Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/72ee02-13d9-4396-9f7e-4ca842bacda5/1/QEd-0jdcwHc3ANgVtqosg6LXPsk.roa
File: QEd-0jdcwHc3ANgVtqosg6LXPsk.roa (raw, json)
Hash identifier: i4wPCMN4tJsmzS2o1uR+IK9dBiZ0SXbYvEyH/5nAnXI=
Subject key identifier: 40:47:7E:D2:37:5C:C0:77:37:00:D8:15:B6:AA:2C:83:A2:D7:3E:C9
Certificate issuer: /CN=9cc60ed881418a217e8dd3c1fa523e2565caeb9b
Certificate serial: 01856E01DDB47A8CAFDF013A51DDB5147C5D
Authority key identifier: 9C:C6:0E:D8:81:41:8A:21:7E:8D:D3:C1:FA:52:3E:25:65:CA:EB:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nMYO2IFBiiF-jdPB-lI-JWXK65s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/72ee02-13d9-4396-9f7e-4ca842bacda5/1/QEd-0jdcwHc3ANgVtqosg6LXPsk.roa
Signing time: Sun 01 Jan 2023 15:44:54 +0000
ROA not before: Sun 01 Jan 2023 15:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201702
IP address blocks: 185.66.200.0/23 maxlen: 23
2a05:980::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:dd:b4:7a:8c:af:df:01:3a:51:dd:b5:14:7c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cc60ed881418a217e8dd3c1fa523e2565caeb9b
Validity
Not Before: Jan 1 15:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40477ed2375cc0773700d815b6aa2c83a2d73ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2c:98:15:d0:51:05:e0:a4:80:d4:70:25:de:
6d:c1:69:20:56:68:67:12:a7:9d:8d:2a:f9:15:a8:
c6:0d:1d:9c:0a:c1:34:53:00:96:97:64:c9:5d:c7:
e4:e9:f3:a2:c0:d6:aa:6c:91:ee:34:35:b2:94:41:
91:14:70:df:44:79:61:a8:36:df:27:8d:77:36:e3:
df:8e:0d:d0:02:e4:99:36:74:9e:bd:b7:a1:cb:ba:
1e:5d:51:9e:a1:d8:f4:07:25:b3:8e:9b:51:ae:f4:
52:75:8c:d7:21:53:82:b0:d7:b0:bc:bd:60:52:16:
38:cf:61:9a:d4:d4:0a:8b:7d:75:b2:f2:27:fd:f7:
52:fe:bd:7f:84:82:18:b6:63:ec:d9:e2:3b:a7:98:
19:92:55:56:e9:83:e5:51:6e:48:10:39:03:61:9d:
65:08:26:1d:02:a8:3e:e8:04:cf:ae:6e:d5:80:1e:
6d:ac:96:da:b5:79:0a:b9:52:9b:d4:19:62:f6:58:
fc:43:8b:47:ea:2a:79:4d:06:36:3d:69:06:79:a3:
f5:e8:61:7b:35:40:c2:ce:2e:fa:5d:31:0d:fb:f8:
5d:eb:a4:0b:8d:f5:4b:6c:25:ad:89:55:c6:a3:a4:
a7:54:e5:91:77:b9:1c:b6:18:90:0b:06:cd:33:38:
c0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:47:7E:D2:37:5C:C0:77:37:00:D8:15:B6:AA:2C:83:A2:D7:3E:C9
X509v3 Authority Key Identifier:
keyid:9C:C6:0E:D8:81:41:8A:21:7E:8D:D3:C1:FA:52:3E:25:65:CA:EB:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nMYO2IFBiiF-jdPB-lI-JWXK65s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/72ee02-13d9-4396-9f7e-4ca842bacda5/1/QEd-0jdcwHc3ANgVtqosg6LXPsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/72ee02-13d9-4396-9f7e-4ca842bacda5/1/nMYO2IFBiiF-jdPB-lI-JWXK65s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.200.0/23
