Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/079594-e401-4ed5-98a6-90d35b245ced/1/QT_AvyxIY5aZZdI5rtW-WdYrfMY.roa
File: QT_AvyxIY5aZZdI5rtW-WdYrfMY.roa (raw, json)
Hash identifier: 6jKQ4+3Yll3QIaWioPHxJSRvnxia+mhK4x4mzhDAaZ4=
Subject key identifier: 41:3F:C0:BF:2C:48:63:96:99:65:D2:39:AE:D5:BE:59:D6:2B:7C:C6
Certificate issuer: /CN=232b1778d63623743ed89c87de80c2a64093a062
Certificate serial: 018CC4932B588A506D0E1ACC4896341B2FEC
Authority key identifier: 23:2B:17:78:D6:36:23:74:3E:D8:9C:87:DE:80:C2:A6:40:93:A0:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IysXeNY2I3Q-2JyH3oDCpkCToGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/079594-e401-4ed5-98a6-90d35b245ced/1/QT_AvyxIY5aZZdI5rtW-WdYrfMY.roa
Signing time: Mon 01 Jan 2024 10:30:28 +0000
ROA not before: Mon 01 Jan 2024 10:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16019
IP address blocks: 185.243.168.0/22 maxlen: 22
2a0d:1780::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:2b:58:8a:50:6d:0e:1a:cc:48:96:34:1b:2f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=232b1778d63623743ed89c87de80c2a64093a062
Validity
Not Before: Jan 1 10:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=413fc0bf2c4863969965d239aed5be59d62b7cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:20:d0:b9:cf:ae:ba:82:ad:d3:cb:e4:e9:20:
d3:db:c8:a3:52:d4:d5:60:a4:41:8f:c9:26:8a:42:
dd:97:99:db:c0:4b:e5:6c:a0:5d:68:ab:ed:52:b5:
06:27:ea:53:f3:25:19:82:35:2e:ad:0d:69:ee:1e:
53:d0:75:64:fa:1a:1c:e2:4c:a0:e0:ea:f0:38:8d:
7d:74:36:16:97:6c:d6:a5:10:fa:73:1d:5a:f0:30:
39:38:79:11:6b:37:2f:33:eb:d0:17:1a:72:8e:5e:
5d:68:ae:a4:c4:c2:4b:e4:be:73:6b:f1:0c:15:1e:
e4:f7:dc:e5:0d:83:d3:b0:66:14:b3:9d:f4:32:ed:
de:48:73:63:1e:ee:ab:a6:c0:8b:9d:aa:1a:04:a2:
45:a1:e0:63:d2:33:d0:3c:4c:69:4a:28:38:5b:e9:
13:44:8d:b7:57:90:11:ea:d7:3e:fe:f9:b9:d4:cc:
45:30:a5:16:de:3a:85:3a:0f:67:0a:30:99:9f:28:
4a:d5:b5:32:8b:d3:b3:21:73:5b:5c:79:9f:8f:98:
e9:34:02:e0:df:36:14:65:47:1d:12:65:84:bf:2b:
91:1a:d5:ee:41:62:66:47:73:ba:4c:f9:85:69:87:
9f:40:7b:9a:6f:67:92:e7:87:54:92:29:33:9f:3f:
41:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3F:C0:BF:2C:48:63:96:99:65:D2:39:AE:D5:BE:59:D6:2B:7C:C6
X509v3 Authority Key Identifier:
keyid:23:2B:17:78:D6:36:23:74:3E:D8:9C:87:DE:80:C2:A6:40:93:A0:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IysXeNY2I3Q-2JyH3oDCpkCToGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/079594-e401-4ed5-98a6-90d35b245ced/1/QT_AvyxIY5aZZdI5rtW-WdYrfMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/079594-e401-4ed5-98a6-90d35b245ced/1/IysXeNY2I3Q-2JyH3oDCpkCToGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.168.0/22
