Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/kqHWQZw5_CX5llLjOY4oGaSi-4s.roa
File: kqHWQZw5_CX5llLjOY4oGaSi-4s.roa (raw, json)
Hash identifier: D0upnb9zxIhEyGoi1P8TFbPZUQ5Fi24840SudM+uSJM=
Subject key identifier: 92:A1:D6:41:9C:39:FC:25:F9:96:52:E3:39:8E:28:19:A4:A2:FB:8B
Certificate issuer: /CN=27b24fd66efe6dc5c3aab2e2e651a4e207fe62e7
Certificate serial: 01856B256BBAC5A11A6A4A38E0CA732D6921
Authority key identifier: 27:B2:4F:D6:6E:FE:6D:C5:C3:AA:B2:E2:E6:51:A4:E2:07:FE:62:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/kqHWQZw5_CX5llLjOY4oGaSi-4s.roa
Signing time: Sun 01 Jan 2023 02:24:52 +0000
ROA not before: Sun 01 Jan 2023 02:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61073
IP address blocks: 185.51.123.0/24 maxlen: 24
2a04:1680::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:6b:ba:c5:a1:1a:6a:4a:38:e0:ca:73:2d:69:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27b24fd66efe6dc5c3aab2e2e651a4e207fe62e7
Validity
Not Before: Jan 1 02:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92a1d6419c39fc25f99652e3398e2819a4a2fb8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:40:87:1a:e2:8e:b1:63:75:0d:35:40:a5:c4:
37:e9:73:32:db:61:80:70:65:64:e4:a5:07:e0:38:
33:10:a5:e9:74:57:a5:7f:38:ed:c8:45:a4:86:11:
87:b9:74:8c:5c:94:94:b2:2b:81:12:db:f6:c2:61:
51:11:10:81:d0:ce:da:d9:ce:b9:e6:60:2a:cf:77:
5b:70:46:e9:3b:b3:ea:44:22:f5:a2:9d:9c:8b:02:
f0:af:c4:4d:d3:00:13:52:f6:e3:67:fb:88:bb:ed:
f4:7d:b8:5f:13:76:ff:5d:ea:3a:05:8d:a2:6a:67:
3a:07:09:7c:fb:d8:3f:bc:ee:40:a7:ac:ec:72:d0:
5b:8c:2b:28:90:dd:53:f3:81:c0:53:55:0c:fa:50:
d1:21:75:d3:55:2b:c8:66:64:49:7e:a0:e7:a4:ca:
38:84:fd:01:a0:6d:ad:1f:22:99:23:2f:0c:6d:21:
0f:53:df:3a:40:f6:5e:27:8a:f3:22:20:43:ec:72:
f8:7e:03:d6:1c:c4:d4:bb:21:44:be:b3:6b:10:36:
7f:19:0c:94:8c:f6:26:75:60:d8:1f:0f:a0:73:a7:
cd:9a:81:ed:cd:55:be:29:7d:93:40:ba:68:85:36:
e0:7d:44:0f:b2:e1:3e:b8:72:cd:bd:72:db:5f:5c:
f6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A1:D6:41:9C:39:FC:25:F9:96:52:E3:39:8E:28:19:A4:A2:FB:8B
X509v3 Authority Key Identifier:
keyid:27:B2:4F:D6:6E:FE:6D:C5:C3:AA:B2:E2:E6:51:A4:E2:07:FE:62:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/kqHWQZw5_CX5llLjOY4oGaSi-4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/bb01ce-b9b0-4b15-9400-394f50d4ba38/1/J7JP1m7-bcXDqrLi5lGk4gf-Yuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.123.0/24
IPv6:
2a04:1680::/29
Signature Algorithm: sha256WithRSAEncryption
9f:4d:d5:59:0c:65:05:5e:ed:24:a2:15:fa:ca:e6:43:ac:03:
f1:e6:53:1b:0d:24:4b:27:0e:6f:98:79:6f:b0:18:ab:4f:09:
8e:23:83:62:af:b6:f8:15:ee:6b:75:f2:b3:80:8e:12:66:a2:
fe:90:16:6c:19:f2:b0:6a:03:76:8f:2d:1a:ec:fa:d8:77:38:
76:4e:28:e6:1d:a5:aa:b0:2a:be:bc:b6:40:66:5c:96:63:1e:
b7:4b:ff:c3:56:4b:6c:fc:54:4e:3b:2a:6e:f6:5d:6c:63:e0:
b3:a2:0e:4f:25:5a:c0:45:2a:89:40:df:20:3a:fd:96:d4:8e:
d6:a4:98:52:ba:1c:d4:d5:56:f9:e6:a0:38:7f:96:74:bb:82:
ee:e0:25:63:05:79:fc:44:bb:ea:02:29:c1:d9:2e:39:5d:19:
1e:33:e7:e5:17:ab:57:c0:38:e2:81:25:30:9d:f3:05:7b:0c:
b3:8d:37:ba:f0:23:7d:19:64:4f:19:f7:ee:eb:01:30:8e:0a:
1c:ce:c8:93:fa:9c:64:b0:ba:3e:63:53:56:8b:78:d1:36:43:
2c:e6:f4:61:e6:ab:89:71:e6:b0:49:06:31:42:da:93:27:92:
d4:0b:16:bb:e3:8c:51:9f:8d:8f:b0:2a:13:5c:4e:55:41:ab:
c1:73:20:3b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrJWu6xaEaako44MpzLWkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YjI0ZmQ2NmVmZTZkYzVjM2FhYjJlMmU2NTFhNGUyMDdm
ZTYyZTcwHhcNMjMwMTAxMDIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmExZDY0MTljMzlmYzI1Zjk5NjUyZTMzOThlMjgxOWE0YTJmYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoECHGuKOsWN1DTVApcQ36XMy22GA
cGVk5KUH4DgzEKXpdFelfzjtyEWkhhGHuXSMXJSUsiuBEtv2wmFRERCB0M7a2c65
5mAqz3dbcEbpO7PqRCL1op2ciwLwr8RN0wATUvbjZ/uIu+30fbhfE3b/Xeo6BY2i
amc6Bwl8+9g/vO5Ap6zsctBbjCsokN1T84HAU1UM+lDRIXXTVSvIZmRJfqDnpMo4
hP0BoG2tHyKZIy8MbSEPU986QPZeJ4rzIiBD7HL4fgPWHMTUuyFEvrNrEDZ/GQyU
jPYmdWDYHw+gc6fNmoHtzVW+KX2TQLpohTbgfUQPsuE+uHLNvXLbX1z2mwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJKh1kGcOfwl+ZZS4zmOKBmkovuLMB8GA1UdIwQY
MBaAFCeyT9Zu/m3Fw6qy4uZRpOIH/mLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjdKUDFtNy1iY1hEcXJMaTVsR2s0Z2YtWXVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9iYjAxY2UtYjliMC00YjE1LTk0MDAt
Mzk0ZjUwZDRiYTM4LzEva3FIV1FadzVfQ1g1bGxMak9ZNG9HYVNpLTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9iYjAxY2UtYjliMC00YjE1LTk0MDAtMzk0ZjUwZDRiYTM4
LzEvSjdKUDFtNy1iY1hEcXJMaTVsR2s0Z2YtWXVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTN7MA0E
AgACMAcDBQMqBBaAMA0GCSqGSIb3DQEBCwUAA4IBAQCfTdVZDGUFXu0kohX6yuZD
rAPx5lMbDSRLJw5vmHlvsBirTwmOI4Nir7b4Fe5rdfKzgI4SZqL+kBZsGfKwagN2
jy0a7PrYdzh2TijmHaWqsCq+vLZAZlyWYx63S//DVkts/FROOypu9l1sY+Czog5P
JVrARSqJQN8gOv2W1I7WpJhSuhzU1Vb55qA4f5Z0u4Lu4CVjBXn8RLvqAinB2S45
XRkeM+flF6tXwDjigSUwnfMFewyzjTe68CN9GWRPGffu6wEwjgoczsiT+pxksLo+
Y1NWi3jRNkMs5vRh5quJceawSQYxQtqTJ5LUCxa744xRn42PsCoTXE5VQavBcyA7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:09 2023 by rpki-client on console-fra.rpki-client.org