Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0a92df-c509-4e92-8e2b-24b8c02fa82a/1/QzuFBUZSSQCp-X8u3nVn_fNixcY.roa
File: QzuFBUZSSQCp-X8u3nVn_fNixcY.roa (raw, json)
Hash identifier: KDPIiyJZWzqIOWDOG1fD1LdYX4Gvbcr1D2ISiN12qa4=
Subject key identifier: 43:3B:85:05:46:52:49:00:A9:F9:7F:2E:DE:75:67:FD:F3:62:C5:C6
Certificate issuer: /CN=b3b5d2b43acc0d9f07aa00aa90f025c96d5cec25
Certificate serial: 0186BCD80CDAFCB102ACAC331B4D417D7677
Authority key identifier: B3:B5:D2:B4:3A:CC:0D:9F:07:AA:00:AA:90:F0:25:C9:6D:5C:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7XStDrMDZ8HqgCqkPAlyW1c7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0a92df-c509-4e92-8e2b-24b8c02fa82a/1/QzuFBUZSSQCp-X8u3nVn_fNixcY.roa
Signing time: Tue 07 Mar 2023 16:12:00 +0000
ROA not before: Tue 07 Mar 2023 16:12:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207502
IP address blocks: 193.38.33.0/24 maxlen: 24
2a12:9e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:d8:0c:da:fc:b1:02:ac:ac:33:1b:4d:41:7d:76:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b5d2b43acc0d9f07aa00aa90f025c96d5cec25
Validity
Not Before: Mar 7 16:12:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=433b850546524900a9f97f2ede7567fdf362c5c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e1:e8:92:93:5a:cb:7c:5e:98:af:d7:26:4c:
8c:b1:a7:76:1c:ef:6e:2d:88:9c:1a:fa:d6:30:0b:
48:08:29:e5:a7:b4:73:23:a7:c8:93:fa:23:95:4f:
3b:c0:32:0a:9c:ba:80:36:a8:b8:5a:f6:2f:9e:23:
f9:15:ed:56:47:03:5f:0e:63:77:13:55:4d:2e:16:
91:d1:fd:1c:f7:33:75:93:c6:8e:e5:53:d1:c4:57:
0a:63:aa:0e:52:7c:67:22:f1:0c:66:5a:78:f8:6f:
e4:dd:c0:52:27:c0:17:fe:d2:95:5f:10:f1:f3:64:
3c:6d:18:af:dd:b2:73:de:80:af:24:89:34:a1:1a:
fa:e6:eb:f1:60:52:fb:59:1f:15:02:9c:28:d7:c0:
42:21:5e:48:9e:e0:04:02:54:77:e3:1e:07:94:16:
18:59:ad:bd:4d:80:29:8c:11:a1:74:6f:86:20:74:
6a:17:bf:91:93:6f:84:7c:10:b6:8b:af:aa:60:8c:
3c:e5:1c:62:fd:87:bd:b2:37:1c:f7:4a:71:a5:7e:
4f:83:69:8a:bd:84:76:54:de:c3:f2:d1:25:8d:11:
c6:30:e0:3a:0d:e4:44:d7:42:07:cd:e7:f0:4d:19:
5c:c8:43:aa:2c:ef:0c:67:6d:98:83:2e:eb:38:ff:
17:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:3B:85:05:46:52:49:00:A9:F9:7F:2E:DE:75:67:FD:F3:62:C5:C6
X509v3 Authority Key Identifier:
keyid:B3:B5:D2:B4:3A:CC:0D:9F:07:AA:00:AA:90:F0:25:C9:6D:5C:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7XStDrMDZ8HqgCqkPAlyW1c7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a92df-c509-4e92-8e2b-24b8c02fa82a/1/QzuFBUZSSQCp-X8u3nVn_fNixcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0a92df-c509-4e92-8e2b-24b8c02fa82a/1/s7XStDrMDZ8HqgCqkPAlyW1c7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.33.0/24
