Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/QL_KeCgc6L7nNMWqrrVTmrUtuxQ.roa
File: QL_KeCgc6L7nNMWqrrVTmrUtuxQ.roa (raw, json)
Hash identifier: 8exqosG6JSfYr1xoTOsG2ajTUFo1emdWD+CgxG4gY5U=
Subject key identifier: 40:BF:CA:78:28:1C:E8:BE:E7:34:C5:AA:AE:B5:53:9A:B5:2D:BB:14
Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3
Certificate serial: 0192D41B6262F5D43DD0A9BF7960F5C8D5DE
Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/QL_KeCgc6L7nNMWqrrVTmrUtuxQ.roa
Signing time: Mon 28 Oct 2024 17:10:17 +0000
ROA not before: Mon 28 Oct 2024 17:10:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5400
IP address blocks: 31.95.0.0/16 maxlen: 16
31.95.0.0/21 maxlen: 21
31.95.14.0/23 maxlen: 23
31.95.16.0/20 maxlen: 20
31.95.48.0/21 maxlen: 21
31.95.56.0/24 maxlen: 24
31.95.58.0/23 maxlen: 23
31.95.64.0/21 maxlen: 21
31.95.72.0/22 maxlen: 22
31.95.80.0/22 maxlen: 22
31.95.96.0/19 maxlen: 19
31.95.128.0/20 maxlen: 20
31.95.160.0/20 maxlen: 20
31.95.176.0/22 maxlen: 22
31.95.184.0/21 maxlen: 21
31.95.208.0/21 maxlen: 21
31.95.218.0/23 maxlen: 23
31.95.220.0/22 maxlen: 22
31.95.228.0/22 maxlen: 22
31.95.232.0/22 maxlen: 22
31.95.238.0/23 maxlen: 23
31.95.240.0/22 maxlen: 22
31.95.246.0/23 maxlen: 23
31.95.248.0/22 maxlen: 22
31.95.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d4:1b:62:62:f5:d4:3d:d0:a9:bf:79:60:f5:c8:d5:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b98127943e7175734964010c89ef821416a31b3
Validity
Not Before: Oct 28 17:10:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40bfca78281ce8bee734c5aaaeb5539ab52dbb14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:03:23:02:d3:dd:a3:04:00:b3:25:81:ea:
0d:af:98:c0:5c:bd:9c:e6:90:f1:b3:52:bf:7b:13:
c5:f9:62:b2:8e:62:22:36:37:ce:77:73:02:dc:04:
7e:45:f1:6d:47:a0:97:78:2a:fb:26:03:38:6d:c6:
ac:4b:d9:e8:e2:ea:73:09:c4:f7:96:51:9e:60:eb:
3b:04:ee:70:7a:29:8a:ab:89:26:32:f5:93:cf:3f:
bb:9b:cb:6b:5d:26:6e:75:58:8a:a8:32:90:f0:80:
f9:a9:9c:78:77:67:35:05:0b:10:f0:03:0f:54:e5:
05:6b:28:04:ff:db:59:03:5b:fb:28:c0:28:e0:80:
ff:cf:a9:2a:09:30:2b:12:64:4c:9f:86:5b:25:ec:
3d:f6:3b:24:a6:15:af:01:a2:46:84:3b:0b:5f:e1:
81:55:2b:a5:70:2d:60:97:d3:8a:0d:ed:c5:d6:41:
3a:d6:44:0b:41:5e:b4:e3:47:ca:f8:2e:f4:33:8d:
52:0b:df:62:f6:13:49:cf:cf:ce:3e:b5:df:9a:72:
6b:f7:37:fa:d4:d5:82:63:5d:86:3a:98:a2:21:33:
c0:a0:d0:ff:40:a9:05:3f:c6:ee:52:69:c2:f4:a7:
f4:0b:22:af:b6:77:1f:c6:35:03:47:2b:06:a3:71:
