Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/QvOF15NDNPMBWtl7TlyyNptqQYw.roa
File: QvOF15NDNPMBWtl7TlyyNptqQYw.roa (raw, json)
Hash identifier: WhR6HHXOjwQkUg1ouXR+1xp2fl9a5A0Aihf2mk5IIr8=
Subject key identifier: 42:F3:85:D7:93:43:34:F3:01:5A:D9:7B:4E:5C:B2:36:9B:6A:41:8C
Certificate issuer: /CN=1de5dbc0b610485d0f7e2194d8f816d6c1445326
Certificate serial: 01856D53C4880841851B0EAB28696889572B
Authority key identifier: 1D:E5:DB:C0:B6:10:48:5D:0F:7E:21:94:D8:F8:16:D6:C1:44:53:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeXbwLYQSF0PfiGU2PgW1sFEUyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/QvOF15NDNPMBWtl7TlyyNptqQYw.roa
Signing time: Sun 01 Jan 2023 12:34:44 +0000
ROA not before: Sun 01 Jan 2023 12:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29611
IP address blocks: 185.119.54.0/24 maxlen: 24
185.119.52.0/24 maxlen: 24
185.119.55.0/24 maxlen: 24
185.119.52.0/22 maxlen: 22
185.119.53.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:c4:88:08:41:85:1b:0e:ab:28:69:68:89:57:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de5dbc0b610485d0f7e2194d8f816d6c1445326
Validity
Not Before: Jan 1 12:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42f385d7934334f3015ad97b4e5cb2369b6a418c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ab:73:47:73:e0:85:44:93:91:f0:d9:d5:58:
aa:0d:9b:f1:ef:06:80:c5:f1:8b:43:69:5a:da:8e:
31:c1:08:eb:11:cd:9b:3e:93:14:2b:f0:a0:d7:e9:
b0:e5:91:72:a1:07:99:3a:07:ab:6d:d2:84:36:06:
45:f4:87:d5:e4:99:b9:2d:0a:06:e3:c5:a8:00:25:
bc:17:71:31:a8:7c:74:f3:9e:88:5c:97:d6:c7:0e:
14:0d:31:2d:7d:05:ae:8e:43:85:62:7c:a2:0b:1e:
3a:76:1c:db:91:73:ba:f3:58:dc:b3:f0:fa:aa:83:
c0:03:54:f6:1c:b7:c1:c0:77:92:fa:5d:f0:fb:5b:
53:d1:9c:e8:19:93:f7:f5:9a:03:4d:63:93:a7:c3:
9d:ba:cf:d8:8a:a2:20:f7:f9:76:13:b5:f3:73:4a:
d8:90:9f:f0:28:e4:3b:74:ee:1b:a6:61:6d:3a:84:
e3:e2:74:ba:a0:1d:82:f5:5d:82:3a:c4:d5:f1:ed:
05:72:b0:5b:62:77:72:b5:81:0f:e8:3c:c5:dd:09:
34:a0:06:8b:b2:b1:cf:7a:c7:87:16:2f:c2:d4:fc:
57:cb:4e:f4:37:f1:e9:ed:8b:ae:37:e5:3c:83:52:
07:4b:ba:dd:79:d6:51:36:11:bb:71:bf:2a:81:89:
70:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F3:85:D7:93:43:34:F3:01:5A:D9:7B:4E:5C:B2:36:9B:6A:41:8C
X509v3 Authority Key Identifier:
keyid:1D:E5:DB:C0:B6:10:48:5D:0F:7E:21:94:D8:F8:16:D6:C1:44:53:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeXbwLYQSF0PfiGU2PgW1sFEUyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/QvOF15NDNPMBWtl7TlyyNptqQYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/e77b83-a23b-4897-b4dd-68eedf5f66bc/1/HeXbwLYQSF0PfiGU2PgW1sFEUyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.52.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:f7:95:e6:3b:7a:ed:9b:2f:38:7a:f8:f3:b1:8f:30:b8:09:
