Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/3d6d51-3d57-43a8-b67f-b615df7fce9e/1/Qvvbw8U35YVB5uLTtYBiPLbGBTQ.roa
File: Qvvbw8U35YVB5uLTtYBiPLbGBTQ.roa (raw, json)
Hash identifier: Yfdh1WWEZcBdNf3ivsvVudvC0Yb4x+oJUXCR39H/YNQ=
Subject key identifier: 42:FB:DB:C3:C5:37:E5:85:41:E6:E2:D3:B5:80:62:3C:B6:C6:05:34
Certificate issuer: /CN=237b2b50bf0c18a531e6db15667be7ed76bb2821
Certificate serial: 01857015349492C25B82AE0D42BE80BCF643
Authority key identifier: 23:7B:2B:50:BF:0C:18:A5:31:E6:DB:15:66:7B:E7:ED:76:BB:28:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3srUL8MGKUx5tsVZnvn7Xa7KCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/3d6d51-3d57-43a8-b67f-b615df7fce9e/1/Qvvbw8U35YVB5uLTtYBiPLbGBTQ.roa
Signing time: Mon 02 Jan 2023 01:25:15 +0000
ROA not before: Mon 02 Jan 2023 01:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60169
IP address blocks: 185.39.20.0/22 maxlen: 22
2a04:6100::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:34:94:92:c2:5b:82:ae:0d:42:be:80:bc:f6:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237b2b50bf0c18a531e6db15667be7ed76bb2821
Validity
Not Before: Jan 2 01:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42fbdbc3c537e58541e6e2d3b580623cb6c60534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7f:c4:35:05:8c:d3:e2:f4:0e:3b:ef:b6:60:
8f:2f:20:73:61:d8:fc:72:ae:4b:d5:a2:97:9b:a1:
09:fb:87:96:86:c3:fe:30:1b:d2:e9:a6:04:ba:92:
4b:13:fc:20:56:4d:5e:36:aa:b5:ee:ae:10:7f:eb:
d4:26:ec:e7:1e:68:d6:a4:0f:16:56:1e:2a:5f:90:
2a:59:9f:e3:9c:42:50:55:01:e3:c6:e6:c0:c4:a1:
aa:1e:ee:7e:a9:72:5e:9f:e6:5b:8b:f4:f9:c1:e4:
8a:ed:6f:97:94:cc:d3:34:a4:64:b9:eb:33:03:68:
5d:fa:1c:fb:8d:fb:22:d3:cd:f5:bb:d0:5a:ab:08:
fe:95:83:7b:fb:de:4c:28:99:8a:76:c0:6d:7e:3a:
b6:c2:00:7f:6f:c5:07:6c:a8:fd:da:9e:85:44:7c:
d9:50:3e:20:85:d3:8b:32:b6:51:21:72:1a:79:78:
6f:a3:64:c5:3e:9f:54:ef:79:82:38:e3:67:cd:5b:
11:55:20:f3:41:44:79:1a:19:94:e7:bf:3b:08:10:
42:83:f5:f1:e9:b3:1c:b2:50:ee:01:9a:8c:c0:01:
e6:5a:6d:22:56:a2:07:29:6f:11:cb:47:76:07:bc:
4e:2a:0d:4c:1a:49:a5:40:9b:35:82:6c:7c:79:9b:
0a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FB:DB:C3:C5:37:E5:85:41:E6:E2:D3:B5:80:62:3C:B6:C6:05:34
X509v3 Authority Key Identifier:
keyid:23:7B:2B:50:BF:0C:18:A5:31:E6:DB:15:66:7B:E7:ED:76:BB:28:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3srUL8MGKUx5tsVZnvn7Xa7KCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3d6d51-3d57-43a8-b67f-b615df7fce9e/1/Qvvbw8U35YVB5uLTtYBiPLbGBTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3d6d51-3d57-43a8-b67f-b615df7fce9e/1/I3srUL8MGKUx5tsVZnvn7Xa7KCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.20.0/22
