f9:cb:e1:a6:5a:08:a0:51:8e:
e5:1c:98:05:b9:bb:00:55:4a:66:59:bb:ce:75:3c:
61:a8:44:28:e2:95:e3:cc:da:29:98:8a:ad:cd:59:
8e:fb:69:32:d4:f5:1a:0f:33:b4:4b:b1:a5:93:d9:
49:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E6:54:A8:09:79:44:BE:5A:7A:4C:15:B2:B1:4E:08:D3:2D:E3:77
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/q-ZUqAl5RL5aekwVsrFOCNMt43c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.80.0/23
176.67.83.0/24
176.67.85.0-176.67.86.255
185.91.120.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:98:9b:73:c0:c7:ba:14:3a:de:2a:88:98:95:a0:ab:08:5e:
f1:10:0b:03:3d:d1:33:26:44:2e:a4:d1:68:45:50:5c:ae:42:
e7:bf:51:3e:02:b2:b4:d5:9b:14:c9:72:ce:17:8d:b4:e5:5d:
72:63:71:30:81:b0:30:cf:84:3f:7f:a6:5b:e6:16:33:1a:f2:
cb:c1:fc:c2:33:51:0c:86:6c:71:f5:ae:1e:a1:21:31:cc:ad:
67:5c:6b:bb:08:d5:e6:fc:16:ff:6c:ca:0a:2f:b9:47:01:42:
7b:d1:95:b3:65:d7:1e:3f:cd:0c:65:df:55:1a:87:87:b7:2e:
eb:22:ed:df:e8:a6:a1:d9:14:5f:dc:53:1a:61:4d:48:80:f9:
61:65:8a:a6:46:af:ca:fe:9a:9c:ff:a2:f6:72:ec:5e:a5:96:
52:ef:8c:9d:47:45:7f:2a:f8:db:49:0b:e3:d1:1d:39:3f:62:
93:48:eb:8c:6a:82:92:b6:9d:ff:5f:76:1b:57:bc:84:35:e3:
df:75:dc:f8:b7:04:24:f9:45:d3:e6:0f:06:b8:02:3f:77:79:
19:84:e7:2d:35:21:f5:98:ef:15:18:cc:73:36:9c:9f:6c:9e:
49:91:65:e5:d4:f3:e8:34:c3:27:6e:d1:a2:c5:63:d1:3d:d8:
09:ac:b2:1e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVrgQigFPgFbHVfMmejlJZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjMwMTAxMDQwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmU2NTRhODA5Nzk0NGJlNWE3YTRjMTViMmIxNGUwOGQzMmRlMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLKHsCWEFN4RSSmP3oR0cPB0QGHK
yz4VYVkNEWfhPRt2OpuBz1CD5jVwZG2Ol6MasQ1VXV7ThXnLTyzUhn/CPnp7I6Lg
bqJ3nwbRK2d7uMqARHsAb3O0axZ2fRSHdZfxK/hdYU40AsKPrb0zTbiEEqHI3AhY
fih17hY6iHIWedBfkzBJCdftGs3Q5MXOtPynI+CXkneTnc6CnesfYRrkImGgxlM8
XGAKwupvtmFN8nVdo3dY0xocvGlKkPQQKuYvh2SqwOGRkZf5y+GmWgigUY7lHJgF
ubsAVUpmWbvOdTxhqEQo4pXjzNopmIqtzVmO+2ky1PUaDzO0S7Glk9lJYwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKvmVKgJeUS+WnpMFbKxTgjTLeN3MB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvcS1aVXFBbDVSTDVhZWt3VnNyRk9DTk10NDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBsENQAwQA
sENTMAwDBACwQ1UDBACwQ1YDBAK5W3gwDQYJKoZIhvcNAQELBQADggEBAA+Ym3PA
x7oUOt4qiJiVoKsIXvEQCwM90TMmRC6k0WhFUFyuQue/UT4CsrTVmxTJcs4XjbTl
XXJjcTCBsDDPhD9/plvmFjMa8svB/MIzUQyGbHH1rh6hITHMrWdca7sI1eb8Fv9s
ygovuUcBQnvRlbNl1x4/zQxl31Uah4e3Lusi7d/opqHZFF/cUxphTUiA+WFliqZG
r8r+mpz/ovZy7F6lllLvjJ1HRX8q+NtJC+PRHTk/YpNI64xqgpK2nf9fdhtXvIQ1
49913Pi3BCT5RdPmDwa4Aj93eRmE5y01IfWY7xUYzHM2nJ9snkmRZeXU8+g0wydu
0aLFY9E92Amssh4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:38 2024 by rpki-client on console-ams.rpki-client.org