9e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:BF:CA:78:28:1C:E8:BE:E7:34:C5:AA:AE:B5:53:9A:B5:2D:BB:14
X509v3 Authority Key Identifier:
keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/QL_KeCgc6L7nNMWqrrVTmrUtuxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:18:f9:e8:bc:25:fb:59:e9:68:d2:17:12:9f:f6:df:24:25:
38:da:5e:a4:b4:2e:fc:d0:ab:c8:50:eb:eb:1d:41:85:01:42:
53:81:c7:03:19:87:ab:0f:22:05:60:fc:d2:73:3b:3e:e1:b0:
57:9e:68:68:9a:47:56:2c:93:2d:c4:28:f4:e6:14:7f:97:c3:
9a:89:9b:87:85:1b:44:c3:b1:34:97:f1:fc:3f:1c:f1:22:b0:
95:02:02:02:9d:da:71:2f:81:7a:e8:06:d1:7f:23:39:32:1e:
4b:a1:2f:f4:7e:ee:6b:e3:a1:f7:e1:8b:4f:fb:32:25:60:f4:
ee:ca:cb:b7:28:37:64:51:fa:85:66:3c:01:cb:ca:4b:48:01:
b5:1d:43:3c:d2:e4:73:21:2d:0f:2f:f1:28:57:0c:46:69:58:
1f:b1:ac:15:1e:d3:e1:27:0e:bd:69:6d:f2:60:ab:22:77:5a:
bc:bb:d9:61:55:07:62:aa:f1:b5:ab:98:30:fb:30:a6:80:f2:
a5:83:0c:00:bf:5c:15:72:11:9d:99:24:7f:b2:49:71:64:5e:
ea:2f:46:41:b5:ad:17:4e:7f:01:b1:e8:b2:dc:f4:23:c4:62:
42:1d:28:4d:95:13:34:41:a9:a0:f5:3c:55:5a:9f:36:cd:dc:
f6:72:de:51
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZLUG2Ji9dQ90Km/eWD1yNXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2
YTMxYjMwHhcNMjQxMDI4MTcxMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGJmY2E3ODI4MWNlOGJlZTczNGM1YWFhZWI1NTM5YWI1MmRiYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud0DIwLT3aMEALMlgeoNr5jAXL2c
5pDxs1K/exPF+WKyjmIiNjfOd3MC3AR+RfFtR6CXeCr7JgM4bcasS9no4upzCcT3
llGeYOs7BO5weimKq4kmMvWTzz+7m8trXSZudViKqDKQ8ID5qZx4d2c1BQsQ8AMP
VOUFaygE/9tZA1v7KMAo4ID/z6kqCTArEmRMn4ZbJew99jskphWvAaJGhDsLX+GB
VSulcC1gl9OKDe3F1kE61kQLQV6040fK+C70M41SC99i9hNJz8/OPrXfmnJr9zf6
1NWCY12GOpiiITPAoND/QKkFP8buUmnC9Kf0CyKvtncfxjUDRysGo3GeTQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEC/yngoHOi+5zTFqq61U5q1LbsUMB8GA1UdIwQY
MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt
NjIxNzkyZjdlNTZhLzEvUUxfS2VDZ2M2TDduTk1XcXJyVlRtclV0dXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh
LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAH18wDQYJ
KoZIhvcNAQELBQADggEBAJ0Y+ei8JftZ6WjSFxKf9t8kJTjaXqS0LvzQq8hQ6+sd
QYUBQlOBxwMZh6sPIgVg/NJzOz7hsFeeaGiaR1Ysky3EKPTmFH+Xw5qJm4eFG0TD
sTSX8fw/HPEisJUCAgKd2nEvgXroBtF/IzkyHkuhL/R+7mvjoffhi0/7MiVg9O7K
y7coN2RR+oVmPAHLyktIAbUdQzzS5HMhLQ8v8ShXDEZpWB+xrBUe0+EnDr1pbfJg
qyJ3Wry72WFVB2Kq8bWrmDD7MKaA8qWDDAC/XBVyEZ2ZJH+ySXFkXuovRkG1rRdO
fwGx6LLc9CPEYkIdKE2VEzRBqaD1PFVanzbN3PZy3lE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:22 2025 by rpki-client