Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/203a53-058a-4d5d-a761-d371855756c3/1/Q-j1GqDdmf5X13rqHFsPBGFyyaA.roa
File: Q-j1GqDdmf5X13rqHFsPBGFyyaA.roa (raw, json)
Hash identifier: hOA3MkfdkNoImq80GDGzyjiNqMkW5eqZN7Bm4aGaicU=
Subject key identifier: 43:E8:F5:1A:A0:DD:99:FE:57:D7:7A:EA:1C:5B:0F:04:61:72:C9:A0
Certificate issuer: /CN=b0bfd2c85e6b79d460e660cf9664dee55dccc8cc
Certificate serial: 01856EA6C89086140D76BD7DCF0DC3799724
Authority key identifier: B0:BF:D2:C8:5E:6B:79:D4:60:E6:60:CF:96:64:DE:E5:5D:CC:C8:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sL_SyF5redRg5mDPlmTe5V3MyMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/203a53-058a-4d5d-a761-d371855756c3/1/Q-j1GqDdmf5X13rqHFsPBGFyyaA.roa
Signing time: Sun 01 Jan 2023 18:45:02 +0000
ROA not before: Sun 01 Jan 2023 18:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203310
IP address blocks: 185.51.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:c8:90:86:14:0d:76:bd:7d:cf:0d:c3:79:97:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0bfd2c85e6b79d460e660cf9664dee55dccc8cc
Validity
Not Before: Jan 1 18:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43e8f51aa0dd99fe57d77aea1c5b0f046172c9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:90:c5:1a:09:84:7a:c3:36:73:4b:82:59:ab:
e6:85:19:54:d4:fe:0e:e0:d6:e7:3f:95:d9:8d:01:
fa:d7:bb:df:1c:ed:98:8b:02:24:fd:c5:e6:1c:3f:
1c:0d:22:cd:13:83:70:91:0d:fa:94:52:2e:87:c0:
0e:58:5f:74:d6:db:0e:7d:ec:c6:93:ea:fd:2c:8f:
39:06:5c:63:20:b3:6c:5a:c1:9d:84:22:de:23:84:
84:e8:37:8e:6c:9b:e7:71:d5:e1:68:24:bb:32:47:
82:05:24:54:a5:2a:6b:9b:76:8b:70:a9:65:34:1f:
57:e1:c8:23:d7:67:9c:4f:fb:5f:6c:1f:15:03:6d:
24:34:1c:b3:ee:bc:40:17:49:92:17:2b:48:59:eb:
30:f1:da:4a:8c:25:fa:35:e4:b5:71:97:d3:a6:b9:
be:80:39:a4:9c:1c:8f:dc:c6:fa:1d:b9:1e:17:52:
16:95:be:b2:1a:2c:76:5a:99:48:be:fe:8c:cc:6f:
a9:f3:85:d1:7f:ff:e8:1d:a3:24:84:a0:d5:55:de:
db:6f:28:31:9a:bd:fb:8b:40:ab:5e:a4:de:00:31:
76:3e:4b:5b:7a:6d:7b:b8:2f:fc:9e:ac:0e:6d:83:
6b:09:a4:b1:ca:04:e8:82:99:51:c4:32:44:e9:31:
2f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E8:F5:1A:A0:DD:99:FE:57:D7:7A:EA:1C:5B:0F:04:61:72:C9:A0
X509v3 Authority Key Identifier:
keyid:B0:BF:D2:C8:5E:6B:79:D4:60:E6:60:CF:96:64:DE:E5:5D:CC:C8:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sL_SyF5redRg5mDPlmTe5V3MyMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/203a53-058a-4d5d-a761-d371855756c3/1/Q-j1GqDdmf5X13rqHFsPBGFyyaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/203a53-058a-4d5d-a761-d371855756c3/1/sL_SyF5redRg5mDPlmTe5V3MyMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.103.0/24
