Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/13abc4-d137-4890-9c3c-a4b7e3483919/1/QKT0qgep8Xqtkp_-DUN5Km-1bCE.roa
File: QKT0qgep8Xqtkp_-DUN5Km-1bCE.roa (raw, json)
Hash identifier: 4o2FCXesR3HiPdGeGd8QIJNWYkTym/dZWyWXzkAHMz4=
Subject key identifier: 40:A4:F4:AA:07:A9:F1:7A:AD:92:9F:FE:0D:43:79:2A:6F:B5:6C:21
Certificate issuer: /CN=dcdba07b9f70bd5ece1b0235ea2cc8cad612edc2
Certificate serial: 018570FBCE2329CEC82B0DA3AABBE8EED369
Authority key identifier: DC:DB:A0:7B:9F:70:BD:5E:CE:1B:02:35:EA:2C:C8:CA:D6:12:ED:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Nuge59wvV7OGwI16izIytYS7cI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/13abc4-d137-4890-9c3c-a4b7e3483919/1/QKT0qgep8Xqtkp_-DUN5Km-1bCE.roa
Signing time: Mon 02 Jan 2023 05:37:08 +0000
ROA not before: Mon 02 Jan 2023 05:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52438
IP address blocks: 185.180.8.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:ce:23:29:ce:c8:2b:0d:a3:aa:bb:e8:ee:d3:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcdba07b9f70bd5ece1b0235ea2cc8cad612edc2
Validity
Not Before: Jan 2 05:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40a4f4aa07a9f17aad929ffe0d43792a6fb56c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6b:55:13:c2:b5:61:bf:3a:0d:07:e9:b7:12:
fb:ea:73:87:db:93:ef:f9:2c:31:9d:bc:3b:65:6f:
f2:ee:bb:16:fc:72:5e:c4:d0:0d:c1:d5:b0:ce:ea:
c8:bc:55:5d:e0:0d:a5:c0:c7:29:e8:d4:ed:84:31:
7e:f5:97:2b:93:41:24:88:a7:0c:5f:72:5a:12:75:
72:01:03:30:43:bf:d3:c5:dc:40:c5:c4:74:6c:7f:
2f:36:44:c6:75:b0:34:b9:7c:b4:47:e2:b2:6e:eb:
c9:cb:56:e6:a4:fc:d5:5e:ae:50:d1:0b:21:c4:59:
43:94:32:85:07:32:6e:c7:70:9d:a6:86:33:98:51:
dd:01:62:6c:60:3d:4c:dd:b5:0c:03:6b:5f:e0:d5:
dd:a9:26:79:35:09:51:b5:df:64:e1:f2:ff:e4:7c:
d1:1b:d2:16:52:05:4c:b9:44:bb:5d:bb:44:de:60:
82:3e:08:26:11:bd:93:e6:e1:74:8e:ba:b9:01:cc:
9c:25:25:10:3e:f4:90:10:1d:c3:95:e0:5d:ee:85:
5c:b5:c2:01:ab:f8:4b:83:e7:bb:b5:3b:86:c7:3d:
c7:c2:70:8a:74:f6:25:8b:ed:23:f2:b3:ba:de:34:
f7:33:2f:0e:4a:0c:36:ea:72:b8:32:9d:45:bd:f7:
59:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A4:F4:AA:07:A9:F1:7A:AD:92:9F:FE:0D:43:79:2A:6F:B5:6C:21
X509v3 Authority Key Identifier:
keyid:DC:DB:A0:7B:9F:70:BD:5E:CE:1B:02:35:EA:2C:C8:CA:D6:12:ED:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Nuge59wvV7OGwI16izIytYS7cI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/13abc4-d137-4890-9c3c-a4b7e3483919/1/QKT0qgep8Xqtkp_-DUN5Km-1bCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/13abc4-d137-4890-9c3c-a4b7e3483919/1/3Nuge59wvV7OGwI16izIytYS7cI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.8.0/22
