Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/qHaKGXbKO_x0EFxXh1EHgDx3EHQ.roa
File: qHaKGXbKO_x0EFxXh1EHgDx3EHQ.roa (raw, json)
Hash identifier: Gc5axtp+qhKoWYJMBNc+FtAc1iCL4pF1bwdR7yfUw8Y=
Subject key identifier: A8:76:8A:19:76:CA:3B:FC:74:10:5C:57:87:51:07:80:3C:77:10:74
Certificate issuer: /CN=f19a5d5cb7949ce1bd209dc213993520e02d1085
Certificate serial: 018572A7FB9CD3425A7B8BA61B8904B668D2
Authority key identifier: F1:9A:5D:5C:B7:94:9C:E1:BD:20:9D:C2:13:99:35:20:E0:2D:10:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/qHaKGXbKO_x0EFxXh1EHgDx3EHQ.roa
Signing time: Mon 02 Jan 2023 13:24:49 +0000
ROA not before: Mon 02 Jan 2023 13:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61211
IP address blocks: 185.15.28.0/22 maxlen: 24
185.62.72.0/22 maxlen: 24
185.203.16.0/22 maxlen: 24
2a03:bb40::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:fb:9c:d3:42:5a:7b:8b:a6:1b:89:04:b6:68:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f19a5d5cb7949ce1bd209dc213993520e02d1085
Validity
Not Before: Jan 2 13:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8768a1976ca3bfc74105c57875107803c771074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:99:e3:10:a7:4b:48:da:26:dd:42:d5:c3:25:
d2:84:b1:8c:4b:d1:eb:fa:66:6b:d3:41:13:0f:20:
20:38:9c:ba:c8:98:17:56:44:9c:43:b1:b0:95:f3:
e9:b3:75:66:5e:e5:6a:84:72:b3:ac:2d:13:7b:dc:
8e:38:c8:84:83:4b:03:6a:72:b1:71:3e:8e:a8:34:
52:ca:01:12:32:56:86:65:17:26:31:b7:00:79:bd:
5f:4f:dc:a8:1f:4f:15:c7:a4:50:a7:c9:c5:4c:4f:
47:d0:e7:85:4c:70:1b:6b:1a:c5:4a:b6:6b:87:a4:
8d:5b:30:76:95:7b:bb:f1:e0:84:af:8a:64:52:42:
51:8f:54:77:4c:bb:7a:91:55:19:e9:db:14:ca:6d:
90:7f:ac:23:1e:47:42:b4:d7:86:29:4d:6e:dc:8e:
e2:38:ec:61:1a:cf:25:26:f1:9d:4a:a4:63:a0:37:
af:60:3b:91:76:7b:7e:05:8d:17:79:9b:6c:b5:3c:
cc:94:1a:55:20:d6:56:a0:c4:17:9c:21:17:50:1b:
c4:56:84:02:ac:cf:2a:14:d8:06:fd:ac:25:6f:47:
33:4b:ac:c0:ee:38:af:f8:d9:cf:90:dd:56:86:71:
90:c1:98:5a:92:36:f7:7f:52:8e:8f:83:9d:d3:f6:
49:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:76:8A:19:76:CA:3B:FC:74:10:5C:57:87:51:07:80:3C:77:10:74
X509v3 Authority Key Identifier:
keyid:F1:9A:5D:5C:B7:94:9C:E1:BD:20:9D:C2:13:99:35:20:E0:2D:10:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/qHaKGXbKO_x0EFxXh1EHgDx3EHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/309bfd-cbe7-4144-a630-2f80a0a0206a/1/8ZpdXLeUnOG9IJ3CE5k1IOAtEIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.28.0/22
185.62.72.0/22
185.203.16.0/22
IPv6:
2a03:bb40::/32
Signature Algorithm: sha256WithRSAEncryption
