Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/QNBxXh-QJfynhuu5xRMT6WYyqRw.roa
File: QNBxXh-QJfynhuu5xRMT6WYyqRw.roa (raw, json)
Hash identifier: hh1Bsyy5ieqEEeKxjMJ7jy1XeQv3iMevQQc1hoaSwK8=
Subject key identifier: 40:D0:71:5E:1F:90:25:FC:A7:86:EB:B9:C5:13:13:E9:66:32:A9:1C
Certificate issuer: /CN=8bbb538fc4f8f1984100640dd8435766a6206723
Certificate serial: 01856D5CFEB18F4BE21B3BDF43299EFC7FE4
Authority key identifier: 8B:BB:53:8F:C4:F8:F1:98:41:00:64:0D:D8:43:57:66:A6:20:67:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7tTj8T48ZhBAGQN2ENXZqYgZyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/QNBxXh-QJfynhuu5xRMT6WYyqRw.roa
Signing time: Sun 01 Jan 2023 12:44:49 +0000
ROA not before: Sun 01 Jan 2023 12:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60295
IP address blocks: 195.20.216.0/23 maxlen: 23
193.47.84.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5c:fe:b1:8f:4b:e2:1b:3b:df:43:29:9e:fc:7f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bbb538fc4f8f1984100640dd8435766a6206723
Validity
Not Before: Jan 1 12:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40d0715e1f9025fca786ebb9c51313e96632a91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:df:de:d1:75:d9:1c:15:2a:eb:c1:2e:ac:c1:
df:b2:5c:b9:11:9d:a8:c4:4b:71:a6:54:a3:09:cb:
8b:a6:9a:bb:36:6d:1d:22:b7:7f:4a:58:f4:f1:c4:
a4:49:0c:52:c7:48:13:29:a1:21:81:f0:9f:9b:78:
2b:05:05:ce:48:85:7b:63:9c:06:30:29:aa:68:40:
40:a6:75:6b:d2:b6:85:79:9d:58:17:fa:65:c3:a0:
1b:94:2e:ab:b1:1a:25:5d:eb:36:67:c0:f4:3b:29:
a4:e3:46:50:32:6e:78:d0:aa:fd:8d:81:ad:10:8c:
5f:56:48:a6:06:37:20:26:27:3a:cd:5d:60:c5:f8:
77:6c:84:96:5f:c9:7a:54:51:7a:c2:0b:17:79:a4:
aa:f2:42:7e:b5:6c:7e:dc:70:78:f5:4a:d9:f6:08:
60:01:1c:a0:36:17:33:2c:b9:51:7e:b6:42:9c:27:
b3:70:82:9b:77:b1:13:3b:5f:99:13:f1:ed:32:b8:
81:4e:ac:c1:4a:ad:3e:2c:e2:89:b0:2b:ba:ac:d8:
9a:e8:43:ec:e4:15:78:e1:b9:15:d9:af:76:df:58:
4b:4e:56:57:15:5b:cd:cf:9a:41:dc:d7:2d:ec:7d:
69:eb:e9:74:96:29:9e:09:0f:65:e8:e4:85:f0:00:
5f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D0:71:5E:1F:90:25:FC:A7:86:EB:B9:C5:13:13:E9:66:32:A9:1C
X509v3 Authority Key Identifier:
keyid:8B:BB:53:8F:C4:F8:F1:98:41:00:64:0D:D8:43:57:66:A6:20:67:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7tTj8T48ZhBAGQN2ENXZqYgZyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/QNBxXh-QJfynhuu5xRMT6WYyqRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b45f21-3ee6-4712-98fc-b89840a74809/1/i7tTj8T48ZhBAGQN2ENXZqYgZyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.84.0/24
