Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/6e4db7-45a8-4993-b384-9a6ee486eff7/1/qchkKWRqB8O-Mhx5aNZKF7NzdZI.roa
File: qchkKWRqB8O-Mhx5aNZKF7NzdZI.roa (raw, json)
Hash identifier: RwbXE257rQNNNesnuh5QtV7rR1bnTwZw8USpiCEEbAI=
Subject key identifier: A9:C8:64:29:64:6A:07:C3:BE:32:1C:79:68:D6:4A:17:B3:73:75:92
Certificate issuer: /CN=f49ba99114ebdabd6e4cbd36f6cd475b33cf1386
Certificate serial: 018CC64A1A5435A198C5FA7E41405BC2A645
Authority key identifier: F4:9B:A9:91:14:EB:DA:BD:6E:4C:BD:36:F6:CD:47:5B:33:CF:13:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JupkRTr2r1uTL029s1HWzPPE4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/6e4db7-45a8-4993-b384-9a6ee486eff7/1/qchkKWRqB8O-Mhx5aNZKF7NzdZI.roa
Signing time: Mon 01 Jan 2024 18:29:54 +0000
ROA not before: Mon 01 Jan 2024 18:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50875
IP address blocks: 185.86.245.0/24 maxlen: 24
185.86.246.0/24 maxlen: 24
185.86.244.0/22 maxlen: 22
185.86.244.0/24 maxlen: 24
185.86.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 13:46:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:1a:54:35:a1:98:c5:fa:7e:41:40:5b:c2:a6:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f49ba99114ebdabd6e4cbd36f6cd475b33cf1386
Validity
Not Before: Jan 1 18:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9c86429646a07c3be321c7968d64a17b3737592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e6:69:f9:96:ba:9e:a6:13:dc:43:67:1a:fd:
b2:1f:55:1b:f2:7a:d9:4e:d3:6c:b5:3c:6e:c5:6f:
b6:64:49:99:59:c4:9c:70:66:33:9b:3a:64:3b:f9:
0e:06:c2:d4:d5:52:3f:c6:a3:bd:ba:6a:9a:59:48:
5d:dc:cf:02:7e:cd:ee:09:ac:29:29:fa:5f:8c:a7:
58:53:b6:35:da:c6:85:9d:b0:5b:27:dc:f7:1b:db:
9c:e5:4f:f7:09:b2:89:75:1f:1e:02:36:d9:41:9b:
ba:e7:25:35:c0:9e:bb:d3:30:7c:c1:7a:d4:5f:52:
8b:12:15:32:34:d4:ba:56:75:29:19:f1:46:01:81:
31:6c:78:d5:c0:80:2d:b9:97:6e:26:d3:bb:ef:bc:
86:08:72:f2:a8:51:0e:cb:8c:81:73:ee:93:45:2a:
65:13:dc:14:cd:6d:20:cb:2e:1c:dc:a4:0e:2a:dc:
f5:bc:66:29:08:8c:53:f9:51:a3:58:e4:25:48:a5:
af:b5:40:34:8e:90:da:cb:22:f4:b5:79:d4:8a:e5:
e7:0d:74:de:71:c2:c7:03:61:15:fa:9a:59:f1:8f:
a7:bc:7f:12:c6:d7:a7:40:be:65:4d:a4:02:40:0b:
4a:98:6c:d5:7e:56:cd:0e:4c:44:dc:94:6e:ab:78:
69:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C8:64:29:64:6A:07:C3:BE:32:1C:79:68:D6:4A:17:B3:73:75:92
X509v3 Authority Key Identifier:
keyid:F4:9B:A9:91:14:EB:DA:BD:6E:4C:BD:36:F6:CD:47:5B:33:CF:13:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JupkRTr2r1uTL029s1HWzPPE4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6e4db7-45a8-4993-b384-9a6ee486eff7/1/qchkKWRqB8O-Mhx5aNZKF7NzdZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/6e4db7-45a8-4993-b384-9a6ee486eff7/1/9JupkRTr2r1uTL029s1HWzPPE4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.244.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:7a:fe:fc:88:7a:fd:f9:36:84:70:1c:1b:35:1c:aa:1b:24:
f3:89:03:51:5b:f9:43:e7:7f:ac:88:52:a1:47:97:1a:e2:30:
18:14:fe:36:d0:68:39:69:84:c9:02:ff:88:d0:6a:5b:04:cd:
3a:64:5d:a6:d4:5b:ca:6f:99:ee:b2:60:12:7a:0a:a0:5b:15:
9d:40:fb:98:a5:ea:89:1c:63:2d:72:c5:b0:0f:c1:5f:55:82:
37:5c:6e:8f:84:d6:65:14:c4:8d:fd:b2:a7:23:23:8c:e3:2e:
b4:f4:f7:c9:4e:ff:00:2c:ac:8f:aa:ae:31:5f:2a:24:5f:eb:
a1:89:e5:47:e9:3b:af:ac:db:66:61:da:43:c5:bc:77:5d:3f:
75:aa:36:6f:7b:3a:8b:e8:c7:5e:a8:55:b8:27:cb:6e:f6:8f:
c7:24:30:7a:4c:3f:f9:51:59:24:b6:ba:1d:32:40:d8:f2:7b:
bc:09:b7:f6:2c:e3:b8:fc:49:78:32:86:6e:41:27:6a:5b:ba:
0f:76:a2:ee:5d:0b:d0:fd:83:2b:cc:dc:bf:6b:23:79:92:8c:
14:84:1c:2e:97:a4:0d:8b:a1:c4:0a:50:3e:26:1f:0b:d8:99:
df:8f:75:9b:9f:c3:b8:9b:02:49:7d:5f:63:47:0b:09:0f:2d:
33:b7:1e:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGShpUNaGYxfp+QUBbwqZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OWJhOTkxMTRlYmRhYmQ2ZTRjYmQzNmY2Y2Q0NzViMzNj
ZjEzODYwHhcNMjQwMTAxMTgyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWM4NjQyOTY0NmEwN2MzYmUzMjFjNzk2OGQ2NGExN2IzNzM3NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOZp+Za6nqYT3ENnGv2yH1Ub8nrZ
TtNstTxuxW+2ZEmZWcSccGYzmzpkO/kOBsLU1VI/xqO9umqaWUhd3M8Cfs3uCawp
KfpfjKdYU7Y12saFnbBbJ9z3G9uc5U/3CbKJdR8eAjbZQZu65yU1wJ670zB8wXrU
X1KLEhUyNNS6VnUpGfFGAYExbHjVwIAtuZduJtO777yGCHLyqFEOy4yBc+6TRSpl
E9wUzW0gyy4c3KQOKtz1vGYpCIxT+VGjWOQlSKWvtUA0jpDayyL0tXnUiuXnDXTe
ccLHA2EV+ppZ8Y+nvH8SxtenQL5lTaQCQAtKmGzVflbNDkxE3JRuq3hphQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnIZClkagfDvjIceWjWShezc3WSMB8GA1UdIwQY
MBaAFPSbqZEU69q9bky9NvbNR1szzxOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUp1cGtSVHIycjF1VEwwMjlzMUhXelBQRTRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS82ZTRkYjctNDVhOC00OTkzLWIzODQt
OWE2ZWU0ODZlZmY3LzEvcWNoa0tXUnFCOE8tTWh4NWFOWktGN056ZFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS82ZTRkYjctNDVhOC00OTkzLWIzODQtOWE2ZWU0ODZlZmY3
LzEvOUp1cGtSVHIycjF1VEwwMjlzMUhXelBQRTRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVb0MA0G
CSqGSIb3DQEBCwUAA4IBAQDTev78iHr9+TaEcBwbNRyqGyTziQNRW/lD53+siFKh
R5ca4jAYFP420Gg5aYTJAv+I0GpbBM06ZF2m1FvKb5nusmASegqgWxWdQPuYpeqJ
HGMtcsWwD8FfVYI3XG6PhNZlFMSN/bKnIyOM4y609PfJTv8ALKyPqq4xXyokX+uh
ieVH6TuvrNtmYdpDxbx3XT91qjZvezqL6MdeqFW4J8tu9o/HJDB6TD/5UVkktrod
MkDY8nu8Cbf2LOO4/El4MoZuQSdqW7oPdqLuXQvQ/YMrzNy/ayN5kowUhBwul6QN
i6HEClA+Jh8L2Jnfj3Wbn8O4mwJJfV9jRwsJDy0ztx7a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:13 2024 by rpki-client on console-ams.rpki-client.org