03:28:dc:ef:6d:f6:a3:4a:4c:bb:27:c9:13:76:c8:ab:10:dd:
42:b3:8d:53:1e:0c:ac:d0:73:fc:8f:73:0a:39:eb:2f:d4:e0:
70:ce:bf:5b:f4:0f:3f:78:54:0f:60:10:d5:b9:85:40:25:1a:
28:98:62:1c:37:fa:9b:44:9f:b6:b3:40:fd:19:b1:64:02:c8:
0e:c3:75:a8:34:3b:fd:85:59:6f:ae:37:e5:16:8b:fb:5c:5c:
57:24:93:ec:28:8d:af:17:66:1a:d0:70:93:4d:e2:72:d0:ee:
01:47:1a:2b:4a:84:16:18:98:e2:80:a1:6b:b9:db:6b:3e:f5:
b8:88:d0:8b:37:62:72:13:53:d2:c8:8f:45:42:a7:d0:41:de:
26:87:38:f3:f7:c0:53:da:32:20:bf:1a:fd:c1:18:c5:a8:a0:
3f:83:51:d4:03:ff:98:5d:d5:fc:33:d7:79:60:c6:d5:a0:f2:
69:43:4c:bd:99:1b:0d:ed:35:a6:72:d7:71:c3:b6:90:7b:fd:
a1:dc:dc:e9:c3:be:f1:06:bb:18:54:12:54:f2:96:1b:d2:c7:
19:b7:dc:e0:fb:c8:5f:8b:02:11:ad:bc:e5:2b:c5:67:63:bf:
34:82:99:28:58:3c:06:a1:1a:77:ed:e0:22:0c:b2:df:1e:e4:
04:9a:76:80
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyp/uc00Jae4umG4kEtmjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxOWE1ZDVjYjc5NDljZTFiZDIwOWRjMjEzOTkzNTIwZTAy
ZDEwODUwHhcNMjMwMTAyMTMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODc2OGExOTc2Y2EzYmZjNzQxMDVjNTc4NzUxMDc4MDNjNzcxMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJnjEKdLSNom3ULVwyXShLGMS9Hr
+mZr00ETDyAgOJy6yJgXVkScQ7GwlfPps3VmXuVqhHKzrC0Te9yOOMiEg0sDanKx
cT6OqDRSygESMlaGZRcmMbcAeb1fT9yoH08Vx6RQp8nFTE9H0OeFTHAbaxrFSrZr
h6SNWzB2lXu78eCEr4pkUkJRj1R3TLt6kVUZ6dsUym2Qf6wjHkdCtNeGKU1u3I7i
OOxhGs8lJvGdSqRjoDevYDuRdnt+BY0XeZtstTzMlBpVINZWoMQXnCEXUBvEVoQC
rM8qFNgG/awlb0czS6zA7jiv+NnPkN1WhnGQwZhakjb3f1KOj4Od0/ZJ6wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKh2ihl2yjv8dBBcV4dRB4A8dxB0MB8GA1UdIwQY
MBaAFPGaXVy3lJzhvSCdwhOZNSDgLRCFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFpwZFhMZVVuT0c5SUozQ0U1azFJT0F0RUlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zMDliZmQtY2JlNy00MTQ0LWE2MzAt
MmY4MGEwYTAyMDZhLzEvcUhhS0dYYktPX3gwRUZ4WGgxRUhnRHgzRUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zMDliZmQtY2JlNy00MTQ0LWE2MzAtMmY4MGEwYTAyMDZh
LzEvOFpwZFhMZVVuT0c5SUozQ0U1azFJT0F0RUlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQ8cAwQC
uT5IAwQCucsQMA0EAgACMAcDBQAqA7tAMA0GCSqGSIb3DQEBCwUAA4IBAQADKNzv
bfajSky7J8kTdsirEN1Cs41THgys0HP8j3MKOesv1OBwzr9b9A8/eFQPYBDVuYVA
JRoomGIcN/qbRJ+2s0D9GbFkAsgOw3WoNDv9hVlvrjflFov7XFxXJJPsKI2vF2Ya
0HCTTeJy0O4BRxorSoQWGJjigKFrudtrPvW4iNCLN2JyE1PSyI9FQqfQQd4mhzjz
98BT2jIgvxr9wRjFqKA/g1HUA/+YXdX8M9d5YMbVoPJpQ0y9mRsN7TWmctdxw7aQ
e/2h3Nzpw77xBrsYVBJU8pYb0scZt9zg+8hfiwIRrbzlK8VnY780gpkoWDwGoRp3
7eAiDLLfHuQEmnaA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:44 2023 by rpki-client on console-ams.rpki-client.org