Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/QXlAQEuj4Ez1WUsRH04bJi13UR0.roa
File: QXlAQEuj4Ez1WUsRH04bJi13UR0.roa (raw, json)
Hash identifier: GHOJovJrWpo4pVGYBsjmRkGiFyuws9yfoLMnFi7v/Dg=
Subject key identifier: 41:79:40:40:4B:A3:E0:4C:F5:59:4B:11:1F:4E:1B:26:2D:77:51:1D
Certificate issuer: /CN=d4d179ce49e5776b92c86c26c20b0b43fd0a6cb6
Certificate serial: 01856D6F51D3B90B90CD141E19DAB24A46D2
Authority key identifier: D4:D1:79:CE:49:E5:77:6B:92:C8:6C:26:C2:0B:0B:43:FD:0A:6C:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1NF5zknld2uSyGwmwgsLQ_0KbLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/QXlAQEuj4Ez1WUsRH04bJi13UR0.roa
Signing time: Sun 01 Jan 2023 13:04:50 +0000
ROA not before: Sun 01 Jan 2023 13:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5485
IP address blocks: 185.124.76.0/22 maxlen: 22
2a06:b0c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:51:d3:b9:0b:90:cd:14:1e:19:da:b2:4a:46:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4d179ce49e5776b92c86c26c20b0b43fd0a6cb6
Validity
Not Before: Jan 1 13:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=417940404ba3e04cf5594b111f4e1b262d77511d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:4e:1e:b6:7e:b8:e9:51:bf:4d:17:08:f7:8c:
32:c6:53:8b:77:c2:df:32:f1:8c:3a:62:9a:d0:11:
2c:46:ef:45:a2:f9:36:0f:d7:e6:c0:21:97:9f:89:
c4:21:5d:9b:60:67:e5:ce:79:7a:0d:12:42:37:64:
8d:dc:7c:5e:dc:e0:f7:3f:44:a6:f6:30:ad:99:fc:
4a:d3:86:82:b1:74:5b:80:55:a1:a4:97:19:94:6e:
ad:e0:10:c9:00:58:ec:f1:3a:37:06:65:eb:1e:13:
40:69:1e:9f:3c:89:1e:86:b7:4e:15:08:4c:dd:b1:
8f:e0:e7:dc:b6:ef:3f:0b:13:8c:fa:3c:95:16:0d:
df:e3:eb:3c:45:e2:77:f7:08:76:df:48:be:2d:87:
04:70:c9:bd:92:e3:77:7d:9c:9a:f8:44:d6:52:9c:
32:43:98:35:fb:78:70:c9:ae:48:41:f0:6e:b6:4c:
af:fa:65:7a:2e:c5:c8:24:07:e3:c4:36:9a:e0:f9:
d3:f8:b1:90:d3:f6:e0:21:39:64:95:39:e8:6f:37:
91:79:f9:c6:c5:33:15:f2:4c:dc:bb:21:4e:a3:88:
d6:07:c4:07:b8:c3:7c:19:a9:49:75:7f:5c:86:a0:
14:bb:58:e2:5c:5f:89:de:77:47:b1:77:8c:52:e8:
4b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:79:40:40:4B:A3:E0:4C:F5:59:4B:11:1F:4E:1B:26:2D:77:51:1D
X509v3 Authority Key Identifier:
keyid:D4:D1:79:CE:49:E5:77:6B:92:C8:6C:26:C2:0B:0B:43:FD:0A:6C:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1NF5zknld2uSyGwmwgsLQ_0KbLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/QXlAQEuj4Ez1WUsRH04bJi13UR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/1NF5zknld2uSyGwmwgsLQ_0KbLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.76.0/22
IPv6:
