Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/QVREtT9QNF8MZixcdyGilfA25-c.roa
File: QVREtT9QNF8MZixcdyGilfA25-c.roa (raw, json)
Hash identifier: mwUFe/VpFpp6IbD7GCdhi0jnvHgsKoi5DCYkeBM2ID8=
Subject key identifier: 41:54:44:B5:3F:50:34:5F:0C:66:2C:5C:77:21:A2:95:F0:36:E7:E7
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018571B9F056365FD7C49AD0BECAE3FECF0F
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/QVREtT9QNF8MZixcdyGilfA25-c.roa
Signing time: Mon 02 Jan 2023 09:04:49 +0000
ROA not before: Mon 02 Jan 2023 09:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44244
IP address blocks: 85.185.38.0/24 maxlen: 24
85.185.36.0/22 maxlen: 22
85.185.36.0/24 maxlen: 24
85.185.37.0/24 maxlen: 24
85.185.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:f0:56:36:5f:d7:c4:9a:d0:be:ca:e3:fe:cf:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 09:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=415444b53f50345f0c662c5c7721a295f036e7e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ef:5d:e9:b5:d3:ff:63:22:3a:f8:33:01:d4:
06:46:4f:3e:5d:8f:f6:b2:ca:70:d6:e7:7b:6b:6b:
e3:88:dd:be:12:bc:32:6a:21:ea:8c:1b:8f:0f:89:
a6:d4:1f:f0:78:6c:49:9c:8f:a1:0e:32:f9:06:a0:
bf:c4:98:d8:ce:3a:55:56:c6:00:ff:98:fa:fd:08:
7a:a8:55:34:c0:cd:4a:dd:eb:8e:7f:87:4a:5a:93:
c8:82:9b:92:38:19:9b:59:bf:40:bd:93:ac:cd:01:
d8:b3:7d:bd:76:0e:93:46:93:17:e5:21:b3:89:5b:
36:87:d3:ea:55:ab:36:7a:9e:ea:a6:5a:26:53:e0:
44:3d:e9:48:7d:44:a3:67:44:d3:66:5b:6e:99:3c:
e1:20:0a:1b:a5:05:80:d1:65:53:cd:51:09:fa:5b:
ce:dd:26:8a:84:01:1d:25:cb:39:98:5e:83:0d:43:
3d:96:51:4b:7c:d4:93:45:a8:48:8e:09:e1:84:59:
f3:26:86:d6:65:d8:2b:80:ac:e5:64:36:fb:ad:5b:
da:4d:39:81:a6:ee:77:c6:ae:87:cf:55:fc:56:d4:
31:fe:54:30:8c:36:fd:26:e8:26:c3:31:7b:8f:ba:
e9:e2:f8:47:83:fa:9a:30:13:47:19:1d:dd:dc:8b:
cf:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:54:44:B5:3F:50:34:5F:0C:66:2C:5C:77:21:A2:95:F0:36:E7:E7
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/QVREtT9QNF8MZixcdyGilfA25-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.185.36.0/22
Signature Algorithm: sha256WithRSAEncryption
71:c4:93:35:3b:08:7d:e9:37:e4:6c:5f:4d:89:11:cb:f4:b4:
2a:cd:20:7e:16:82:a6:c2:bd:00:6f:39:56:77:05:be:f3:25:
3e:0b:f6:c6:d4:1a:cf:f5:16:c9:d4:d4:6f:79:8b:57:05:36:
5b:9d:04:b1:e1:b2:18:97:46:68:c4:9e:32:59:5c:ea:68:c8:
d4:96:95:26:8c:1b:dd:75:ef:1a:94:95:2e:30:2b:1a:4d:1d:
31:14:0c:28:83:25:41:a2:98:cf:46:ce:c3:f3:37:4b:39:2a:
be:cf:f8:ca:0c:5e:21:53:b8:ec:53:d9:97:b0:cc:a4:6c:5a:
af:7f:53:1b:89:d6:f2:a3:1a:3a:8a:76:20:e0:c8:60:f6:e5:
e1:48:72:0c:0c:f7:1d:87:2f:a2:c9:ad:4d:fe:6d:98:1e:db:
25:12:be:53:dd:d8:69:48:fb:98:8c:89:0b:29:92:ac:bd:7e:
cd:c6:f1:df:4e:25:c7:23:f3:cc:e4:8f:5f:59:31:29:0d:97:
66:48:bd:99:5e:ff:73:bd:e8:a4:de:10:6f:af:41:36:20:28:
9e:86:a1:9f:56:c8:d4:7f:ce:8d:b7:dc:c5:38:c8:e8:7a:d5:
3a:49:f8:57:6f:92:af:06:2d:9f:e6:5d:15:0e:76:22:25:26:
65:e5:80:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxufBWNl/XxJrQvsrj/s8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwMTAyMDkwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTU0NDRiNTNmNTAzNDVmMGM2NjJjNWM3NzIxYTI5NWYwMzZlN2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O9d6bXT/2MiOvgzAdQGRk8+XY/2
sspw1ud7a2vjiN2+ErwyaiHqjBuPD4mm1B/weGxJnI+hDjL5BqC/xJjYzjpVVsYA
/5j6/Qh6qFU0wM1K3euOf4dKWpPIgpuSOBmbWb9AvZOszQHYs329dg6TRpMX5SGz
iVs2h9PqVas2ep7qplomU+BEPelIfUSjZ0TTZltumTzhIAobpQWA0WVTzVEJ+lvO
3SaKhAEdJcs5mF6DDUM9llFLfNSTRahIjgnhhFnzJobWZdgrgKzlZDb7rVvaTTmB
pu53xq6Hz1X8VtQx/lQwjDb9JugmwzF7j7rp4vhHg/qaMBNHGR3d3IvPzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFURLU/UDRfDGYsXHchopXwNufnMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvUVZSRXRUOVFORjhNWml4Y2R5R2lsZkEyNS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVbkkMA0G
CSqGSIb3DQEBCwUAA4IBAQBxxJM1Owh96TfkbF9NiRHL9LQqzSB+FoKmwr0AbzlW
dwW+8yU+C/bG1BrP9RbJ1NRveYtXBTZbnQSx4bIYl0ZoxJ4yWVzqaMjUlpUmjBvd
de8alJUuMCsaTR0xFAwogyVBopjPRs7D8zdLOSq+z/jKDF4hU7jsU9mXsMykbFqv
f1Mbidbyoxo6inYg4Mhg9uXhSHIMDPcdhy+iya1N/m2YHtslEr5T3dhpSPuYjIkL
KZKsvX7NxvHfTiXHI/PM5I9fWTEpDZdmSL2ZXv9zveik3hBvr0E2ICiehqGfVsjU
f86Nt9zFOMjoetU6SfhXb5KvBi2f5l0VDnYiJSZl5YAc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:53 2024 by rpki-client on console-ams.rpki-client.org