Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/qfjhK9dZ_Zh_DXzyoPY5cHnSp58.roa
File: qfjhK9dZ_Zh_DXzyoPY5cHnSp58.roa (raw, json)
Hash identifier: sytuqp/l9KD7TbltYGLQGtiXTvI9HR6Vq4IhpQFqz2I=
Subject key identifier: A9:F8:E1:2B:D7:59:FD:98:7F:0D:7C:F2:A0:F6:39:70:79:D2:A7:9F
Certificate issuer: /CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Certificate serial: 0186E24E998D35E08B4E5A4A7E64E7EAA482
Authority key identifier: DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/qfjhK9dZ_Zh_DXzyoPY5cHnSp58.roa
Signing time: Tue 14 Mar 2023 22:47:27 +0000
ROA not before: Tue 14 Mar 2023 22:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6507
IP address blocks: 185.40.64.0/22 maxlen: 22
2a04:82c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e2:4e:99:8d:35:e0:8b:4e:5a:4a:7e:64:e7:ea:a4:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120
Validity
Not Before: Mar 14 22:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9f8e12bd759fd987f0d7cf2a0f6397079d2a79f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7c:38:a0:46:d3:b8:d7:41:56:15:c8:af:3c:
d6:50:32:bc:e3:87:19:9b:f9:7c:1b:54:2a:81:84:
7c:6d:ab:0e:a6:2e:a7:16:38:80:14:b5:08:a7:eb:
b9:fe:ae:50:7b:69:8a:eb:8f:47:d3:dc:e0:ac:03:
f4:f4:a5:1f:5c:62:05:59:51:94:0b:d5:08:13:d3:
86:aa:47:01:20:0d:f4:a3:dd:99:44:8d:e2:98:89:
6c:28:8c:45:8b:f5:84:53:5e:76:d7:9b:8e:67:0a:
93:c8:d5:f3:fb:82:42:8a:ee:1c:c6:a4:24:34:b9:
cc:1e:4c:7e:9e:7e:a0:e3:23:31:2b:95:f4:12:06:
8c:a0:be:b4:5e:90:ba:02:2d:5b:f9:4e:3b:b9:f1:
d4:1d:be:b7:b0:83:e9:27:8b:66:1d:ae:17:46:6b:
a8:fd:90:ec:e6:5e:7c:9a:d9:0e:8c:8b:74:79:3b:
6d:9d:69:84:97:02:1c:e6:25:c4:fa:30:65:bd:5e:
e3:f1:27:46:25:9a:98:a3:74:79:45:57:47:de:1b:
c4:22:57:52:6e:70:40:e6:e4:2d:8f:7e:1a:05:91:
81:a5:4a:9c:11:10:e9:3f:5b:9c:cd:56:d2:51:a5:
4a:89:3c:de:91:0b:46:43:70:db:fd:19:c6:06:6e:
bc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F8:E1:2B:D7:59:FD:98:7F:0D:7C:F2:A0:F6:39:70:79:D2:A7:9F
X509v3 Authority Key Identifier:
keyid:DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/qfjhK9dZ_Zh_DXzyoPY5cHnSp58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.64.0/22
IPv6:
2a04:82c0::/29
Signature Algorithm: sha256WithRSAEncryption
05:d4:b9:7d:fd:a1:7b:b4:ef:70:3f:63:a2:00:7f:a7:16:cd:
82:e8:0e:83:0f:ef:f9:ad:6a:ee:ed:07:5a:f2:66:7d:dd:6b:
0a:03:20:ea:a0:ae:7a:1c:7d:07:69:21:6d:16:33:94:27:25:
b9:22:e6:26:4f:93:ab:9e:0b:a6:15:93:52:4b:e5:bc:b5:ac:
45:20:66:81:3d:88:d1:f4:4e:a6:a7:e9:43:38:56:17:ce:66:
23:1a:19:fc:3c:61:4b:65:88:ea:36:16:87:e5:f3:3a:1a:0b:
bc:48:fb:75:b2:f5:f6:5f:dd:e6:ae:3b:ef:38:2e:fb:5a:e1:
f7:a1:76:35:87:eb:95:6a:ee:9a:13:ec:8a:50:c6:7a:f5:4a:
18:ac:dd:a9:40:64:04:d7:00:51:76:67:1c:d8:07:4d:52:88:
52:9c:08:0c:2f:87:8e:80:91:cc:ea:c4:32:cc:7e:f3:fb:61:
d5:ea:3e:b6:35:a5:90:b0:0a:e2:3e:6e:15:93:de:90:62:d8:
cd:a5:97:1b:94:c9:e0:28:ee:ef:c0:7b:18:45:cf:b8:37:23:
d1:47:25:3a:72:e0:c1:f5:f5:cb:99:00:d1:0b:b0:bc:36:8c:
10:01:1c:2a:46:18:7c:f5:e8:31:ab:ad:5d:54:9f:bd:fd:d9:
d0:73:d8:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbiTpmNNeCLTlpKfmTn6qSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDVkZjZlNDA0ZWY5MjBlNmE1OTI4ZDg5NjNlNmE1Zjhk
NjExMjAwHhcNMjMwMzE0MjI0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY4ZTEyYmQ3NTlmZDk4N2YwZDdjZjJhMGY2Mzk3MDc5ZDJhNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3w4oEbTuNdBVhXIrzzWUDK844cZ
m/l8G1QqgYR8basOpi6nFjiAFLUIp+u5/q5Qe2mK649H09zgrAP09KUfXGIFWVGU
C9UIE9OGqkcBIA30o92ZRI3imIlsKIxFi/WEU15215uOZwqTyNXz+4JCiu4cxqQk
NLnMHkx+nn6g4yMxK5X0EgaMoL60XpC6Ai1b+U47ufHUHb63sIPpJ4tmHa4XRmuo
/ZDs5l58mtkOjIt0eTttnWmElwIc5iXE+jBlvV7j8SdGJZqYo3R5RVdH3hvEIldS
bnBA5uQtj34aBZGBpUqcERDpP1uczVbSUaVKiTzekQtGQ3Db/RnGBm681QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKn44SvXWf2Yfw188qD2OXB50qefMB8GA1UdIwQY
MBaAFNwF325ATvkg5qWSjYlj5qX41hEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQt
YmNlOTM0MjA1YWU4LzEvcWZqaEs5ZFpfWmhfRFh6eW9QWTVjSG5TcDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQtYmNlOTM0MjA1YWU4
LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuShAMA0E
AgACMAcDBQMqBILAMA0GCSqGSIb3DQEBCwUAA4IBAQAF1Ll9/aF7tO9wP2OiAH+n
Fs2C6A6DD+/5rWru7Qda8mZ93WsKAyDqoK56HH0HaSFtFjOUJyW5IuYmT5Orngum
FZNSS+W8taxFIGaBPYjR9E6mp+lDOFYXzmYjGhn8PGFLZYjqNhaH5fM6Ggu8SPt1
svX2X93mrjvvOC77WuH3oXY1h+uVau6aE+yKUMZ69UoYrN2pQGQE1wBRdmcc2AdN
UohSnAgML4eOgJHM6sQyzH7z+2HV6j62NaWQsAriPm4Vk96QYtjNpZcblMngKO7v
wHsYRc+4NyPRRyU6cuDB9fXLmQDRC7C8NowQARwqRhh89egxq61dVJ+9/dnQc9hA
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:20 2024 by rpki-client on console-fra.rpki-client.org