Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/Qfx-NLE4J7JNgWk6NIXGXJ5Av_w.roa
File: Qfx-NLE4J7JNgWk6NIXGXJ5Av_w.roa (raw, json)
Hash identifier: dO1d8T/0l45jRKcGnXpzA6w5g6Izr5W7x85il56wem0=
Subject key identifier: 41:FC:7E:34:B1:38:27:B2:4D:81:69:3A:34:85:C6:5C:9E:40:BF:FC
Certificate issuer: /CN=cbf23be1115f022aa269d9cea439bb8b492307e2
Certificate serial: 01856D9D3A141FDC9EAD91FE7F704D19A748
Authority key identifier: CB:F2:3B:E1:11:5F:02:2A:A2:69:D9:CE:A4:39:BB:8B:49:23:07:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_I74RFfAiqiadnOpDm7i0kjB-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/Qfx-NLE4J7JNgWk6NIXGXJ5Av_w.roa
Signing time: Sun 01 Jan 2023 13:54:58 +0000
ROA not before: Sun 01 Jan 2023 13:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 185.64.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:3a:14:1f:dc:9e:ad:91:fe:7f:70:4d:19:a7:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf23be1115f022aa269d9cea439bb8b492307e2
Validity
Not Before: Jan 1 13:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41fc7e34b13827b24d81693a3485c65c9e40bffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c1:a9:16:f5:ce:b5:16:7d:02:61:5f:4e:40:
38:a3:e6:49:b3:aa:e7:22:68:4d:ac:7d:5f:05:31:
c8:ca:9d:60:b4:e1:88:cc:3a:21:66:dd:71:15:71:
72:c5:82:84:af:3b:c0:50:a7:e9:af:eb:b2:73:d1:
d0:f1:ec:8d:88:6d:c3:60:9c:60:43:4e:28:76:8a:
06:19:a9:cc:7d:93:ee:98:4e:e4:b8:ca:76:91:e3:
c4:94:6a:d9:01:f2:2c:84:4d:57:12:c2:4d:0b:19:
04:f3:6a:e4:05:b9:2b:c6:5c:d5:1d:28:26:9c:f4:
b4:a1:0e:6e:3c:0e:71:cb:a2:9b:98:a3:23:c6:9a:
cd:87:4d:61:10:1b:55:47:51:95:22:8a:21:76:16:
93:f3:9a:a5:84:2a:9a:c1:37:9e:8b:78:26:e8:64:
4d:64:6d:50:a8:b2:91:43:04:ef:48:cd:19:15:86:
74:04:c0:14:25:b3:d3:33:16:c2:82:3e:63:5b:46:
31:e5:25:9c:b9:02:d7:66:22:cd:a1:21:cc:08:6c:
6d:57:c4:aa:ba:68:81:95:7f:b3:d7:40:5d:f4:fd:
2d:55:12:a4:ee:b2:e8:39:f5:d6:f2:8d:c0:af:cb:
ca:b2:24:79:3d:c0:1c:02:f5:63:1e:12:67:64:f1:
77:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FC:7E:34:B1:38:27:B2:4D:81:69:3A:34:85:C6:5C:9E:40:BF:FC
X509v3 Authority Key Identifier:
keyid:CB:F2:3B:E1:11:5F:02:2A:A2:69:D9:CE:A4:39:BB:8B:49:23:07:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_I74RFfAiqiadnOpDm7i0kjB-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/Qfx-NLE4J7JNgWk6NIXGXJ5Av_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56313f-ec4e-4c1c-b388-be3252ac4980/1/y_I74RFfAiqiadnOpDm7i0kjB-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.252.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:29:64:9e:81:ac:d0:f3:e8:b6:f4:a5:59:26:2f:2c:12:d1:
