Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/QP_a-DSaCCuxRJr65Glsfq25Nf4.roa
File: QP_a-DSaCCuxRJr65Glsfq25Nf4.roa (raw, json)
Hash identifier: V5sjcjOtcot/E8QdAjOyYEn8ixuIKTPLSjCCDXgfGb0=
Subject key identifier: 40:FF:DA:F8:34:9A:08:2B:B1:44:9A:FA:E4:69:6C:7E:AD:B9:35:FE
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 019150A5F7088A6D97EE716B1A9EA46B4A51
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/QP_a-DSaCCuxRJr65Glsfq25Nf4.roa
Signing time: Wed 14 Aug 2024 11:28:59 +0000
ROA not before: Wed 14 Aug 2024 11:28:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 85.237.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 15:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:a5:f7:08:8a:6d:97:ee:71:6b:1a:9e:a4:6b:4a:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Aug 14 11:28:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40ffdaf8349a082bb1449afae4696c7eadb935fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:68:57:f1:b9:ec:f4:98:9f:06:76:0f:67:6b:
bc:d1:5e:21:81:5f:fa:40:e1:a3:65:7b:29:ba:f6:
6e:26:bc:00:56:a4:ce:67:5d:cd:6a:7d:50:1b:e3:
a8:e4:f3:ff:56:e1:d0:5e:b0:f3:57:e3:54:47:6b:
64:22:03:52:fb:a8:95:1c:01:8d:c4:a6:ad:d9:84:
fb:a3:c7:ec:a1:51:4a:b2:7e:61:9d:3f:0e:b5:3b:
c6:35:1d:e3:fa:6f:b5:2b:e4:9a:57:b2:72:90:fe:
2b:55:4c:52:02:3b:51:d0:7d:1f:14:19:5f:c1:c1:
02:d3:07:58:a3:d5:60:39:a0:91:9d:22:08:e0:cf:
14:4e:0a:30:75:d0:ce:a8:de:72:1f:af:0e:fc:b0:
ac:cb:7d:11:b8:d9:4a:08:e9:64:df:c4:60:fa:85:
a2:21:12:c2:26:65:82:6c:4d:f4:d1:88:9b:f1:7c:
d4:11:40:6a:72:d9:d4:ee:21:ca:3e:3b:d5:a6:72:
71:47:a0:a8:54:fb:e0:02:00:2b:95:a9:42:d8:25:
a8:d1:7d:f1:0b:2b:35:9d:b3:a8:33:42:be:4a:b7:
a2:1a:3a:66:80:16:f6:d2:6f:12:2c:8c:42:8c:71:
c8:ec:aa:d8:2b:e6:e2:5d:02:3e:d4:58:24:c5:af:
20:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FF:DA:F8:34:9A:08:2B:B1:44:9A:FA:E4:69:6C:7E:AD:B9:35:FE
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/QP_a-DSaCCuxRJr65Glsfq25Nf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.80.0/22
Signature Algorithm: sha256WithRSAEncryption
83:f2:12:f4:1e:86:98:f3:e5:01:fd:6e:c1:00:f3:44:b7:4d:
ec:e9:33:f2:65:aa:54:bf:ac:29:87:4a:b4:a8:e4:4d:02:93:
b9:7d:44:c5:84:44:1d:d5:c6:ca:12:87:d5:0b:cd:23:36:fb:
79:dd:06:54:e9:c7:f9:bc:04:f7:25:d3:4d:c2:30:b7:13:69:
33:5e:0b:20:69:e8:5d:45:d2:3f:dc:42:07:fc:87:52:35:35:
76:e7:91:ae:40:7f:cb:52:23:05:5d:82:9a:a7:35:31:6c:94:
78:e1:92:e5:e4:e4:31:12:b2:11:d7:73:3d:33:34:88:8e:e7:
9f:79:91:4f:90:ab:4c:8d:05:a2:dd:b3:d2:72:bd:22:d7:5c:
fe:9a:d0:b4:1a:4b:a5:26:dc:87:14:8e:4a:31:79:3f:e1:58:
86:59:5c:d8:dc:76:31:e0:94:ff:35:4f:83:57:a2:86:6b:9a:
29:9a:f2:b8:f9:39:1e:10:54:64:1d:61:ae:be:d5:9a:15:46:
90:e1:6d:91:e2:30:0a:bf:53:59:4f:4b:61:6c:e5:83:e0:3f:
57:cc:89:e8:61:f8:a6:b0:31:2b:07:0d:e1:bb:9a:97:c7:05:
7f:de:7d:da:e7:f2:44:d6:05:05:ec:68:87:2e:2a:c0:8c:57:
0f:42:ff:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFQpfcIim2X7nFrGp6ka0pRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NGJmODA3MGNlZTQzMDVkMWEzODllOTEwZmI1MTAyYmJj
YzE5NDEwHhcNMjQwODE0MTEyODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGZmZGFmODM0OWEwODJiYjE0NDlhZmFlNDY5NmM3ZWFkYjkzNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2hX8bns9JifBnYPZ2u80V4hgV/6
QOGjZXspuvZuJrwAVqTOZ13Nan1QG+Oo5PP/VuHQXrDzV+NUR2tkIgNS+6iVHAGN
xKat2YT7o8fsoVFKsn5hnT8OtTvGNR3j+m+1K+SaV7JykP4rVUxSAjtR0H0fFBlf
wcEC0wdYo9VgOaCRnSII4M8UTgowddDOqN5yH68O/LCsy30RuNlKCOlk38Rg+oWi
IRLCJmWCbE300Yib8XzUEUBqctnU7iHKPjvVpnJxR6CoVPvgAgArlalC2CWo0X3x
Cys1nbOoM0K+SreiGjpmgBb20m8SLIxCjHHI7KrYK+biXQI+1Fgkxa8gowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFED/2vg0mggrsUSa+uRpbH6tuTX+MB8GA1UdIwQY
MBaAFIdL+AcM7kMF0aOJ6RD7UQK7zBlBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWIt
NmZlNGQ4ZmVkMTYwLzEvUVBfYS1EU2FDQ3V4UkpyNjVHbHNmcTI1TmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lZWUxMzEtYmI4Yy00ODg3LTg2OWItNmZlNGQ4ZmVkMTYw
LzEvaDB2NEJ3enVRd1hSbzRucEVQdFJBcnZNR1VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe1QMA0G
CSqGSIb3DQEBCwUAA4IBAQCD8hL0HoaY8+UB/W7BAPNEt03s6TPyZapUv6wph0q0
qORNApO5fUTFhEQd1cbKEofVC80jNvt53QZU6cf5vAT3JdNNwjC3E2kzXgsgaehd
RdI/3EIH/IdSNTV255GuQH/LUiMFXYKapzUxbJR44ZLl5OQxErIR13M9MzSIjuef
eZFPkKtMjQWi3bPScr0i11z+mtC0GkulJtyHFI5KMXk/4ViGWVzY3HYx4JT/NU+D
V6KGa5opmvK4+TkeEFRkHWGuvtWaFUaQ4W2R4jAKv1NZT0thbOWD4D9XzInoYfim
sDErBw3hu5qXxwV/3n3a5/JE1gUF7GiHLirAjFcPQv9E
-----END CERTIFICATE-----
Generated at Wed Sep 18 19:11:00 2024 by rpki-client on console-fra.rpki-client.org