Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/15a2c0-5c08-48bd-a8c3-3674a9010efd/1/KQ1LAEsh2G4q4qHH_P6nDzJ50SM.roa
File: KQ1LAEsh2G4q4qHH_P6nDzJ50SM.roa (raw, json)
Hash identifier: /JSxv4UVIdF1pHoyccbFK7pmcqsoIutBuqSERNQmieg=
Subject key identifier: 29:0D:4B:00:4B:21:D8:6E:2A:E2:A1:C7:FC:FE:A7:0F:32:79:D1:23
Certificate issuer: /CN=b43342f17d54a8a3da0ce4d318b3b4c3fa0593e4
Certificate serial: 0185701EE8AF75083CD0A26C4B7D63EF1934
Authority key identifier: B4:33:42:F1:7D:54:A8:A3:DA:0C:E4:D3:18:B3:B4:C3:FA:05:93:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDNC8X1UqKPaDOTTGLO0w_oFk-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/15a2c0-5c08-48bd-a8c3-3674a9010efd/1/KQ1LAEsh2G4q4qHH_P6nDzJ50SM.roa
Signing time: Mon 02 Jan 2023 01:35:51 +0000
ROA not before: Mon 02 Jan 2023 01:35:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59827
IP address blocks: 185.70.72.0/22 maxlen: 24
2a05:2880::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:e8:af:75:08:3c:d0:a2:6c:4b:7d:63:ef:19:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43342f17d54a8a3da0ce4d318b3b4c3fa0593e4
Validity
Not Before: Jan 2 01:35:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=290d4b004b21d86e2ae2a1c7fcfea70f3279d123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ab:3b:42:42:60:98:6d:1a:ef:d2:6f:3f:d7:
8b:ab:51:1e:e6:04:b6:f5:d4:67:53:6b:43:7a:5d:
cc:23:35:28:08:7a:1d:58:a9:c3:c0:5a:0a:e4:f1:
c6:6b:77:f2:ae:ee:dd:18:91:a3:82:1f:b7:fb:51:
c0:1a:02:f5:7e:aa:95:ae:1c:93:25:49:f4:7f:59:
4c:43:bc:34:11:71:7c:78:d2:93:e9:8d:85:98:5d:
37:a6:19:3d:a9:f5:a2:c9:f2:ff:33:79:10:84:60:
c4:48:b8:6e:ec:2d:42:11:df:30:8e:c4:29:20:56:
9b:28:ba:7b:ff:09:02:cb:fa:dd:18:67:d6:94:ff:
99:34:2a:c1:98:7f:09:6b:a8:8a:41:1c:ee:a3:a2:
bc:85:68:a3:5a:8a:11:56:89:93:23:1f:e7:1b:2d:
75:cd:1f:99:d6:85:c1:e9:cf:fb:45:af:5f:3d:7b:
71:71:81:49:9c:84:3d:88:f0:da:93:48:0b:53:0a:
8f:42:80:01:b8:47:bc:59:13:f3:3e:86:67:03:f9:
14:21:50:57:9f:a3:e8:9d:3b:c9:d7:d1:0b:a4:b7:
96:c3:86:8d:48:d8:2e:88:64:78:a3:b2:12:a3:3e:
4c:4d:be:e0:9a:89:0f:d1:75:55:1a:f7:ed:0e:75:
f4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0D:4B:00:4B:21:D8:6E:2A:E2:A1:C7:FC:FE:A7:0F:32:79:D1:23
X509v3 Authority Key Identifier:
keyid:B4:33:42:F1:7D:54:A8:A3:DA:0C:E4:D3:18:B3:B4:C3:FA:05:93:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDNC8X1UqKPaDOTTGLO0w_oFk-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/15a2c0-5c08-48bd-a8c3-3674a9010efd/1/KQ1LAEsh2G4q4qHH_P6nDzJ50SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/15a2c0-5c08-48bd-a8c3-3674a9010efd/1/tDNC8X1UqKPaDOTTGLO0w_oFk-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.72.0/22