5a:c4:ff:9b:e1:60:3d:6c:93:b5:e4:89:38:0f:be:f8:ad:f6:
e0:45:6a:0c:30:e7:75:7b:c7:ab:8c:16:73:b2:1b:19:d7:48:
30:a9:5c:fb:ca:f0:c4:5d:5e:45:d5:bf:4f:bd:69:b4:6c:8f:
24:f5:9e:f3:72:b4:38:6d:ad:94:c1:b7:dd:52:3a:71:b4:13:
7b:65:ef:67:ef:22:eb:46:c9:a4:45:2b:73:79:26:e3:da:56:
a1:7f:5a:d4:01:5d:5e:4b:b4:21:67:fe:ec:a8:90:66:f0:65:
c4:4d:80:d3:87:cd:bc:b8:5e:dc:5e:79:9f:3d:8f:f7:90:61:
77:f7:66:a0:33:f3:39:ee:78:d5:2a:3e:ab:6d:f9:16:7d:10:
30:3c:83:6e:36:98:db:4d:04:0c:34:71:a6:d9:ad:cc:aa:23:
7d:07:40:41:07:e4:a1:25:ad:16:eb:1e:47:f2:2d:d9:32:cb:
a6:94:c0:c2:da:74:18:5e:36:ef:93:ec:dd:04:64:39:2b:5d:
f3:d1:23:47:e7:75:98:42:9f:f0:fe:9d:72:c5:28:59:be:95:
1d:8a:d6:97:97:fe:5a:31:18:d2:39:d2:b8:f2:b2:d4:e2:71:
6a:ca:29:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtnToUH9yerZH+f3BNGadIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjIzYmUxMTE1ZjAyMmFhMjY5ZDljZWE0MzliYjhiNDky
MzA3ZTIwHhcNMjMwMTAxMTM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZjN2UzNGIxMzgyN2IyNGQ4MTY5M2EzNDg1YzY1YzllNDBiZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MGpFvXOtRZ9AmFfTkA4o+ZJs6rn
ImhNrH1fBTHIyp1gtOGIzDohZt1xFXFyxYKErzvAUKfpr+uyc9HQ8eyNiG3DYJxg
Q04odooGGanMfZPumE7kuMp2kePElGrZAfIshE1XEsJNCxkE82rkBbkrxlzVHSgm
nPS0oQ5uPA5xy6KbmKMjxprNh01hEBtVR1GVIoohdhaT85qlhCqawTeei3gm6GRN
ZG1QqLKRQwTvSM0ZFYZ0BMAUJbPTMxbCgj5jW0Yx5SWcuQLXZiLNoSHMCGxtV8Sq
umiBlX+z10Bd9P0tVRKk7rLoOfXW8o3Ar8vKsiR5PcAcAvVjHhJnZPF3tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEH8fjSxOCeyTYFpOjSFxlyeQL/8MB8GA1UdIwQY
MBaAFMvyO+ERXwIqomnZzqQ5u4tJIwfiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9JNzRSRmZBaXFpYWRuT3BEbTdpMGtqQi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81NjMxM2YtZWM0ZS00YzFjLWIzODgt
YmUzMjUyYWM0OTgwLzEvUWZ4LU5MRTRKN0pOZ1drNk5JWEdYSjVBdl93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81NjMxM2YtZWM0ZS00YzFjLWIzODgtYmUzMjUyYWM0OTgw
LzEveV9JNzRSRmZBaXFpYWRuT3BEbTdpMGtqQi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUD8MA0G
CSqGSIb3DQEBCwUAA4IBAQCdKWSegazQ8+i29KVZJi8sEtFaxP+b4WA9bJO15Ik4
D774rfbgRWoMMOd1e8erjBZzshsZ10gwqVz7yvDEXV5F1b9PvWm0bI8k9Z7zcrQ4
ba2UwbfdUjpxtBN7Ze9n7yLrRsmkRStzeSbj2lahf1rUAV1eS7QhZ/7sqJBm8GXE
TYDTh828uF7cXnmfPY/3kGF392agM/M57njVKj6rbfkWfRAwPINuNpjbTQQMNHGm
2a3MqiN9B0BBB+ShJa0W6x5H8i3ZMsumlMDC2nQYXjbvk+zdBGQ5K13z0SNH53WY
Qp/w/p1yxShZvpUditaXl/5aMRjSOdK48rLU4nFqyimA
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:57 2024 by rpki-client on console-ams.rpki-client.org