Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QO30KpEVb1XW85giPjm6cbIEbWs.roa
File: QO30KpEVb1XW85giPjm6cbIEbWs.roa (raw, json)
Hash identifier: jr6zpb76HyL8awJf1oMVO4IYYkfy/BxPpY1q2WZJgFY=
Subject key identifier: 40:ED:F4:2A:91:15:6F:55:D6:F3:98:22:3E:39:BA:71:B2:04:6D:6B
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B64C0032ED8AE6E4BD18A77B92A80D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QO30KpEVb1XW85giPjm6cbIEbWs.roa
Signing time: Mon 02 Jan 2023 09:00:50 +0000
ROA not before: Mon 02 Jan 2023 09:00:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212830
IP address blocks: 185.128.52.0/22 maxlen: 24
194.124.68.0/23 maxlen: 24
194.124.70.0/23 maxlen: 24
194.124.68.0/24 maxlen: 24
185.223.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 10:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:4c:00:32:ed:8a:e6:e4:bd:18:a7:7b:92:a8:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40edf42a91156f55d6f398223e39ba71b2046d6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:bd:4b:41:ef:b8:ac:ae:1e:1e:26:12:00:
e5:29:0f:8d:16:81:26:89:b6:69:e8:e7:11:17:05:
e7:1d:92:82:0a:eb:54:2f:cd:43:5b:5a:10:fe:98:
4b:43:cc:fe:3b:0d:dc:5d:d9:29:2b:b9:64:18:e0:
13:97:27:33:60:cc:54:3c:5e:62:54:ee:ae:9d:38:
63:3b:69:c0:28:b7:4b:81:49:fa:5d:8a:13:54:ee:
ad:bd:7f:92:5e:2a:a4:5d:4d:6d:77:df:a7:62:84:
a0:32:7e:df:77:78:6c:6f:cc:1f:7e:cd:7a:b6:78:
93:24:e2:46:e2:3f:ed:13:60:16:6b:20:64:cf:eb:
53:17:59:d2:4d:fb:83:7b:37:f1:5e:ce:a1:93:2f:
db:97:d1:c7:7c:12:f7:99:dd:2e:08:0c:cb:1b:e8:
f8:38:f1:fe:f8:4e:4c:a9:bd:f8:7a:28:2a:9d:cd:
f9:d1:d2:69:a5:90:1a:3f:3f:bb:ec:d8:0d:6c:6e:
19:8e:df:6d:28:f0:35:27:30:d5:d8:f0:79:54:47:
b8:18:ab:7c:ea:49:d6:f4:5e:be:09:47:86:53:b5:
de:6f:5a:6f:7f:5a:a5:13:dd:80:37:17:04:b2:c8:
69:f4:3a:c4:34:d8:a3:02:af:54:b1:c8:17:f4:d8:
8d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:ED:F4:2A:91:15:6F:55:D6:F3:98:22:3E:39:BA:71:B2:04:6D:6B
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QO30KpEVb1XW85giPjm6cbIEbWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.52.0/22
185.223.60.0/22
194.124.68.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:f2:15:7e:b3:fe:d7:f8:72:ef:43:a2:c7:fe:c3:87:13:d5:
e5:ca:b1:21:b9:85:76:5e:c0:f2:38:a5:ac:57:6b:02:57:c0:
49:77:df:24:98:8d:f7:2a:ae:21:c7:c2:3d:fb:c7:76:63:ff:
2e:c8:87:f1:f5:19:ea:84:f0:73:0b:93:de:bb:28:8a:06:6b:
c3:4e:98:78:86:95:84:af:8c:19:f2:5b:2b:ab:06:14:3c:31:
38:b3:3f:af:86:72:60:f1:ce:2f:c7:33:81:2b:a3:a7:75:1a:
5f:12:3b:02:20:04:b6:6d:29:fa:8b:ab:e1:db:38:90:c2:87:
47:a2:4d:5b:60:73:21:93:21:3e:47:24:c4:57:ca:f7:cc:38:
df:95:2d:f3:6a:16:f0:e1:6f:e0:d7:85:fd:1c:4b:d9:2d:5d:
05:8a:6c:f6:ab:0f:85:59:ad:fd:0e:a2:e6:b2:00:23:97:79:
55:36:35:ab:79:9f:88:34:58:65:af:5b:30:f4:0d:7a:8a:5a:
0a:f7:da:7f:55:9a:1f:a4:f6:28:46:11:95:03:9f:dc:56:a7:
72:cf:47:36:cd:59:9b:ff:c5:dd:d0:84:a8:88:fd:cf:d3:3e:
d8:0b:f9:b5:69:c6:ed:18:06:50:da:7d:c4:7c:ac:7d:0b:a4:
80:1b:2c:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxtkwAMu2K5uS9GKd7kqgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGVkZjQyYTkxMTU2ZjU1ZDZmMzk4MjIzZTM5YmE3MWIyMDQ2ZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAova9S0HvuKyuHh4mEgDlKQ+NFoEm
ibZp6OcRFwXnHZKCCutUL81DW1oQ/phLQ8z+Ow3cXdkpK7lkGOATlyczYMxUPF5i
VO6unThjO2nAKLdLgUn6XYoTVO6tvX+SXiqkXU1td9+nYoSgMn7fd3hsb8wffs16
tniTJOJG4j/tE2AWayBkz+tTF1nSTfuDezfxXs6hky/bl9HHfBL3md0uCAzLG+j4
OPH++E5Mqb34eigqnc350dJppZAaPz+77NgNbG4Zjt9tKPA1JzDV2PB5VEe4GKt8
6knW9F6+CUeGU7Xeb1pvf1qlE92ANxcEsshp9DrENNijAq9UscgX9NiNcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEDt9CqRFW9V1vOYIj45unGyBG1rMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUU8zMEtwRVZiMVhXODVnaVBqbTZjYklFYldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuYA0AwQC
ud88AwQCwnxEMA0GCSqGSIb3DQEBCwUAA4IBAQCs8hV+s/7X+HLvQ6LH/sOHE9Xl
yrEhuYV2XsDyOKWsV2sCV8BJd98kmI33Kq4hx8I9+8d2Y/8uyIfx9RnqhPBzC5Pe
uyiKBmvDTph4hpWEr4wZ8lsrqwYUPDE4sz+vhnJg8c4vxzOBK6OndRpfEjsCIAS2
bSn6i6vh2ziQwodHok1bYHMhkyE+RyTEV8r3zDjflS3zahbw4W/g14X9HEvZLV0F
imz2qw+FWa39DqLmsgAjl3lVNjWreZ+INFhlr1sw9A16iloK99p/VZofpPYoRhGV
A5/cVqdyz0c2zVmb/8Xd0ISoiP3P0z7YC/m1acbtGAZQ2n3EfKx9C6SAGyx0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org