Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/QhhRXvTzOyOQ2qDiYhPh-Iqun3o.roa
File: QhhRXvTzOyOQ2qDiYhPh-Iqun3o.roa (raw, json)
Hash identifier: gXmAnsuxR96IwPkJxp2KXmcssO3o6XbeyqazoyiTlZc=
Subject key identifier: 42:18:51:5E:F4:F3:3B:23:90:DA:A0:E2:62:13:E1:F8:8A:AE:9F:7A
Certificate issuer: /CN=d25f2cd1a9f0da435f2e3b3ee70e64fdaf4b6121
Certificate serial: 018571957E087ACDDA66762ED66621B26F88
Authority key identifier: D2:5F:2C:D1:A9:F0:DA:43:5F:2E:3B:3E:E7:0E:64:FD:AF:4B:61:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0l8s0anw2kNfLjs-5w5k_a9LYSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/QhhRXvTzOyOQ2qDiYhPh-Iqun3o.roa
Signing time: Mon 02 Jan 2023 08:25:00 +0000
ROA not before: Mon 02 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206154
IP address blocks: 185.198.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:7e:08:7a:cd:da:66:76:2e:d6:66:21:b2:6f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d25f2cd1a9f0da435f2e3b3ee70e64fdaf4b6121
Validity
Not Before: Jan 2 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4218515ef4f33b2390daa0e26213e1f88aae9f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:91:cd:bb:3b:6e:e4:a5:5c:c2:d2:06:af:92:
40:69:59:5e:03:7c:c7:77:d0:98:53:29:08:d8:68:
9d:5a:20:31:7e:e3:c0:57:c0:e7:04:35:c7:0e:bb:
33:f3:50:3a:43:6f:d9:de:80:8f:42:25:c2:c0:c1:
33:6a:32:fb:5f:b9:4c:09:8b:07:ab:90:7f:6b:45:
86:88:c7:30:40:b8:15:03:9c:be:61:0c:87:88:14:
c5:fd:ee:f2:1d:da:58:23:0f:d6:ab:d7:6c:87:4e:
43:ef:81:21:26:59:8f:90:12:89:b0:de:4e:9e:4c:
ef:df:b9:1b:c2:1e:a5:3e:09:c9:c7:1b:75:d3:39:
46:ce:84:cb:d6:51:56:5e:3f:56:67:ff:f0:ff:f5:
11:39:57:7e:09:97:fb:95:36:eb:fc:be:9b:cb:2d:
59:d0:5f:c9:55:52:84:a9:16:80:0e:d2:0a:54:d5:
94:67:05:e8:9e:b4:9c:56:dd:3d:ee:61:02:0d:36:
d0:4d:65:41:57:1d:1b:c1:5d:61:0e:10:2f:3a:d3:
1f:2f:75:ca:3e:6f:d0:56:cb:92:ff:47:0c:0e:f3:
de:7f:fa:ef:fc:c9:f2:8a:01:13:71:1d:92:3b:92:
f0:13:a2:3b:41:82:50:f9:b7:62:dd:64:15:a8:61:
0d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:18:51:5E:F4:F3:3B:23:90:DA:A0:E2:62:13:E1:F8:8A:AE:9F:7A
X509v3 Authority Key Identifier:
keyid:D2:5F:2C:D1:A9:F0:DA:43:5F:2E:3B:3E:E7:0E:64:FD:AF:4B:61:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0l8s0anw2kNfLjs-5w5k_a9LYSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/QhhRXvTzOyOQ2qDiYhPh-Iqun3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2d125f-1a60-468d-a93a-c5b6aecb6c9c/1/0l8s0anw2kNfLjs-5w5k_a9LYSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.105.0/24
Signature Algorithm: sha256WithRSAEncryption
