Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/826faf-37b4-438f-8f90-29fe7cc66c8d/1/QORjix6vvn9t-PE9p8u0Agcdgho.roa
File: QORjix6vvn9t-PE9p8u0Agcdgho.roa (raw, json)
Hash identifier: sDVPZ5LbeyYbXq9hn2BUxrucgOZyEtWbCTlv65z7iYA=
Subject key identifier: 40:E4:63:8B:1E:AF:BE:7F:6D:F8:F1:3D:A7:CB:B4:02:07:1D:82:1A
Certificate issuer: /CN=d5f5e7dddc47c71044865bc5cdc2587efdab0b9c
Certificate serial: 0189BA6F842D2ADC81F64D896B5033AF47FA
Authority key identifier: D5:F5:E7:DD:DC:47:C7:10:44:86:5B:C5:CD:C2:58:7E:FD:AB:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1fXn3dxHxxBEhlvFzcJYfv2rC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/826faf-37b4-438f-8f90-29fe7cc66c8d/1/QORjix6vvn9t-PE9p8u0Agcdgho.roa
Signing time: Thu 03 Aug 2023 08:06:57 +0000
ROA not before: Thu 03 Aug 2023 08:06:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212881
IP address blocks: 185.40.107.0/24 maxlen: 24
2a0c:ef00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:6f:84:2d:2a:dc:81:f6:4d:89:6b:50:33:af:47:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5f5e7dddc47c71044865bc5cdc2587efdab0b9c
Validity
Not Before: Aug 3 08:06:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e4638b1eafbe7f6df8f13da7cbb402071d821a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b8:59:7c:77:99:d6:61:80:47:2d:8b:4b:2b:
3f:ce:4b:b7:45:bc:84:ba:f9:bd:73:4a:57:f5:8c:
89:dd:50:f0:c6:25:e3:0c:25:10:c3:ad:26:36:61:
31:87:d4:90:e2:cf:47:8e:fe:b6:53:f8:fb:b7:8a:
e3:40:cb:20:4a:cb:9f:38:84:27:ee:37:5f:86:1e:
49:71:fc:93:d9:8c:56:00:53:11:51:75:02:b4:bc:
3e:96:3a:46:1b:e8:50:a8:21:4d:77:69:f4:26:27:
32:d5:c5:8f:d8:d1:8b:91:17:55:b1:0b:04:a4:23:
c8:d5:b1:56:f8:be:85:76:7d:64:ea:89:a3:14:de:
2f:00:9c:fc:79:1d:35:83:e0:57:c9:6e:cd:29:51:
39:2d:a4:92:41:6a:87:58:65:ad:6e:1d:42:be:ae:
1d:0d:fb:92:bf:c5:f7:3f:51:d6:ac:f4:84:cf:d8:
22:c5:28:86:b3:4a:2a:a6:b3:9a:75:9c:33:cf:04:
dc:70:e4:dc:27:95:2f:19:05:bc:84:cd:6f:37:0d:
73:6c:cd:e4:09:81:66:11:c1:42:4e:e2:db:02:d6:
7f:9d:84:c2:1d:66:34:cb:2d:72:b8:03:0a:b7:44:
f4:91:bd:88:ae:44:be:37:5a:4e:dc:97:3d:67:cb:
d7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E4:63:8B:1E:AF:BE:7F:6D:F8:F1:3D:A7:CB:B4:02:07:1D:82:1A
X509v3 Authority Key Identifier:
keyid:D5:F5:E7:DD:DC:47:C7:10:44:86:5B:C5:CD:C2:58:7E:FD:AB:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fXn3dxHxxBEhlvFzcJYfv2rC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/826faf-37b4-438f-8f90-29fe7cc66c8d/1/QORjix6vvn9t-PE9p8u0Agcdgho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/826faf-37b4-438f-8f90-29fe7cc66c8d/1/1fXn3dxHxxBEhlvFzcJYfv2rC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.107.0/24