IPv6:
2a05:980::/29
Signature Algorithm: sha256WithRSAEncryption
94:26:8c:c9:33:48:da:84:32:22:6c:31:7c:d3:95:b6:4a:75:
69:1b:a7:ed:16:be:3f:05:37:b8:1f:b3:97:95:85:0c:4f:0e:
1e:d7:22:73:4b:bd:88:41:5d:49:a1:ae:93:52:28:26:0a:d7:
76:7f:1e:c3:de:d0:89:30:4a:42:01:aa:3d:0c:c8:99:d8:aa:
ed:ec:8a:a7:53:13:65:33:27:59:79:da:cf:30:56:a8:01:89:
0b:13:7d:60:5d:b0:91:40:28:d6:ee:47:29:4b:9f:d2:6d:d0:
e5:6b:20:f6:f7:10:76:5b:08:f7:16:00:86:22:8d:af:75:58:
27:cb:3b:fa:7f:c2:86:c6:43:39:a7:a3:5f:54:69:64:bc:69:
84:39:fa:19:c3:ca:35:9c:b8:13:24:de:7c:1d:3c:ec:b4:98:
37:95:8a:83:60:e6:fc:8a:e6:37:54:37:61:62:e9:25:c8:49:
00:1d:97:e7:1a:9f:45:53:ab:dc:9d:7a:df:b8:18:10:c1:e3:
b3:94:fa:bb:7d:08:99:52:c6:2e:c3:c0:a0:bb:c5:3c:41:f3:
68:f0:32:d1:7d:e5:26:c8:52:27:fd:3f:25:be:55:79:3a:8b:
36:4c:ab:05:f8:bd:df:4c:a5:ec:a2:93:fd:7e:7f:ea:81:6b:
d8:30:fa:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuAd20eoyv3wE6Ud21FHxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYzYwZWQ4ODE0MThhMjE3ZThkZDNjMWZhNTIzZTI1NjVj
YWViOWIwHhcNMjMwMTAxMTU0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQ3N2VkMjM3NWNjMDc3MzcwMGQ4MTViNmFhMmM4M2EyZDczZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iyYFdBRBeCkgNRwJd5twWkgVmhn
EqedjSr5FajGDR2cCsE0UwCWl2TJXcfk6fOiwNaqbJHuNDWylEGRFHDfRHlhqDbf
J413NuPfjg3QAuSZNnSevbehy7oeXVGeodj0ByWzjptRrvRSdYzXIVOCsNewvL1g
UhY4z2Ga1NQKi311svIn/fdS/r1/hIIYtmPs2eI7p5gZklVW6YPlUW5IEDkDYZ1l
CCYdAqg+6ATPrm7VgB5trJbatXkKuVKb1Bli9lj8Q4tH6ip5TQY2PWkGeaP16GF7
NUDCzi76XTEN+/hd66QLjfVLbCWtiVXGo6SnVOWRd7kcthiQCwbNMzjAOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEBHftI3XMB3NwDYFbaqLIOi1z7JMB8GA1UdIwQY
MBaAFJzGDtiBQYohfo3TwfpSPiVlyuubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk1ZTzJJRkJpaUYtamRQQi1sSS1KV1hLNjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83MmVlMDItMTNkOS00Mzk2LTlmN2Ut
NGNhODQyYmFjZGE1LzEvUUVkLTBqZGN3SGMzQU5nVnRxb3NnNkxYUHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83MmVlMDItMTNkOS00Mzk2LTlmN2UtNGNhODQyYmFjZGE1
LzEvbk1ZTzJJRkJpaUYtamRQQi1sSS1KV1hLNjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuULIMA0E
AgACMAcDBQMqBQmAMA0GCSqGSIb3DQEBCwUAA4IBAQCUJozJM0jahDIibDF805W2
SnVpG6ftFr4/BTe4H7OXlYUMTw4e1yJzS72IQV1Joa6TUigmCtd2fx7D3tCJMEpC
Aao9DMiZ2Krt7IqnUxNlMydZedrPMFaoAYkLE31gXbCRQCjW7kcpS5/SbdDlayD2
9xB2Wwj3FgCGIo2vdVgnyzv6f8KGxkM5p6NfVGlkvGmEOfoZw8o1nLgTJN58HTzs
tJg3lYqDYOb8iuY3VDdhYuklyEkAHZfnGp9FU6vcnXrfuBgQweOzlPq7fQiZUsYu
w8Cgu8U8QfNo8DLRfeUmyFIn/T8lvlV5Oos2TKsF+L3fTKXsopP9fn/qgWvYMPrS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:29 2024 by rpki-client on console-ams.rpki-client.org