IPv6:
2a12:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
96:8a:5e:7f:18:83:6d:a7:4a:cd:40:81:4f:d6:5e:14:86:cc:
67:c7:c8:f5:78:46:4f:0c:76:71:02:8e:62:56:69:01:28:fd:
a5:76:79:71:76:3c:12:89:fc:b0:65:eb:f3:87:78:57:c0:98:
b0:c0:89:10:33:6c:8a:8d:a3:1f:27:e6:5a:95:9f:d4:ef:d5:
0f:db:38:73:d3:99:98:10:c2:24:4a:fd:51:bb:53:8c:10:d6:
28:0b:74:91:72:60:ed:ea:05:28:10:b6:fc:2b:27:6a:d9:c6:
f4:5f:f1:33:0a:05:d5:e1:ae:f0:72:9d:9f:90:cb:b5:3d:5e:
61:7f:2e:f1:70:38:0a:3d:3c:7c:17:50:16:3b:5c:6e:d3:7c:
23:e9:4b:fd:b6:94:67:1d:4d:a2:8c:3a:ee:c8:7c:2a:54:3c:
15:b3:51:a6:84:75:4c:b9:7a:05:f4:d9:25:4e:b0:68:bc:b1:
83:cb:de:eb:d0:84:54:f6:5b:e2:7d:86:05:f7:ab:8a:a1:fb:
2c:dc:9b:2b:45:5d:5a:20:02:15:72:8f:b1:da:cf:a2:93:e2:
0a:0f:63:5f:0c:b9:c2:e6:88:e6:f3:33:dc:b1:2c:ec:3b:e0:
0e:c2:f8:c2:2d:2f:40:f7:d8:b4:92:13:c3:f7:07:59:95:cb:
06:68:b8:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYa82Aza/LECrKwzG01BfXZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjVkMmI0M2FjYzBkOWYwN2FhMDBhYTkwZjAyNWM5NmQ1
Y2VjMjUwHhcNMjMwMzA3MTYxMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzNiODUwNTQ2NTI0OTAwYTlmOTdmMmVkZTc1NjdmZGYzNjJjNWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueHokpNay3xemK/XJkyMsad2HO9u
LYicGvrWMAtICCnlp7RzI6fIk/ojlU87wDIKnLqANqi4WvYvniP5Fe1WRwNfDmN3
E1VNLhaR0f0c9zN1k8aO5VPRxFcKY6oOUnxnIvEMZlp4+G/k3cBSJ8AX/tKVXxDx
82Q8bRiv3bJz3oCvJIk0oRr65uvxYFL7WR8VApwo18BCIV5InuAEAlR34x4HlBYY
Wa29TYApjBGhdG+GIHRqF7+Rk2+EfBC2i6+qYIw85Rxi/Ye9sjcc90pxpX5Pg2mK
vYR2VN7D8tEljRHGMOA6DeRE10IHzefwTRlcyEOqLO8MZ22Ygy7rOP8XtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEM7hQVGUkkAqfl/Lt51Z/3zYsXGMB8GA1UdIwQY
MBaAFLO10rQ6zA2fB6oAqpDwJcltXOwlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdYU3REck1EWjhIcWdDcWtQQWx5VzFjN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wYTkyZGYtYzUwOS00ZTkyLThlMmIt
MjRiOGMwMmZhODJhLzEvUXp1RkJVWlNTUUNwLVg4dTNuVm5fZk5peGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8wYTkyZGYtYzUwOS00ZTkyLThlMmItMjRiOGMwMmZhODJh
LzEvczdYU3REck1EWjhIcWdDcWtQQWx5VzFjN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSYhMA0E
AgACMAcDBQMqEp5AMA0GCSqGSIb3DQEBCwUAA4IBAQCWil5/GINtp0rNQIFP1l4U
hsxnx8j1eEZPDHZxAo5iVmkBKP2ldnlxdjwSifywZevzh3hXwJiwwIkQM2yKjaMf
J+ZalZ/U79UP2zhz05mYEMIkSv1Ru1OMENYoC3SRcmDt6gUoELb8Kydq2cb0X/Ez
CgXV4a7wcp2fkMu1PV5hfy7xcDgKPTx8F1AWO1xu03wj6Uv9tpRnHU2ijDruyHwq
VDwVs1GmhHVMuXoF9NklTrBovLGDy97r0IRU9lvifYYF96uKofss3JsrRV1aIAIV
co+x2s+ik+IKD2NfDLnC5ojm8zPcsSzsO+AOwvjCLS9A99i0khPD9wdZlcsGaLjs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:03 2024 by rpki-client on console-ams.rpki-client.org