Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QzCjkvah_5VFvHmCalIqvK7e_Rw.roa
File: QzCjkvah_5VFvHmCalIqvK7e_Rw.roa (raw, json)
Hash identifier: 13VXCx1ewlbgOXMxauFF7SAvb/ClVqhhKvzQeEDJLzk=
Subject key identifier: 43:30:A3:92:F6:A1:FF:95:45:BC:79:82:6A:52:2A:BC:AE:DE:FD:1C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01889147A7485E825AB1C567260DAC98AAEE
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QzCjkvah_5VFvHmCalIqvK7e_Rw.roa
Signing time: Tue 06 Jun 2023 15:16:11 +0000
ROA not before: Tue 06 Jun 2023 15:16:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203511
IP address blocks: 88.209.248.0/24 maxlen: 24
2.58.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Jun 2023 07:06:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:47:a7:48:5e:82:5a:b1:c5:67:26:0d:ac:98:aa:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 6 15:16:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4330a392f6a1ff9545bc79826a522abcaedefd1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:20:72:23:57:57:14:6d:85:11:e4:3e:47:7c:
be:75:36:8a:f3:30:16:b3:19:bb:fe:33:f1:20:c4:
e6:96:17:86:ea:95:31:39:bd:2c:77:78:6b:b8:4b:
8e:89:af:a1:00:1a:7c:fe:52:38:e5:35:4e:6d:8a:
71:20:d2:a7:d6:c4:9f:f5:e4:04:2a:d2:71:9b:9b:
cc:7d:0f:e3:9c:2c:a9:aa:04:10:a0:06:39:eb:d1:
9b:24:6c:08:55:ff:b5:cb:12:7b:4d:df:4d:a3:68:
b4:3d:26:13:dc:2c:a3:e6:c5:f0:23:de:53:c4:d1:
ad:fa:6e:f9:98:b1:4d:08:65:d9:fb:f7:ac:bd:d8:
8e:86:88:65:3e:01:07:75:f9:82:a6:16:b7:bd:dc:
b9:69:43:bf:06:f9:e2:b5:07:d0:50:af:8a:04:7f:
4e:d7:4d:ac:79:c0:8f:23:59:de:23:ab:81:2f:b7:
fa:87:10:30:48:ea:c6:37:3e:6b:61:84:0b:d3:6a:
88:36:7b:15:b3:fb:83:a3:90:c3:12:a5:90:b0:90:
19:c5:42:80:16:cf:08:54:fe:db:6c:d6:0c:ec:c9:
63:f5:22:cd:00:cf:46:95:84:ac:30:39:6c:0b:94:
61:da:08:42:92:72:74:fb:b1:7f:43:a4:b0:cc:5a:
ff:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:30:A3:92:F6:A1:FF:95:45:BC:79:82:6A:52:2A:BC:AE:DE:FD:1C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/QzCjkvah_5VFvHmCalIqvK7e_Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.169.0/24
88.209.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:f9:e8:ba:ab:83:dd:4e:79:ff:ac:be:e3:42:87:ff:e8:f8:
be:15:9c:79:4b:ef:51:ff:a6:20:63:8b:76:04:ad:a1:83:b7:
89:a1:f4:be:c2:22:3a:9f:d5:1f:00:cf:f3:10:11:38:23:41:
4c:b0:2a:43:65:3f:3f:7c:51:af:88:28:29:09:98:46:5b:cf:
68:69:a7:31:c4:29:64:21:ae:34:9f:7b:86:19:18:d1:13:c8:
3e:21:d1:35:6d:5d:1c:52:2c:2c:66:e6:22:57:64:70:2e:a4:
96:c3:42:5d:c6:00:7b:91:69:77:8c:c8:3a:a0:6f:90:6a:b7:
c3:72:43:ea:5c:58:b4:ab:b6:68:b9:e9:c3:e4:e7:37:f6:2f:
92:b9:26:61:b3:7c:13:a3:51:f0:8d:08:45:d9:44:a5:65:16:
d2:d9:30:fd:41:52:d8:72:1e:e5:aa:8a:a4:4a:8b:63:e4:74:
30:64:89:17:9b:83:a7:a0:57:b0:44:73:f8:0a:66:58:3b:bc:
23:bb:00:61:b7:19:f0:a3:da:d6:35:48:39:04:55:c1:e4:ff:
f7:eb:a2:32:a2:10:d7:59:5b:74:77:e9:8f:a4:61:0a:22:79:
8c:9a:7a:f5:5d:6f:e5:3c:d8:2c:90:98:3c:b9:e8:9d:39:d3:
d4:7f:67:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiRR6dIXoJascVnJg2smKruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNjA2MTUxNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzMwYTM5MmY2YTFmZjk1NDViYzc5ODI2YTUyMmFiY2FlZGVmZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCByI1dXFG2FEeQ+R3y+dTaK8zAW
sxm7/jPxIMTmlheG6pUxOb0sd3hruEuOia+hABp8/lI45TVObYpxINKn1sSf9eQE
KtJxm5vMfQ/jnCypqgQQoAY569GbJGwIVf+1yxJ7Td9No2i0PSYT3Cyj5sXwI95T
xNGt+m75mLFNCGXZ+/esvdiOhohlPgEHdfmCpha3vdy5aUO/BvnitQfQUK+KBH9O
102secCPI1neI6uBL7f6hxAwSOrGNz5rYYQL02qINnsVs/uDo5DDEqWQsJAZxUKA
Fs8IVP7bbNYM7Mlj9SLNAM9GlYSsMDlsC5Rh2ghCknJ0+7F/Q6SwzFr/iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEMwo5L2of+VRbx5gmpSKryu3v0cMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUXpDamt2YWhfNVZGdkhtQ2FsSXF2SzdlX1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjqpAwQA
WNH4MA0GCSqGSIb3DQEBCwUAA4IBAQCP+ei6q4PdTnn/rL7jQof/6Pi+FZx5S+9R
/6YgY4t2BK2hg7eJofS+wiI6n9UfAM/zEBE4I0FMsCpDZT8/fFGviCgpCZhGW89o
aacxxClkIa40n3uGGRjRE8g+IdE1bV0cUiwsZuYiV2RwLqSWw0JdxgB7kWl3jMg6
oG+QarfDckPqXFi0q7ZouenD5Oc39i+SuSZhs3wTo1HwjQhF2USlZRbS2TD9QVLY
ch7lqoqkSotj5HQwZIkXm4OnoFewRHP4CmZYO7wjuwBhtxnwo9rWNUg5BFXB5P/3
66IyohDXWVt0d+mPpGEKInmMmnr1XW/lPNgskJg8ueidOdPUf2c9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org