5b:fe:d4:fc:6d:34:42:4d:b6:00:83:8e:33:84:d8:4c:a7:dc:
d8:95:2f:37:9a:3a:38:1a:51:44:b9:8b:61:7a:34:23:e6:71:
98:bd:0f:4d:60:3e:30:d9:2a:8e:d5:53:48:e9:1b:a3:69:66:
6f:08:62:eb:1b:bc:68:1b:26:82:a0:ca:06:dc:70:bd:03:c7:
2b:17:a4:cd:a8:7b:46:46:44:f5:07:45:6d:fd:4d:85:a1:c6:
09:25:f7:1c:96:d0:54:b0:95:ac:3a:19:3a:da:e4:95:c6:da:
cb:0c:e1:6c:27:75:89:a7:d1:4d:15:69:36:8a:dd:6f:6a:00:
8e:c8:ff:b6:b8:90:ae:16:fc:b4:bf:97:c1:14:73:db:9e:38:
89:81:34:20:6a:6b:03:8c:d4:df:39:e8:61:a6:67:42:0d:2a:
35:c0:98:aa:dd:15:70:14:7c:5c:d4:63:ab:49:ee:cf:ad:f4:
d0:7b:20:9d:75:f6:d1:2d:60:ff:51:8f:22:44:71:35:19:ca:
55:67:b4:47:08:ee:53:68:ba:dd:c9:97:ae:0d:ea:6d:44:34:
7a:5b:5d:a4:ac:3c:46:94:26:ef:f2:c2:e0:c2:ac:4d:47:4b:
81:c9:20:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU8SICEGFGw6rKGloiVcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTVkYmMwYjYxMDQ4NWQwZjdlMjE5NGQ4ZjgxNmQ2YzE0
NDUzMjYwHhcNMjMwMTAxMTIzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmYzODVkNzkzNDMzNGYzMDE1YWQ5N2I0ZTVjYjIzNjliNmE0MThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqatzR3PghUSTkfDZ1ViqDZvx7waA
xfGLQ2la2o4xwQjrEc2bPpMUK/Cg1+mw5ZFyoQeZOgerbdKENgZF9IfV5Jm5LQoG
48WoACW8F3ExqHx0856IXJfWxw4UDTEtfQWujkOFYnyiCx46dhzbkXO681jcs/D6
qoPAA1T2HLfBwHeS+l3w+1tT0ZzoGZP39ZoDTWOTp8Odus/YiqIg9/l2E7Xzc0rY
kJ/wKOQ7dO4bpmFtOoTj4nS6oB2C9V2COsTV8e0FcrBbYndytYEP6DzF3Qk0oAaL
srHPeseHFi/C1PxXy070N/Hp7YuuN+U8g1IHS7rdedZRNhG7cb8qgYlwtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELzhdeTQzTzAVrZe05csjabakGMMB8GA1UdIwQY
MBaAFB3l28C2EEhdD34hlNj4FtbBRFMmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVYYndMWVFTRjBQZmlHVTJQZ1cxc0ZFVXlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lNzdiODMtYTIzYi00ODk3LWI0ZGQt
NjhlZWRmNWY2NmJjLzEvUXZPRjE1TkROUE1CV3RsN1RseXlOcHRxUVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lNzdiODMtYTIzYi00ODk3LWI0ZGQtNjhlZWRmNWY2NmJj
LzEvSGVYYndMWVFTRjBQZmlHVTJQZ1cxc0ZFVXlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXc0MA0G
CSqGSIb3DQEBCwUAA4IBAQBc95XmO3rtmy84evjzsY8wuAlb/tT8bTRCTbYAg44z
hNhMp9zYlS83mjo4GlFEuYthejQj5nGYvQ9NYD4w2SqO1VNI6RujaWZvCGLrG7xo
GyaCoMoG3HC9A8crF6TNqHtGRkT1B0Vt/U2FocYJJfccltBUsJWsOhk62uSVxtrL
DOFsJ3WJp9FNFWk2it1vagCOyP+2uJCuFvy0v5fBFHPbnjiJgTQgamsDjNTfOehh
pmdCDSo1wJiq3RVwFHxc1GOrSe7PrfTQeyCddfbRLWD/UY8iRHE1GcpVZ7RHCO5T
aLrdyZeuDeptRDR6W12krDxGlCbv8sLgwqxNR0uBySDr
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:14 2024 by rpki-client on console-fra.rpki-client.org