Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/QPES2R16RKX5Qy8QW93lFRZ013s.roa
File: QPES2R16RKX5Qy8QW93lFRZ013s.roa (raw, json)
Hash identifier: ZQErLnsvFTNIj5UKajZ2rG4sLxeK5utN3r+CBk3G7zM=
Subject key identifier: 40:F1:12:D9:1D:7A:44:A5:F9:43:2F:10:5B:DD:E5:15:16:74:D7:7B
Certificate issuer: /CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Certificate serial: 018CC4246E9F72CE5A0528CD10C0CE882B2E
Authority key identifier: 1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/QPES2R16RKX5Qy8QW93lFRZ013s.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42926
IP address blocks: 185.123.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 06:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:6e:9f:72:ce:5a:05:28:cd:10:c0:ce:88:2b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7433fafa59f0d512a2bebb097e69463cc06759
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40f112d91d7a44a5f9432f105bdde5151674d77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cb:03:4d:b6:a3:30:d3:8c:54:13:15:d1:bb:
0c:50:33:ee:98:44:e1:f6:43:d3:78:e2:c2:44:11:
61:98:34:49:d3:b5:1d:6a:32:ee:b1:13:23:d1:93:
2f:27:26:f5:83:2c:6a:9f:ec:a2:49:cf:a1:16:af:
c3:47:5f:16:d7:42:34:05:eb:7b:6c:6b:20:06:bb:
a9:9b:b0:02:da:27:8c:b5:b1:79:37:8c:45:b3:e0:
ca:00:a2:e2:ac:3a:90:c0:c3:4b:45:b4:f7:92:55:
20:d2:e9:75:76:e2:4e:9b:5a:19:6b:04:56:bc:4e:
f9:05:9b:0e:43:50:32:6a:a8:55:7c:88:d3:ca:08:
c3:a4:54:75:ab:61:3f:e5:6f:b3:59:ee:82:f5:4f:
7c:ff:65:e2:7a:b7:e6:67:6a:69:83:a0:f1:c0:c2:
af:87:27:91:70:62:e5:47:eb:05:ca:31:0a:8d:3d:
19:ee:2f:b3:a1:f6:1c:96:a1:9c:ae:93:14:ad:bf:
8a:ca:e5:79:2c:60:47:c3:b9:fd:e7:ef:7b:ac:84:
d7:96:ce:a5:2c:17:f5:de:43:dc:f0:0a:aa:f5:77:
80:90:fb:5b:f6:84:91:f0:b6:a3:f5:f3:ba:56:57:
97:21:b2:0b:78:7f:e9:dd:83:1a:0e:11:fd:98:f8:
f1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F1:12:D9:1D:7A:44:A5:F9:43:2F:10:5B:DD:E5:15:16:74:D7:7B
X509v3 Authority Key Identifier:
keyid:1C:74:33:FA:FA:59:F0:D5:12:A2:BE:BB:09:7E:69:46:3C:C0:67:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHQz-vpZ8NUSor67CX5pRjzAZ1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/QPES2R16RKX5Qy8QW93lFRZ013s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/39a5b5-3c51-46e2-9479-12f41a0cc0c1/1/HHQz-vpZ8NUSor67CX5pRjzAZ1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.54.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:41:c1:89:ce:b3:b6:14:39:49:6a:53:13:fa:c1:cc:2e:a5:
24:4e:f3:83:f7:01:fd:e4:e7:bb:06:a8:af:f4:c9:0a:7f:2a:
8d:9e:fa:1e:34:2e:f6:b9:01:4e:ac:9e:f7:8d:89:44:ac:83:
55:77:ea:37:f1:6f:c9:55:d7:4b:0d:71:ff:fd:7c:78:72:ac:
0f:06:44:76:5a:0e:58:5a:00:67:d6:6c:ff:0a:14:8b:2f:b3:
9b:f6:44:be:80:92:3d:a0:f5:7a:91:f9:bd:87:ed:a4:20:bd:
61:83:cb:cb:99:ef:4d:f2:9e:3e:db:88:18:de:3c:32:71:f1:
12:01:89:3a:5e:c4:dc:fd:8b:d4:63:3c:ff:47:d1:ba:05:31:
4b:3f:ad:03:18:85:f0:14:8c:fd:b1:ab:c6:c1:29:f7:6d:b9:
b3:3c:e6:8d:12:7c:99:7a:67:4a:c7:2d:55:50:db:94:72:e5:
b4:49:4d:cb:cb:e3:05:83:70:8a:35:cb:20:e6:74:21:08:5f:
39:1c:9b:2c:95:6d:d2:83:76:6b:6c:f4:b0:32:63:56:33:15:
26:06:ba:f5:65:3b:d6:e6:3e:a6:b4:76:40:4e:f9:db:e5:90:
32:72:e7:72:a0:dc:56:d2:8c:cd:04:68:ea:50:29:76:70:ad:
d3:27:be:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJG6fcs5aBSjNEMDOiCsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzQzM2ZhZmE1OWYwZDUxMmEyYmViYjA5N2U2OTQ2M2Nj
MDY3NTkwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGYxMTJkOTFkN2E0NGE1Zjk0MzJmMTA1YmRkZTUxNTE2NzRkNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMsDTbajMNOMVBMV0bsMUDPumETh
9kPTeOLCRBFhmDRJ07UdajLusRMj0ZMvJyb1gyxqn+yiSc+hFq/DR18W10I0Bet7
bGsgBrupm7AC2ieMtbF5N4xFs+DKAKLirDqQwMNLRbT3klUg0ul1duJOm1oZawRW
vE75BZsOQ1AyaqhVfIjTygjDpFR1q2E/5W+zWe6C9U98/2XierfmZ2ppg6DxwMKv
hyeRcGLlR+sFyjEKjT0Z7i+zofYclqGcrpMUrb+KyuV5LGBHw7n95+97rITXls6l
LBf13kPc8Aqq9XeAkPtb9oSR8Laj9fO6VleXIbILeH/p3YMaDhH9mPjxYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDxEtkdekSl+UMvEFvd5RUWdNd7MB8GA1UdIwQY
MBaAFBx0M/r6WfDVEqK+uwl+aUY8wGdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0Nzkt
MTJmNDFhMGNjMGMxLzEvUVBFUzJSMTZSS1g1UXk4UVc5M2xGUlowMTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zOWE1YjUtM2M1MS00NmUyLTk0NzktMTJmNDFhMGNjMGMx
LzEvSEhRei12cFo4TlVTb3I2N0NYNXBSanpBWjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXs2MA0G
CSqGSIb3DQEBCwUAA4IBAQCjQcGJzrO2FDlJalMT+sHMLqUkTvOD9wH95Oe7Bqiv
9MkKfyqNnvoeNC72uQFOrJ73jYlErINVd+o38W/JVddLDXH//Xx4cqwPBkR2Wg5Y
WgBn1mz/ChSLL7Ob9kS+gJI9oPV6kfm9h+2kIL1hg8vLme9N8p4+24gY3jwycfES
AYk6XsTc/YvUYzz/R9G6BTFLP60DGIXwFIz9savGwSn3bbmzPOaNEnyZemdKxy1V
UNuUcuW0SU3Ly+MFg3CKNcsg5nQhCF85HJsslW3Sg3ZrbPSwMmNWMxUmBrr1ZTvW
5j6mtHZATvnb5ZAycudyoNxW0ozNBGjqUCl2cK3TJ74S
-----END CERTIFICATE-----
Generated at Wed Jan 10 10:40:54 2024 by rpki-client on console-fra.rpki-client.org