Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QakGDFOlTRxDVROO5avFMrhOrjY.roa
File: QakGDFOlTRxDVROO5avFMrhOrjY.roa (raw, json)
Hash identifier: mcPZow7HHMHxSao/z7dfvDeZ2zGtr3UHRxacwKhTxtU=
Subject key identifier: 41:A9:06:0C:53:A5:4D:1C:43:55:13:8E:E5:AB:C5:32:B8:4E:AE:36
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018B25913781BD3C590E6E76A9B3AB485837
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QakGDFOlTRxDVROO5avFMrhOrjY.roa
Signing time: Thu 12 Oct 2023 20:25:55 +0000
ROA not before: Thu 12 Oct 2023 20:25:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42055
IP address blocks: 89.36.231.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
77.81.1.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:25:91:37:81:bd:3c:59:0e:6e:76:a9:b3:ab:48:58:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Oct 12 20:25:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41a9060c53a54d1c4355138ee5abc532b84eae36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7e:22:5a:f1:38:cf:64:76:22:cf:d8:34:f0:
41:9c:3c:7b:62:ce:f6:2a:c7:97:74:58:37:83:4a:
de:20:60:5a:54:7c:15:e3:70:0b:96:3b:3f:6a:8a:
82:f6:a1:fc:cf:94:ba:96:5d:5c:1c:58:c9:ba:c3:
0f:03:5d:be:43:b8:3e:8d:6b:d9:fc:4a:71:8e:c5:
32:9f:6b:65:73:14:84:ed:19:72:81:62:9b:2c:9b:
6e:10:a6:19:48:89:f3:c3:77:8d:10:09:9c:c8:3c:
28:94:59:06:68:74:48:ca:33:f1:68:b3:2f:fa:26:
84:33:e7:ba:65:32:92:25:4a:c6:48:9d:9b:4a:7d:
bf:38:39:9e:74:51:0c:c9:a5:c8:25:d7:2c:ab:19:
b5:bb:a2:6d:9b:58:e3:2c:4b:64:87:05:6c:01:75:
fa:ca:d8:e6:96:f0:84:cc:65:47:58:93:72:2f:b0:
b5:b6:be:a3:21:38:f3:c3:57:13:9e:45:72:cb:90:
1f:da:38:9e:73:ef:73:62:50:76:05:51:97:81:dc:
a9:73:d0:e3:35:60:01:b6:92:6d:bf:8f:92:2b:0b:
ff:13:d3:78:d9:9d:0b:5a:df:c4:b7:c2:28:06:c2:
c0:82:f2:e8:22:21:d3:60:d5:68:dc:1b:4d:be:7d:
4a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A9:06:0C:53:A5:4D:1C:43:55:13:8E:E5:AB:C5:32:B8:4E:AE:36
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/QakGDFOlTRxDVROO5avFMrhOrjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.1.0/24
89.36.231.0/24
89.42.40.0/24
93.114.69.0/24
188.211.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:87:ef:4a:5f:21:ab:14:a3:1c:20:90:0f:a9:d4:8f:d8:7b:
57:03:54:17:e2:3d:cc:b5:93:40:71:88:3e:f7:da:46:8d:98:
c8:c7:1b:35:e1:ce:9b:e7:55:99:1e:a0:c2:57:0d:e6:77:49:
c7:d5:aa:9f:9f:5d:84:a8:79:01:eb:d0:f7:c8:22:c2:2c:e2:
e8:d1:52:57:76:0a:ce:a9:5c:af:94:f2:2a:33:54:ae:e3:3a:
16:d3:de:c8:72:bb:ba:dd:d5:5c:b8:cc:81:69:52:c0:50:70:
b6:a1:cd:d5:6c:a5:da:db:d2:78:ee:13:64:1c:e7:1d:98:b7:
b8:23:e4:74:17:09:3d:2a:77:6f:a1:51:21:8a:e2:96:ba:35:
20:2e:ff:fd:dd:5c:5f:4f:34:1e:4c:83:bb:89:6c:c9:e2:d6:
36:07:0a:77:25:86:9b:05:5b:39:dc:a5:0e:bd:18:09:d3:44:
ba:fe:cc:c4:01:9f:92:95:8c:55:b3:89:8e:cc:8d:56:bb:c0:
5d:42:01:12:59:83:a4:b1:61:de:50:d1:81:05:4b:de:e0:8a:
01:61:cf:9c:31:01:f4:26:40:09:86:d5:e6:c5:af:58:d0:44:
2f:94:ba:16:02:ea:13:31:3f:ce:51:bd:0b:54:f2:42:0e:48:
d9:2b:81:a9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYslkTeBvTxZDm52qbOrSFg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMDEyMjAyNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE5MDYwYzUzYTU0ZDFjNDM1NTEzOGVlNWFiYzUzMmI4NGVhZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH4iWvE4z2R2Is/YNPBBnDx7Ys72
KseXdFg3g0reIGBaVHwV43ALljs/aoqC9qH8z5S6ll1cHFjJusMPA12+Q7g+jWvZ
/EpxjsUyn2tlcxSE7RlygWKbLJtuEKYZSInzw3eNEAmcyDwolFkGaHRIyjPxaLMv
+iaEM+e6ZTKSJUrGSJ2bSn2/ODmedFEMyaXIJdcsqxm1u6Jtm1jjLEtkhwVsAXX6
ytjmlvCEzGVHWJNyL7C1tr6jITjzw1cTnkVyy5Af2jiec+9zYlB2BVGXgdypc9Dj
NWABtpJtv4+SKwv/E9N42Z0LWt/Et8IoBsLAgvLoIiHTYNVo3BtNvn1KKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEGpBgxTpU0cQ1UTjuWrxTK4Tq42MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUWFrR0RGT2xUUnhEVlJPTzVhdkZNcmhPcmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVEBAwQA
WSTnAwQAWSooAwQAXXJFAwQAvNP5MA0GCSqGSIb3DQEBCwUAA4IBAQB/h+9KXyGr
FKMcIJAPqdSP2HtXA1QX4j3MtZNAcYg+99pGjZjIxxs14c6b51WZHqDCVw3md0nH
1aqfn12EqHkB69D3yCLCLOLo0VJXdgrOqVyvlPIqM1Su4zoW097Icru63dVcuMyB
aVLAUHC2oc3VbKXa29J47hNkHOcdmLe4I+R0Fwk9KndvoVEhiuKWujUgLv/93Vxf
TzQeTIO7iWzJ4tY2Bwp3JYabBVs53KUOvRgJ00S6/szEAZ+SlYxVs4mOzI1Wu8Bd
QgESWYOksWHeUNGBBUve4IoBYc+cMQH0JkAJhtXmxa9Y0EQvlLoWAuoTMT/OUb0L
VPJCDkjZK4Gp
-----END CERTIFICATE-----
Generated at Fri Oct 20 07:08:18 2023 by rpki-client on console-ams.rpki-client.org