Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/QK1ODHDJZ-Y66oElQQgJkber0-c.roa
File: QK1ODHDJZ-Y66oElQQgJkber0-c.roa (raw, json)
Hash identifier: ADlQb7dKBe/OXizlfKSa11F5gsZsT0wudU/7e0/9oiA=
Subject key identifier: 40:AD:4E:0C:70:C9:67:E6:3A:EA:81:25:41:08:09:91:B7:AB:D3:E7
Certificate issuer: /CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Certificate serial: 018CC6B9228554E39597070A96C208A02D3D
Authority key identifier: 71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/QK1ODHDJZ-Y66oElQQgJkber0-c.roa
Signing time: Mon 01 Jan 2024 20:31:10 +0000
ROA not before: Mon 01 Jan 2024 20:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20756
IP address blocks: 185.65.58.0/23 maxlen: 23
185.65.56.0/23 maxlen: 23
185.65.56.0/22 maxlen: 22
81.92.80.0/20 maxlen: 20
81.92.84.0/23 maxlen: 23
81.92.88.0/23 maxlen: 23
81.92.90.0/23 maxlen: 23
81.92.94.0/23 maxlen: 23
2a01:c8::/32 maxlen: 32
2a01:c8:ff00::/40 maxlen: 40
2a01:c8:300::/40 maxlen: 40
2a01:c8:200::/40 maxlen: 40
2a01:c8:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:22:85:54:e3:95:97:07:0a:96:c2:08:a0:2d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71051b0e2ce9a4c9e6121e983d165feab87ec354
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40ad4e0c70c967e63aea812541080991b7abd3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:24:7d:0f:02:1e:bb:bb:cd:69:51:9c:90:18:
ae:a0:99:70:1f:16:85:71:b1:8c:33:ae:dc:0f:c2:
b6:44:07:19:94:8a:fd:98:38:86:b1:7d:81:d6:eb:
dd:08:5f:7e:25:da:e4:dd:4b:f7:97:7f:e2:8c:c2:
d8:e8:44:d3:19:08:78:23:49:7b:16:4d:44:3e:32:
dc:01:51:58:ae:4b:c2:5a:4d:c9:78:58:b0:96:18:
f0:ce:55:cc:89:ee:e1:36:08:a7:70:de:11:7f:2d:
a5:c5:c9:f2:62:38:7c:b2:b0:93:26:cc:4a:a1:4d:
60:1c:13:ef:cf:66:81:97:a3:c1:d8:5f:06:00:c2:
ed:95:ad:35:00:20:82:89:fe:69:62:c1:f8:10:aa:
99:52:48:77:53:60:ad:55:80:82:fd:17:a0:07:be:
5d:91:e2:26:b8:76:88:a0:eb:2b:c2:f0:bd:f1:a1:
64:dc:32:0d:e6:a8:4a:90:c9:7a:0f:0c:36:57:24:
db:28:a9:4a:6b:8e:22:d6:98:5c:44:17:bb:dc:ad:
35:11:87:fe:05:e6:25:04:ac:89:58:39:c8:b6:9e:
90:cd:af:14:94:67:ae:36:af:96:d4:72:7d:3e:17:
bc:1a:4f:96:8b:57:e7:55:90:37:4d:c1:95:eb:b8:
1d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AD:4E:0C:70:C9:67:E6:3A:EA:81:25:41:08:09:91:B7:AB:D3:E7
X509v3 Authority Key Identifier:
keyid:71:05:1B:0E:2C:E9:A4:C9:E6:12:1E:98:3D:16:5F:EA:B8:7E:C3:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cQUbDizppMnmEh6YPRZf6rh-w1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/QK1ODHDJZ-Y66oElQQgJkber0-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e51583-f55c-493b-b950-736ab83494ac/1/cQUbDizppMnmEh6YPRZf6rh-w1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.80.0/20