Signature Algorithm: sha256WithRSAEncryption
24:32:2a:0e:37:b4:ae:ee:6b:dd:1f:0f:13:65:fc:fb:d2:e8:
68:de:8a:89:df:51:8c:c1:a2:6b:61:10:a0:bd:8e:af:36:55:
7d:f2:ea:94:ab:be:f7:08:5f:3f:81:5a:40:0e:0f:a5:21:49:
52:d9:c5:e5:e1:97:24:8a:1d:e8:0d:a8:a9:69:ff:bd:fc:5f:
6f:20:16:f2:09:57:76:51:5f:05:d7:65:f9:75:a2:74:45:a8:
31:76:26:ff:c9:34:98:d3:7a:b7:01:39:68:54:2c:a2:3a:c6:
70:82:3d:63:10:49:8d:d9:ee:ec:9d:f4:4a:54:a4:4b:99:ef:
6a:70:92:ba:07:95:5d:2a:94:17:86:7f:8f:df:a7:9e:dc:11:
f3:27:60:c3:fd:b4:6a:05:13:6d:b2:56:f6:5a:f0:ff:92:1e:
03:c4:6a:a5:65:dd:4f:a0:82:41:d7:5e:27:68:a5:3d:27:e4:
3b:fb:5d:fc:35:b3:cd:78:ee:79:49:cc:36:65:46:68:24:15:
3e:0d:d6:a3:fa:a3:09:61:40:5b:75:0f:f0:d8:05:f8:ed:26:
dd:cc:f3:dd:08:11:67:31:19:22:52:8c:a6:da:cc:d1:ab:c9:
e7:c5:ba:29:8b:eb:fc:c0:fa:39:09:dc:57:42:f3:5c:0e:43:
b4:5b:08:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+84jKc7IKw2jqrvo7tNpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZGJhMDdiOWY3MGJkNWVjZTFiMDIzNWVhMmNjOGNhZDYx
MmVkYzIwHhcNMjMwMTAyMDUzNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE0ZjRhYTA3YTlmMTdhYWQ5MjlmZmUwZDQzNzkyYTZmYjU2YzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2tVE8K1Yb86DQfptxL76nOH25Pv
+Swxnbw7ZW/y7rsW/HJexNANwdWwzurIvFVd4A2lwMcp6NTthDF+9Zcrk0EkiKcM
X3JaEnVyAQMwQ7/TxdxAxcR0bH8vNkTGdbA0uXy0R+KybuvJy1bmpPzVXq5Q0Qsh
xFlDlDKFBzJux3CdpoYzmFHdAWJsYD1M3bUMA2tf4NXdqSZ5NQlRtd9k4fL/5HzR
G9IWUgVMuUS7XbtE3mCCPggmEb2T5uF0jrq5AcycJSUQPvSQEB3DleBd7oVctcIB
q/hLg+e7tTuGxz3HwnCKdPYli+0j8rO63jT3My8OSgw26nK4Mp1FvfdZwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECk9KoHqfF6rZKf/g1DeSpvtWwhMB8GA1UdIwQY
MBaAFNzboHufcL1ezhsCNeosyMrWEu3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM051Z2U1OXd2VjdPR3dJMTZpekl5dFlTN2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xM2FiYzQtZDEzNy00ODkwLTljM2Mt
YTRiN2UzNDgzOTE5LzEvUUtUMHFnZXA4WHF0a3BfLURVTjVLbS0xYkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xM2FiYzQtZDEzNy00ODkwLTljM2MtYTRiN2UzNDgzOTE5
LzEvM051Z2U1OXd2VjdPR3dJMTZpekl5dFlTN2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubQIMA0G
CSqGSIb3DQEBCwUAA4IBAQAkMioON7Su7mvdHw8TZfz70uho3oqJ31GMwaJrYRCg
vY6vNlV98uqUq773CF8/gVpADg+lIUlS2cXl4Zckih3oDaipaf+9/F9vIBbyCVd2
UV8F12X5daJ0Ragxdib/yTSY03q3ATloVCyiOsZwgj1jEEmN2e7snfRKVKRLme9q
cJK6B5VdKpQXhn+P36ee3BHzJ2DD/bRqBRNtslb2WvD/kh4DxGqlZd1PoIJB114n
aKU9J+Q7+138NbPNeO55Scw2ZUZoJBU+Ddaj+qMJYUBbdQ/w2AX47SbdzPPdCBFn
MRkiUoym2szRq8nnxbopi+v8wPo5CdxXQvNcDkO0WwjI
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:44 2024 by rpki-client on console-fra.rpki-client.org