Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/25237e-ce6a-4302-b6a4-b5405834f0c5/1/Qqo9YuCkHD9IfsykgE3Z7a2xm9A.roa
File: Qqo9YuCkHD9IfsykgE3Z7a2xm9A.roa (raw, json)
Hash identifier: xsUuj/N2tRLG69uPwRR2QoIqESf+3MyFxyeTR/4zjoY=
Subject key identifier: 42:AA:3D:62:E0:A4:1C:3F:48:7E:CC:A4:80:4D:D9:ED:AD:B1:9B:D0
Certificate issuer: /CN=01c2863a6438b3402752a4740e90ce42eb589129
Certificate serial: 018CC42561AAD66E056B9CF2C1F820BE85E3
Authority key identifier: 01:C2:86:3A:64:38:B3:40:27:52:A4:74:0E:90:CE:42:EB:58:91:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcKGOmQ4s0AnUqR0DpDOQutYkSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/25237e-ce6a-4302-b6a4-b5405834f0c5/1/Qqo9YuCkHD9IfsykgE3Z7a2xm9A.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210628
IP address blocks: 91.209.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 07:20:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:61:aa:d6:6e:05:6b:9c:f2:c1:f8:20:be:85:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c2863a6438b3402752a4740e90ce42eb589129
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42aa3d62e0a41c3f487ecca4804dd9edadb19bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:df:17:01:69:77:f9:e0:8c:66:28:33:fc:54:
e2:34:d4:00:e1:7d:0f:20:86:9e:d7:33:ad:e2:6f:
54:81:27:b7:d9:18:83:55:1c:67:4c:d9:0a:75:80:
b0:61:ef:e6:22:72:ba:31:29:cf:40:e0:84:36:11:
04:c8:25:83:18:2a:ab:1b:e4:bf:4c:57:a8:f3:11:
5a:08:40:3a:00:fc:9c:f8:42:76:55:c2:c1:2d:37:
2b:27:f9:6e:92:2d:d5:91:ab:c9:cb:7c:c2:9a:f4:
99:b0:a8:0b:20:f0:11:f2:da:0a:25:cb:d7:16:bf:
2c:89:4a:95:8d:ac:1a:fd:2c:35:fb:f8:9b:24:eb:
c8:6d:a2:d0:3d:e3:20:69:02:8d:5b:a3:bf:56:4a:
c2:cc:83:f3:20:bf:e0:b3:76:2b:3c:99:29:d1:b6:
9b:6c:c5:2f:b5:68:cb:58:8d:13:79:47:58:66:6a:
1b:37:5b:1c:ea:d8:d5:1b:1f:b0:ff:6f:dd:0c:f0:
da:55:84:c2:fc:a3:3c:c0:3b:88:0a:28:ff:98:27:
8d:ca:bb:aa:80:43:f4:c4:f5:5e:b9:cb:b8:35:e3:
f9:96:5e:bc:73:2f:ac:2b:41:5d:98:46:bd:c1:c5:
92:62:dc:32:9d:61:c2:18:b3:0b:e1:76:56:7a:bb:
17:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:AA:3D:62:E0:A4:1C:3F:48:7E:CC:A4:80:4D:D9:ED:AD:B1:9B:D0
X509v3 Authority Key Identifier:
keyid:01:C2:86:3A:64:38:B3:40:27:52:A4:74:0E:90:CE:42:EB:58:91:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcKGOmQ4s0AnUqR0DpDOQutYkSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/25237e-ce6a-4302-b6a4-b5405834f0c5/1/Qqo9YuCkHD9IfsykgE3Z7a2xm9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/25237e-ce6a-4302-b6a4-b5405834f0c5/1/AcKGOmQ4s0AnUqR0DpDOQutYkSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.175.0/24
