Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/QyZB9VTw96EQo6DLn0OsaiGtGSA.roa
File: QyZB9VTw96EQo6DLn0OsaiGtGSA.roa (raw, json)
Hash identifier: w9EhFUAj7nt0QrzXFHdL+/JnaSkwN4VVpiXLrDMYRE4=
Subject key identifier: 43:26:41:F5:54:F0:F7:A1:10:A3:A0:CB:9F:43:AC:6A:21:AD:19:20
Certificate issuer: /CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Certificate serial: 018A42C1B0B0FD1A93391887258AAB196124
Authority key identifier: A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/QyZB9VTw96EQo6DLn0OsaiGtGSA.roa
Signing time: Tue 29 Aug 2023 19:25:04 +0000
ROA not before: Tue 29 Aug 2023 19:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203206
IP address blocks: 185.204.101.0/24 maxlen: 24
2a10:8407::/32 maxlen: 32
2a10:8405::/32 maxlen: 32
2a10:8406::/32 maxlen: 32
2a10:8400::/29 maxlen: 48
2a10:8404::/32 maxlen: 32
2a10:8403::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:42:c1:b0:b0:fd:1a:93:39:18:87:25:8a:ab:19:61:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Validity
Not Before: Aug 29 19:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=432641f554f0f7a110a3a0cb9f43ac6a21ad1920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:7a:2a:28:96:23:d6:5a:4c:77:66:55:c2:0a:
23:27:e5:0d:0b:dd:83:51:eb:e9:96:fb:05:63:26:
fa:94:69:2a:77:6c:63:37:d4:9b:cf:b9:c5:5a:e2:
07:3d:6b:50:de:af:d5:c0:ea:4f:3d:6d:46:fb:da:
e2:a5:22:59:6e:c5:49:84:4b:9a:7e:fd:01:49:cd:
38:b2:7a:7c:35:bb:2d:08:5a:3e:03:c3:ec:bf:89:
f3:89:64:b1:95:7f:b8:10:93:76:59:47:e2:90:33:
e0:f6:b4:bb:d3:ff:04:27:32:44:29:ef:fb:14:3b:
1e:a8:4e:27:98:12:a8:72:5d:fd:a1:e5:0f:7b:18:
7c:3b:81:42:1c:5b:10:3a:e2:ee:1f:fa:3a:6f:ce:
c9:a7:bd:6f:57:3e:cc:72:9f:17:ac:f8:8d:a7:b5:
37:76:48:ae:14:42:8d:6b:3f:e9:67:96:f5:03:85:
37:e5:46:31:bb:d6:f5:d8:6b:b1:68:69:de:38:b4:
f6:e5:ae:e0:d5:d2:91:b4:a2:79:c9:ba:c5:1e:7a:
e9:1d:30:11:e0:d7:f1:8c:7d:91:ac:5d:ec:53:85:
a7:0c:89:73:f4:79:a8:8b:b7:88:35:ea:33:62:10:
17:2d:ac:f1:07:fc:18:de:a6:2b:60:b2:f9:e0:b7:
d5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:26:41:F5:54:F0:F7:A1:10:A3:A0:CB:9F:43:AC:6A:21:AD:19:20
X509v3 Authority Key Identifier:
keyid:A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/QyZB9VTw96EQo6DLn0OsaiGtGSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/p0j74dfTpqpHTeQ_qIXOLQkcUps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.101.0/24
IPv6:
2a10:8400::/29
