Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/QcfmILuHNuEQKv2pakI_fW4t_S0.roa
File: QcfmILuHNuEQKv2pakI_fW4t_S0.roa (raw, json)
Hash identifier: EpJbvJpnZK1xlGYIxOhdGZ2GZfHegVN0fV6J9y4Ydgk=
Subject key identifier: 41:C7:E6:20:BB:87:36:E1:10:2A:FD:A9:6A:42:3F:7D:6E:2D:FD:2D
Certificate issuer: /CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Certificate serial: 01929B6A70BF9D7E293A85C76721604FB4A7
Authority key identifier: 34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/QcfmILuHNuEQKv2pakI_fW4t_S0.roa
Signing time: Thu 17 Oct 2024 16:58:17 +0000
ROA not before: Thu 17 Oct 2024 16:58:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204877
IP address blocks: 185.141.120.0/22 maxlen: 32
185.141.120.120/32 maxlen: 32
185.141.121.243/32 maxlen: 32
2a0d:ff00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 17 Oct 2024 19:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9b:6a:70:bf:9d:7e:29:3a:85:c7:67:21:60:4f:b4:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Validity
Not Before: Oct 17 16:58:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41c7e620bb8736e1102afda96a423f7d6e2dfd2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6d:cc:29:a4:10:33:68:ee:43:4a:af:f7:5b:
47:c1:4d:38:4a:83:a0:82:ea:de:54:43:96:a0:0c:
ab:f6:85:47:20:35:79:02:27:4f:27:f4:43:0a:fd:
38:b2:bb:52:9d:4b:52:60:15:e8:74:77:2e:b4:79:
e2:d3:36:bb:71:ef:38:1a:9c:9d:b7:3a:a9:c0:42:
35:e7:bf:0f:a0:75:ed:d9:b6:6c:c9:57:b9:3e:eb:
17:03:a2:b6:1a:92:27:33:a5:ad:6b:60:54:6c:f7:
52:6e:1b:0c:14:95:47:a1:c0:cb:c0:64:13:12:43:
3a:be:cd:37:fe:12:05:58:39:e6:40:0a:be:4d:7e:
e9:d9:b2:ba:96:6b:6a:3d:d5:d8:9b:7c:db:70:54:
c6:7d:aa:35:db:50:ab:7b:f8:a4:0e:56:ea:cd:bb:
18:14:27:e6:fb:3c:31:c9:36:fa:ad:ea:cd:28:af:
43:fd:6e:13:20:c0:2b:40:83:59:cc:93:a6:9c:af:
ab:64:b4:69:9c:8e:25:22:11:86:1b:e7:45:ca:b2:
4e:15:bf:c1:dd:b6:70:e8:9c:2f:61:b5:01:a9:61:
d8:56:ab:e9:39:f5:3f:d5:46:4d:90:d8:e4:a7:79:
86:c7:9a:99:5c:91:0a:c2:11:3e:c7:8d:c6:23:ef:
bc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C7:E6:20:BB:87:36:E1:10:2A:FD:A9:6A:42:3F:7D:6E:2D:FD:2D
X509v3 Authority Key Identifier:
keyid:34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/QcfmILuHNuEQKv2pakI_fW4t_S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/NLqcIjJB64DivHGFO7fS5YKGvdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.120.0/22
IPv6:
2a0d:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
65:f9:3c:57:1b:fc:0a:e2:bf:02:a1:b3:a2:16:f3:ca:d5:39:
9b:a2:bd:3d:86:fe:4d:ae:40:90:91:5e:58:96:a1:ef:75:46:
de:85:e2:ae:91:15:fd:3c:ef:c3:37:ad:c9:90:f3:02:37:e2:
7e:ac:26:de:5b:e0:69:dd:e3:67:0a:b1:62:e0:75:a0:81:9b:
9b:3c:25:6a:03:d8:2a:60:f7:79:e1:89:57:8d:18:a5:1e:90:
77:c7:b1:be:24:f6:8c:69:03:5b:95:5d:62:cf:94:64:5d:d3:
5b:63:e3:b2:65:3a:70:1d:80:c5:5d:7e:0e:06:7a:d3:77:8c:
89:8e:ef:b8:29:5f:6c:0c:31:d1:41:b8:8b:c2:d1:bd:80:42:
50:a6:60:17:fa:5b:4a:42:50:73:74:a0:e0:a9:9b:1e:80:80:
41:f3:da:cb:a7:d6:11:c5:ba:4a:42:1c:d0:59:92:f2:0c:a4:
7d:b3:3a:52:9d:f7:a5:18:0a:83:15:e9:59:fb:1e:b3:8c:88:
76:86:02:7f:95:6c:ae:fa:ae:a2:1c:61:a9:25:86:36:0b:40:
70:c2:ce:98:38:b5:46:ff:2f:d5:72:77:e0:e3:19:27:f5:f1:
a2:7a:62:80:39:e7:3e:65:26:5c:42:3d:20:cc:48:40:dd:c2:
0e:29:1a:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKbanC/nX4pOoXHZyFgT7SnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmE5YzIyMzI0MWViODBlMmJjNzE4NTNiYjdkMmU1ODI4
NmJkZDMwHhcNMjQxMDE3MTY1ODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM3ZTYyMGJiODczNmUxMTAyYWZkYTk2YTQyM2Y3ZDZlMmRmZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm3MKaQQM2juQ0qv91tHwU04SoOg
gureVEOWoAyr9oVHIDV5AidPJ/RDCv04srtSnUtSYBXodHcutHni0za7ce84Gpyd
tzqpwEI1578PoHXt2bZsyVe5PusXA6K2GpInM6Wta2BUbPdSbhsMFJVHocDLwGQT
EkM6vs03/hIFWDnmQAq+TX7p2bK6lmtqPdXYm3zbcFTGfao121Cre/ikDlbqzbsY
FCfm+zwxyTb6rerNKK9D/W4TIMArQINZzJOmnK+rZLRpnI4lIhGGG+dFyrJOFb/B
3bZw6JwvYbUBqWHYVqvpOfU/1UZNkNjkp3mGx5qZXJEKwhE+x43GI++8tQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEHH5iC7hzbhECr9qWpCP31uLf0tMB8GA1UdIwQY
MBaAFDS6nCIyQeuA4rxxhTu30uWChr3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzIt
MTNlZTRjOGQzMDgyLzEvUWNmbUlMdUhOdUVRS3YycGFrSV9mVzR0X1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzItMTNlZTRjOGQzMDgy
LzEvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY14MA0E
AgACMAcDBQMqDf8AMA0GCSqGSIb3DQEBCwUAA4IBAQBl+TxXG/wK4r8CobOiFvPK
1Tmbor09hv5NrkCQkV5YlqHvdUbeheKukRX9PO/DN63JkPMCN+J+rCbeW+Bp3eNn
CrFi4HWggZubPCVqA9gqYPd54YlXjRilHpB3x7G+JPaMaQNblV1iz5RkXdNbY+Oy
ZTpwHYDFXX4OBnrTd4yJju+4KV9sDDHRQbiLwtG9gEJQpmAX+ltKQlBzdKDgqZse
gIBB89rLp9YRxbpKQhzQWZLyDKR9szpSnfelGAqDFelZ+x6zjIh2hgJ/lWyu+q6i
HGGpJYY2C0Bwws6YOLVG/y/Vcnfg4xkn9fGiemKAOec+ZSZcQj0gzEhA3cIOKRqG
-----END CERTIFICATE-----
Generated at Thu Oct 17 21:33:10 2024 by rpki-client on console-fra.rpki-client.org