Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/190d47-68da-44d2-950e-37664d75b254/1/Q2YtFFunCJm25akHZCMNN6CYMsI.roa
File: Q2YtFFunCJm25akHZCMNN6CYMsI.roa (raw, json)
Hash identifier: +LjqnnWF4UMk48MQ37d7LGYGNyYbEfYTIeRPHEV812w=
Subject key identifier: 43:66:2D:14:5B:A7:08:99:B6:E5:A9:07:64:23:0D:37:A0:98:32:C2
Certificate issuer: /CN=b7ac780eb2042c8c57001b65ef156e6f5931239b
Certificate serial: 01856DD413A6D3D5CF05F115B92DEB608767
Authority key identifier: B7:AC:78:0E:B2:04:2C:8C:57:00:1B:65:EF:15:6E:6F:59:31:23:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t6x4DrIELIxXABtl7xVub1kxI5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/190d47-68da-44d2-950e-37664d75b254/1/Q2YtFFunCJm25akHZCMNN6CYMsI.roa
Signing time: Sun 01 Jan 2023 14:54:53 +0000
ROA not before: Sun 01 Jan 2023 14:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198622
IP address blocks: 185.167.164.0/22 maxlen: 24
2a0b:7e00::/36 maxlen: 48
2a0b:7e00:1000::/36 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:13:a6:d3:d5:cf:05:f1:15:b9:2d:eb:60:87:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7ac780eb2042c8c57001b65ef156e6f5931239b
Validity
Not Before: Jan 1 14:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43662d145ba70899b6e5a90764230d37a09832c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5b:f8:be:14:25:02:89:4c:38:58:e8:dd:88:
db:5d:d7:a7:6e:3a:96:f1:47:08:7d:ba:af:fc:05:
dc:92:e6:e6:d8:27:0c:8c:65:e6:bc:49:e6:35:00:
ce:a2:66:bf:ba:70:99:43:53:d5:e4:b5:af:0b:c7:
59:29:39:74:8a:62:95:a4:e1:ea:b6:af:b6:89:47:
b4:b0:98:39:07:a0:7c:38:0c:67:2f:42:fa:0f:ec:
1b:ab:fa:05:71:fb:b4:f7:e9:75:23:71:e7:c3:08:
07:68:48:db:09:17:0c:98:93:ac:3c:54:a9:df:be:
36:b1:9b:72:e7:a0:93:40:9d:4d:63:53:83:24:c1:
f5:d4:89:89:b4:eb:6e:2b:e6:30:85:56:59:45:5c:
cb:a5:b8:db:1c:0c:0c:40:23:27:d0:47:5e:19:0a:
5a:2c:60:c3:f1:ec:c4:59:e2:9e:b4:86:02:9b:46:
a1:c4:1c:50:79:ee:a8:cc:95:f5:8b:8c:28:38:03:
c6:79:c3:86:89:d4:70:94:19:08:ff:d6:e1:dd:aa:
a7:60:f0:e3:11:ae:dd:22:44:96:9c:6a:11:69:e8:
76:b3:4d:61:89:98:ac:41:d9:84:4d:f7:b2:d9:ca:
38:59:c7:0d:fe:45:c2:cf:58:b0:aa:f9:86:c2:c1:
7a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:66:2D:14:5B:A7:08:99:B6:E5:A9:07:64:23:0D:37:A0:98:32:C2
X509v3 Authority Key Identifier:
keyid:B7:AC:78:0E:B2:04:2C:8C:57:00:1B:65:EF:15:6E:6F:59:31:23:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t6x4DrIELIxXABtl7xVub1kxI5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/190d47-68da-44d2-950e-37664d75b254/1/Q2YtFFunCJm25akHZCMNN6CYMsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/190d47-68da-44d2-950e-37664d75b254/1/t6x4DrIELIxXABtl7xVub1kxI5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.164.0/22
