Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/QNgHWSbsrRqrsNoh7lFCpPTWi2k.roa
File: QNgHWSbsrRqrsNoh7lFCpPTWi2k.roa (raw, json)
Hash identifier: ypvX4F+9nqB4h/fNIHTrEcJS/S/OpQQuLmLoXZ+ZFEM=
Subject key identifier: 40:D8:07:59:26:EC:AD:1A:AB:B0:DA:21:EE:51:42:A4:F4:D6:8B:69
Certificate issuer: /CN=335ca521362226d03c1829003d81d498aa838f33
Certificate serial: 01856E4B028BBD448ED5A3AE3719041B3B15
Authority key identifier: 33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/QNgHWSbsrRqrsNoh7lFCpPTWi2k.roa
Signing time: Sun 01 Jan 2023 17:04:47 +0000
ROA not before: Sun 01 Jan 2023 17:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42442
IP address blocks: 185.186.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:4b:02:8b:bd:44:8e:d5:a3:ae:37:19:04:1b:3b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335ca521362226d03c1829003d81d498aa838f33
Validity
Not Before: Jan 1 17:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40d8075926ecad1aabb0da21ee5142a4f4d68b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1c:4b:25:c0:1a:1f:b3:5e:a3:ea:3b:a8:39:
d1:9a:e1:fe:33:a3:ce:dc:d5:ee:b9:83:f2:19:1d:
2b:5d:df:58:db:b7:16:fa:27:b5:d3:43:04:17:41:
59:82:5d:6e:e3:53:a5:03:05:b1:d0:10:14:9d:43:
9d:d6:38:3a:9b:ba:8e:af:e4:ac:9e:9d:b6:88:6c:
3b:9c:2f:96:95:5b:fa:f6:9a:58:14:f7:86:b7:1f:
a9:25:7f:02:f4:e0:1a:ec:46:6b:af:4a:06:27:da:
ff:dd:ca:6c:ce:ef:af:63:21:1d:ab:44:08:2c:0f:
31:66:55:73:70:60:4b:f6:9c:37:cb:38:3d:54:88:
ef:98:85:c9:c2:3d:1a:2a:d3:a8:3c:79:ae:98:cc:
2f:af:84:66:73:fb:b6:d4:88:79:7d:96:4d:4c:58:
9d:c6:48:bb:d3:1a:1c:b9:5c:d2:58:75:57:3c:95:
23:f8:4e:3b:4d:25:e9:bc:3a:11:f5:16:18:4d:93:
90:8a:e5:23:20:c0:57:4a:94:d9:3f:9c:f3:e4:f3:
96:0c:b2:f7:51:f4:63:c4:15:f2:51:73:52:c4:93:
8f:3a:c4:b4:8e:0a:36:99:0e:18:58:c1:57:29:21:
05:51:19:21:60:4d:6c:91:e3:08:42:b0:0d:2b:97:
a5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D8:07:59:26:EC:AD:1A:AB:B0:DA:21:EE:51:42:A4:F4:D6:8B:69
X509v3 Authority Key Identifier:
keyid:33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/QNgHWSbsrRqrsNoh7lFCpPTWi2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/M1ylITYiJtA8GCkAPYHUmKqDjzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.220.0/24
Signature Algorithm: sha256WithRSAEncryption
24:67:91:09:f7:86:d2:d4:d1:f0:79:84:5e:ec:c2:ef:50:aa:
40:fa:f6:b5:9c:20:ba:ae:8d:ec:d3:b9:31:e3:c5:96:86:29:
45:83:24:fd:66:17:6e:80:0e:71:96:e2:2d:d3:d8:ca:dd:d7:
34:bb:6b:82:9d:6f:28:81:bb:24:29:c5:d5:40:58:62:f7:6d:
34:4a:34:79:72:9b:f4:d0:fa:8a:4e:ad:d2:b9:29:08:6b:22:
90:b0:04:89:1c:5e:85:56:53:33:71:bc:13:31:4a:2a:ea:c3:
df:76:87:6f:2b:5f:a6:02:05:ed:59:22:f3:29:8f:c3:f4:b0:
ab:13:41:8f:b6:e5:b7:67:9c:6b:c9:08:42:d6:be:84:b9:31:
e7:2a:8c:71:f5:4e:c7:ae:3e:3c:35:ae:83:a2:ae:da:25:eb:
35:0c:5f:ec:2c:7c:2d:ce:32:91:90:65:4e:ba:45:9b:bd:07:
39:04:6b:9f:4f:99:d8:11:2b:5c:d5:5f:66:51:0c:07:fc:ee:
e4:b7:79:62:55:1c:5a:93:c2:f9:ff:8b:08:02:30:ce:ba:68:
6a:51:ee:dc:25:d9:33:b7:85:f5:dd:43:1e:ec:22:eb:d9:3c:
e1:02:41:a8:77:12:3b:3a:b0:01:b7:78:7a:f2:4b:74:d4:26:
75:51:9b:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuSwKLvUSO1aOuNxkEGzsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWNhNTIxMzYyMjI2ZDAzYzE4MjkwMDNkODFkNDk4YWE4
MzhmMzMwHhcNMjMwMTAxMTcwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ4MDc1OTI2ZWNhZDFhYWJiMGRhMjFlZTUxNDJhNGY0ZDY4YjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBxLJcAaH7Neo+o7qDnRmuH+M6PO
3NXuuYPyGR0rXd9Y27cW+ie100MEF0FZgl1u41OlAwWx0BAUnUOd1jg6m7qOr+Ss
np22iGw7nC+WlVv69ppYFPeGtx+pJX8C9OAa7EZrr0oGJ9r/3cpszu+vYyEdq0QI
LA8xZlVzcGBL9pw3yzg9VIjvmIXJwj0aKtOoPHmumMwvr4Rmc/u21Ih5fZZNTFid
xki70xocuVzSWHVXPJUj+E47TSXpvDoR9RYYTZOQiuUjIMBXSpTZP5zz5POWDLL3
UfRjxBXyUXNSxJOPOsS0jgo2mQ4YWMFXKSEFURkhYE1skeMIQrANK5elIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDYB1km7K0aq7DaIe5RQqT01otpMB8GA1UdIwQY
MBaAFDNcpSE2IibQPBgpAD2B1Jiqg48zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgt
OTc0YzQ0YWI5Y2ZiLzEvUU5nSFdTYnNyUnFyc05vaDdsRkNwUFRXaTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgtOTc0YzQ0YWI5Y2Zi
LzEvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubrcMA0G
CSqGSIb3DQEBCwUAA4IBAQAkZ5EJ94bS1NHweYRe7MLvUKpA+va1nCC6ro3s07kx
48WWhilFgyT9ZhdugA5xluIt09jK3dc0u2uCnW8ogbskKcXVQFhi9200SjR5cpv0
0PqKTq3SuSkIayKQsASJHF6FVlMzcbwTMUoq6sPfdodvK1+mAgXtWSLzKY/D9LCr
E0GPtuW3Z5xryQhC1r6EuTHnKoxx9U7Hrj48Na6Doq7aJes1DF/sLHwtzjKRkGVO
ukWbvQc5BGufT5nYEStc1V9mUQwH/O7kt3liVRxak8L5/4sIAjDOumhqUe7cJdkz
t4X13UMe7CLr2TzhAkGodxI7OrABt3h68kt01CZ1UZue
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org