Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/4437d6-22d8-401b-8137-10bf77b20dac/1/qKsfyBOAJYkaJs-9h3fDaGeCuxM.roa
File: qKsfyBOAJYkaJs-9h3fDaGeCuxM.roa (raw, json)
Hash identifier: UwOHbBhb6DCZF19qfFrHscixCWivDeDYGL/uBtOBaX8=
Subject key identifier: A8:AB:1F:C8:13:80:25:89:1A:26:CF:BD:87:77:C3:68:67:82:BB:13
Certificate issuer: /CN=266f31ad1701dfca21bbf4a65e07f25c1cf2b2c8
Certificate serial: 018BC787A3EDB14311571CA714DA1B763169
Authority key identifier: 26:6F:31:AD:17:01:DF:CA:21:BB:F4:A6:5E:07:F2:5C:1C:F2:B2:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jm8xrRcB38ohu_SmXgfyXBzyssg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/4437d6-22d8-401b-8137-10bf77b20dac/1/qKsfyBOAJYkaJs-9h3fDaGeCuxM.roa
Signing time: Mon 13 Nov 2023 07:13:57 +0000
ROA not before: Mon 13 Nov 2023 07:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25094
IP address blocks: 185.106.24.0/22 maxlen: 24
148.110.0.0/16 maxlen: 16
2a00:18e8::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:87:a3:ed:b1:43:11:57:1c:a7:14:da:1b:76:31:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=266f31ad1701dfca21bbf4a65e07f25c1cf2b2c8
Validity
Not Before: Nov 13 07:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8ab1fc8138025891a26cfbd8777c3686782bb13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:f3:07:d8:5a:cb:93:51:3c:27:53:44:d4:08:
09:08:06:ce:ed:36:bf:ad:7d:98:c9:30:af:f6:ce:
48:8b:3e:03:44:01:ba:36:e6:48:b4:bf:e7:10:39:
76:19:a3:d4:d4:07:f2:5a:6a:9a:5f:3f:ac:15:75:
5c:27:c7:20:ca:bf:25:17:ae:7e:99:da:cd:cd:76:
d0:8e:48:0a:2f:db:f7:75:9d:24:a8:8a:00:1a:a9:
b7:a8:89:c2:c5:54:5a:ab:8e:85:56:7a:b1:9c:4a:
10:3f:d9:4e:e9:ee:1a:b9:32:78:2a:ea:52:4f:67:
31:33:a7:83:85:7f:d3:df:84:f0:1a:9f:ec:f2:c7:
5c:3c:5b:be:b5:c0:2e:7f:98:8e:b9:c7:18:f6:8c:
b8:70:91:e1:7a:db:9e:c2:57:4e:30:27:ec:f4:4a:
b7:6d:d5:fb:fe:27:11:70:4c:59:4a:be:0f:6e:0d:
89:18:9c:fe:99:eb:bc:59:fd:fe:ff:6c:07:ed:6f:
88:a9:8d:1c:b2:0c:68:1a:da:61:bd:23:2e:f7:a4:
08:42:18:97:8b:b9:81:7a:51:bf:a9:9e:14:0a:f1:
19:4d:0a:60:d0:5a:fb:78:27:07:34:65:81:38:48:
d0:30:e5:a6:59:ee:54:85:46:04:1a:5e:38:f2:d0:
1c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AB:1F:C8:13:80:25:89:1A:26:CF:BD:87:77:C3:68:67:82:BB:13
X509v3 Authority Key Identifier:
keyid:26:6F:31:AD:17:01:DF:CA:21:BB:F4:A6:5E:07:F2:5C:1C:F2:B2:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jm8xrRcB38ohu_SmXgfyXBzyssg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/4437d6-22d8-401b-8137-10bf77b20dac/1/qKsfyBOAJYkaJs-9h3fDaGeCuxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/4437d6-22d8-401b-8137-10bf77b20dac/1/Jm8xrRcB38ohu_SmXgfyXBzyssg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.110.0.0/16
