Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/QyFddFp1IokOnWpQQnMPMaKNdNI.roa
File: QyFddFp1IokOnWpQQnMPMaKNdNI.roa (raw, json)
Hash identifier: LXbzHxpsYASaRp0Kqmvv5oPSicf2JZkY1gWkW8gKFxU=
Subject key identifier: 43:21:5D:74:5A:75:22:89:0E:9D:6A:50:42:73:0F:31:A2:8D:74:D2
Certificate issuer: /CN=603831a61bc8a8f4cb85887022fb6f86397345dc
Certificate serial: 018CCA997FB588989CD0911F5B153A60631A
Authority key identifier: 60:38:31:A6:1B:C8:A8:F4:CB:85:88:70:22:FB:6F:86:39:73:45:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDgxphvIqPTLhYhwIvtvhjlzRdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/QyFddFp1IokOnWpQQnMPMaKNdNI.roa
Signing time: Tue 02 Jan 2024 14:35:06 +0000
ROA not before: Tue 02 Jan 2024 14:35:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60173
IP address blocks: 185.34.224.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 27 Feb 2024 08:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:7f:b5:88:98:9c:d0:91:1f:5b:15:3a:60:63:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=603831a61bc8a8f4cb85887022fb6f86397345dc
Validity
Not Before: Jan 2 14:35:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43215d745a7522890e9d6a5042730f31a28d74d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d9:e8:06:b9:72:97:30:8c:23:a7:89:0f:77:
eb:59:4a:75:f2:fa:d4:c5:6e:d7:37:62:69:5f:c3:
02:42:62:6b:8d:6d:64:49:97:5e:f7:da:b2:0d:a2:
cf:86:1b:9f:15:ab:8a:94:67:e0:dc:a5:cb:8b:aa:
23:be:3f:80:79:f3:ce:71:56:82:14:fe:99:86:5b:
35:a6:42:62:83:ef:38:39:dc:91:08:8c:93:47:a0:
76:cf:15:f4:c7:9e:7e:37:d7:4e:03:8a:3b:3d:71:
8f:49:d2:a4:57:69:e0:20:f9:7c:ac:50:0d:5b:3c:
f0:e8:28:1d:f5:91:5c:82:82:81:cc:22:6d:e1:2e:
ac:37:2e:8b:5e:68:63:4b:7c:b7:38:07:b5:75:5b:
86:01:27:70:62:d3:30:ed:6c:1b:75:57:9a:e0:46:
d3:21:8f:37:c5:0c:5e:2b:09:06:8c:d3:b5:b5:4e:
f3:5e:28:13:0d:64:d0:ab:5e:28:3e:6a:00:b8:8b:
33:c5:da:1c:7c:cb:74:07:a1:ac:60:1d:ba:b8:e3:
c4:40:be:68:cb:1e:c4:12:63:1d:99:2a:5d:05:76:
61:89:4b:1f:7b:aa:98:dd:8f:5c:a4:4e:eb:b6:e5:
53:b1:ef:7e:f6:2f:49:5a:4d:1e:37:31:6a:a5:a2:
9f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:21:5D:74:5A:75:22:89:0E:9D:6A:50:42:73:0F:31:A2:8D:74:D2
X509v3 Authority Key Identifier:
keyid:60:38:31:A6:1B:C8:A8:F4:CB:85:88:70:22:FB:6F:86:39:73:45:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDgxphvIqPTLhYhwIvtvhjlzRdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/QyFddFp1IokOnWpQQnMPMaKNdNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/YDgxphvIqPTLhYhwIvtvhjlzRdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.224.0/22
