Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/490e01-caf9-4d44-8f57-a1d9d0f88629/1/QdgwQjpv869BIKyFgWXRbwojkOs.roa
File: QdgwQjpv869BIKyFgWXRbwojkOs.roa (raw, json)
Hash identifier: 0SL/h1pvrcPowItibxt4Hxl/9WdldxZY2cayRhGumC4=
Subject key identifier: 41:D8:30:42:3A:6F:F3:AF:41:20:AC:85:81:65:D1:6F:0A:23:90:EB
Certificate issuer: /CN=17be827a580de61538ddefa28239468c4e901b40
Certificate serial: 01856CC168E9D585CB723824C739C1640257
Authority key identifier: 17:BE:82:7A:58:0D:E6:15:38:DD:EF:A2:82:39:46:8C:4E:90:1B:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F76CelgN5hU43e-igjlGjE6QG0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/490e01-caf9-4d44-8f57-a1d9d0f88629/1/QdgwQjpv869BIKyFgWXRbwojkOs.roa
Signing time: Sun 01 Jan 2023 09:54:52 +0000
ROA not before: Sun 01 Jan 2023 09:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49183
IP address blocks: 176.120.98.0/24 maxlen: 24
176.120.102.0/24 maxlen: 24
176.120.100.0/24 maxlen: 24
176.120.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:68:e9:d5:85:cb:72:38:24:c7:39:c1:64:02:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17be827a580de61538ddefa28239468c4e901b40
Validity
Not Before: Jan 1 09:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41d830423a6ff3af4120ac858165d16f0a2390eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:86:60:da:3c:54:33:7d:37:89:fe:96:f9:23:
19:ae:1b:4f:41:22:a1:4e:74:d4:6c:02:d6:6e:1c:
5b:3c:33:d0:0c:4b:67:11:e8:ed:ab:9d:98:34:4f:
34:93:7a:09:76:cd:df:bf:23:d6:3e:1b:5e:03:c0:
55:21:b4:8c:e3:52:af:8c:c9:5b:aa:e7:18:f7:e3:
59:05:6a:03:34:1c:6b:8e:4d:1a:7f:ff:91:2d:ef:
d1:d8:65:e5:b2:02:f5:b9:23:9e:b5:9b:14:94:68:
16:b2:1c:36:55:b4:1c:67:22:46:bc:1c:b2:b3:0b:
19:c0:a7:77:6a:ad:a5:11:e0:af:3c:4d:61:4d:b0:
6e:eb:27:09:7c:07:8a:ae:6a:06:6f:6c:c1:ec:84:
69:13:d4:b0:f3:1c:70:15:f7:33:d0:8f:27:b8:37:
5b:a3:ee:d5:d6:21:5e:34:79:9c:fd:9e:a4:02:56:
a0:4d:01:c9:32:86:af:4f:eb:36:cf:6e:8a:95:09:
16:9d:d9:57:20:67:cb:fb:b4:1a:3d:41:1f:13:bd:
4f:65:56:b9:24:06:a1:91:6e:ff:a6:79:ed:6c:0e:
d9:82:17:b7:ed:d3:48:04:c0:a2:63:03:a9:0d:bc:
a8:b1:93:49:55:f2:15:35:aa:b9:00:24:c9:1f:71:
88:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D8:30:42:3A:6F:F3:AF:41:20:AC:85:81:65:D1:6F:0A:23:90:EB
X509v3 Authority Key Identifier:
keyid:17:BE:82:7A:58:0D:E6:15:38:DD:EF:A2:82:39:46:8C:4E:90:1B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F76CelgN5hU43e-igjlGjE6QG0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/490e01-caf9-4d44-8f57-a1d9d0f88629/1/QdgwQjpv869BIKyFgWXRbwojkOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/490e01-caf9-4d44-8f57-a1d9d0f88629/1/F76CelgN5hU43e-igjlGjE6QG0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.120.98.0-176.120.100.255