Signature Algorithm: sha256WithRSAEncryption
05:84:67:1b:f9:b0:2b:cc:78:72:cd:a7:1a:ef:a9:64:9d:01:
52:e6:e6:09:b8:4a:4a:87:83:48:49:06:be:04:81:39:57:ba:
17:01:03:92:d8:a0:9f:ac:5e:55:eb:da:38:8a:00:dc:14:1f:
ee:6f:b4:53:dd:0a:74:ba:53:cd:c1:63:b4:ce:28:c5:64:d4:
bd:ae:1d:82:68:fc:9a:5d:2f:41:88:cc:c3:2d:17:69:c2:4f:
54:f8:0b:e2:e4:7a:9e:96:e5:b3:89:4a:3e:66:30:e1:45:f4:
99:f5:52:c5:f7:ab:b2:29:2b:3a:ef:af:43:96:f6:0f:d0:d8:
1c:a4:ff:54:e9:72:32:3e:34:48:c1:6c:0b:a9:cc:e1:43:65:
c5:68:d5:a9:06:3e:dd:07:15:2b:84:3e:62:1d:be:90:b7:49:
52:cb:78:2a:bf:29:73:55:e6:a5:7f:66:37:12:63:cc:47:d3:
52:2f:c2:ab:88:94:1f:85:b1:90:5a:1b:95:9e:d1:85:55:d0:
b9:b6:8b:08:34:9e:5d:d0:ac:d9:41:28:08:cb:09:78:12:21:
1d:a6:dc:de:79:c5:9c:ea:a7:2c:2b:d7:e5:9e:06:2e:ba:28:
02:2f:28:6d:d1:89:1e:66:50:09:24:b2:c5:88:5b:bb:49:91:
aa:23:90:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVupsiQhhQNdr19zw3DeZckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYmZkMmM4NWU2Yjc5ZDQ2MGU2NjBjZjk2NjRkZWU1NWRj
Y2M4Y2MwHhcNMjMwMTAxMTg0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2U4ZjUxYWEwZGQ5OWZlNTdkNzdhZWExYzViMGYwNDYxNzJjOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZDFGgmEesM2c0uCWavmhRlU1P4O
4NbnP5XZjQH617vfHO2YiwIk/cXmHD8cDSLNE4NwkQ36lFIuh8AOWF901tsOfezG
k+r9LI85BlxjILNsWsGdhCLeI4SE6DeObJvncdXhaCS7MkeCBSRUpSprm3aLcKll
NB9X4cgj12ecT/tfbB8VA20kNByz7rxAF0mSFytIWesw8dpKjCX6NeS1cZfTprm+
gDmknByP3Mb6HbkeF1IWlb6yGix2WplIvv6MzG+p84XRf//oHaMkhKDVVd7bbygx
mr37i0CrXqTeADF2Pktbem17uC/8nqwObYNrCaSxygTogplRxDJE6TEvVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPo9Rqg3Zn+V9d66hxbDwRhcsmgMB8GA1UdIwQY
MBaAFLC/0shea3nUYOZgz5Zk3uVdzMjMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xfU3lGNXJlZFJnNW1EUGxtVGU1VjNNeU13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yMDNhNTMtMDU4YS00ZDVkLWE3NjEt
ZDM3MTg1NTc1NmMzLzEvUS1qMUdxRGRtZjVYMTNycUhGc1BCR0Z5eWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yMDNhNTMtMDU4YS00ZDVkLWE3NjEtZDM3MTg1NTc1NmMz
LzEvc0xfU3lGNXJlZFJnNW1EUGxtVGU1VjNNeU13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTNnMA0G
CSqGSIb3DQEBCwUAA4IBAQAFhGcb+bArzHhyzaca76lknQFS5uYJuEpKh4NISQa+
BIE5V7oXAQOS2KCfrF5V69o4igDcFB/ub7RT3Qp0ulPNwWO0zijFZNS9rh2CaPya
XS9BiMzDLRdpwk9U+Avi5HqeluWziUo+ZjDhRfSZ9VLF96uyKSs6769DlvYP0Ngc
pP9U6XIyPjRIwWwLqczhQ2XFaNWpBj7dBxUrhD5iHb6Qt0lSy3gqvylzVealf2Y3
EmPMR9NSL8KriJQfhbGQWhuVntGFVdC5tosINJ5d0KzZQSgIywl4EiEdptzeecWc
6qcsK9flngYuuigCLyht0YkeZlAJJLLFiFu7SZGqI5At
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:35 2024 by rpki-client on console-ams.rpki-client.org