IPv6:
2a0b:7e00::/35
Signature Algorithm: sha256WithRSAEncryption
95:dd:1e:f0:6e:27:47:df:67:9b:c3:cb:68:eb:53:bb:78:81:
73:6b:ce:6b:b3:5b:2e:4b:bc:73:f4:8e:72:8b:d7:4e:9a:98:
6e:ad:9f:7c:d9:02:ea:91:f1:f4:99:ca:eb:fd:15:23:cb:53:
e0:2e:2a:43:9a:96:f7:fb:e5:2c:55:3b:c4:fb:b0:6f:8c:e2:
e1:a6:75:13:5f:7a:ea:4c:a7:22:76:db:56:4c:0b:31:09:0d:
47:e6:bb:72:f7:e0:5f:cf:1c:3f:b4:d8:a5:4f:06:91:ad:a1:
0c:34:14:3c:89:cf:b9:1f:2a:cf:48:06:33:70:ea:ec:16:8d:
3e:28:24:4d:9a:6a:77:33:7a:d0:e0:32:4d:1f:44:f0:46:77:
bd:2f:af:dc:b4:8b:35:0b:5a:2b:d6:7e:a2:dd:5a:66:60:4f:
b0:87:ff:e0:09:e1:ad:97:cc:42:54:dd:b9:1c:89:0a:df:f4:
2b:37:7b:60:c2:23:08:be:0c:67:11:a2:74:10:91:75:fc:00:
f5:75:06:c2:ac:b5:b5:3d:80:f0:40:1f:99:2b:7b:99:bc:05:
11:66:52:05:8a:ed:fb:0e:02:93:56:a4:d4:28:7a:bd:a0:65:
cb:c4:bf:d9:48:38:67:79:a8:bb:a5:af:13:97:6c:80:43:69:
3f:99:ac:d6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVt1BOm09XPBfEVuS3rYIdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YWM3ODBlYjIwNDJjOGM1NzAwMWI2NWVmMTU2ZTZmNTkz
MTIzOWIwHhcNMjMwMTAxMTQ1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzY2MmQxNDViYTcwODk5YjZlNWE5MDc2NDIzMGQzN2EwOTgzMmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslv4vhQlAolMOFjo3YjbXdenbjqW
8UcIfbqv/AXckubm2CcMjGXmvEnmNQDOoma/unCZQ1PV5LWvC8dZKTl0imKVpOHq
tq+2iUe0sJg5B6B8OAxnL0L6D+wbq/oFcfu09+l1I3HnwwgHaEjbCRcMmJOsPFSp
3742sZty56CTQJ1NY1ODJMH11ImJtOtuK+YwhVZZRVzLpbjbHAwMQCMn0EdeGQpa
LGDD8ezEWeKetIYCm0ahxBxQee6ozJX1i4woOAPGecOGidRwlBkI/9bh3aqnYPDj
Ea7dIkSWnGoRaeh2s01hiZisQdmETfey2co4WccN/kXCz1iwqvmGwsF6hwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFENmLRRbpwiZtuWpB2QjDTegmDLCMB8GA1UdIwQY
MBaAFLeseA6yBCyMVwAbZe8Vbm9ZMSObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDZ4NERySUVMSXhYQUJ0bDd4VnViMWt4STVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xOTBkNDctNjhkYS00NGQyLTk1MGUt
Mzc2NjRkNzViMjU0LzEvUTJZdEZGdW5DSm0yNWFrSFpDTU5ONkNZTXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xOTBkNDctNjhkYS00NGQyLTk1MGUtMzc2NjRkNzViMjU0
LzEvdDZ4NERySUVMSXhYQUJ0bDd4VnViMWt4STVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuaekMA4E
AgACMAgDBgUqC34AADANBgkqhkiG9w0BAQsFAAOCAQEAld0e8G4nR99nm8PLaOtT
u3iBc2vOa7NbLku8c/SOcovXTpqYbq2ffNkC6pHx9JnK6/0VI8tT4C4qQ5qW9/vl
LFU7xPuwb4zi4aZ1E1966kynInbbVkwLMQkNR+a7cvfgX88cP7TYpU8Gka2hDDQU
PInPuR8qz0gGM3Dq7BaNPigkTZpqdzN60OAyTR9E8EZ3vS+v3LSLNQtaK9Z+ot1a
ZmBPsIf/4AnhrZfMQlTduRyJCt/0Kzd7YMIjCL4MZxGidBCRdfwA9XUGwqy1tT2A
8EAfmSt7mbwFEWZSBYrt+w4Ck1ak1Ch6vaBly8S/2Ug4Z3mou6WvE5dsgENpP5ms
1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:05 2024 by rpki-client on console-fra.rpki-client.org