Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/Qrs30yZ-c0UgLJrBMQV9q5m68cc.roa
File: Qrs30yZ-c0UgLJrBMQV9q5m68cc.roa (raw, json)
Hash identifier: 1Ib/IuCdxkRidin9E/xr+PyMd6FRZ50FK9NHPdQZTC0=
Subject key identifier: 42:BB:37:D3:26:7E:73:45:20:2C:9A:C1:31:05:7D:AB:99:BA:F1:C7
Certificate issuer: /CN=ad7d8de8ca061ea164e671c34eb3377f5736bbc3
Certificate serial: 018570B0674364DCEBE7D3113F1EDAF38459
Authority key identifier: AD:7D:8D:E8:CA:06:1E:A1:64:E6:71:C3:4E:B3:37:7F:57:36:BB:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rX2N6MoGHqFk5nHDTrM3f1c2u8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/Qrs30yZ-c0UgLJrBMQV9q5m68cc.roa
Signing time: Mon 02 Jan 2023 04:14:47 +0000
ROA not before: Mon 02 Jan 2023 04:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33796
IP address blocks: 84.238.0.0/17 maxlen: 17
185.197.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:67:43:64:dc:eb:e7:d3:11:3f:1e:da:f3:84:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad7d8de8ca061ea164e671c34eb3377f5736bbc3
Validity
Not Before: Jan 2 04:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42bb37d3267e7345202c9ac131057dab99baf1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fc:a2:c8:82:31:6d:7b:bf:3f:c9:6a:57:ca:
2e:e4:cd:eb:43:78:d8:e2:a3:f9:57:15:86:a9:72:
c5:22:59:13:ca:c9:20:bf:c0:6d:90:62:38:3e:cc:
89:30:4c:82:cc:59:6e:2d:fc:b8:3d:d5:ec:31:43:
49:00:20:de:3c:2b:69:1a:99:9a:2f:90:08:23:22:
b0:8d:28:5e:97:59:a7:31:48:3a:6d:82:03:28:c2:
93:f3:4f:69:8b:d2:38:9d:39:ed:8f:c0:14:6a:96:
d2:ea:52:ad:de:f6:00:3e:b4:d3:1f:6c:9e:ad:50:
a8:c1:b7:82:56:88:78:5a:94:34:fe:79:49:22:8d:
ca:ce:db:67:e3:e5:f6:b5:57:b0:6f:46:53:97:e1:
1f:6e:8b:d2:49:a3:94:e3:4c:05:6d:4e:65:db:e3:
e4:b7:35:26:5f:1e:18:49:5a:fc:4d:65:d0:59:10:
f1:2f:51:2c:4b:5f:40:87:f3:d6:d6:ff:4e:33:8e:
8d:0a:cb:4a:e3:ce:0a:f8:d9:dc:8a:e7:09:19:ab:
91:ca:f2:72:2a:48:e8:a1:ad:a8:34:a8:6f:3d:ec:
dd:c9:4e:2f:05:b6:73:5c:fa:ce:60:57:47:c4:c7:
41:f8:ad:2b:f8:50:76:f6:5e:df:df:48:4c:bf:e0:
44:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BB:37:D3:26:7E:73:45:20:2C:9A:C1:31:05:7D:AB:99:BA:F1:C7
X509v3 Authority Key Identifier:
keyid:AD:7D:8D:E8:CA:06:1E:A1:64:E6:71:C3:4E:B3:37:7F:57:36:BB:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rX2N6MoGHqFk5nHDTrM3f1c2u8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/Qrs30yZ-c0UgLJrBMQV9q5m68cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/rX2N6MoGHqFk5nHDTrM3f1c2u8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.238.0.0/17
