Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/QTNYCuFU3Ed1SMeHfLRCKM9iHVY.roa
File: QTNYCuFU3Ed1SMeHfLRCKM9iHVY.roa (raw, json)
Hash identifier: CqOzwFh6gPSShRqAkXncrolaP7oSDMYp/0EndizBXKU=
Subject key identifier: 41:33:58:0A:E1:54:DC:47:75:48:C7:87:7C:B4:42:28:CF:62:1D:56
Certificate issuer: /CN=5efff2578a0e6215dc60e2da946f30d25c63cd6a
Certificate serial: 01856F1DAFC25EB920483BC21EA0DEAE267E
Authority key identifier: 5E:FF:F2:57:8A:0E:62:15:DC:60:E2:DA:94:6F:30:D2:5C:63:CD:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xv_yV4oOYhXcYOLalG8w0lxjzWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/QTNYCuFU3Ed1SMeHfLRCKM9iHVY.roa
Signing time: Sun 01 Jan 2023 20:54:54 +0000
ROA not before: Sun 01 Jan 2023 20:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203089
IP address blocks: 185.136.124.0/24 maxlen: 24
185.136.125.0/24 maxlen: 24
185.136.126.0/24 maxlen: 24
185.136.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:af:c2:5e:b9:20:48:3b:c2:1e:a0:de:ae:26:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5efff2578a0e6215dc60e2da946f30d25c63cd6a
Validity
Not Before: Jan 1 20:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4133580ae154dc477548c7877cb44228cf621d56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4e:82:1f:50:45:25:cf:87:1d:6a:a4:33:38:
80:16:2f:39:ea:ec:5a:c8:d9:e8:46:c1:4e:96:44:
0d:b5:cc:73:bd:01:b3:ec:6c:ea:96:f4:50:75:20:
be:e2:32:49:cd:80:07:3b:a9:6e:07:fd:19:51:5a:
61:1a:dc:b0:a3:f9:93:2f:de:c0:7c:52:18:ff:86:
33:cb:5b:a4:b1:0d:02:3a:54:6b:35:99:73:0b:69:
24:c9:49:a4:9c:c9:d6:53:e4:81:bb:b9:7a:ab:f2:
0e:dd:cf:ec:78:ea:ce:6c:0d:ef:9c:1e:b7:6c:0b:
eb:aa:01:ab:93:52:d5:8d:0b:63:14:58:6f:87:1b:
36:b2:80:2f:50:06:9c:19:09:9e:33:88:ec:4f:e2:
57:e9:46:f4:53:0d:dd:83:64:22:9e:27:ef:bc:be:
39:40:87:d2:0c:2a:d7:71:33:a9:c8:49:70:6f:2e:
58:c9:97:9a:a4:c7:8e:4f:de:12:b3:a3:8a:9c:da:
a4:c5:30:46:e1:7e:8d:32:00:61:84:bb:aa:67:d2:
6b:a4:c2:fd:db:7e:f6:db:75:79:f5:ee:8b:3a:a1:
b5:32:16:79:24:c9:35:eb:9d:76:e2:d0:a3:27:bd:
7f:53:98:ca:35:2b:92:c3:fd:98:fc:e4:f9:66:86:
0e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:33:58:0A:E1:54:DC:47:75:48:C7:87:7C:B4:42:28:CF:62:1D:56
X509v3 Authority Key Identifier:
keyid:5E:FF:F2:57:8A:0E:62:15:DC:60:E2:DA:94:6F:30:D2:5C:63:CD:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xv_yV4oOYhXcYOLalG8w0lxjzWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/QTNYCuFU3Ed1SMeHfLRCKM9iHVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/Xv_yV4oOYhXcYOLalG8w0lxjzWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.124.0/22