IPv6:
2a05:2880::/29
Signature Algorithm: sha256WithRSAEncryption
19:3e:5e:44:0d:01:01:e1:22:ab:e5:a1:4d:1f:5f:c3:10:2d:
ec:9b:bc:4f:ea:48:30:97:77:65:88:ad:73:45:d4:61:ab:c2:
ed:1a:c3:2f:e0:dd:fb:00:ff:b6:84:f3:13:71:a3:2b:d2:74:
c9:4a:4c:42:ae:f5:1a:46:9d:9b:8a:10:a6:04:e1:e8:c8:27:
73:84:af:f5:18:4e:bf:89:78:15:94:05:12:b4:db:7c:f4:d4:
51:a7:ad:e1:3d:3c:b6:d8:d6:25:fa:61:12:bb:db:38:6e:3b:
97:2a:97:fc:94:ca:db:12:cb:9f:d1:ae:99:33:a8:5b:a1:1a:
4a:59:f5:5e:69:e2:ae:09:92:2f:be:e5:8a:24:d2:b0:ae:bf:
6b:ca:b6:ef:07:04:6f:8c:b3:ce:25:93:91:00:fc:f6:a5:b9:
b3:8d:04:09:54:d2:5f:6c:4b:d7:f7:4c:e6:c5:8b:a9:b6:d1:
46:9c:0f:18:65:83:c9:f0:42:af:f4:ef:8e:56:e0:f7:83:29:
5f:3e:b5:b5:33:33:15:36:61:19:c0:45:4b:8d:f5:85:f3:56:
26:9e:3b:d3:f0:bc:64:70:4d:c2:8b:94:a5:fd:ca:e4:7f:19:
b2:84:49:69:ad:9b:25:fe:eb:3f:25:b1:67:ed:fd:4a:82:9d:
6c:cb:e7:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwHuivdQg80KJsS31j7xk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzM0MmYxN2Q1NGE4YTNkYTBjZTRkMzE4YjNiNGMzZmEw
NTkzZTQwHhcNMjMwMTAyMDEzNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBkNGIwMDRiMjFkODZlMmFlMmExYzdmY2ZlYTcwZjMyNzlkMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKs7QkJgmG0a79JvP9eLq1Ee5gS2
9dRnU2tDel3MIzUoCHodWKnDwFoK5PHGa3fyru7dGJGjgh+3+1HAGgL1fqqVrhyT
JUn0f1lMQ7w0EXF8eNKT6Y2FmF03phk9qfWiyfL/M3kQhGDESLhu7C1CEd8wjsQp
IFabKLp7/wkCy/rdGGfWlP+ZNCrBmH8Ja6iKQRzuo6K8hWijWooRVomTIx/nGy11
zR+Z1oXB6c/7Ra9fPXtxcYFJnIQ9iPDak0gLUwqPQoABuEe8WRPzPoZnA/kUIVBX
n6PonTvJ19ELpLeWw4aNSNguiGR4o7ISoz5MTb7gmokP0XVVGvftDnX0jQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCkNSwBLIdhuKuKhx/z+pw8yedEjMB8GA1UdIwQY
MBaAFLQzQvF9VKij2gzk0xiztMP6BZPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEROQzhYMVVxS1BhRE9UVEdMTzB3X29Gay1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xNWEyYzAtNWMwOC00OGJkLWE4YzMt
MzY3NGE5MDEwZWZkLzEvS1ExTEFFc2gyRzRxNHFISF9QNm5Eeko1MFNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xNWEyYzAtNWMwOC00OGJkLWE4YzMtMzY3NGE5MDEwZWZk
LzEvdEROQzhYMVVxS1BhRE9UVEdMTzB3X29Gay1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUZIMA0E
AgACMAcDBQMqBSiAMA0GCSqGSIb3DQEBCwUAA4IBAQAZPl5EDQEB4SKr5aFNH1/D
EC3sm7xP6kgwl3dliK1zRdRhq8LtGsMv4N37AP+2hPMTcaMr0nTJSkxCrvUaRp2b
ihCmBOHoyCdzhK/1GE6/iXgVlAUStNt89NRRp63hPTy22NYl+mESu9s4bjuXKpf8
lMrbEsuf0a6ZM6hboRpKWfVeaeKuCZIvvuWKJNKwrr9ryrbvBwRvjLPOJZORAPz2
pbmzjQQJVNJfbEvX90zmxYupttFGnA8YZYPJ8EKv9O+OVuD3gylfPrW1MzMVNmEZ
wEVLjfWF81YmnjvT8LxkcE3Ci5Sl/crkfxmyhElprZsl/us/JbFn7f1Kgp1sy+cz
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:28 2024 by rpki-client on console-ams.rpki-client.org