IPv6:
2a0c:ef00::/32
Signature Algorithm: sha256WithRSAEncryption
76:86:ec:34:97:30:26:64:d6:4c:2a:39:98:1d:82:a7:4a:6b:
4c:f9:c5:ef:3b:7e:a8:ae:f4:9c:70:d0:51:5d:6f:7e:b3:30:
11:4b:0c:e3:83:1a:2d:83:91:56:8c:c8:f5:9e:2c:a0:94:1e:
ae:92:57:76:45:67:cf:83:76:58:ed:5f:f3:46:e8:83:af:5c:
06:10:2c:89:a9:45:a1:12:0a:7d:d3:60:4b:ad:d5:67:88:e1:
b6:f4:3d:ed:f5:8a:e7:09:20:55:a5:14:15:18:b8:55:ce:fc:
c4:2f:e9:f1:29:94:f1:ef:3b:a6:63:9a:ab:11:3d:ed:7c:3d:
45:96:4d:74:21:97:7d:9b:4e:c8:17:c9:06:92:6e:da:a6:a1:
10:26:ef:ee:49:86:ef:85:81:60:64:03:a9:8c:01:29:44:97:
70:4d:0b:b3:bb:44:e4:e0:32:1a:65:18:d9:ce:85:0f:74:be:
68:6a:2f:89:43:55:58:91:a0:3d:f8:e1:11:97:ab:63:41:6f:
a6:1d:8d:f1:9c:a3:a3:fc:ec:26:57:05:ab:fc:43:11:f4:e9:
b2:30:f5:1d:ce:94:7b:44:df:6f:6e:ad:51:04:46:80:9f:75:
c0:86:e5:10:65:14:4e:3d:5d:00:e6:d3:a4:38:da:0a:9e:13:
3c:e0:24:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYm6b4QtKtyB9k2Ja1Azr0f6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjVlN2RkZGM0N2M3MTA0NDg2NWJjNWNkYzI1ODdlZmRh
YjBiOWMwHhcNMjMwODAzMDgwNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU0NjM4YjFlYWZiZTdmNmRmOGYxM2RhN2NiYjQwMjA3MWQ4MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7hZfHeZ1mGARy2LSys/zku3RbyE
uvm9c0pX9YyJ3VDwxiXjDCUQw60mNmExh9SQ4s9Hjv62U/j7t4rjQMsgSsufOIQn
7jdfhh5JcfyT2YxWAFMRUXUCtLw+ljpGG+hQqCFNd2n0Jicy1cWP2NGLkRdVsQsE
pCPI1bFW+L6Fdn1k6omjFN4vAJz8eR01g+BXyW7NKVE5LaSSQWqHWGWtbh1Cvq4d
DfuSv8X3P1HWrPSEz9gixSiGs0oqprOadZwzzwTccOTcJ5UvGQW8hM1vNw1zbM3k
CYFmEcFCTuLbAtZ/nYTCHWY0yy1yuAMKt0T0kb2IrkS+N1pO3Jc9Z8vXzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEDkY4ser75/bfjxPafLtAIHHYIaMB8GA1UdIwQY
MBaAFNX1593cR8cQRIZbxc3CWH79qwucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZYbjNkeEh4eEJFaGx2RnpjSllmdjJyQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy84MjZmYWYtMzdiNC00MzhmLThmOTAt
MjlmZTdjYzY2YzhkLzEvUU9Saml4NnZ2bjl0LVBFOXA4dTBBZ2NkZ2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy84MjZmYWYtMzdiNC00MzhmLThmOTAtMjlmZTdjYzY2Yzhk
LzEvMWZYbjNkeEh4eEJFaGx2RnpjSllmdjJyQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuShrMA0E
AgACMAcDBQAqDO8AMA0GCSqGSIb3DQEBCwUAA4IBAQB2huw0lzAmZNZMKjmYHYKn
SmtM+cXvO36orvSccNBRXW9+szARSwzjgxotg5FWjMj1niyglB6ukld2RWfPg3ZY
7V/zRuiDr1wGECyJqUWhEgp902BLrdVniOG29D3t9YrnCSBVpRQVGLhVzvzEL+nx
KZTx7zumY5qrET3tfD1Flk10IZd9m07IF8kGkm7apqEQJu/uSYbvhYFgZAOpjAEp
RJdwTQuzu0Tk4DIaZRjZzoUPdL5oai+JQ1VYkaA9+OERl6tjQW+mHY3xnKOj/Owm
VwWr/EMR9OmyMPUdzpR7RN9vbq1RBEaAn3XAhuUQZRROPV0A5tOkONoKnhM84CTW
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:37 2024 by rpki-client on console-ams.rpki-client.org