Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b4ef48-39b3-4658-a766-7823bcca5970/1/NQL-W6o0kBr5Ty-z1OI8qxvtVtw.roa
File: NQL-W6o0kBr5Ty-z1OI8qxvtVtw.roa (raw, json)
Hash identifier: b1tJyPOJPD5j3GgNs8E54ZaNVIySSqRLlYy3TBSF4QI=
Subject key identifier: 35:02:FE:5B:AA:34:90:1A:F9:4F:2F:B3:D4:E2:3C:AB:1B:ED:56:DC
Certificate issuer: /CN=e8cbd4c23062d69537fb2e8a8accbfb027f2b525
Certificate serial: 0186E440A5CC0E11B449AB10594903DC1F97
Authority key identifier: E8:CB:D4:C2:30:62:D6:95:37:FB:2E:8A:8A:CC:BF:B0:27:F2:B5:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6MvUwjBi1pU3-y6Kisy_sCfytSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b4ef48-39b3-4658-a766-7823bcca5970/1/NQL-W6o0kBr5Ty-z1OI8qxvtVtw.roa
Signing time: Wed 15 Mar 2023 07:51:27 +0000
ROA not before: Wed 15 Mar 2023 07:51:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58031
IP address blocks: 91.238.2.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:40:a5:cc:0e:11:b4:49:ab:10:59:49:03:dc:1f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8cbd4c23062d69537fb2e8a8accbfb027f2b525
Validity
Not Before: Mar 15 07:51:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3502fe5baa34901af94f2fb3d4e23cab1bed56dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a8:e4:26:65:42:7b:f8:8e:45:22:b6:86:e7:
1e:b8:8c:5b:a2:d7:8d:8b:c6:d8:e3:9d:8e:10:47:
cf:3e:4d:84:7f:75:11:b7:69:85:cb:db:44:79:0f:
9c:f3:02:9e:a7:62:d3:20:4c:7a:db:a8:3d:b9:93:
78:fb:36:22:e8:bf:25:3a:c2:b0:66:22:8c:5d:af:
44:df:67:c9:35:a9:79:94:7b:25:9a:fc:a7:0f:8f:
d3:57:a4:31:db:c7:80:c2:b8:70:cf:97:87:51:db:
94:ed:04:6b:81:2b:cb:75:9f:f8:c2:59:21:21:0a:
44:1f:7f:33:a6:00:b1:67:3f:11:68:a5:96:74:4c:
1e:99:d4:a7:f0:68:5f:14:4c:78:c3:ab:af:62:c8:
d7:b3:37:74:ad:fa:7a:23:0e:9c:87:22:03:3c:b3:
4f:f5:06:91:57:f8:02:16:ea:39:55:47:dd:15:51:
d4:72:ef:01:a7:2c:99:6c:d2:b2:74:28:80:0c:83:
3f:dd:84:1d:ee:e5:4d:83:13:a5:a5:24:c2:56:a0:
b8:5a:a9:ba:d7:89:c3:d2:dd:4f:91:dd:32:19:c4:
93:56:c4:c2:b7:c7:4e:98:ab:26:df:b5:d5:8a:f2:
77:42:e9:f2:d9:50:7b:7b:dc:0a:13:9a:63:d8:f7:
64:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:02:FE:5B:AA:34:90:1A:F9:4F:2F:B3:D4:E2:3C:AB:1B:ED:56:DC
X509v3 Authority Key Identifier:
keyid:E8:CB:D4:C2:30:62:D6:95:37:FB:2E:8A:8A:CC:BF:B0:27:F2:B5:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MvUwjBi1pU3-y6Kisy_sCfytSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b4ef48-39b3-4658-a766-7823bcca5970/1/NQL-W6o0kBr5Ty-z1OI8qxvtVtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b4ef48-39b3-4658-a766-7823bcca5970/1/6MvUwjBi1pU3-y6Kisy_sCfytSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.2.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:aa:43:2f:34:3d:33:c6:f1:9a:4f:bb:88:b9:2c:83:e3:84:
c8:e2:7a:b5:38:3d:5d:50:12:9a:52:c0:db:8f:92:93:44:17:
bb:b6:7f:37:0f:3e:1a:3f:77:93:15:e5:12:6d:10:15:12:9a:
0a:31:57:65:ce:6a:f8:20:6a:1f:b0:88:90:bf:54:97:60:68:
3e:d0:38:e0:09:57:3d:71:95:2f:0f:21:09:db:a1:4d:fd:24:
78:a1:d9:df:f0:25:fd:3b:a3:7e:5f:ae:2b:11:d2:78:3e:56:
bf:e3:65:22:0b:b7:ed:26:92:ad:0e:91:e9:21:2c:99:35:10:
96:cf:d8:ba:cc:46:e7:ed:7a:01:2f:1a:2f:02:29:73:87:c6:
ad:6b:ab:d7:7c:a0:12:88:14:42:fd:7c:57:2e:40:3e:e8:42:
0d:b1:b7:7d:d4:75:46:e4:06:a2:9e:40:92:c3:2c:a0:35:f9:
07:bd:8b:01:c1:04:a6:0a:60:42:91:d8:fc:f9:f1:67:0e:64:
61:0d:56:cd:12:4e:f1:0d:a4:20:61:32:7c:57:c3:ee:1a:83:
9c:9c:17:f2:5c:f8:8a:45:29:a8:55:51:99:e0:b2:fb:87:96:
d5:2d:40:72:e3:cf:36:04:67:41:f0:6a:0c:8c:b2:05:de:30:
8d:8e:55:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbkQKXMDhG0SasQWUkD3B+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4Y2JkNGMyMzA2MmQ2OTUzN2ZiMmU4YThhY2NiZmIwMjdm
MmI1MjUwHhcNMjMwMzE1MDc1MTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTAyZmU1YmFhMzQ5MDFhZjk0ZjJmYjNkNGUyM2NhYjFiZWQ1NmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qjkJmVCe/iORSK2huceuIxboteN
i8bY452OEEfPPk2Ef3URt2mFy9tEeQ+c8wKep2LTIEx626g9uZN4+zYi6L8lOsKw
ZiKMXa9E32fJNal5lHslmvynD4/TV6Qx28eAwrhwz5eHUduU7QRrgSvLdZ/4wlkh
IQpEH38zpgCxZz8RaKWWdEwemdSn8GhfFEx4w6uvYsjXszd0rfp6Iw6chyIDPLNP
9QaRV/gCFuo5VUfdFVHUcu8BpyyZbNKydCiADIM/3YQd7uVNgxOlpSTCVqC4Wqm6
14nD0t1Pkd0yGcSTVsTCt8dOmKsm37XVivJ3Quny2VB7e9wKE5pj2PdkrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUC/luqNJAa+U8vs9TiPKsb7VbcMB8GA1UdIwQY
MBaAFOjL1MIwYtaVN/suiorMv7An8rUlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk12VXdqQmkxcFUzLXk2S2lzeV9zQ2Z5dFNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iNGVmNDgtMzliMy00NjU4LWE3NjYt
NzgyM2JjY2E1OTcwLzEvTlFMLVc2bzBrQnI1VHktejFPSThxeHZ0VnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iNGVmNDgtMzliMy00NjU4LWE3NjYtNzgyM2JjY2E1OTcw
LzEvNk12VXdqQmkxcFUzLXk2S2lzeV9zQ2Z5dFNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+4CMA0G
CSqGSIb3DQEBCwUAA4IBAQALqkMvND0zxvGaT7uIuSyD44TI4nq1OD1dUBKaUsDb
j5KTRBe7tn83Dz4aP3eTFeUSbRAVEpoKMVdlzmr4IGofsIiQv1SXYGg+0DjgCVc9
cZUvDyEJ26FN/SR4odnf8CX9O6N+X64rEdJ4Pla/42UiC7ftJpKtDpHpISyZNRCW
z9i6zEbn7XoBLxovAilzh8ata6vXfKASiBRC/XxXLkA+6EINsbd91HVG5AainkCS
wyygNfkHvYsBwQSmCmBCkdj8+fFnDmRhDVbNEk7xDaQgYTJ8V8PuGoOcnBfyXPiK
RSmoVVGZ4LL7h5bVLUBy4882BGdB8GoMjLIF3jCNjlXE
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:47 2024 by rpki-client on console-ams.rpki-client.org