Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/QcGxkCq5j_3ZKzjLHXzhhHh3A3Y.roa
File: QcGxkCq5j_3ZKzjLHXzhhHh3A3Y.roa (raw, json)
Hash identifier: CDnEecVH+tHnn+EfpiuSXPHr1rQ7TobJAhcsCmWOh9A=
Subject key identifier: 41:C1:B1:90:2A:B9:8F:FD:D9:2B:38:CB:1D:7C:E1:84:78:77:03:76
Certificate issuer: /CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Certificate serial: 018A1747042A5E919CF13A2AC20389081A0C
Authority key identifier: 7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/QcGxkCq5j_3ZKzjLHXzhhHh3A3Y.roa
Signing time: Mon 21 Aug 2023 08:47:24 +0000
ROA not before: Mon 21 Aug 2023 08:47:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205561
IP address blocks: 185.160.221.0/24 maxlen: 24
185.160.222.0/24 maxlen: 24
185.160.220.0/22 maxlen: 24
185.160.220.0/24 maxlen: 24
185.160.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:47:04:2a:5e:91:9c:f1:3a:2a:c2:03:89:08:1a:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Validity
Not Before: Aug 21 08:47:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41c1b1902ab98ffdd92b38cb1d7ce18478770376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8c:6a:97:9e:16:96:50:0f:12:e4:53:cb:d6:
c0:3d:09:55:bd:0d:84:51:39:b9:4d:97:4b:12:b2:
0b:a1:3d:65:7b:0b:9f:43:db:de:45:93:fe:0c:e1:
e3:f3:00:62:75:aa:2c:70:5c:8c:7a:2f:b9:f0:da:
8d:02:0a:9e:27:55:04:86:bd:51:59:f1:48:8f:8a:
e6:7a:b2:83:15:55:55:57:7b:a7:7b:b3:80:dc:d8:
0f:51:a4:e7:f1:5a:c3:4a:e0:35:77:4c:b3:f3:0e:
24:80:85:ef:c9:46:fb:62:21:a0:ef:86:af:5d:ef:
2a:a1:7e:cc:30:90:7e:cc:7c:5c:d5:7a:8e:ce:29:
f4:86:c9:fe:48:ce:1d:f8:00:04:4f:49:33:42:71:
31:70:97:70:d1:f5:1a:ec:04:00:95:8b:fe:11:ef:
55:af:c2:e4:36:98:f4:20:9e:e1:e8:ca:d6:50:5f:
f1:04:b5:62:27:9c:ff:a6:56:ca:13:1f:82:d3:01:
97:a2:61:df:e1:1d:ec:ec:2e:47:04:01:cc:7b:92:
6b:75:9d:c3:25:ca:b9:19:9b:70:2a:33:f8:13:d1:
1e:c5:23:7b:1e:94:0a:5c:4e:fb:62:73:07:6a:40:
07:8c:3a:96:fc:80:76:86:1a:eb:ae:1a:5b:ce:b4:
3f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C1:B1:90:2A:B9:8F:FD:D9:2B:38:CB:1D:7C:E1:84:78:77:03:76
X509v3 Authority Key Identifier:
keyid:7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/QcGxkCq5j_3ZKzjLHXzhhHh3A3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/fQL6LFuiiSBF581Qpa39VNbbuMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.220.0/22
Signature Algorithm: sha256WithRSAEncryption
05:3a:f2:b0:c7:34:2f:f0:91:bb:86:50:76:23:68:1b:8f:91:
10:b2:d3:08:80:04:8e:de:54:6e:94:0a:4b:d1:19:21:9f:a0:
37:ba:00:61:7d:4f:e7:33:de:f1:4b:30:f9:05:51:53:16:8d:
73:b7:42:9e:bb:08:09:7a:b0:1c:86:b7:d9:cb:cc:55:2c:21:
de:bd:1f:e8:cd:81:50:fa:8c:ab:f2:0b:a3:02:1e:64:6d:b5:
47:b0:04:5c:e6:83:4e:88:e4:4c:f0:23:bc:11:44:40:a4:52:
c4:5b:7e:4c:46:b7:e6:27:37:7d:f3:3e:31:4c:c9:bf:c6:f1:
a3:a7:8f:6b:9d:26:93:7b:f5:69:fc:8a:54:6e:18:aa:73:4e:
f7:06:b1:e1:3b:71:cd:f1:7c:dc:92:1e:8f:b5:13:c3:77:f3:
f9:43:88:30:f9:5e:a5:55:00:2e:03:92:34:b2:81:bc:f3:7d:
38:bb:69:90:9d:8b:f0:66:fd:dd:64:ba:ae:6a:64:55:a2:c8:
ad:bf:57:97:e0:a9:d9:05:a9:08:6f:0d:e0:57:ba:bf:7f:3a:
ff:ad:43:8e:13:68:04:a4:b0:0d:32:19:9e:4f:2b:99:46:97:
bc:40:0e:36:55:70:0f:4d:b9:b1:7c:6f:18:d2:c8:c7:d6:a1:
58:09:02:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoXRwQqXpGc8ToqwgOJCBoMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDJmYTJjNWJhMjg5MjA0NWU3Y2Q1MGE1YWRmZDU0ZDZk
YmI4YzIwHhcNMjMwODIxMDg0NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWMxYjE5MDJhYjk4ZmZkZDkyYjM4Y2IxZDdjZTE4NDc4NzcwMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4xql54WllAPEuRTy9bAPQlVvQ2E
UTm5TZdLErILoT1lewufQ9veRZP+DOHj8wBidaoscFyMei+58NqNAgqeJ1UEhr1R
WfFIj4rmerKDFVVVV3une7OA3NgPUaTn8VrDSuA1d0yz8w4kgIXvyUb7YiGg74av
Xe8qoX7MMJB+zHxc1XqOzin0hsn+SM4d+AAET0kzQnExcJdw0fUa7AQAlYv+Ee9V
r8LkNpj0IJ7h6MrWUF/xBLViJ5z/plbKEx+C0wGXomHf4R3s7C5HBAHMe5JrdZ3D
Jcq5GZtwKjP4E9EexSN7HpQKXE77YnMHakAHjDqW/IB2hhrrrhpbzrQ/gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHBsZAquY/92Ss4yx184YR4dwN2MB8GA1UdIwQY
MBaAFH0C+ixbookgRefNUKWt/VTW27jCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUt
ODEwMzlmM2NmM2ZkLzEvUWNHeGtDcTVqXzNaS3pqTEhYemhoSGgzQTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUtODEwMzlmM2NmM2Zk
LzEvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaDcMA0G
CSqGSIb3DQEBCwUAA4IBAQAFOvKwxzQv8JG7hlB2I2gbj5EQstMIgASO3lRulApL
0Rkhn6A3ugBhfU/nM97xSzD5BVFTFo1zt0KeuwgJerAchrfZy8xVLCHevR/ozYFQ
+oyr8gujAh5kbbVHsARc5oNOiORM8CO8EURApFLEW35MRrfmJzd98z4xTMm/xvGj
p49rnSaTe/Vp/IpUbhiqc073BrHhO3HN8Xzckh6PtRPDd/P5Q4gw+V6lVQAuA5I0
soG88304u2mQnYvwZv3dZLquamRVositv1eX4KnZBakIbw3gV7q/fzr/rUOOE2gE
pLANMhmeTyuZRpe8QA42VXAPTbmxfG8Y0sjH1qFYCQLR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:49 2024 by rpki-client on console-fra.rpki-client.org