Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/QsR4GBrQ8eTp5Rrc5b1aua9mcNg.roa
File: QsR4GBrQ8eTp5Rrc5b1aua9mcNg.roa (raw, json)
Hash identifier: 9LjtpCO8rQ9aPMVoWml34kRlXmRo3CsN3oe6/N5psUk=
Subject key identifier: 42:C4:78:18:1A:D0:F1:E4:E9:E5:1A:DC:E5:BD:5A:B9:AF:66:70:D8
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 0186DF5A7158DAB23CD8A0173429FF25EAC9
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/QsR4GBrQ8eTp5Rrc5b1aua9mcNg.roa
Signing time: Tue 14 Mar 2023 09:01:31 +0000
ROA not before: Tue 14 Mar 2023 09:01:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210906
IP address blocks: 185.47.92.0/22 maxlen: 22
188.64.176.0/21 maxlen: 21
185.7.236.0/22 maxlen: 22
185.211.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 16 Mar 2023 15:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:5a:71:58:da:b2:3c:d8:a0:17:34:29:ff:25:ea:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Mar 14 09:01:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42c478181ad0f1e4e9e51adce5bd5ab9af6670d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:49:b9:4f:3d:e2:f0:26:39:aa:00:5d:d0:67:
3d:9e:ce:5b:3c:c5:d2:7f:72:df:3e:a6:41:8b:a8:
20:54:7d:9b:ac:0f:6a:73:c0:0c:99:9c:db:79:44:
55:1c:5f:d5:2c:b2:5c:dd:cf:f9:23:57:60:c1:83:
ff:a0:9e:4d:0c:0b:17:5d:ff:3c:dd:94:d7:41:93:
29:04:40:36:45:9f:42:88:00:b2:3b:58:90:a9:93:
6b:d4:37:bd:14:ff:20:c6:a9:61:d5:c7:94:d9:68:
32:75:00:a5:a2:7c:e5:8f:29:b7:4d:6f:a7:a2:dc:
67:23:10:3a:e4:52:54:60:0d:b8:60:28:df:0f:5f:
0d:b8:07:1a:2d:32:46:27:18:aa:71:06:9e:a9:9a:
76:65:9e:51:37:36:02:08:03:4a:b4:bc:5f:4d:2d:
ca:b3:cc:cd:b9:b9:18:16:99:63:fa:4f:9a:cd:b5:
aa:0b:df:e5:ca:66:39:11:61:9c:4a:81:d3:56:95:
f9:f8:31:81:10:6d:29:0a:f9:7a:d7:5b:db:07:06:
1f:3c:ea:09:8f:cc:6d:cf:bc:17:f0:40:7c:0a:55:
11:3b:39:cd:76:34:a5:eb:88:fc:b3:1b:7c:ee:90:
59:50:72:1d:7c:06:f4:68:9d:40:61:98:2f:16:dd:
74:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C4:78:18:1A:D0:F1:E4:E9:E5:1A:DC:E5:BD:5A:B9:AF:66:70:D8
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/QsR4GBrQ8eTp5Rrc5b1aua9mcNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.236.0/22
185.47.92.0/22
185.211.96.0/22
188.64.176.0/21
Signature Algorithm: sha256WithRSAEncryption
08:fc:4c:53:95:3e:3f:50:60:4d:4b:49:e1:68:92:b0:ea:c3:
26:a1:a3:5f:bb:80:1c:03:c2:1c:27:4c:1f:60:ec:71:cc:87:
af:45:b9:b4:d9:b8:a1:44:d3:ca:db:5f:21:40:9c:fb:fa:08:
13:6c:cf:c4:f6:bb:cc:5f:08:c3:87:7e:0d:c1:c8:e1:64:17:
64:e8:04:07:51:49:bc:03:c7:01:19:97:c3:1e:bb:b6:1c:64:
84:dd:8b:14:27:d0:fb:d4:f4:34:0f:ee:f6:9e:08:8f:07:13:
19:38:15:61:40:0c:2e:bb:f0:eb:80:4a:d1:cb:d4:85:9a:84:
20:29:ba:15:48:a2:ca:5f:64:c2:27:06:58:9a:b6:45:d9:16:
60:61:0d:b1:f8:db:c1:91:3e:82:62:d0:19:ac:1a:a1:f8:f2:
2d:06:55:3e:b9:04:8a:39:6d:bd:ec:74:ad:05:86:22:08:9e:
37:69:ee:94:8a:1b:7e:94:e5:af:ea:75:6e:1b:31:ce:db:75:
f7:75:bf:72:72:df:40:44:ac:71:89:95:55:b4:08:e9:ff:a7:
f5:7e:d7:5b:a0:b4:5c:97:c6:98:94:05:83:8d:d3:8d:84:08:
15:9e:f6:f0:88:94:43:ba:39:e9:c2:93:f7:94:a5:d8:d6:8f:
ea:2f:41:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbfWnFY2rI82KAXNCn/JerJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjMwMzE0MDkwMTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmM0NzgxODFhZDBmMWU0ZTllNTFhZGNlNWJkNWFiOWFmNjY3MGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUm5Tz3i8CY5qgBd0Gc9ns5bPMXS
f3LfPqZBi6ggVH2brA9qc8AMmZzbeURVHF/VLLJc3c/5I1dgwYP/oJ5NDAsXXf88
3ZTXQZMpBEA2RZ9CiACyO1iQqZNr1De9FP8gxqlh1ceU2WgydQClonzljym3TW+n
otxnIxA65FJUYA24YCjfD18NuAcaLTJGJxiqcQaeqZp2ZZ5RNzYCCANKtLxfTS3K
s8zNubkYFplj+k+azbWqC9/lymY5EWGcSoHTVpX5+DGBEG0pCvl611vbBwYfPOoJ
j8xtz7wX8EB8ClUROznNdjSl64j8sxt87pBZUHIdfAb0aJ1AYZgvFt10RQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFELEeBga0PHk6eUa3OW9WrmvZnDYMB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvUXNSNEdCclE4ZVRwNVJyYzViMWF1YTltY05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuQfsAwQC
uS9cAwQCudNgAwQDvECwMA0GCSqGSIb3DQEBCwUAA4IBAQAI/ExTlT4/UGBNS0nh
aJKw6sMmoaNfu4AcA8IcJ0wfYOxxzIevRbm02bihRNPK218hQJz7+ggTbM/E9rvM
XwjDh34NwcjhZBdk6AQHUUm8A8cBGZfDHru2HGSE3YsUJ9D71PQ0D+72ngiPBxMZ
OBVhQAwuu/DrgErRy9SFmoQgKboVSKLKX2TCJwZYmrZF2RZgYQ2x+NvBkT6CYtAZ
rBqh+PItBlU+uQSKOW297HStBYYiCJ43ae6Uiht+lOWv6nVuGzHO23X3db9yct9A
RKxxiZVVtAjp/6f1ftdboLRcl8aYlAWDjdONhAgVnvbwiJRDujnpwpP3lKXY1o/q
L0FK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:53 2024 by rpki-client on console-ams.rpki-client.org