185.65.56.0/22
IPv6:
2a01:c8::/32
Signature Algorithm: sha256WithRSAEncryption
9b:68:a4:e7:3e:4c:e5:9f:d9:d8:bc:09:3b:06:d1:58:ae:9b:
fd:03:1a:16:63:39:66:3c:7d:cf:1d:02:fb:df:d6:54:23:82:
41:9d:df:fc:27:50:db:7a:1d:7e:06:9d:ea:94:18:31:37:55:
ea:a0:39:d5:23:e4:28:b8:22:eb:94:a7:31:33:68:43:13:42:
ff:6d:d5:55:d2:7b:fb:e7:f4:58:29:35:95:4f:1e:3c:38:e4:
de:e1:f9:63:09:9a:c9:47:3a:40:c1:fb:37:b2:38:92:46:78:
c6:bc:76:cc:e1:c8:8f:b1:53:e7:93:4b:9d:bf:63:ec:d5:36:
83:04:60:a8:82:2d:b4:54:87:99:93:e4:b4:6c:bd:8d:8a:5b:
c6:ac:14:df:d3:90:a0:a7:e2:1c:3c:02:3c:4b:4b:42:87:55:
9a:37:7d:34:6f:e0:2a:74:70:1f:41:00:17:fe:37:4f:ff:25:
34:2b:f3:37:cc:9e:21:5e:65:e3:37:57:44:55:11:f0:25:2a:
34:11:51:1f:cb:b1:5f:e1:57:8d:a2:e2:2b:8a:74:53:8a:99:
b0:96:a0:77:aa:c6:19:60:ab:6c:32:67:e2:e8:d2:c0:76:f6:
77:fb:c6:35:5d:26:05:c5:24:1b:94:d0:1d:46:ed:d6:e9:c2:
16:84:6e:73
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuSKFVOOVlwcKlsIIoC09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMDUxYjBlMmNlOWE0YzllNjEyMWU5ODNkMTY1ZmVhYjg3
ZWMzNTQwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGFkNGUwYzcwYzk2N2U2M2FlYTgxMjU0MTA4MDk5MWI3YWJkM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyR9DwIeu7vNaVGckBiuoJlwHxaF
cbGMM67cD8K2RAcZlIr9mDiGsX2B1uvdCF9+Jdrk3Uv3l3/ijMLY6ETTGQh4I0l7
Fk1EPjLcAVFYrkvCWk3JeFiwlhjwzlXMie7hNgincN4Rfy2lxcnyYjh8srCTJsxK
oU1gHBPvz2aBl6PB2F8GAMLtla01ACCCif5pYsH4EKqZUkh3U2CtVYCC/RegB75d
keImuHaIoOsrwvC98aFk3DIN5qhKkMl6Dww2VyTbKKlKa44i1phcRBe73K01EYf+
BeYlBKyJWDnItp6Qza8UlGeuNq+W1HJ9Phe8Gk+Wi1fnVZA3TcGV67gdEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFECtTgxwyWfmOuqBJUEICZG3q9PnMB8GA1UdIwQY
MBaAFHEFGw4s6aTJ5hIemD0WX+q4fsNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAt
NzM2YWI4MzQ5NGFjLzEvUUsxT0RIREpaLVk2Nm9FbFFRZ0prYmVyMC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9lNTE1ODMtZjU1Yy00OTNiLWI5NTAtNzM2YWI4MzQ5NGFj
LzEvY1FVYkRpenBwTW5tRWg2WVBSWmY2cmgtdzFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVxQAwQC
uUE4MA0EAgACMAcDBQAqAQDIMA0GCSqGSIb3DQEBCwUAA4IBAQCbaKTnPkzln9nY
vAk7BtFYrpv9AxoWYzlmPH3PHQL739ZUI4JBnd/8J1Dbeh1+Bp3qlBgxN1XqoDnV
I+QouCLrlKcxM2hDE0L/bdVV0nv75/RYKTWVTx48OOTe4fljCZrJRzpAwfs3sjiS
RnjGvHbM4ciPsVPnk0udv2Ps1TaDBGCogi20VIeZk+S0bL2NilvGrBTf05Cgp+Ic
PAI8S0tCh1WaN300b+AqdHAfQQAX/jdP/yU0K/M3zJ4hXmXjN1dEVRHwJSo0EVEf
y7Ff4VeNouIrinRTipmwlqB3qsYZYKtsMmfi6NLAdvZ3+8Y1XSYFxSQblNAdRu3W
6cIWhG5z
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:47:54 2025 by rpki-client