IPv6:
2a0d:1780::/29
Signature Algorithm: sha256WithRSAEncryption
36:a8:35:08:4e:86:29:2f:ef:f7:72:b6:b7:c5:6c:da:30:e0:
66:7a:02:74:97:90:35:fb:ba:d0:3e:1e:45:9c:eb:75:66:c2:
45:09:47:f7:36:96:5b:68:c5:26:66:ec:09:da:d1:e7:e7:03:
cf:20:70:1f:0b:80:d9:bb:a8:50:a1:27:cf:9e:94:d1:98:99:
bc:29:cc:0e:60:bc:cb:8a:18:10:5f:85:94:23:05:51:a3:04:
1f:c8:8e:01:a7:c0:40:41:bd:8c:9e:12:a6:3a:d3:37:59:6f:
e0:71:8c:a7:4c:75:c5:2f:13:65:35:dd:f1:3d:2a:de:65:a7:
1d:c3:65:44:10:14:ea:cf:2c:9a:b0:f1:2e:33:9e:0a:47:76:
6a:cd:5b:d1:dd:36:6d:f4:2f:52:5a:dc:2c:c3:aa:27:9e:9a:
65:6d:73:2c:37:d6:fc:ed:01:f9:39:3c:1c:cf:6f:28:cb:cf:
88:7c:36:c2:17:cc:87:c2:b3:07:52:5f:d5:e6:ea:94:5b:19:
25:cd:d6:76:8e:d6:6a:55:fe:81:38:b3:18:46:eb:b9:3f:8e:
c9:8e:70:3d:12:b8:07:be:9b:a5:15:47:cf:a4:9e:31:b4:4e:
af:58:ca:9d:c7:cf:d3:57:d1:b2:6f:ef:ab:97:a9:56:d7:f7:
bc:09:63:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkytYilBtDhrMSJY0Gy/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMmIxNzc4ZDYzNjIzNzQzZWQ4OWM4N2RlODBjMmE2NDA5
M2EwNjIwHhcNMjQwMTAxMTAzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNmYzBiZjJjNDg2Mzk2OTk2NWQyMzlhZWQ1YmU1OWQ2MmI3Y2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyDQuc+uuoKt08vk6SDT28ijUtTV
YKRBj8kmikLdl5nbwEvlbKBdaKvtUrUGJ+pT8yUZgjUurQ1p7h5T0HVk+hoc4kyg
4OrwOI19dDYWl2zWpRD6cx1a8DA5OHkRazcvM+vQFxpyjl5daK6kxMJL5L5za/EM
FR7k99zlDYPTsGYUs530Mu3eSHNjHu6rpsCLnaoaBKJFoeBj0jPQPExpSig4W+kT
RI23V5AR6tc+/vm51MxFMKUW3jqFOg9nCjCZnyhK1bUyi9OzIXNbXHmfj5jpNALg
3zYUZUcdEmWEvyuRGtXuQWJmR3O6TPmFaYefQHuab2eS54dUkikznz9BSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEE/wL8sSGOWmWXSOa7VvlnWK3zGMB8GA1UdIwQY
MBaAFCMrF3jWNiN0Ptich96AwqZAk6BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlzWGVOWTJJM1EtMkp5SDNvRENwa0NUb0dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8wNzk1OTQtZTQwMS00ZWQ1LTk4YTYt
OTBkMzViMjQ1Y2VkLzEvUVRfQXZ5eElZNWFaWmRJNXJ0Vy1XZFlyZk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8wNzk1OTQtZTQwMS00ZWQ1LTk4YTYtOTBkMzViMjQ1Y2Vk
LzEvSXlzWGVOWTJJM1EtMkp5SDNvRENwa0NUb0dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufOoMA0E
AgACMAcDBQMqDReAMA0GCSqGSIb3DQEBCwUAA4IBAQA2qDUIToYpL+/3cra3xWza
MOBmegJ0l5A1+7rQPh5FnOt1ZsJFCUf3NpZbaMUmZuwJ2tHn5wPPIHAfC4DZu6hQ
oSfPnpTRmJm8KcwOYLzLihgQX4WUIwVRowQfyI4Bp8BAQb2MnhKmOtM3WW/gcYyn
THXFLxNlNd3xPSreZacdw2VEEBTqzyyasPEuM54KR3ZqzVvR3TZt9C9SWtwsw6on
npplbXMsN9b87QH5OTwcz28oy8+IfDbCF8yHwrMHUl/V5uqUWxklzdZ2jtZqVf6B
OLMYRuu5P47JjnA9ErgHvpulFUfPpJ4xtE6vWMqdx8/TV9Gyb++rl6lW1/e8CWNU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:13 2025 by rpki-client