185.197.168.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:e8:8a:5e:3d:4a:04:24:43:4a:80:ee:33:df:a0:eb:15:c3:
9c:21:b8:3e:cc:61:7d:63:dc:f8:99:32:96:9c:a5:fa:49:9a:
a0:93:20:e2:54:0e:62:b7:6c:05:8f:84:15:46:02:11:1a:42:
58:57:2d:5c:73:46:90:8a:10:3a:09:26:62:29:70:49:9d:00:
71:dd:79:e7:40:1b:40:ea:d7:4f:bb:e9:03:fb:2f:40:bb:f7:
9b:06:4b:d0:e5:19:21:1d:90:42:2f:c0:30:0f:6a:db:4b:f9:
40:8d:cb:9f:e4:49:6d:0b:1a:97:b1:17:ad:3e:6f:ce:d5:01:
f4:2e:c1:c5:83:c5:a1:dc:ce:47:e4:e3:5b:2b:97:8f:38:89:
26:c6:0d:76:15:25:15:37:ae:55:60:44:a9:28:50:7f:f8:0a:
80:2d:ae:4d:46:10:a0:ba:f9:dc:0a:b8:19:8a:36:1b:c4:c8:
ef:a2:e5:11:66:e9:9c:87:91:49:4a:e1:19:ae:7f:65:22:66:
38:f7:65:52:44:79:4b:f9:9b:55:5e:94:ec:7a:6f:74:92:f5:
d0:da:eb:39:55:d5:01:09:5f:b3:84:44:52:a7:00:d6:d3:bf:
b3:ac:a6:8e:33:ef:12:b1:ed:4d:11:6a:44:92:a4:f5:57:97:
83:30:0b:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwsGdDZNzr59MRPx7a84RZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkN2Q4ZGU4Y2EwNjFlYTE2NGU2NzFjMzRlYjMzNzdmNTcz
NmJiYzMwHhcNMjMwMTAyMDQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmJiMzdkMzI2N2U3MzQ1MjAyYzlhYzEzMTA1N2RhYjk5YmFmMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vyiyIIxbXu/P8lqV8ou5M3rQ3jY
4qP5VxWGqXLFIlkTyskgv8BtkGI4PsyJMEyCzFluLfy4PdXsMUNJACDePCtpGpma
L5AIIyKwjShel1mnMUg6bYIDKMKT809pi9I4nTntj8AUapbS6lKt3vYAPrTTH2ye
rVCowbeCVoh4WpQ0/nlJIo3Kzttn4+X2tVewb0ZTl+EfbovSSaOU40wFbU5l2+Pk
tzUmXx4YSVr8TWXQWRDxL1EsS19Ah/PW1v9OM46NCstK484K+NnciucJGauRyvJy
Kkjooa2oNKhvPezdyU4vBbZzXPrOYFdHxMdB+K0r+FB29l7f30hMv+BE+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEK7N9MmfnNFICyawTEFfauZuvHHMB8GA1UdIwQY
MBaAFK19jejKBh6hZOZxw06zN39XNrvDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclgyTjZNb0dIcUZrNW5IRFRyTTNmMWMydThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9hMDg1MjAtN2YwNi00ZjEyLTg2NDAt
NDk3ODVmY2RkOWM0LzEvUXJzMzB5Wi1jMFVnTEpyQk1RVjlxNW02OGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9hMDg1MjAtN2YwNi00ZjEyLTg2NDAtNDk3ODVmY2RkOWM0
LzEvclgyTjZNb0dIcUZrNW5IRFRyTTNmMWMydThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHVO4AAwQC
ucWoMA0GCSqGSIb3DQEBCwUAA4IBAQAs6IpePUoEJENKgO4z36DrFcOcIbg+zGF9
Y9z4mTKWnKX6SZqgkyDiVA5it2wFj4QVRgIRGkJYVy1cc0aQihA6CSZiKXBJnQBx
3XnnQBtA6tdPu+kD+y9Au/ebBkvQ5RkhHZBCL8AwD2rbS/lAjcuf5EltCxqXsRet
Pm/O1QH0LsHFg8Wh3M5H5ONbK5ePOIkmxg12FSUVN65VYESpKFB/+AqALa5NRhCg
uvncCrgZijYbxMjvouURZumch5FJSuEZrn9lImY492VSRHlL+ZtVXpTsem90kvXQ
2us5VdUBCV+zhERSpwDW07+zrKaOM+8Sse1NEWpEkqT1V5eDMAt3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:58 2024 by rpki-client on console-ams.rpki-client.org