Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/81ce36-f952-429c-8fbb-7ff92f6dc3a4/1/QOXZ_k-J1xkaUqaYELpxO5B1ne4.roa
File: QOXZ_k-J1xkaUqaYELpxO5B1ne4.roa (raw, json)
Hash identifier: 3rvingBZ48r3/ZHUVliIgoS97WEMwuLulJo3xUHva9M=
Subject key identifier: 40:E5:D9:FE:4F:89:D7:19:1A:52:A6:98:10:BA:71:3B:90:75:9D:EE
Certificate issuer: /CN=01628a415e1fa72ce1d03cd76219ce1b77c655c4
Certificate serial: 01856BB7E26DB68A337E7BBF429B1F6F115A
Authority key identifier: 01:62:8A:41:5E:1F:A7:2C:E1:D0:3C:D7:62:19:CE:1B:77:C6:55:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWKKQV4fpyzh0DzXYhnOG3fGVcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/81ce36-f952-429c-8fbb-7ff92f6dc3a4/1/QOXZ_k-J1xkaUqaYELpxO5B1ne4.roa
Signing time: Sun 01 Jan 2023 05:04:51 +0000
ROA not before: Sun 01 Jan 2023 05:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202021
IP address blocks: 185.56.64.0/22 maxlen: 24
185.56.64.0/24 maxlen: 24
185.56.67.0/24 maxlen: 24
185.56.66.0/24 maxlen: 24
185.56.65.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:b7:e2:6d:b6:8a:33:7e:7b:bf:42:9b:1f:6f:11:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01628a415e1fa72ce1d03cd76219ce1b77c655c4
Validity
Not Before: Jan 1 05:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e5d9fe4f89d7191a52a69810ba713b90759dee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0b:eb:4b:5c:68:5b:04:b1:5c:59:c4:52:3b:
d8:ab:95:93:4d:11:e4:03:a9:41:a2:32:12:ff:e4:
f6:b1:cf:7c:fb:4c:33:2e:45:5a:9d:44:90:18:be:
2d:1f:77:ef:2e:48:d4:8f:be:93:2f:4a:31:68:41:
82:17:3c:f6:db:04:03:ff:d7:6c:a6:ba:58:21:39:
86:e5:4a:7a:96:16:c2:d3:02:37:86:aa:d3:eb:ca:
89:eb:a6:c3:3d:39:10:39:2f:b1:da:66:0e:5e:ac:
51:03:2f:36:4a:d6:e1:57:28:c1:0e:98:5f:71:08:
bf:cc:d2:d4:18:46:ef:08:80:5a:64:80:29:8e:b1:
51:c2:5c:cf:97:0e:b8:9c:ca:8e:e1:0e:1d:78:a5:
22:f3:b6:94:a6:61:01:30:7b:9c:1c:31:19:5e:60:
03:4c:35:0a:9c:7d:78:9b:2b:44:77:06:18:af:61:
f2:02:45:54:0b:66:4e:43:74:e0:cb:7a:77:74:c3:
5c:d4:d2:84:29:94:f6:cd:8b:3d:94:1f:8e:23:2c:
4d:6f:37:ba:5c:a5:03:f5:e1:55:00:62:aa:b5:1b:
76:c8:eb:37:0c:08:cc:87:f8:6e:03:9b:39:53:28:
62:6a:78:2a:85:b0:d0:50:ec:2d:b7:00:7a:f8:90:
15:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E5:D9:FE:4F:89:D7:19:1A:52:A6:98:10:BA:71:3B:90:75:9D:EE
X509v3 Authority Key Identifier:
keyid:01:62:8A:41:5E:1F:A7:2C:E1:D0:3C:D7:62:19:CE:1B:77:C6:55:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWKKQV4fpyzh0DzXYhnOG3fGVcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/81ce36-f952-429c-8fbb-7ff92f6dc3a4/1/QOXZ_k-J1xkaUqaYELpxO5B1ne4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/81ce36-f952-429c-8fbb-7ff92f6dc3a4/1/AWKKQV4fpyzh0DzXYhnOG3fGVcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.64.0/22
