Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3f7bcd-a7ea-4e10-ba34-4ce4d8fea6ef/1/QZO864USpkuViEqhEyM4xwYMcVs.roa
File: QZO864USpkuViEqhEyM4xwYMcVs.roa (raw, json)
Hash identifier: 8dm6SV4dDxqXBeNbvgayGfk7VrIOHcR+AbJJ5TRWO64=
Subject key identifier: 41:93:BC:EB:85:12:A6:4B:95:88:4A:A1:13:23:38:C7:06:0C:71:5B
Certificate issuer: /CN=5fb88d91788fe9921089d9b6271e210f7f8914a2
Certificate serial: 018BE914925B5BADF341775161B4BE1802DC
Authority key identifier: 5F:B8:8D:91:78:8F:E9:92:10:89:D9:B6:27:1E:21:0F:7F:89:14:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X7iNkXiP6ZIQidm2Jx4hD3-JFKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3f7bcd-a7ea-4e10-ba34-4ce4d8fea6ef/1/QZO864USpkuViEqhEyM4xwYMcVs.roa
Signing time: Sun 19 Nov 2023 19:35:21 +0000
ROA not before: Sun 19 Nov 2023 19:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60102
IP address blocks: 185.52.202.0/24 maxlen: 24
185.52.201.0/24 maxlen: 24
185.52.200.0/24 maxlen: 24
185.52.200.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e9:14:92:5b:5b:ad:f3:41:77:51:61:b4:be:18:02:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fb88d91788fe9921089d9b6271e210f7f8914a2
Validity
Not Before: Nov 19 19:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4193bceb8512a64b95884aa1132338c7060c715b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1e:43:b6:5c:3d:33:e4:3c:47:9b:83:97:e6:
c2:0a:28:34:5f:9a:c4:63:fb:4c:ae:27:bf:ad:2a:
c9:05:d9:a8:03:81:35:e8:c5:7f:15:41:f9:be:48:
33:13:99:3a:16:87:92:b3:9a:34:c5:b6:63:75:7a:
af:a2:8e:90:bc:85:f9:6a:36:c8:03:cc:9b:a2:1d:
73:cd:ef:5c:dc:36:02:c5:0d:5b:58:13:31:dd:c1:
a1:b7:7c:a5:1d:ca:a0:4e:7a:c3:6f:8e:02:0f:f1:
a7:05:4d:bb:71:a3:6c:80:28:4d:99:6c:fe:73:1a:
27:80:85:37:a2:ae:91:3a:8f:97:e1:56:d5:1e:cb:
c9:9e:6f:9b:6a:c0:b5:fc:f8:a4:cb:06:7b:0d:03:
28:48:36:da:4b:0f:87:8c:de:40:9c:c8:bd:41:8c:
93:0f:50:e2:de:5b:7b:cd:e7:4c:29:de:96:71:64:
cb:08:b3:52:84:b3:14:f3:83:ab:ff:3b:2e:72:64:
91:48:be:4c:4b:2f:a6:74:18:95:5a:7b:53:7a:b5:
99:6f:1f:9e:bb:ce:c5:bd:25:aa:bf:97:11:2b:6d:
1a:bc:e3:f6:30:e2:c8:53:60:48:bc:65:b9:27:a0:
70:f1:f0:ed:74:d3:41:6e:f7:4f:36:9c:2a:61:9d:
f3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:93:BC:EB:85:12:A6:4B:95:88:4A:A1:13:23:38:C7:06:0C:71:5B
X509v3 Authority Key Identifier:
keyid:5F:B8:8D:91:78:8F:E9:92:10:89:D9:B6:27:1E:21:0F:7F:89:14:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X7iNkXiP6ZIQidm2Jx4hD3-JFKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3f7bcd-a7ea-4e10-ba34-4ce4d8fea6ef/1/QZO864USpkuViEqhEyM4xwYMcVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3f7bcd-a7ea-4e10-ba34-4ce4d8fea6ef/1/X7iNkXiP6ZIQidm2Jx4hD3-JFKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.200.0/22