185.106.24.0/22
IPv6:
2a00:18e8::/29
Signature Algorithm: sha256WithRSAEncryption
47:4d:ea:ea:e8:71:84:13:60:ac:de:28:d6:78:cc:40:79:df:
b7:e0:f9:5a:42:83:1d:05:35:b7:50:05:65:d7:ab:44:17:15:
dc:aa:97:1c:8f:bc:ae:c9:7d:b6:fa:bc:45:eb:df:d9:af:b1:
f0:cb:ee:80:76:1d:03:e9:dd:dd:d1:ea:0c:0d:80:aa:9f:ff:
8c:45:c3:be:6b:1f:55:f3:a1:34:5e:b3:f6:9e:30:ba:30:76:
f0:26:d9:37:68:88:ea:bb:3b:49:ac:f1:82:51:8d:66:26:13:
1d:3d:01:6d:e4:ff:c4:f8:b7:70:d8:3a:f4:f8:6f:a2:2a:9b:
35:df:c5:0e:3a:58:62:f8:94:38:ec:08:85:61:14:60:36:9c:
35:3d:83:1a:84:fe:07:40:e2:16:94:2d:fb:97:cc:85:7a:b3:
5d:28:3c:91:86:0d:70:b7:d3:90:29:0b:2d:39:49:ab:8f:33:
f9:f2:eb:f2:62:d7:da:e3:74:2e:ef:7e:7e:da:64:e0:87:ec:
20:00:73:1d:4d:d8:b3:db:39:3d:46:25:d3:a9:47:ad:b3:2c:
95:5d:f4:7a:38:09:da:0a:4f:45:2c:e3:69:d3:7f:c8:ca:b9:
c0:02:71:39:af:55:76:d3:db:e6:f7:a3:60:5c:f1:b1:62:6d:
7b:4c:b8:3b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYvHh6PtsUMRVxynFNobdjFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NmYzMWFkMTcwMWRmY2EyMWJiZjRhNjVlMDdmMjVjMWNm
MmIyYzgwHhcNMjMxMTEzMDcxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFiMWZjODEzODAyNTg5MWEyNmNmYmQ4Nzc3YzM2ODY3ODJiYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vMH2FrLk1E8J1NE1AgJCAbO7Ta/
rX2YyTCv9s5Iiz4DRAG6NuZItL/nEDl2GaPU1AfyWmqaXz+sFXVcJ8cgyr8lF65+
mdrNzXbQjkgKL9v3dZ0kqIoAGqm3qInCxVRaq46FVnqxnEoQP9lO6e4auTJ4KupS
T2cxM6eDhX/T34TwGp/s8sdcPFu+tcAuf5iOuccY9oy4cJHhetuewldOMCfs9Eq3
bdX7/icRcExZSr4Pbg2JGJz+meu8Wf3+/2wH7W+IqY0csgxoGtphvSMu96QIQhiX
i7mBelG/qZ4UCvEZTQpg0Fr7eCcHNGWBOEjQMOWmWe5UhUYEGl448tAccwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKirH8gTgCWJGibPvYd3w2hngrsTMB8GA1UdIwQY
MBaAFCZvMa0XAd/KIbv0pl4H8lwc8rLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm04eHJSY0IzOG9odV9TbVhnZnlYQnp5c3NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80NDM3ZDYtMjJkOC00MDFiLTgxMzct
MTBiZjc3YjIwZGFjLzEvcUtzZnlCT0FKWWthSnMtOWgzZkRhR2VDdXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi80NDM3ZDYtMjJkOC00MDFiLTgxMzctMTBiZjc3YjIwZGFj
LzEvSm04eHJSY0IzOG9odV9TbVhnZnlYQnp5c3NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAlG4DBAK5
ahgwDQQCAAIwBwMFAyoAGOgwDQYJKoZIhvcNAQELBQADggEBAEdN6urocYQTYKze
KNZ4zEB537fg+VpCgx0FNbdQBWXXq0QXFdyqlxyPvK7Jfbb6vEXr39mvsfDL7oB2
HQPp3d3R6gwNgKqf/4xFw75rH1XzoTRes/aeMLowdvAm2TdoiOq7O0ms8YJRjWYm
Ex09AW3k/8T4t3DYOvT4b6IqmzXfxQ46WGL4lDjsCIVhFGA2nDU9gxqE/gdA4haU
LfuXzIV6s10oPJGGDXC305ApCy05SauPM/ny6/Ji19rjdC7vfn7aZOCH7CAAcx1N
2LPbOT1GJdOpR62zLJVd9Ho4CdoKT0Us42nTf8jKucACcTmvVXbT2+b3o2Bc8bFi
bXtMuDs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:59 2024 by rpki-client on console-ams.rpki-client.org