176.120.102.0/24
Signature Algorithm: sha256WithRSAEncryption
88:e5:f5:cd:81:ea:1d:ed:f6:e6:2d:0d:1b:ae:d7:a8:bb:1f:
29:0c:58:0e:26:1e:bd:de:6b:c5:a1:3a:71:e8:f3:ba:1b:63:
9e:8a:42:3f:55:79:20:b3:a3:ff:f4:be:e2:f9:9d:be:5c:68:
d1:95:43:38:c1:92:20:06:42:cc:0e:b3:2b:75:5f:eb:5e:fc:
7b:41:5e:6a:33:5e:ff:be:68:87:06:8d:40:a6:49:03:54:48:
96:04:ea:e3:95:bc:77:4b:b6:3f:0b:7f:f3:dc:8f:f3:ab:14:
f4:1e:47:80:09:22:e1:dd:12:6a:84:0a:45:d6:a6:5d:ae:90:
df:47:d0:cb:78:be:c6:7f:af:ef:7a:0f:a1:7b:fd:b6:0e:fe:
b2:96:9b:d6:31:4a:5b:23:c9:dd:f6:4a:b2:07:cf:05:e1:9c:
fb:f1:ba:e7:07:e0:ae:97:6f:99:ab:95:47:b1:86:b5:a8:a0:
3c:24:b7:a9:f4:ae:06:9f:b0:fc:4e:28:21:53:7a:8d:64:2c:
35:b9:99:04:3e:4f:28:00:95:b7:d2:2b:0d:8e:04:0c:f7:45:
f6:4e:fe:38:44:98:6f:79:ec:95:30:11:85:16:ab:24:86:db:
3d:16:66:79:60:88:9c:fb:2c:fc:1e:e4:bb:e5:d7:6a:02:5e:
4e:75:b7:86
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVswWjp1YXLcjgkxznBZAJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YmU4MjdhNTgwZGU2MTUzOGRkZWZhMjgyMzk0NjhjNGU5
MDFiNDAwHhcNMjMwMTAxMDk1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ4MzA0MjNhNmZmM2FmNDEyMGFjODU4MTY1ZDE2ZjBhMjM5MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYZg2jxUM303if6W+SMZrhtPQSKh
TnTUbALWbhxbPDPQDEtnEejtq52YNE80k3oJds3fvyPWPhteA8BVIbSM41KvjMlb
qucY9+NZBWoDNBxrjk0af/+RLe/R2GXlsgL1uSOetZsUlGgWshw2VbQcZyJGvByy
swsZwKd3aq2lEeCvPE1hTbBu6ycJfAeKrmoGb2zB7IRpE9Sw8xxwFfcz0I8nuDdb
o+7V1iFeNHmc/Z6kAlagTQHJMoavT+s2z26KlQkWndlXIGfL+7QaPUEfE71PZVa5
JAahkW7/pnntbA7Zghe37dNIBMCiYwOpDbyosZNJVfIVNaq5ACTJH3GIYwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEHYMEI6b/OvQSCshYFl0W8KI5DrMB8GA1UdIwQY
MBaAFBe+gnpYDeYVON3vooI5RoxOkBtAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjc2Q2VsZ041aFU0M2UtaWdqbEdqRTZRRzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80OTBlMDEtY2FmOS00ZDQ0LThmNTct
YTFkOWQwZjg4NjI5LzEvUWRnd1FqcHY4NjlCSUt5RmdXWFJid29qa09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80OTBlMDEtY2FmOS00ZDQ0LThmNTctYTFkOWQwZjg4NjI5
LzEvRjc2Q2VsZ041aFU0M2UtaWdqbEdqRTZRRzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAGweGID
BACweGQDBACweGYwDQYJKoZIhvcNAQELBQADggEBAIjl9c2B6h3t9uYtDRuu16i7
HykMWA4mHr3ea8WhOnHo87obY56KQj9VeSCzo//0vuL5nb5caNGVQzjBkiAGQswO
syt1X+te/HtBXmozXv++aIcGjUCmSQNUSJYE6uOVvHdLtj8Lf/Pcj/OrFPQeR4AJ
IuHdEmqECkXWpl2ukN9H0Mt4vsZ/r+96D6F7/bYO/rKWm9YxSlsjyd32SrIHzwXh
nPvxuucH4K6Xb5mrlUexhrWooDwkt6n0rgafsPxOKCFTeo1kLDW5mQQ+TygAlbfS
Kw2OBAz3RfZO/jhEmG957JUwEYUWqySG2z0WZnlgiJz7LPwe5Lvl12oCXk51t4Y=
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:05 2024 by rpki-client on console.sobornost.net