Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/QnAAfDELxrv9IQmilEOiqcR6nu0.roa
File: QnAAfDELxrv9IQmilEOiqcR6nu0.roa (raw, json)
Hash identifier: qEtuJ+oblkirzI/xMnadQ9J1tvYsNODTzclCoqPL1BQ=
Subject key identifier: 42:70:00:7C:31:0B:C6:BB:FD:21:09:A2:94:43:A2:A9:C4:7A:9E:ED
Certificate issuer: /CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Certificate serial: 018B8F1C92BF48B88B33E1503D4CCCDE60BE
Authority key identifier: 44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/QnAAfDELxrv9IQmilEOiqcR6nu0.roa
Signing time: Thu 02 Nov 2023 08:18:16 +0000
ROA not before: Thu 02 Nov 2023 08:18:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 185.70.96.0/24 maxlen: 24
185.70.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:1c:92:bf:48:b8:8b:33:e1:50:3d:4c:cc:de:60:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Validity
Not Before: Nov 2 08:18:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4270007c310bc6bbfd2109a29443a2a9c47a9eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:22:bb:e4:35:e5:e3:bf:76:40:d5:46:bc:14:
b2:c4:d1:6e:b8:f7:33:f8:e7:93:b7:7d:79:3d:41:
5c:fb:45:17:82:1b:ad:c0:df:0a:fc:3d:f8:2b:f9:
dd:d1:f1:16:79:cb:c7:9b:f1:54:f0:af:bd:dc:53:
e0:0a:6e:d7:65:66:27:c4:bf:ab:00:54:c1:fc:51:
a1:ba:73:d0:f6:87:0d:d9:50:7d:77:1e:70:aa:87:
0d:7c:e0:d2:4a:4a:58:e9:45:e6:b3:af:06:22:8a:
61:17:52:ef:06:ab:0d:b0:56:f7:6d:da:e4:91:b5:
53:b0:90:d4:c5:4a:89:97:4f:63:18:62:97:8c:01:
2c:23:4d:80:97:c2:62:58:83:9e:ff:3e:e3:72:64:
e9:34:25:f3:2f:b4:b9:01:42:59:08:72:de:71:7d:
a1:7a:fc:5c:92:a3:64:79:58:af:ac:2c:3b:12:ad:
f8:fd:16:63:c6:99:ba:24:a3:15:e8:f9:26:e3:96:
f7:cb:74:29:73:f3:ec:0b:cf:7c:1b:09:5a:fc:3f:
a3:51:9a:53:43:38:d7:46:3f:1d:41:72:c7:46:75:
7a:ac:e9:1e:93:21:94:b7:b6:49:4c:d6:53:a1:4a:
78:9d:cb:00:7d:b0:65:5f:60:76:ec:ad:2e:50:24:
11:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:70:00:7C:31:0B:C6:BB:FD:21:09:A2:94:43:A2:A9:C4:7A:9E:ED
X509v3 Authority Key Identifier:
keyid:44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/QnAAfDELxrv9IQmilEOiqcR6nu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.96.0/24
185.70.99.0/24
Signature Algorithm: sha256WithRSAEncryption
08:48:b5:3e:d4:93:26:41:88:27:7f:e4:cf:88:76:4f:8e:46:
0c:bf:a7:7b:1a:90:55:18:23:41:10:e9:0c:43:60:47:50:3b:
25:00:eb:9e:88:f5:b0:16:7b:47:d6:be:e3:a9:a3:08:d0:2f:
0c:69:e3:ed:9f:76:6b:66:03:f3:56:64:bf:19:c1:cb:5c:0d:
51:42:7a:6d:b1:4b:cc:1f:2f:14:c0:68:d8:58:22:4b:2f:0e:
65:03:3d:02:9d:fb:e4:c6:14:45:31:81:df:25:98:a2:33:9f:
76:66:4a:bc:38:57:7f:94:2b:80:cb:e5:af:26:e7:a3:c0:65:
46:2a:6e:03:01:96:28:d4:40:e9:6e:80:f6:48:4a:10:0b:f1:
81:e8:51:f1:96:33:82:a5:59:c4:9d:d9:9d:0c:7e:81:e5:87:
aa:50:74:79:f9:3a:88:d9:01:92:76:6b:45:5c:fc:ff:82:c4:
49:21:0c:74:25:76:f4:c4:7f:3b:33:34:69:63:74:5d:a4:16:
d0:b5:ca:69:ff:c7:8e:9c:c6:c2:6d:67:e1:cb:20:f1:31:83:
54:9a:3f:16:2f:0e:d8:6d:40:91:ec:ce:73:4e:42:a8:99:4d:
4a:b9:39:10:c5:72:79:81:c5:92:27:94:15:7d:a6:62:3d:0d:
a3:e2:50:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuPHJK/SLiLM+FQPUzM3mC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWY0Yjc2MzEyNjgwZTlkNDBhMjNiM2NhMmYxOWFiZjJm
NmM3M2IwHhcNMjMxMTAyMDgxODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjcwMDA3YzMxMGJjNmJiZmQyMTA5YTI5NDQzYTJhOWM0N2E5ZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyK75DXl4792QNVGvBSyxNFuuPcz
+OeTt315PUFc+0UXghutwN8K/D34K/nd0fEWecvHm/FU8K+93FPgCm7XZWYnxL+r
AFTB/FGhunPQ9ocN2VB9dx5wqocNfODSSkpY6UXms68GIophF1LvBqsNsFb3bdrk
kbVTsJDUxUqJl09jGGKXjAEsI02Al8JiWIOe/z7jcmTpNCXzL7S5AUJZCHLecX2h
evxckqNkeVivrCw7Eq34/RZjxpm6JKMV6Pkm45b3y3Qpc/PsC898Gwla/D+jUZpT
QzjXRj8dQXLHRnV6rOkekyGUt7ZJTNZToUp4ncsAfbBlX2B27K0uUCQR2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEJwAHwxC8a7/SEJopRDoqnEep7tMB8GA1UdIwQY
MBaAFESvS3YxJoDp1Aojs8ovGavy9sc7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEt
NWVhOGY1M2FiNDkxLzEvUW5BQWZERUx4cnY5SVFtaWxFT2lxY1I2bnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEtNWVhOGY1M2FiNDkx
LzEvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUZgAwQA
uUZjMA0GCSqGSIb3DQEBCwUAA4IBAQAISLU+1JMmQYgnf+TPiHZPjkYMv6d7GpBV
GCNBEOkMQ2BHUDslAOueiPWwFntH1r7jqaMI0C8MaePtn3ZrZgPzVmS/GcHLXA1R
QnptsUvMHy8UwGjYWCJLLw5lAz0CnfvkxhRFMYHfJZiiM592Zkq8OFd/lCuAy+Wv
JuejwGVGKm4DAZYo1EDpboD2SEoQC/GB6FHxljOCpVnEndmdDH6B5YeqUHR5+TqI
2QGSdmtFXPz/gsRJIQx0JXb0xH87MzRpY3RdpBbQtcpp/8eOnMbCbWfhyyDxMYNU
mj8WLw7YbUCR7M5zTkKomU1KuTkQxXJ5gcWSJ5QVfaZiPQ2j4lCb
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:57 2024 by rpki-client on console.sobornost.net