Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/qINFIqAI7oVNT8Fknark44D5pjw.roa
File: qINFIqAI7oVNT8Fknark44D5pjw.roa (raw, json)
Hash identifier: z7oe5afexWfvaQnKnuGMrct1Ekw8gs4QX4P0R6Axj6Q=
Subject key identifier: A8:83:45:22:A0:08:EE:85:4D:4F:C1:64:9D:AA:E4:E3:80:F9:A6:3C
Certificate issuer: /CN=f3e23abae3cf0b351260d66f32339928fddf2ebb
Certificate serial: 018728EE77B12B983287042A8524C97B6680
Authority key identifier: F3:E2:3A:BA:E3:CF:0B:35:12:60:D6:6F:32:33:99:28:FD:DF:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8-I6uuPPCzUSYNZvMjOZKP3fLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/qINFIqAI7oVNT8Fknark44D5pjw.roa
Signing time: Tue 28 Mar 2023 15:55:29 +0000
ROA not before: Tue 28 Mar 2023 15:55:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49584
IP address blocks: 185.179.112.0/24 maxlen: 24
185.179.114.0/24 maxlen: 24
185.179.113.0/24 maxlen: 24
185.179.115.0/24 maxlen: 24
185.2.60.0/22 maxlen: 24
2a0e:1c40:2000::/48 maxlen: 48
2a0e:1c40:4000::/48 maxlen: 48
2a0e:1c40:1::/48 maxlen: 48
2a0e:1c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:28:ee:77:b1:2b:98:32:87:04:2a:85:24:c9:7b:66:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3e23abae3cf0b351260d66f32339928fddf2ebb
Validity
Not Before: Mar 28 15:55:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8834522a008ee854d4fc1649daae4e380f9a63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d4:c0:08:87:ad:c4:f4:3b:48:b2:bf:5b:db:
d6:a5:e3:ee:01:b8:f6:a2:61:26:09:86:55:2e:c9:
9d:b0:fd:55:d4:d7:f5:d1:bc:05:ae:9e:6b:a6:e0:
38:94:0d:f6:e3:7d:00:16:0b:9c:1e:90:7d:26:e5:
92:66:b6:bf:c2:2d:2c:06:03:83:a6:93:e0:7c:c7:
73:b2:44:1b:7a:c2:1b:14:c7:73:7e:d3:f0:8b:d2:
94:f3:20:e0:6d:fa:e8:fa:09:32:44:df:69:f5:20:
a7:bc:93:f1:ff:21:16:ba:62:7a:2b:32:c9:2e:80:
cc:ec:fb:b3:95:87:13:82:10:76:51:92:df:3c:0b:
e3:9c:60:9b:41:bf:b4:b5:46:86:ce:01:76:13:2f:
66:c2:fd:79:bf:35:72:ab:8f:2d:0b:10:29:f7:7d:
85:00:a1:d0:a9:03:c4:62:8f:2f:d0:01:f5:f8:94:
41:4d:66:f5:8f:57:8c:4d:21:a6:2c:2c:3e:69:c8:
b9:c7:5a:1a:99:6b:76:14:f1:72:9e:d6:e0:5b:e4:
f5:8c:a3:c8:4a:47:5d:45:92:27:ac:d7:52:3b:4d:
c6:76:82:a1:d7:c8:d5:3c:bf:79:31:49:bd:1a:70:
f9:2b:2c:a9:8e:7c:f8:bd:ff:43:89:bd:2b:48:32:
4e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:83:45:22:A0:08:EE:85:4D:4F:C1:64:9D:AA:E4:E3:80:F9:A6:3C
X509v3 Authority Key Identifier:
keyid:F3:E2:3A:BA:E3:CF:0B:35:12:60:D6:6F:32:33:99:28:FD:DF:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8-I6uuPPCzUSYNZvMjOZKP3fLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/qINFIqAI7oVNT8Fknark44D5pjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/8-I6uuPPCzUSYNZvMjOZKP3fLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.60.0/22
