Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QU0HR2D0hVs-fQjxxUVr3zfkmHw.roa
File: QU0HR2D0hVs-fQjxxUVr3zfkmHw.roa (raw, json)
Hash identifier: lJc6IAyp+P23em6/i9BVwFgPCcl9bCMfkIDvGW259m0=
Subject key identifier: 41:4D:07:47:60:F4:85:5B:3E:7D:08:F1:C5:45:6B:DF:37:E4:98:7C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A8DB7D9164C283D370EC829EF87D8C626
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QU0HR2D0hVs-fQjxxUVr3zfkmHw.roa
Signing time: Wed 13 Sep 2023 08:45:50 +0000
ROA not before: Wed 13 Sep 2023 08:45:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209043
IP address blocks: 185.209.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 09:40:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:b7:d9:16:4c:28:3d:37:0e:c8:29:ef:87:d8:c6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 13 08:45:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=414d074760f4855b3e7d08f1c5456bdf37e4987c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:77:17:25:bc:44:48:22:60:49:95:84:ff:
0b:f3:3d:cf:d4:95:07:2e:72:5f:ee:f5:fb:8a:98:
d3:77:47:02:d5:b0:4f:08:38:86:bd:76:ab:c3:61:
eb:cf:56:d3:b2:c9:d4:af:5a:e0:87:43:e8:28:88:
b7:2e:36:7f:f6:22:22:7f:c4:6d:18:e1:ea:e0:62:
66:7a:bb:dc:88:16:d7:a3:d8:f0:8c:7d:f2:ed:7e:
00:91:b1:b7:53:8c:83:f7:d3:68:2e:39:ef:26:be:
2c:85:e9:95:c0:7f:57:72:7e:e7:e3:88:86:63:f6:
f4:5b:e5:df:73:a7:de:16:76:f8:dc:fb:71:63:e0:
a2:e2:75:9a:a6:f2:9b:4e:b2:2c:70:aa:cb:24:c6:
f3:fe:64:44:dd:4a:32:78:e8:78:31:46:64:2d:bc:
2a:3f:30:af:f4:40:15:74:62:8e:55:fc:f0:26:f6:
f6:14:18:1b:d7:57:bc:9c:09:46:64:34:34:44:16:
f0:ba:f1:71:a8:5e:3e:16:f3:3f:71:2c:60:cf:08:
fc:ee:ff:b2:3a:2d:04:5e:9d:47:6d:c6:eb:cb:88:
7e:28:c3:30:1c:44:d7:79:d0:52:e0:20:cb:ed:d0:
64:64:7d:b0:2b:64:3b:3f:8f:f0:79:4e:58:65:f0:
56:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:4D:07:47:60:F4:85:5B:3E:7D:08:F1:C5:45:6B:DF:37:E4:98:7C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QU0HR2D0hVs-fQjxxUVr3zfkmHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.38.0/24
Signature Algorithm: sha256WithRSAEncryption
37:eb:5c:59:e5:68:a8:f5:0e:e1:90:eb:49:dd:c5:68:2d:81:
68:cc:0c:b4:e1:ea:93:9f:0f:24:5b:6e:17:a7:38:0e:ef:2f:
87:e7:b3:39:bb:27:bc:3f:d8:07:96:33:cc:d4:0d:7d:8c:6a:
f9:7f:d6:db:9f:59:4a:4a:1c:9c:ee:b4:e6:ad:a3:80:a4:99:
f6:76:8d:8a:fd:ef:3c:8c:30:f4:47:4e:10:ab:04:e5:c4:3d:
68:9b:22:c6:90:dd:e1:09:6e:8a:f3:ec:37:20:df:8e:bb:7e:
12:82:5d:25:72:73:81:83:e8:0f:9b:18:2f:3e:c8:f5:43:ed:
2a:f8:91:56:34:5b:fb:50:8e:9d:30:74:a5:d8:ac:c0:70:78:
34:14:ba:7c:01:4a:30:1c:19:b8:2c:d7:f4:16:7e:0a:ff:1e:
58:b0:cf:da:72:e7:d2:37:73:1d:07:62:3a:98:94:95:13:cd:
4a:b1:06:06:71:6f:d5:06:82:f0:1f:fe:93:f3:7d:7f:17:83:
70:41:2a:8e:26:85:80:62:b9:0b:8a:94:b0:db:69:4f:b7:53:
db:29:e4:63:e9:eb:10:73:f1:bd:da:28:4a:1d:f4:c5:88:7c:
af:ed:a5:4b:6a:19:9c:25:2a:68:7e:44:33:06:5a:37:ba:d7:
70:d2:13:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqNt9kWTCg9Nw7IKe+H2MYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTEzMDg0NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTRkMDc0NzYwZjQ4NTViM2U3ZDA4ZjFjNTQ1NmJkZjM3ZTQ5ODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps53FyW8REgiYEmVhP8L8z3P1JUH
LnJf7vX7ipjTd0cC1bBPCDiGvXarw2Hrz1bTssnUr1rgh0PoKIi3LjZ/9iIif8Rt
GOHq4GJmervciBbXo9jwjH3y7X4AkbG3U4yD99NoLjnvJr4shemVwH9Xcn7n44iG
Y/b0W+Xfc6feFnb43PtxY+Ci4nWapvKbTrIscKrLJMbz/mRE3UoyeOh4MUZkLbwq
PzCv9EAVdGKOVfzwJvb2FBgb11e8nAlGZDQ0RBbwuvFxqF4+FvM/cSxgzwj87v+y
Oi0EXp1Hbcbry4h+KMMwHETXedBS4CDL7dBkZH2wK2Q7P4/weU5YZfBWBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFNB0dg9IVbPn0I8cVFa9835Jh8MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUVUwSFIyRDBoVnMtZlFqeHhVVnIzemZrbUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudEmMA0G
CSqGSIb3DQEBCwUAA4IBAQA361xZ5Wio9Q7hkOtJ3cVoLYFozAy04eqTnw8kW24X
pzgO7y+H57M5uye8P9gHljPM1A19jGr5f9bbn1lKShyc7rTmraOApJn2do2K/e88
jDD0R04QqwTlxD1omyLGkN3hCW6K8+w3IN+Ou34Sgl0lcnOBg+gPmxgvPsj1Q+0q
+JFWNFv7UI6dMHSl2KzAcHg0FLp8AUowHBm4LNf0Fn4K/x5YsM/acufSN3MdB2I6
mJSVE81KsQYGcW/VBoLwH/6T831/F4NwQSqOJoWAYrkLipSw22lPt1PbKeRj6esQ
c/G92ihKHfTFiHyv7aVLahmcJSpofkQzBlo3utdw0hNV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org