Signature Algorithm: sha256WithRSAEncryption
70:fd:b1:47:af:50:08:ce:7a:9c:1f:0c:b4:67:5d:71:8d:10:
42:40:f6:9d:bd:48:83:26:40:6c:a2:49:14:ee:3c:18:7a:8b:
25:e0:7e:3e:85:30:2f:94:40:04:a4:21:b7:ee:dc:97:b2:9a:
b4:38:a7:dc:7e:89:ef:89:8e:14:27:5e:2d:7f:22:1f:c0:d8:
2e:e6:6d:f5:8f:72:d9:3d:dc:15:46:f5:e6:be:fe:52:e7:7b:
d5:f2:a6:c7:13:0c:8c:c3:f6:ed:28:a1:1c:41:88:0b:8c:7a:
ea:a8:5f:45:ac:14:8b:f5:60:68:ec:9d:75:64:3a:2f:cf:95:
56:89:6c:78:af:7e:33:9f:7c:29:84:86:df:df:b5:cc:a4:49:
d4:f1:c1:78:ca:a9:f1:12:17:26:79:e1:cc:40:ec:1b:80:82:
7a:a6:97:eb:57:49:39:96:2a:94:9a:c0:0c:3b:87:1b:2b:c5:
e8:3c:77:b1:f0:7d:6f:e5:91:5a:a1:4a:4a:79:b3:31:20:48:
51:b5:b8:5f:e3:50:4d:63:48:63:88:e5:e3:d5:79:0e:1c:27:
ae:a5:49:10:db:45:79:ca:06:76:03:a7:58:02:c9:9a:f4:99:
98:fa:a8:59:af:ff:f7:a7:30:80:fe:f8:b6:4d:f9:a9:9f:1a:
9d:60:c9:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrt+Jttoozfnu/QpsfbxFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI4YTQxNWUxZmE3MmNlMWQwM2NkNzYyMTljZTFiNzdj
NjU1YzQwHhcNMjMwMTAxMDUwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU1ZDlmZTRmODlkNzE5MWE1MmE2OTgxMGJhNzEzYjkwNzU5ZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQvrS1xoWwSxXFnEUjvYq5WTTRHk
A6lBojIS/+T2sc98+0wzLkVanUSQGL4tH3fvLkjUj76TL0oxaEGCFzz22wQD/9ds
prpYITmG5Up6lhbC0wI3hqrT68qJ66bDPTkQOS+x2mYOXqxRAy82StbhVyjBDphf
cQi/zNLUGEbvCIBaZIApjrFRwlzPlw64nMqO4Q4deKUi87aUpmEBMHucHDEZXmAD
TDUKnH14mytEdwYYr2HyAkVUC2ZOQ3Tgy3p3dMNc1NKEKZT2zYs9lB+OIyxNbze6
XKUD9eFVAGKqtRt2yOs3DAjMh/huA5s5UyhiangqhbDQUOwttwB6+JAViQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDl2f5PidcZGlKmmBC6cTuQdZ3uMB8GA1UdIwQY
MBaAFAFiikFeH6cs4dA812IZzht3xlXEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdLS1FWNGZweXpoMER6WFlobk9HM2ZHVmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC84MWNlMzYtZjk1Mi00MjljLThmYmIt
N2ZmOTJmNmRjM2E0LzEvUU9YWl9rLUoxeGthVXFhWUVMcHhPNUIxbmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC84MWNlMzYtZjk1Mi00MjljLThmYmItN2ZmOTJmNmRjM2E0
LzEvQVdLS1FWNGZweXpoMER6WFlobk9HM2ZHVmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuThAMA0G
CSqGSIb3DQEBCwUAA4IBAQBw/bFHr1AIznqcHwy0Z11xjRBCQPadvUiDJkBsokkU
7jwYeosl4H4+hTAvlEAEpCG37tyXspq0OKfcfonviY4UJ14tfyIfwNgu5m31j3LZ
PdwVRvXmvv5S53vV8qbHEwyMw/btKKEcQYgLjHrqqF9FrBSL9WBo7J11ZDovz5VW
iWx4r34zn3wphIbf37XMpEnU8cF4yqnxEhcmeeHMQOwbgIJ6ppfrV0k5liqUmsAM
O4cbK8XoPHex8H1v5ZFaoUpKebMxIEhRtbhf41BNY0hjiOXj1XkOHCeupUkQ20V5
ygZ2A6dYAsma9JmY+qhZr//3pzCA/vi2TfmpnxqdYMkO
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:39 2024 by rpki-client on console-fra.rpki-client.org