Signature Algorithm: sha256WithRSAEncryption
97:e6:2c:40:a4:f7:b0:e3:b9:08:af:23:4d:0b:b2:9c:aa:b6:
cc:ee:35:ff:a3:77:6d:ec:84:15:43:62:04:05:0b:8d:f3:21:
76:4f:7b:24:6a:3a:f7:7e:f1:4c:87:4d:05:af:57:1c:8f:81:
4c:c6:64:9e:ef:89:24:60:21:ff:29:df:a3:fc:d8:04:df:a5:
5e:da:16:f3:17:89:49:4f:1b:79:3a:4a:f7:64:70:dc:c8:d7:
b1:a3:4f:81:f0:bf:e0:18:ee:20:a6:3e:c1:b1:98:3e:c9:2b:
06:96:3b:5b:f8:48:90:6e:c6:9e:06:37:c5:3b:1d:03:d4:02:
5b:10:dc:8b:a7:5b:0d:9d:d1:b2:10:0a:2f:31:71:ba:8e:ec:
c2:8c:da:22:58:0b:43:4a:60:be:95:54:af:05:a7:d5:e2:60:
35:88:57:86:a2:46:72:d4:4a:5a:a2:f1:6e:5d:6e:31:85:dc:
db:c0:af:a2:75:9e:fb:4c:f5:e7:26:a4:b9:d8:03:13:25:9b:
f6:a3:a7:f3:f0:d1:f8:a5:d3:88:aa:f6:d7:46:45:10:69:4b:
75:39:b0:25:2b:d1:51:03:41:1e:cd:90:a4:34:77:03:f4:91:
a3:a9:0b:45:86:e7:63:7c:28:c0:b8:59:4a:ec:43:d3:13:17:
77:7b:0a:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvpFJJbW63zQXdRYbS+GALcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYjg4ZDkxNzg4ZmU5OTIxMDg5ZDliNjI3MWUyMTBmN2Y4
OTE0YTIwHhcNMjMxMTE5MTkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTkzYmNlYjg1MTJhNjRiOTU4ODRhYTExMzIzMzhjNzA2MGM3MTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR5Dtlw9M+Q8R5uDl+bCCig0X5rE
Y/tMrie/rSrJBdmoA4E16MV/FUH5vkgzE5k6FoeSs5o0xbZjdXqvoo6QvIX5ajbI
A8yboh1zze9c3DYCxQ1bWBMx3cGht3ylHcqgTnrDb44CD/GnBU27caNsgChNmWz+
cxongIU3oq6ROo+X4VbVHsvJnm+basC1/PikywZ7DQMoSDbaSw+HjN5AnMi9QYyT
D1Di3lt7zedMKd6WcWTLCLNShLMU84Or/zsucmSRSL5MSy+mdBiVWntTerWZbx+e
u87FvSWqv5cRK20avOP2MOLIU2BIvGW5J6Bw8fDtdNNBbvdPNpwqYZ3z/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGTvOuFEqZLlYhKoRMjOMcGDHFbMB8GA1UdIwQY
MBaAFF+4jZF4j+mSEInZticeIQ9/iRSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDdpTmtYaVA2WklRaWRtMkp4NGhEMy1KRktJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zZjdiY2QtYTdlYS00ZTEwLWJhMzQt
NGNlNGQ4ZmVhNmVmLzEvUVpPODY0VVNwa3VWaUVxaEV5TTR4d1lNY1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zZjdiY2QtYTdlYS00ZTEwLWJhMzQtNGNlNGQ4ZmVhNmVm
LzEvWDdpTmtYaVA2WklRaWRtMkp4NGhEMy1KRktJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTTIMA0G
CSqGSIb3DQEBCwUAA4IBAQCX5ixApPew47kIryNNC7KcqrbM7jX/o3dt7IQVQ2IE
BQuN8yF2T3skajr3fvFMh00Fr1ccj4FMxmSe74kkYCH/Kd+j/NgE36Ve2hbzF4lJ
Txt5Okr3ZHDcyNexo0+B8L/gGO4gpj7BsZg+ySsGljtb+EiQbsaeBjfFOx0D1AJb
ENyLp1sNndGyEAovMXG6juzCjNoiWAtDSmC+lVSvBafV4mA1iFeGokZy1EpaovFu
XW4xhdzbwK+idZ77TPXnJqS52AMTJZv2o6fz8NH4pdOIqvbXRkUQaUt1ObAlK9FR
A0EezZCkNHcD9JGjqQtFhudjfCjAuFlK7EPTExd3ewrM
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:16 2024 by rpki-client on console-fra.rpki-client.org