82:24:53:36:29:c2:21:4c:26:e1:be:f5:2a:15:57:c8:b4:8a:
69:5e:e7:74:4d:fd:5f:9a:b1:cb:45:1a:ac:b9:78:f1:0d:db:
25:91:c9:57:3a:6f:11:37:4b:ca:2c:7e:7f:0c:ce:84:1e:bd:
b7:1e:8b:c3:ef:83:7c:4d:8d:81:5e:fe:2e:73:66:8f:35:75:
38:55:6f:fb:c3:c0:b8:71:7a:6a:b9:6b:a5:d4:5a:d9:f0:17:
e1:d4:04:b3:c5:05:11:95:19:ad:03:bc:37:47:25:d5:97:e4:
7c:21:36:6c:00:2c:39:f4:fd:ac:ff:90:d4:48:cc:ae:9e:06:
27:25:2c:28:35:23:9b:e4:a1:61:2f:f3:51:32:09:64:14:ef:
66:e2:38:d7:55:9f:52:c3:c5:10:d9:83:6c:ec:b0:39:7e:e2:
df:8a:dd:d3:60:39:24:0b:03:a2:9c:74:22:75:6d:26:44:e4:
ee:e4:fa:f3:d9:e4:e8:88:c9:22:27:69:fd:50:9a:42:25:f0:
db:66:ce:7c:bd:d5:7a:1e:00:99:4b:66:49:f6:67:3b:b6:5f:
64:b3:bc:ee:bb:79:8a:9b:28:26:e7:b7:d6:21:2b:29:9b:5a:
59:c3:97:41:17:21:49:fe:dc:1e:c8:d2:5b:d8:7c:b6:39:9d:
56:05:67:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlX4Ies3aZnYu1mYhsm+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNWYyY2QxYTlmMGRhNDM1ZjJlM2IzZWU3MGU2NGZkYWY0
YjYxMjEwHhcNMjMwMTAyMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE4NTE1ZWY0ZjMzYjIzOTBkYWEwZTI2MjEzZTFmODhhYWU5ZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZHNuztu5KVcwtIGr5JAaVleA3zH
d9CYUykI2GidWiAxfuPAV8DnBDXHDrsz81A6Q2/Z3oCPQiXCwMEzajL7X7lMCYsH
q5B/a0WGiMcwQLgVA5y+YQyHiBTF/e7yHdpYIw/Wq9dsh05D74EhJlmPkBKJsN5O
nkzv37kbwh6lPgnJxxt10zlGzoTL1lFWXj9WZ//w//UROVd+CZf7lTbr/L6byy1Z
0F/JVVKEqRaADtIKVNWUZwXonrScVt097mECDTbQTWVBVx0bwV1hDhAvOtMfL3XK
Pm/QVsuS/0cMDvPef/rv/MnyigETcR2SO5LwE6I7QYJQ+bdi3WQVqGEN1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEIYUV708zsjkNqg4mIT4fiKrp96MB8GA1UdIwQY
MBaAFNJfLNGp8NpDXy47PucOZP2vS2EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGw4czBhbncya05mTGpzLTV3NWtfYTlMWVNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yZDEyNWYtMWE2MC00NjhkLWE5M2Et
YzViNmFlY2I2YzljLzEvUWhoUlh2VHpPeU9RMnFEaVloUGgtSXF1bjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yZDEyNWYtMWE2MC00NjhkLWE5M2EtYzViNmFlY2I2Yzlj
LzEvMGw4czBhbncya05mTGpzLTV3NWtfYTlMWVNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucZpMA0G
CSqGSIb3DQEBCwUAA4IBAQCCJFM2KcIhTCbhvvUqFVfItIppXud0Tf1fmrHLRRqs
uXjxDdslkclXOm8RN0vKLH5/DM6EHr23HovD74N8TY2BXv4uc2aPNXU4VW/7w8C4
cXpquWul1FrZ8Bfh1ASzxQURlRmtA7w3RyXVl+R8ITZsACw59P2s/5DUSMyungYn
JSwoNSOb5KFhL/NRMglkFO9m4jjXVZ9Sw8UQ2YNs7LA5fuLfit3TYDkkCwOinHQi
dW0mROTu5Prz2eToiMkiJ2n9UJpCJfDbZs58vdV6HgCZS2ZJ9mc7tl9ks7zuu3mK
mygm57fWISspm1pZw5dBFyFJ/tweyNJb2Hy2OZ1WBWdL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:02 2023 by rpki-client on console-fra.rpki-client.org