195.20.216.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:81:55:0e:7e:0b:39:0a:af:af:e3:c5:cc:26:b8:3e:c6:53:
d9:8a:28:33:9f:b4:74:a0:89:35:94:a7:fd:63:74:8b:b5:d2:
a2:89:73:9a:8a:d9:14:03:16:c2:87:2f:13:43:0f:df:d6:17:
88:d3:fd:57:40:0d:33:93:6b:33:af:1e:73:f4:89:5a:fe:29:
60:16:2f:c4:fc:8d:94:58:87:c4:84:fc:9c:8b:32:ff:6e:5d:
2b:57:c1:dc:5b:49:91:7a:6d:60:c8:5d:f1:c2:20:b9:e4:8b:
13:f9:90:d0:1f:69:ab:d2:29:bc:f0:f7:c8:3f:9f:c4:18:06:
e3:f8:f0:3b:4f:19:25:c8:5c:d9:76:88:9d:c1:a9:55:d0:18:
b1:69:06:06:7a:26:96:9a:8d:14:1e:6e:3a:90:7e:26:17:06:
9a:fa:a4:e8:6f:8c:55:6b:31:ca:ae:b5:44:57:a6:c7:85:a5:
b4:48:7f:77:8d:d1:12:aa:31:09:d6:fc:2f:f0:4a:74:17:fa:
cf:e6:72:19:df:03:ab:f2:08:f8:0f:5e:00:ec:58:28:0f:d4:
20:50:89:31:b9:bb:7d:a5:02:e6:7c:13:5a:fd:65:e0:72:bd:
5f:7c:c3:0e:71:89:82:a8:17:16:b5:6b:21:e0:fe:f6:6d:a5:
82:9b:b3:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtXP6xj0viGzvfQyme/H/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYmI1MzhmYzRmOGYxOTg0MTAwNjQwZGQ4NDM1NzY2YTYy
MDY3MjMwHhcNMjMwMTAxMTI0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQwNzE1ZTFmOTAyNWZjYTc4NmViYjljNTEzMTNlOTY2MzJhOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd/e0XXZHBUq68EurMHfsly5EZ2o
xEtxplSjCcuLppq7Nm0dIrd/Slj08cSkSQxSx0gTKaEhgfCfm3grBQXOSIV7Y5wG
MCmqaEBApnVr0raFeZ1YF/plw6AblC6rsRolXes2Z8D0Oymk40ZQMm540Kr9jYGt
EIxfVkimBjcgJic6zV1gxfh3bISWX8l6VFF6wgsXeaSq8kJ+tWx+3HB49UrZ9ghg
ARygNhczLLlRfrZCnCezcIKbd7ETO1+ZE/HtMriBTqzBSq0+LOKJsCu6rNia6EPs
5BV44bkV2a9231hLTlZXFVvNz5pB3Nct7H1p6+l0limeCQ9l6OSF8ABfiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDQcV4fkCX8p4brucUTE+lmMqkcMB8GA1UdIwQY
MBaAFIu7U4/E+PGYQQBkDdhDV2amIGcjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTd0VGo4VDQ4WmhCQUdRTjJFTlhacVlnWnlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iNDVmMjEtM2VlNi00NzEyLTk4ZmMt
Yjg5ODQwYTc0ODA5LzEvUU5CeFhoLVFKZnluaHV1NXhSTVQ2V1l5cVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iNDVmMjEtM2VlNi00NzEyLTk4ZmMtYjg5ODQwYTc0ODA5
LzEvaTd0VGo4VDQ4WmhCQUdRTjJFTlhacVlnWnlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwS9UAwQB
wxTYMA0GCSqGSIb3DQEBCwUAA4IBAQAvgVUOfgs5Cq+v48XMJrg+xlPZiigzn7R0
oIk1lKf9Y3SLtdKiiXOaitkUAxbChy8TQw/f1heI0/1XQA0zk2szrx5z9Ila/ilg
Fi/E/I2UWIfEhPycizL/bl0rV8HcW0mRem1gyF3xwiC55IsT+ZDQH2mr0im88PfI
P5/EGAbj+PA7TxklyFzZdoidwalV0BixaQYGeiaWmo0UHm46kH4mFwaa+qTob4xV
azHKrrVEV6bHhaW0SH93jdESqjEJ1vwv8Ep0F/rP5nIZ3wOr8gj4D14A7FgoD9Qg
UIkxubt9pQLmfBNa/WXgcr1ffMMOcYmCqBcWtWsh4P72baWCm7M8
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:36:25 2024 by rpki-client on console-fra.rpki-client.org