IPv6:
2a04:6100::/29
Signature Algorithm: sha256WithRSAEncryption
3f:76:28:b0:16:69:d2:eb:d9:6e:98:62:3a:87:f2:70:53:f9:
a5:98:b8:9e:f1:56:94:10:c8:5c:45:63:72:3a:60:61:47:3b:
9e:f7:cc:ff:0b:2b:86:38:af:fa:c6:f7:94:fa:a4:5e:d0:fb:
30:9e:fc:3d:a4:ff:32:b7:6f:ea:1a:66:35:b5:d7:25:20:40:
12:33:33:bd:45:4f:36:de:28:dd:a2:63:ea:3d:97:f4:6d:ff:
74:80:a2:cb:d5:f8:0a:ee:6e:b7:ab:89:f5:6a:0a:37:8d:73:
d9:88:ef:aa:a3:7e:f6:8a:fe:8d:fc:d6:ff:39:64:d4:cb:84:
e2:37:68:ea:45:60:49:45:fb:71:ba:5b:61:ad:5d:3b:08:a4:
6f:eb:97:f3:af:72:ab:37:1c:50:3e:b8:23:41:70:49:8c:19:
94:7a:2a:1b:50:d0:78:cc:f7:0f:42:58:db:cf:59:11:63:7c:
78:a7:a6:0a:fc:2a:0f:21:c4:c0:41:fd:34:d1:60:4d:31:6b:
29:84:aa:a3:4c:dc:67:b3:a8:5a:de:53:d4:b6:9e:24:ed:0a:
d4:43:b6:25:ea:0d:f9:b8:2e:1c:a8:ef:81:fc:41:0d:31:24:
1c:e4:5e:24:fc:74:39:9a:78:51:2c:89:58:85:a3:f7:18:f0:
a5:8d:6c:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwFTSUksJbgq4NQr6AvPZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2IyYjUwYmYwYzE4YTUzMWU2ZGIxNTY2N2JlN2VkNzZi
YjI4MjEwHhcNMjMwMTAyMDEyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZiZGJjM2M1MzdlNTg1NDFlNmUyZDNiNTgwNjIzY2I2YzYwNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX/ENQWM0+L0DjvvtmCPLyBzYdj8
cq5L1aKXm6EJ+4eWhsP+MBvS6aYEupJLE/wgVk1eNqq17q4Qf+vUJuznHmjWpA8W
Vh4qX5AqWZ/jnEJQVQHjxubAxKGqHu5+qXJen+Zbi/T5weSK7W+XlMzTNKRkuesz
A2hd+hz7jfsi0831u9Baqwj+lYN7+95MKJmKdsBtfjq2wgB/b8UHbKj92p6FRHzZ
UD4ghdOLMrZRIXIaeXhvo2TFPp9U73mCOONnzVsRVSDzQUR5GhmU5787CBBCg/Xx
6bMcslDuAZqMwAHmWm0iVqIHKW8Ry0d2B7xOKg1MGkmlQJs1gmx8eZsK3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEL728PFN+WFQebi07WAYjy2xgU0MB8GA1UdIwQY
MBaAFCN7K1C/DBilMebbFWZ75+12uyghMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNzclVMOE1HS1V4NXRzVlpudm43WGE3S0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8zZDZkNTEtM2Q1Ny00M2E4LWI2N2Yt
YjYxNWRmN2ZjZTllLzEvUXZ2Ync4VTM1WVZCNXVMVHRZQmlQTGJHQlRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8zZDZkNTEtM2Q1Ny00M2E4LWI2N2YtYjYxNWRmN2ZjZTll
LzEvSTNzclVMOE1HS1V4NXRzVlpudm43WGE3S0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuScUMA0E
AgACMAcDBQMqBGEAMA0GCSqGSIb3DQEBCwUAA4IBAQA/diiwFmnS69lumGI6h/Jw
U/mlmLie8VaUEMhcRWNyOmBhRzue98z/CyuGOK/6xveU+qRe0Pswnvw9pP8yt2/q
GmY1tdclIEASMzO9RU823ijdomPqPZf0bf90gKLL1fgK7m63q4n1ago3jXPZiO+q
o372iv6N/Nb/OWTUy4TiN2jqRWBJRftxulthrV07CKRv65fzr3KrNxxQPrgjQXBJ
jBmUeiobUNB4zPcPQljbz1kRY3x4p6YK/CoPIcTAQf000WBNMWsphKqjTNxns6ha
3lPUtp4k7QrUQ7Yl6g35uC4cqO+B/EENMSQc5F4k/HQ5mnhRLIlYhaP3GPCljWzN
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:00 2024 by rpki-client on console-ams.rpki-client.org