185.179.112.0/22
IPv6:
2a0e:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
4e:22:d7:69:41:32:e8:45:e6:1b:05:06:ca:b4:40:9b:73:c6:
bf:0a:c9:1c:33:5c:33:e0:74:e5:71:2a:15:8e:89:71:7b:3c:
9b:99:51:16:8b:6a:55:51:a5:54:c6:0c:c2:39:27:3c:e1:52:
aa:29:09:f3:3b:0a:6b:65:63:d5:60:29:c1:ad:3a:b8:26:6d:
2a:bb:3a:70:6e:73:79:a3:20:06:9d:50:4d:e6:b7:a9:b7:fc:
40:90:d3:40:41:25:a6:14:15:2d:a5:00:05:5d:2e:88:89:ff:
f9:f6:9f:e8:e5:10:00:ff:fa:7d:8f:b5:a3:ea:32:2a:ba:52:
17:40:16:ff:81:0e:33:ab:c0:67:e2:c8:60:64:d8:22:29:4a:
6a:bb:4f:3e:c9:f9:2f:cb:cb:6f:c2:c0:07:e3:26:49:02:67:
e4:b1:d1:ca:4c:61:06:ed:2b:8a:98:90:12:0e:e8:07:23:ae:
0c:9c:82:61:1d:3b:0a:0b:1d:51:e8:d9:de:ca:b3:d9:2a:56:
af:5c:ad:70:c7:2e:b3:6f:4c:7e:67:ec:b4:39:56:85:14:93:
97:23:63:82:8d:4e:ea:80:1f:79:d0:41:3c:96:2d:ae:dd:c4:
30:6c:77:9c:b0:1a:49:0d:b8:b0:cf:64:e6:cd:a0:32:8d:df:
ec:f0:32:ea
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYco7nexK5gyhwQqhSTJe2aAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZTIzYWJhZTNjZjBiMzUxMjYwZDY2ZjMyMzM5OTI4ZmRk
ZjJlYmIwHhcNMjMwMzI4MTU1NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODgzNDUyMmEwMDhlZTg1NGQ0ZmMxNjQ5ZGFhZTRlMzgwZjlhNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNTACIetxPQ7SLK/W9vWpePuAbj2
omEmCYZVLsmdsP1V1Nf10bwFrp5rpuA4lA32430AFgucHpB9JuWSZra/wi0sBgOD
ppPgfMdzskQbesIbFMdzftPwi9KU8yDgbfro+gkyRN9p9SCnvJPx/yEWumJ6KzLJ
LoDM7PuzlYcTghB2UZLfPAvjnGCbQb+0tUaGzgF2Ey9mwv15vzVyq48tCxAp932F
AKHQqQPEYo8v0AH1+JRBTWb1j1eMTSGmLCw+aci5x1oamWt2FPFyntbgW+T1jKPI
SkddRZInrNdSO03GdoKh18jVPL95MUm9GnD5Kyypjnz4vf9Dib0rSDJODwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKiDRSKgCO6FTU/BZJ2q5OOA+aY8MB8GA1UdIwQY
MBaAFPPiOrrjzws1EmDWbzIzmSj93y67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOC1JNnV1UFBDelVTWU5adk1qT1pLUDNmTHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8wODY4YWYtZjJkNy00OTA1LTg4ZDIt
OWRiNjY2NTQ0OWNiLzEvcUlORklxQUk3b1ZOVDhGa25hcms0NEQ1cGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8wODY4YWYtZjJkNy00OTA1LTg4ZDItOWRiNjY2NTQ0OWNi
LzEvOC1JNnV1UFBDelVTWU5adk1qT1pLUDNmTHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQI8AwQC
ubNwMA0EAgACMAcDBQMqDhxAMA0GCSqGSIb3DQEBCwUAA4IBAQBOItdpQTLoReYb
BQbKtECbc8a/CskcM1wz4HTlcSoVjolxezybmVEWi2pVUaVUxgzCOSc84VKqKQnz
OwprZWPVYCnBrTq4Jm0quzpwbnN5oyAGnVBN5rept/xAkNNAQSWmFBUtpQAFXS6I
if/59p/o5RAA//p9j7Wj6jIqulIXQBb/gQ4zq8Bn4shgZNgiKUpqu08+yfkvy8tv
wsAH4yZJAmfksdHKTGEG7SuKmJASDugHI64MnIJhHTsKCx1R6NneyrPZKlavXK1w
xy6zb0x+Z+y0OVaFFJOXI2OCjU7qgB950EE8li2u3cQwbHecsBpJDbiwz2TmzaAy
jd/s8DLq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:45 2024 by rpki-client on console-fra.rpki-client.org