Signature Algorithm: sha256WithRSAEncryption
03:51:c8:33:d1:0a:e6:1c:a6:a3:c3:9d:8e:62:43:b7:99:cf:
de:e2:82:5f:ba:23:69:ca:55:e8:bb:83:6a:65:17:d8:0c:f5:
b2:01:22:1b:15:37:37:bf:0f:9e:c6:36:03:b4:a4:89:4e:b8:
44:49:42:67:fb:52:22:42:59:9c:a7:7c:0f:a0:4e:0f:7e:9a:
35:23:74:74:47:98:6a:58:03:25:8d:24:62:b5:49:6a:89:5e:
00:6e:40:f8:57:87:eb:ff:26:f0:37:48:cf:37:66:9f:40:6a:
76:43:6e:e9:94:0e:32:7a:53:42:7a:5b:78:9b:12:32:88:de:
78:a7:a9:15:71:64:28:d6:74:a2:08:7a:e2:4a:7e:34:9f:e7:
2a:a3:13:27:24:7f:01:56:d8:85:be:50:05:8f:51:7d:61:53:
e8:1e:aa:d6:50:95:3b:6e:45:c9:b0:75:aa:ba:e5:3d:d9:22:
a0:0d:4b:0e:3e:95:4e:b0:ad:cb:00:34:15:87:86:4b:11:dc:
a4:15:12:5d:09:b1:b5:cf:e5:f3:9e:43:b1:fd:9e:aa:77:a2:
c2:d9:9e:af:93:2d:99:76:cc:6f:20:e5:a6:b4:12:f8:32:d2:
4a:e8:57:e4:d7:aa:a3:4e:d0:ce:7c:ac:15:ca:8e:74:05:3c:
56:23:75:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJWGq1m4Fa5zywfggvoXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzI4NjNhNjQzOGIzNDAyNzUyYTQ3NDBlOTBjZTQyZWI1
ODkxMjkwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmFhM2Q2MmUwYTQxYzNmNDg3ZWNjYTQ4MDRkZDllZGFkYjE5YmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn98XAWl3+eCMZigz/FTiNNQA4X0P
IIae1zOt4m9UgSe32RiDVRxnTNkKdYCwYe/mInK6MSnPQOCENhEEyCWDGCqrG+S/
TFeo8xFaCEA6APyc+EJ2VcLBLTcrJ/luki3VkavJy3zCmvSZsKgLIPAR8toKJcvX
Fr8siUqVjawa/Sw1+/ibJOvIbaLQPeMgaQKNW6O/VkrCzIPzIL/gs3YrPJkp0bab
bMUvtWjLWI0TeUdYZmobN1sc6tjVGx+w/2/dDPDaVYTC/KM8wDuICij/mCeNyruq
gEP0xPVeucu4NeP5ll68cy+sK0FdmEa9wcWSYtwynWHCGLML4XZWersXjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKqPWLgpBw/SH7MpIBN2e2tsZvQMB8GA1UdIwQY
MBaAFAHChjpkOLNAJ1KkdA6QzkLrWJEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNLR09tUTRzMEFuVXFSMERwRE9RdXRZa1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yNTIzN2UtY2U2YS00MzAyLWI2YTQt
YjU0MDU4MzRmMGM1LzEvUXFvOVl1Q2tIRDlJZnN5a2dFM1o3YTJ4bTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yNTIzN2UtY2U2YS00MzAyLWI2YTQtYjU0MDU4MzRmMGM1
LzEvQWNLR09tUTRzMEFuVXFSMERwRE9RdXRZa1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9GvMA0G
CSqGSIb3DQEBCwUAA4IBAQADUcgz0QrmHKajw52OYkO3mc/e4oJfuiNpylXou4Nq
ZRfYDPWyASIbFTc3vw+exjYDtKSJTrhESUJn+1IiQlmcp3wPoE4Pfpo1I3R0R5hq
WAMljSRitUlqiV4AbkD4V4fr/ybwN0jPN2afQGp2Q27plA4yelNCelt4mxIyiN54
p6kVcWQo1nSiCHriSn40n+cqoxMnJH8BVtiFvlAFj1F9YVPoHqrWUJU7bkXJsHWq
uuU92SKgDUsOPpVOsK3LADQVh4ZLEdykFRJdCbG1z+XznkOx/Z6qd6LC2Z6vky2Z
dsxvIOWmtBL4MtJK6Ffk16qjTtDOfKwVyo50BTxWI3WJ
-----END CERTIFICATE-----
Generated at Fri Jan 19 10:04:02 2024 by rpki-client on console-ams.rpki-client.org