Signature Algorithm: sha256WithRSAEncryption
75:f6:e2:91:f6:dd:ef:cf:28:97:ca:71:26:33:9f:25:de:0e:
2f:24:0c:87:4b:0f:d5:36:68:ac:24:ee:3e:7a:fc:88:60:76:
4e:de:0b:e4:2f:18:7e:39:94:f1:94:03:a6:9d:1c:21:16:94:
e1:be:d7:c2:99:7f:e4:cf:77:6e:7d:66:18:00:98:7e:e1:13:
1c:71:1d:f3:a8:8e:ba:b9:ae:ea:c0:9d:05:89:86:3d:64:d1:
20:61:9e:cf:0e:6d:63:5e:9f:88:78:a4:ff:e7:8f:f7:61:b0:
52:3c:bf:72:50:eb:8b:a7:18:66:38:6e:51:97:80:6f:2e:e7:
e8:2a:37:86:9d:9f:fe:cb:bc:f9:a0:99:3e:68:c6:df:b1:fd:
ea:34:53:97:73:51:c8:a1:9a:58:d2:e1:27:d4:ab:9c:bc:42:
89:a9:cd:43:74:b8:37:f6:f2:9b:8c:e1:8a:ab:87:5e:c1:f2:
bf:17:e5:3a:14:4e:60:1a:8a:9b:ef:64:58:a1:3c:4e:08:c6:
fc:e9:32:a6:a3:55:12:f8:5b:43:c5:f8:8e:43:3a:b2:78:54:
60:1f:d1:11:11:d8:cb:ea:23:bd:e7:db:86:99:b0:5f:f6:5d:
8f:58:de:13:29:90:b0:ef:2e:8e:2e:4f:cb:f4:8d:a8:a7:50:
0b:7f:26:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHa/CXrkgSDvCHqDeriZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZmZmMjU3OGEwZTYyMTVkYzYwZTJkYTk0NmYzMGQyNWM2
M2NkNmEwHhcNMjMwMTAxMjA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTMzNTgwYWUxNTRkYzQ3NzU0OGM3ODc3Y2I0NDIyOGNmNjIxZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE6CH1BFJc+HHWqkMziAFi856uxa
yNnoRsFOlkQNtcxzvQGz7GzqlvRQdSC+4jJJzYAHO6luB/0ZUVphGtywo/mTL97A
fFIY/4Yzy1uksQ0COlRrNZlzC2kkyUmknMnWU+SBu7l6q/IO3c/seOrObA3vnB63
bAvrqgGrk1LVjQtjFFhvhxs2soAvUAacGQmeM4jsT+JX6Ub0Uw3dg2QinifvvL45
QIfSDCrXcTOpyElwby5YyZeapMeOT94Ss6OKnNqkxTBG4X6NMgBhhLuqZ9JrpML9
237223V59e6LOqG1MhZ5JMk165124tCjJ71/U5jKNSuSw/2Y/OT5ZoYOewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEzWArhVNxHdUjHh3y0QijPYh1WMB8GA1UdIwQY
MBaAFF7/8leKDmIV3GDi2pRvMNJcY81qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHZfeVY0b09ZaFhjWU9MYWxHOHcwbHhqeldvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC83OWQxYTEtMDkxYy00MDM5LTg3Nzgt
YjY5NzkwN2ZmZGM4LzEvUVROWUN1RlUzRWQxU01lSGZMUkNLTTlpSFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC83OWQxYTEtMDkxYy00MDM5LTg3NzgtYjY5NzkwN2ZmZGM4
LzEvWHZfeVY0b09ZaFhjWU9MYWxHOHcwbHhqeldvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYh8MA0G
CSqGSIb3DQEBCwUAA4IBAQB19uKR9t3vzyiXynEmM58l3g4vJAyHSw/VNmisJO4+
evyIYHZO3gvkLxh+OZTxlAOmnRwhFpThvtfCmX/kz3dufWYYAJh+4RMccR3zqI66
ua7qwJ0FiYY9ZNEgYZ7PDm1jXp+IeKT/54/3YbBSPL9yUOuLpxhmOG5Rl4BvLufo
KjeGnZ/+y7z5oJk+aMbfsf3qNFOXc1HIoZpY0uEn1KucvEKJqc1DdLg39vKbjOGK
q4dewfK/F+U6FE5gGoqb72RYoTxOCMb86TKmo1US+FtDxfiOQzqyeFRgH9EREdjL
6iO959uGmbBf9l2PWN4TKZCw7y6OLk/L9I2op1ALfyZq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:13 2024 by rpki-client on console-ams.rpki-client.org