Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/QoIqe3v9jPC0-xDmGSOyeCXjMlk.roa
File: QoIqe3v9jPC0-xDmGSOyeCXjMlk.roa (raw, json)
Hash identifier: PdGoLmztCnK+ChdtSAAoqpYHh93hI82QA19pCaQoQTA=
Subject key identifier: 42:82:2A:7B:7B:FD:8C:F0:B4:FB:10:E6:19:23:B2:78:25:E3:32:59
Certificate issuer: /CN=c784128505f7f99c7570442980adeb8af90cc270
Certificate serial: 01856DA65268BE3E194C3D00391C23B85564
Authority key identifier: C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/QoIqe3v9jPC0-xDmGSOyeCXjMlk.roa
Signing time: Sun 01 Jan 2023 14:04:54 +0000
ROA not before: Sun 01 Jan 2023 14:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205184
IP address blocks: 185.151.204.0/24 maxlen: 24
185.230.36.0/23 maxlen: 23
185.230.38.0/24 maxlen: 24
23.19.48.0/22 maxlen: 22
185.84.200.0/23 maxlen: 23
2a0b:14c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:52:68:be:3e:19:4c:3d:00:39:1c:23:b8:55:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c784128505f7f99c7570442980adeb8af90cc270
Validity
Not Before: Jan 1 14:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42822a7b7bfd8cf0b4fb10e61923b27825e33259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c6:6c:00:f4:61:e6:ed:d0:52:ad:f0:3d:e5:
4a:4a:c0:f4:47:8c:92:7f:19:0d:20:df:f9:bd:81:
58:06:44:df:64:8b:f5:e3:46:f7:15:b7:f1:b9:00:
d5:27:64:91:69:5f:41:46:2b:ac:61:98:23:50:7d:
dd:98:53:4e:5d:7e:d5:f5:54:42:47:39:46:cc:52:
ee:84:d5:43:7a:53:9a:2a:52:c8:f7:48:0b:c1:28:
96:48:90:46:f0:a9:bd:07:33:39:cc:03:dd:7c:30:
f5:99:cf:1b:7f:f3:ad:8d:95:b7:6e:35:7a:ac:fc:
80:fd:9c:45:22:74:e8:a2:7f:af:51:2f:14:ea:34:
61:9a:13:0b:e5:5b:8d:4f:54:75:c8:56:d0:5b:5b:
42:45:a4:6c:55:d2:f0:43:ee:05:9c:a5:00:3b:f9:
1f:52:4e:b1:91:b2:7f:a5:da:b5:01:93:da:43:88:
02:c7:36:c4:86:d5:c0:a7:8c:27:67:30:68:13:50:
e4:b1:b4:e1:ad:89:c9:98:28:04:eb:28:36:ec:99:
14:05:11:aa:76:16:b0:08:34:b3:d6:1f:4e:94:7a:
fb:80:ae:40:2b:37:dd:56:74:e9:53:e8:cb:b4:c4:
51:0b:84:e7:88:4e:01:76:c6:02:ef:b6:1a:d1:13:
19:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:82:2A:7B:7B:FD:8C:F0:B4:FB:10:E6:19:23:B2:78:25:E3:32:59
X509v3 Authority Key Identifier:
keyid:C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/QoIqe3v9jPC0-xDmGSOyeCXjMlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.19.48.0/22
185.84.200.0/23
185.151.204.0/24
185.230.36.0-185.230.38.255
IPv6:
2a0b:14c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
