Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/QCNFJ1vobqCvSzoMha6cYWf1aTo.roa
File: QCNFJ1vobqCvSzoMha6cYWf1aTo.roa (raw, json)
Hash identifier: dc17MBWi8dhH6TwUfRZ543VLz4uFCqNI1tKtcAkQTdg=
Subject key identifier: 40:23:45:27:5B:E8:6E:A0:AF:4B:3A:0C:85:AE:9C:61:67:F5:69:3A
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 018DE4E28B5224F961301317121CD6F342C5
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/QCNFJ1vobqCvSzoMha6cYWf1aTo.roa
Signing time: Mon 26 Feb 2024 10:07:48 +0000
ROA not before: Mon 26 Feb 2024 10:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.81.28.0/22 maxlen: 24
185.179.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 16:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:e2:8b:52:24:f9:61:30:13:17:12:1c:d6:f3:42:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Feb 26 10:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=402345275be86ea0af4b3a0c85ae9c6167f5693a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b4:84:67:4f:66:6e:69:7d:f2:cf:fa:87:92:
12:6a:5f:be:6a:88:40:9b:96:52:7c:da:2d:ab:81:
ed:fa:e2:2a:a9:db:0d:31:2f:5f:04:3b:9d:d5:1e:
32:de:b1:7e:dd:52:08:68:58:7a:c6:48:d8:f6:71:
da:cd:36:f0:06:75:37:6c:a6:a7:d3:81:1e:87:9b:
bc:67:a3:da:55:41:17:45:72:d6:43:c2:32:94:88:
1e:67:61:29:cc:52:ae:19:3b:b9:08:c4:28:6e:c9:
d3:c6:6b:a7:55:9b:cd:67:c9:b3:aa:24:8b:97:13:
d4:28:e4:2b:6a:73:ae:38:cf:62:c6:5b:50:0a:37:
2e:b5:19:64:58:6b:2c:74:c4:e8:1d:ee:1e:94:31:
d7:66:78:46:7a:c8:c6:47:1e:f6:43:9b:0a:de:ff:
3d:f2:97:4b:ed:36:e2:37:f8:58:9a:5c:84:62:e6:
4a:d5:31:9a:23:36:01:a4:cb:54:39:f8:8c:7f:5f:
c6:ed:a0:aa:12:94:6d:28:46:fb:c9:dc:78:a1:40:
b7:fe:f6:8a:33:27:c6:8f:c9:7f:43:08:c3:f7:bb:
fe:95:67:ae:6f:bb:71:15:24:b9:61:c2:6f:22:ef:
ca:1c:31:a0:b8:82:da:08:46:ee:49:25:4c:39:8a:
c5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:23:45:27:5B:E8:6E:A0:AF:4B:3A:0C:85:AE:9C:61:67:F5:69:3A
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/QCNFJ1vobqCvSzoMha6cYWf1aTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.28.0/22
185.179.216.0/24
Signature Algorithm: sha256WithRSAEncryption
78:2f:68:1f:0a:e8:80:d4:16:56:d0:5c:78:a4:d4:b8:4f:07:
cd:64:dd:ef:e9:3e:e0:10:77:e7:63:d5:99:b1:bb:e1:18:41:
ea:7b:ed:fa:61:c0:38:55:a1:07:c8:d7:76:04:47:d8:a4:7d:
3e:68:a9:40:73:a9:c4:62:dc:09:d5:d6:49:09:df:74:8a:f2:
ad:e1:7e:9b:1a:97:fd:60:96:5d:1d:c4:3e:46:d3:07:98:86:
1f:3e:22:b3:73:ff:45:d1:f7:8b:20:1f:3f:01:e6:02:91:52:
f1:fc:e3:a0:d9:71:8c:a1:b1:fa:09:45:da:de:7a:c8:f7:6d:
6e:4a:89:3c:14:49:51:77:bc:10:ae:98:17:1b:a1:b2:fe:d3:
32:cd:c2:9d:ea:dc:7a:c4:49:9c:56:14:2a:42:50:6f:30:0b:
fc:c7:a6:96:72:54:4e:c3:e8:ef:f5:04:bc:6b:cf:73:bd:16:
90:e9:6a:0d:0d:ab:b0:c8:3b:17:4f:48:67:a5:f3:f1:7c:4f:
de:92:a5:31:cb:20:d1:b9:c5:8d:87:0e:5b:27:6b:42:a0:97:
12:4c:1c:5a:60:18:27:54:8e:32:97:65:96:46:00:26:f0:7a:
7c:61:5c:8f:dc:7a:35:18:b7:d2:0d:ed:d1:47:e8:bb:91:d5:
71:23:41:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3k4otSJPlhMBMXEhzW80LFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjQwMjI2MTAwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDIzNDUyNzViZTg2ZWEwYWY0YjNhMGM4NWFlOWM2MTY3ZjU2OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbSEZ09mbml98s/6h5ISal++aohA
m5ZSfNotq4Ht+uIqqdsNMS9fBDud1R4y3rF+3VIIaFh6xkjY9nHazTbwBnU3bKan
04Eeh5u8Z6PaVUEXRXLWQ8IylIgeZ2EpzFKuGTu5CMQobsnTxmunVZvNZ8mzqiSL
lxPUKOQranOuOM9ixltQCjcutRlkWGssdMToHe4elDHXZnhGesjGRx72Q5sK3v89
8pdL7TbiN/hYmlyEYuZK1TGaIzYBpMtUOfiMf1/G7aCqEpRtKEb7ydx4oUC3/vaK
MyfGj8l/QwjD97v+lWeub7txFSS5YcJvIu/KHDGguILaCEbuSSVMOYrFnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEAjRSdb6G6gr0s6DIWunGFn9Wk6MB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvUUNORkoxdm9icUN2U3pvTWhhNmNZV2YxYVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVEcAwQA
ubPYMA0GCSqGSIb3DQEBCwUAA4IBAQB4L2gfCuiA1BZW0Fx4pNS4TwfNZN3v6T7g
EHfnY9WZsbvhGEHqe+36YcA4VaEHyNd2BEfYpH0+aKlAc6nEYtwJ1dZJCd90ivKt
4X6bGpf9YJZdHcQ+RtMHmIYfPiKzc/9F0feLIB8/AeYCkVLx/OOg2XGMobH6CUXa
3nrI921uSok8FElRd7wQrpgXG6Gy/tMyzcKd6tx6xEmcVhQqQlBvMAv8x6aWclRO
w+jv9QS8a89zvRaQ6WoNDauwyDsXT0hnpfPxfE/ekqUxyyDRucWNhw5bJ2tCoJcS
TBxaYBgnVI4yl2WWRgAm8Hp8YVyP3Ho1GLfSDe3RR+i7kdVxI0Fx
-----END CERTIFICATE-----
Generated at Mon Feb 26 20:06:11 2024 by rpki-client on console-ams.rpki-client.org