Signature Algorithm: sha256WithRSAEncryption
b0:1f:67:62:5a:ac:1e:1c:33:4f:6c:52:10:c1:7c:50:a4:6d:
f8:3d:f5:c6:73:3a:f3:2e:bd:8b:0a:43:0c:a2:54:c5:5e:da:
93:56:4e:72:bb:16:ee:6d:88:36:34:69:f1:2b:56:ed:40:a6:
66:56:76:45:08:ea:9f:cc:68:f0:a8:a7:bd:1a:6d:61:5f:68:
4c:33:0f:bd:5c:9a:a0:fc:2b:33:0d:25:8e:8e:77:53:33:85:
85:72:94:47:41:64:dc:f6:5b:bd:11:92:63:a4:26:cf:7f:ac:
68:f8:f8:c1:22:d2:3b:b1:9f:bb:7b:c1:b2:ad:62:d4:3c:20:
36:94:4a:59:ba:d9:cb:90:fd:a5:60:a2:74:04:ab:46:1f:fa:
e3:2b:f0:8e:8b:ac:ba:c2:f8:8f:6b:4d:49:1a:81:76:15:1d:
ae:60:bd:8f:d4:90:76:f5:16:be:63:c4:ec:11:fb:c5:ae:33:
ee:a5:33:fe:74:f3:d8:5d:6f:2b:25:10:2c:b1:fb:4e:c3:8a:
08:09:8a:6f:ca:21:ba:fe:36:5d:b8:29:65:2c:2f:15:8a:87:
a4:f6:ab:ae:ed:8b:df:99:e6:87:2d:a6:7a:28:d6:1d:00:6c:
f9:a5:53:f2:cc:c5:38:35:25:7e:46:40:28:e0:57:2e:97:06:
a1:dd:46:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYpCwbCw/RqTORiHJYqrGWEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NDhmYmUxZDdkM2E2YWE0NzRkZTQzZmE4ODVjZTJkMDkx
YzUyOWIwHhcNMjMwODI5MTkyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzI2NDFmNTU0ZjBmN2ExMTBhM2EwY2I5ZjQzYWM2YTIxYWQxOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93oqKJYj1lpMd2ZVwgojJ+UNC92D
UevplvsFYyb6lGkqd2xjN9Sbz7nFWuIHPWtQ3q/VwOpPPW1G+9ripSJZbsVJhEua
fv0BSc04snp8NbstCFo+A8Psv4nziWSxlX+4EJN2WUfikDPg9rS70/8EJzJEKe/7
FDseqE4nmBKocl39oeUPexh8O4FCHFsQOuLuH/o6b87Jp71vVz7Mcp8XrPiNp7U3
dkiuFEKNaz/pZ5b1A4U35UYxu9b12GuxaGneOLT25a7g1dKRtKJ5ybrFHnrpHTAR
4NfxjH2RrF3sU4WnDIlz9Hmoi7eINeozYhAXLazxB/wY3qYrYLL54LfVxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEMmQfVU8PehEKOgy59DrGohrRkgMB8GA1UdIwQY
MBaAFKdI++HX06aqR03kP6iFzi0JHFKbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWIt
NmM5YjVjOWJmYTc1LzEvUXlaQjlWVHc5NkVRbzZETG4wT3NhaUd0R1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWItNmM5YjVjOWJmYTc1
LzEvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucxlMA0E
AgACMAcDBQMqEIQAMA0GCSqGSIb3DQEBCwUAA4IBAQCwH2diWqweHDNPbFIQwXxQ
pG34PfXGczrzLr2LCkMMolTFXtqTVk5yuxbubYg2NGnxK1btQKZmVnZFCOqfzGjw
qKe9Gm1hX2hMMw+9XJqg/CszDSWOjndTM4WFcpRHQWTc9lu9EZJjpCbPf6xo+PjB
ItI7sZ+7e8GyrWLUPCA2lEpZutnLkP2lYKJ0BKtGH/rjK/COi6y6wviPa01JGoF2
FR2uYL2P1JB29Ra+Y8TsEfvFrjPupTP+dPPYXW8rJRAssftOw4oICYpvyiG6/jZd
uCllLC8Vioek9quu7YvfmeaHLaZ6KNYdAGz5pVPyzMU4NSV+RkAo4Fculwah3UaH
Generated at Fri Sep 29 21:48:13 2023 by rpki-client on console-ams.rpki-client.org