Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/qfxaSQ1TVyWSr1cW0jyW3V3k6pk.roa
File: qfxaSQ1TVyWSr1cW0jyW3V3k6pk.roa (raw, json)
Hash identifier: 4rFHVKQszM4GV/bMzDfBkKgx/KU2TSDsqvK6WRtuyx0=
Subject key identifier: A9:FC:5A:49:0D:53:57:25:92:AF:57:16:D2:3C:96:DD:5D:E4:EA:99
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 01857295B03FB917C870E4EC7CC025E6458D
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/qfxaSQ1TVyWSr1cW0jyW3V3k6pk.roa
Signing time: Mon 02 Jan 2023 13:04:50 +0000
ROA not before: Mon 02 Jan 2023 13:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197324
IP address blocks: 46.17.120.0/21 maxlen: 24
185.157.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:b0:3f:b9:17:c8:70:e4:ec:7c:c0:25:e6:45:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Jan 2 13:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9fc5a490d53572592af5716d23c96dd5de4ea99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4e:de:90:1f:fb:62:b9:00:8a:e0:d2:8e:cd:
20:be:a9:71:6e:99:24:30:80:7d:5e:dc:dc:2c:05:
8f:1b:a2:95:b2:3d:f1:e6:97:81:b4:d9:b0:f1:b9:
2e:99:82:98:df:4a:4a:ea:e5:fb:5b:cb:1a:22:39:
9e:5e:88:ac:c9:35:b0:08:5d:3c:14:cd:02:bf:b8:
f6:14:cf:bf:a7:24:01:c4:44:95:00:6f:74:ad:a1:
d7:f3:c4:04:18:79:c6:e1:b7:f4:af:fa:93:17:7b:
23:c2:88:2b:f1:2c:bb:6b:2b:3b:cf:52:e8:cb:c2:
7b:7f:3c:e4:df:03:72:f1:f0:28:05:ab:94:a1:ec:
be:d2:22:7c:da:30:2a:ba:a5:c7:6d:38:dc:42:ef:
04:f6:35:e7:08:07:95:df:65:18:bd:b4:e9:07:a9:
96:8d:9c:6d:9b:bd:71:bc:89:b2:26:72:ed:c5:89:
cb:8c:69:14:56:a5:0b:3c:fc:74:c7:95:dc:ba:58:
93:66:03:9e:52:62:78:51:4e:c1:36:81:2f:0f:03:
5d:c1:00:d5:34:ed:3d:c1:db:9f:dc:3e:20:88:b1:
de:10:9c:14:72:5d:44:49:fa:6c:9c:c8:7c:0e:c1:
59:45:96:c4:86:63:cd:a9:dd:5b:56:09:af:d2:fa:
9b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FC:5A:49:0D:53:57:25:92:AF:57:16:D2:3C:96:DD:5D:E4:EA:99
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/qfxaSQ1TVyWSr1cW0jyW3V3k6pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.120.0/21
185.157.104.0/22
Signature Algorithm: sha256WithRSAEncryption
77:5c:7e:38:54:ef:dd:64:f5:0e:30:84:98:2e:77:c3:d6:9f:
f3:ba:9d:4a:5b:7b:3a:bf:12:12:0c:1b:57:ef:27:c2:30:cb:
75:cf:85:26:d2:1d:7d:26:5e:6d:b6:c6:f6:7a:e6:58:8e:04:
61:8b:29:41:59:a6:8d:d3:39:16:36:e9:f9:96:0c:b7:57:4c:
7b:bb:6e:51:4b:5c:77:d0:ee:7c:07:53:0f:26:91:d3:36:64:
b5:5d:92:14:58:8a:2f:82:ce:1d:c5:b0:ea:eb:54:dd:67:37:
81:e7:5d:72:5d:8c:50:5d:79:2f:98:5e:37:cc:7a:4e:14:74:
aa:7b:28:88:2e:f5:67:18:51:b6:71:ec:9d:9f:87:37:ee:b9:
02:b1:77:3f:c3:96:18:83:95:94:62:15:86:28:d7:79:81:67:
a5:00:85:53:6f:38:3e:7c:d4:39:3d:07:5a:09:2f:77:3a:38:
2d:c0:7f:87:db:7b:c1:14:3a:86:37:50:ee:04:7a:20:f4:a1:
8b:75:7a:01:09:8b:ce:5a:d2:b7:d9:fe:e0:99:8d:70:fa:2b:
91:2f:3d:ce:5a:f4:1c:3f:3b:f9:2d:c8:93:89:59:61:7f:7b:
4c:1f:75:77:98:85:56:3b:07:ba:84:ef:ad:f2:fa:d9:19:9a:
e1:4c:12:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVylbA/uRfIcOTsfMAl5kWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjMwMTAyMTMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWZjNWE0OTBkNTM1NzI1OTJhZjU3MTZkMjNjOTZkZDVkZTRlYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk7ekB/7YrkAiuDSjs0gvqlxbpkk
MIB9XtzcLAWPG6KVsj3x5peBtNmw8bkumYKY30pK6uX7W8saIjmeXoisyTWwCF08
FM0Cv7j2FM+/pyQBxESVAG90raHX88QEGHnG4bf0r/qTF3sjwogr8Sy7ays7z1Lo
y8J7fzzk3wNy8fAoBauUoey+0iJ82jAquqXHbTjcQu8E9jXnCAeV32UYvbTpB6mW
jZxtm71xvImyJnLtxYnLjGkUVqULPPx0x5XculiTZgOeUmJ4UU7BNoEvDwNdwQDV
NO09wduf3D4giLHeEJwUcl1ESfpsnMh8DsFZRZbEhmPNqd1bVgmv0vqbWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKn8WkkNU1clkq9XFtI8lt1d5OqZMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvcWZ4YVNRMVRWeVdTcjFjVzBqeVczVjNrNnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhF4AwQC
uZ1oMA0GCSqGSIb3DQEBCwUAA4IBAQB3XH44VO/dZPUOMISYLnfD1p/zup1KW3s6
vxISDBtX7yfCMMt1z4Um0h19Jl5ttsb2euZYjgRhiylBWaaN0zkWNun5lgy3V0x7
u25RS1x30O58B1MPJpHTNmS1XZIUWIovgs4dxbDq61TdZzeB511yXYxQXXkvmF43
zHpOFHSqeyiILvVnGFG2ceydn4c37rkCsXc/w5YYg5WUYhWGKNd5gWelAIVTbzg+
fNQ5PQdaCS93OjgtwH+H23vBFDqGN1DuBHog9KGLdXoBCYvOWtK32f7gmY1w+iuR
Lz3OWvQcPzv5LciTiVlhf3tMH3V3mIVWOwe6hO+t8vrZGZrhTBL9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:32 2024 by rpki-client on console-fra.rpki-client.org