Signature Algorithm: sha256WithRSAEncryption
52:a2:21:5f:84:c2:6b:df:12:05:21:53:a7:77:9c:01:f1:54:
da:b7:84:49:d3:3c:28:54:60:5f:50:2a:4c:ce:82:db:aa:91:
2c:88:92:56:28:e5:3b:45:81:c5:38:48:21:49:2c:ea:c9:11:
ec:2a:9a:95:e9:90:8a:b4:84:49:97:27:ef:d2:90:37:44:bf:
2b:63:e9:11:07:1e:55:98:de:e5:5d:21:47:04:84:ec:7b:7d:
5a:f7:22:da:8a:6f:84:a2:9a:b4:20:65:3b:3b:58:29:f0:65:
3c:af:8d:b7:0d:c9:9a:cf:6d:16:19:bf:c9:41:19:21:ed:ae:
a2:71:97:02:3d:63:a9:13:42:c9:2a:3f:e9:db:0c:41:85:51:
1c:6b:e1:f1:f2:45:87:fb:70:83:4b:aa:18:9d:2d:6d:31:bc:
54:f8:ab:34:c5:ab:96:a9:c0:9d:eb:b1:5a:5c:23:1d:11:44:
c4:27:ec:cd:dc:72:37:10:17:99:3e:10:11:1c:9c:b4:1d:35:
14:24:dc:fc:6f:c7:79:12:4e:57:0c:9e:46:1c:fb:5e:46:5a:
a1:16:fd:5c:90:65:53:f8:71:45:c9:d6:e3:78:1b:9c:c2:f5:
fb:73:a3:7b:5b:bf:9c:ee:29:c0:5f:25:75:34:a0:cc:aa:36:
9b:66:21:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmX+1iJic0JEfWxU6YGMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzgzMWE2MWJjOGE4ZjRjYjg1ODg3MDIyZmI2Zjg2Mzk3
MzQ1ZGMwHhcNMjQwMTAyMTQzNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzIxNWQ3NDVhNzUyMjg5MGU5ZDZhNTA0MjczMGYzMWEyOGQ3NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09noBrlylzCMI6eJD3frWUp18vrU
xW7XN2JpX8MCQmJrjW1kSZde99qyDaLPhhufFauKlGfg3KXLi6ojvj+AefPOcVaC
FP6Zhls1pkJig+84OdyRCIyTR6B2zxX0x55+N9dOA4o7PXGPSdKkV2ngIPl8rFAN
Wzzw6Cgd9ZFcgoKBzCJt4S6sNy6LXmhjS3y3OAe1dVuGASdwYtMw7WwbdVea4EbT
IY83xQxeKwkGjNO1tU7zXigTDWTQq14oPmoAuIszxdocfMt0B6GsYB26uOPEQL5o
yx7EEmMdmSpdBXZhiUsfe6qY3Y9cpE7rtuVTse9+9i9JWk0eNzFqpaKfQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMhXXRadSKJDp1qUEJzDzGijXTSMB8GA1UdIwQY
MBaAFGA4MaYbyKj0y4WIcCL7b4Y5c0XcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURneHBodklxUFRMaFlod0l2dHZoamx6UmR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hYzMyNzYtNTBhZC00ZWJjLWEyYTYt
OTgwODU0NTkzM2M5LzEvUXlGZGRGcDFJb2tPbldwUVFuTVBNYUtOZE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hYzMyNzYtNTBhZC00ZWJjLWEyYTYtOTgwODU0NTkzM2M5
LzEvWURneHBodklxUFRMaFlod0l2dHZoamx6UmR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSLgMA0G
CSqGSIb3DQEBCwUAA4IBAQBSoiFfhMJr3xIFIVOnd5wB8VTat4RJ0zwoVGBfUCpM
zoLbqpEsiJJWKOU7RYHFOEghSSzqyRHsKpqV6ZCKtIRJlyfv0pA3RL8rY+kRBx5V
mN7lXSFHBITse31a9yLaim+Eopq0IGU7O1gp8GU8r423Dcmaz20WGb/JQRkh7a6i
cZcCPWOpE0LJKj/p2wxBhVEca+Hx8kWH+3CDS6oYnS1tMbxU+Ks0xauWqcCd67Fa
XCMdEUTEJ+zN3HI3EBeZPhARHJy0HTUUJNz8b8d5Ek5XDJ5GHPteRlqhFv1ckGVT
+HFFydbjeBucwvX7c6N7W7+c7inAXyV1NKDMqjabZiEz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:32 2024 by rpki-client on console-ams.rpki-client.org