Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/qOh6-63OqKNvkoz95fVhqIPU16o.roa
File: qOh6-63OqKNvkoz95fVhqIPU16o.roa (raw, json)
Hash identifier: RA78AzhisHTNwdeMT3Mx+UR48OBJOZW0g8nspq9y/Gc=
Subject key identifier: A8:E8:7A:FB:AD:CE:A8:A3:6F:92:8C:FD:E5:F5:61:A8:83:D4:D7:AA
Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial: 019251A82D549BF2D1F33F1B7B8DE8806FED
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/qOh6-63OqKNvkoz95fVhqIPU16o.roa
Signing time: Thu 03 Oct 2024 09:13:48 +0000
ROA not before: Thu 03 Oct 2024 09:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214096
IP address blocks: 185.192.218.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 09 Oct 2024 16:34:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:a8:2d:54:9b:f2:d1:f3:3f:1b:7b:8d:e8:80:6f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
Validity
Not Before: Oct 3 09:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e87afbadcea8a36f928cfde5f561a883d4d7aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:69:00:56:e3:4a:e4:6c:2f:29:fa:30:17:73:
5a:8e:d1:d4:2c:d8:a8:58:ab:5e:2f:82:8e:3c:93:
fb:1c:a4:9a:a3:a1:ae:5b:b9:7d:dd:f1:db:40:66:
ea:db:6b:05:13:ac:05:9d:24:58:c4:37:3b:69:57:
00:c1:33:49:2b:ab:e8:98:42:c9:fa:eb:20:be:51:
76:3c:ac:91:e5:01:37:09:44:b9:63:45:8e:e2:50:
8d:30:d2:02:56:4b:53:06:56:1f:9f:6c:dc:78:b3:
c7:c9:4f:4a:dc:93:6d:87:50:bc:6d:ac:64:54:1d:
a7:ca:0c:b9:e0:40:fd:15:9f:ba:cf:ff:04:55:87:
bd:04:d6:34:2a:0e:d6:8c:31:c5:35:cb:9e:00:a2:
df:b9:cf:64:da:91:fc:c3:d7:1c:53:dc:3f:a0:21:
c8:b9:18:2f:3b:5c:60:bf:c1:e9:b9:d6:77:6a:f7:
15:2b:71:ad:ba:84:f1:ec:7c:10:76:d4:c5:3d:a3:
10:62:9d:a6:81:0d:bb:45:d5:52:b0:e5:ba:82:a0:
16:d6:3f:00:ee:8b:78:ba:3c:53:84:fa:aa:ec:66:
2e:49:bd:8b:2a:95:68:4d:18:44:40:c8:e5:c8:07:
c6:b2:16:a6:5c:55:be:ac:42:0f:49:47:cc:d2:24:
f9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E8:7A:FB:AD:CE:A8:A3:6F:92:8C:FD:E5:F5:61:A8:83:D4:D7:AA
X509v3 Authority Key Identifier:
keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/qOh6-63OqKNvkoz95fVhqIPU16o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.218.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:27:2b:f5:46:49:9a:dc:42:6a:86:3e:79:8b:9b:01:79:b0:
ea:a6:c9:e5:bf:76:15:cd:6b:47:a5:6f:e0:61:58:e9:c9:4b:
fe:6e:43:83:7b:7e:b5:81:42:e5:e0:98:d1:88:cb:b8:b1:1f:
df:c7:8f:4e:99:c2:44:a1:02:46:30:18:81:d4:5b:6a:0c:93:
60:67:13:77:a3:21:72:f2:19:d7:4c:22:77:53:5a:98:77:8a:
5b:10:c0:65:fa:62:df:0d:2d:46:eb:ad:66:e7:8f:5a:3b:67:
93:ac:4e:7f:81:f5:28:67:60:e4:44:25:be:b4:2b:5f:c4:f0:
71:74:ce:d8:93:63:1f:99:44:e4:be:50:2d:d1:78:46:81:27:
66:55:9f:0b:62:89:d8:5f:3f:69:35:3d:63:0e:d1:28:b7:ea:
2f:c6:6f:95:f1:30:08:75:1d:4e:69:11:69:0c:9a:3e:04:6b:
9a:cc:27:ad:1f:13:67:d1:38:18:8d:e2:bc:ed:0f:94:54:88:
ef:5b:09:b2:31:83:fd:55:b9:63:71:d3:42:e8:bb:41:89:62:
0d:05:3b:63:b3:3e:5c:75:6f:6f:76:1d:44:61:48:fb:bd:f5:
1c:18:ba:b8:12:59:27:81:8b:7b:91:70:e8:67:55:8d:81:e0:
61:a1:d6:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJRqC1Um/LR8z8be43ogG/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjQxMDAzMDkxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU4N2FmYmFkY2VhOGEzNmY5MjhjZmRlNWY1NjFhODgzZDRkN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumkAVuNK5GwvKfowF3NajtHULNio
WKteL4KOPJP7HKSao6GuW7l93fHbQGbq22sFE6wFnSRYxDc7aVcAwTNJK6vomELJ
+usgvlF2PKyR5QE3CUS5Y0WO4lCNMNICVktTBlYfn2zceLPHyU9K3JNth1C8baxk
VB2nygy54ED9FZ+6z/8EVYe9BNY0Kg7WjDHFNcueAKLfuc9k2pH8w9ccU9w/oCHI
uRgvO1xgv8HpudZ3avcVK3GtuoTx7HwQdtTFPaMQYp2mgQ27RdVSsOW6gqAW1j8A
7ot4ujxThPqq7GYuSb2LKpVoTRhEQMjlyAfGshamXFW+rEIPSUfM0iT5KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjoevutzqijb5KM/eX1YaiD1NeqMB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvcU9oNi02M09xS052a296OTVmVmhxSVBVMTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucDaMA0G
CSqGSIb3DQEBCwUAA4IBAQArJyv1Rkma3EJqhj55i5sBebDqpsnlv3YVzWtHpW/g
YVjpyUv+bkODe361gULl4JjRiMu4sR/fx49OmcJEoQJGMBiB1FtqDJNgZxN3oyFy
8hnXTCJ3U1qYd4pbEMBl+mLfDS1G661m549aO2eTrE5/gfUoZ2DkRCW+tCtfxPBx
dM7Yk2MfmUTkvlAt0XhGgSdmVZ8LYonYXz9pNT1jDtEot+ovxm+V8TAIdR1OaRFp
DJo+BGuazCetHxNn0TgYjeK87Q+UVIjvWwmyMYP9VbljcdNC6LtBiWINBTtjsz5c
dW9vdh1EYUj7vfUcGLq4ElkngYt7kXDoZ1WNgeBhodaw
-----END CERTIFICATE-----
Generated at Wed Oct 9 20:37:44 2024 by rpki-client on console-fra.rpki-client.org