07:37:ee:09:ad:08:0f:87:8d:73:20:5a:89:a4:b8:bc:42:ac:
0c:a3:2f:2c:e2:54:dd:d4:c8:58:39:e9:35:55:fb:54:07:cc:
5b:19:b7:14:cc:5e:1f:9d:dc:c1:b1:ca:53:0a:90:05:17:2f:
6e:9d:98:a8:b9:34:9b:54:b0:e6:b1:70:1d:3b:8a:1d:66:c1:
f9:6f:76:6b:83:77:10:40:08:b1:45:5e:97:6c:05:94:52:9e:
46:16:99:0e:96:59:43:e3:42:a6:86:29:79:cd:b1:de:ed:07:
f3:04:c3:59:a6:fa:00:df:83:70:db:f4:9f:d9:b5:30:59:ec:
b5:5b:9e:52:e8:4e:c9:65:c3:03:45:54:e1:32:fb:6c:3b:5d:
92:0a:f9:a0:9f:a5:e2:fe:43:c1:58:56:e9:33:42:99:5d:99:
6c:6b:ba:62:e4:24:bd:29:71:c3:dc:ac:e0:e2:e6:f7:d3:40:
7b:ec:97:0e:d7:3d:a3:2d:49:f0:6a:9d:db:04:30:0f:bc:17:
fe:82:90:3c:2b:56:30:f9:3f:73:ac:95:ad:c4:d3:bb:6c:f1:
30:67:55:53:57:2d:8f:ea:37:6b:43:d2:ec:2e:c0:38:a5:dd:
63:7e:36:e5:bb:b5:60:33:40:1d:7c:47:9e:c8:7a:5e:55:b4:
5e:b5:5e:55
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVtplJovj4ZTD0AORwjuFVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ODQxMjg1MDVmN2Y5OWM3NTcwNDQyOTgwYWRlYjhhZjkw
Y2MyNzAwHhcNMjMwMTAxMTQwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjgyMmE3YjdiZmQ4Y2YwYjRmYjEwZTYxOTIzYjI3ODI1ZTMzMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMZsAPRh5u3QUq3wPeVKSsD0R4yS
fxkNIN/5vYFYBkTfZIv140b3FbfxuQDVJ2SRaV9BRiusYZgjUH3dmFNOXX7V9VRC
RzlGzFLuhNVDelOaKlLI90gLwSiWSJBG8Km9BzM5zAPdfDD1mc8bf/OtjZW3bjV6
rPyA/ZxFInToon+vUS8U6jRhmhML5VuNT1R1yFbQW1tCRaRsVdLwQ+4FnKUAO/kf
Uk6xkbJ/pdq1AZPaQ4gCxzbEhtXAp4wnZzBoE1DksbThrYnJmCgE6yg27JkUBRGq
dhawCDSz1h9OlHr7gK5AKzfdVnTpU+jLtMRRC4TniE4BdsYC77Ya0RMZUQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFEKCKnt7/YzwtPsQ5hkjsngl4zJZMB8GA1UdIwQY
MBaAFMeEEoUF9/mcdXBEKYCt64r5DMJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQt
NmMxYjQ0NzFmN2VlLzEvUW9JcWUzdjlqUEMwLXhEbUdTT3llQ1hqTWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQtNmMxYjQ0NzFmN2Vl
LzEveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQCFxMwAwQB
uVTIAwQAuZfMMAwDBAK55iQDBAC55iYwDwQCAAIwCQMHACoLFMAAATANBgkqhkiG
9w0BAQsFAAOCAQEABzfuCa0ID4eNcyBaiaS4vEKsDKMvLOJU3dTIWDnpNVX7VAfM
Wxm3FMxeH53cwbHKUwqQBRcvbp2YqLk0m1Sw5rFwHTuKHWbB+W92a4N3EEAIsUVe
l2wFlFKeRhaZDpZZQ+NCpoYpec2x3u0H8wTDWab6AN+DcNv0n9m1MFnstVueUuhO
yWXDA0VU4TL7bDtdkgr5oJ+l4v5DwVhW6TNCmV2ZbGu6YuQkvSlxw9ys4OLm99NA
e+yXDtc9oy1J8Gqd2wQwD7wX/oKQPCtWMPk/c6yVrcTTu2zxMGdVU1ctj+o3a0PS
7C7AOKXdY3425bu1YDNAHXxHnsh6XlW0XrVeVQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:59 2024 by rpki-client on console-ams.rpki-client.org