2a06:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:c9:6d:42:b8:94:71:59:f6:5a:70:29:86:4b:c4:00:80:71:
a0:60:7f:d1:a3:5b:77:2a:d4:99:93:2e:11:91:35:5f:c8:fc:
e1:18:8a:b9:af:87:1b:3a:83:a2:ec:fd:81:ca:e4:32:1a:e0:
a4:d1:d6:52:3a:7a:91:01:81:24:56:64:ca:59:2e:16:da:40:
44:ae:c5:60:97:71:6a:26:43:9e:de:9b:93:5b:c1:4a:d6:59:
84:f6:36:ee:7c:34:89:92:bd:03:59:28:45:92:05:8a:10:50:
c9:9c:9a:58:8b:84:1c:9b:ac:db:e5:54:24:fe:6d:f5:50:8c:
83:de:0f:84:36:7e:36:78:99:ea:8f:ac:1e:d1:16:03:95:61:
d8:f7:9e:f7:d6:07:62:37:48:45:4c:d3:b2:3f:38:9f:51:8f:
8d:2c:52:ef:98:f2:dc:10:d3:45:0b:ee:cb:77:c6:88:3f:63:
4f:52:6e:ae:79:42:db:f4:9b:ba:bc:de:b0:e0:20:91:7a:61:
ca:01:bc:d0:0e:57:ac:5a:fb:7b:73:e4:94:cf:dc:8a:29:aa:
17:ab:d7:37:c9:ce:46:f3:6f:91:83:61:45:c3:84:36:18:5a:
d2:c1:88:c0:32:4c:69:48:cf:34:ba:a3:6a:6c:5a:29:ac:9b:
4d:d1:c8:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtb1HTuQuQzRQeGdqySkbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZDE3OWNlNDllNTc3NmI5MmM4NmMyNmMyMGIwYjQzZmQw
YTZjYjYwHhcNMjMwMTAxMTMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTc5NDA0MDRiYTNlMDRjZjU1OTRiMTExZjRlMWIyNjJkNzc1MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5E4etn646VG/TRcI94wyxlOLd8Lf
MvGMOmKa0BEsRu9Fovk2D9fmwCGXn4nEIV2bYGflznl6DRJCN2SN3Hxe3OD3P0Sm
9jCtmfxK04aCsXRbgFWhpJcZlG6t4BDJAFjs8To3BmXrHhNAaR6fPIkehrdOFQhM
3bGP4Ofctu8/CxOM+jyVFg3f4+s8ReJ39wh230i+LYcEcMm9kuN3fZya+ETWUpwy
Q5g1+3hwya5IQfButkyv+mV6LsXIJAfjxDaa4PnT+LGQ0/bgITlklTnobzeRefnG
xTMV8kzcuyFOo4jWB8QHuMN8GalJdX9chqAUu1jiXF+J3ndHsXeMUuhLbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEF5QEBLo+BM9VlLER9OGyYtd1EdMB8GA1UdIwQY
MBaAFNTRec5J5XdrkshsJsILC0P9Cmy2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU5GNXprbmxkMnVTeUd3bXdnc0xRXzBLYkxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi84YjE2Y2MtNGRiNS00MTk4LTkyNGUt
NDAzMmUxOTBlZGMzLzEvUVhsQVFFdWo0RXoxV1VzUkgwNGJKaTEzVVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi84YjE2Y2MtNGRiNS00MTk4LTkyNGUtNDAzMmUxOTBlZGMz
LzEvMU5GNXprbmxkMnVTeUd3bXdnc0xRXzBLYkxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXxMMA0E
AgACMAcDBQMqBrDAMA0GCSqGSIb3DQEBCwUAA4IBAQAVyW1CuJRxWfZacCmGS8QA
gHGgYH/Ro1t3KtSZky4RkTVfyPzhGIq5r4cbOoOi7P2ByuQyGuCk0dZSOnqRAYEk
VmTKWS4W2kBErsVgl3FqJkOe3puTW8FK1lmE9jbufDSJkr0DWShFkgWKEFDJnJpY
i4Qcm6zb5VQk/m31UIyD3g+ENn42eJnqj6we0RYDlWHY95731gdiN0hFTNOyPzif
UY+NLFLvmPLcENNFC+7Ld8aIP2NPUm6ueULb9Ju6vN6w4CCRemHKAbzQDlesWvt7
c+SUz9yKKaoXq9c3yc5G82+Rg2FFw4Q2GFrSwYjAMkxpSM80uqNqbFoprJtN0cjy
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:41 2024 by rpki-client on console-fra.rpki-client.org