Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qcYDQLNjH4PBh5Tmt-3PC5cqKkE.roa
File: qcYDQLNjH4PBh5Tmt-3PC5cqKkE.roa (raw, json)
Hash identifier: Xu295CxNakxoTIcpnTimk5QhCAV4YWzkwF7R3/Kf4bo=
Subject key identifier: A9:C6:03:40:B3:63:1F:83:C1:87:94:E6:B7:ED:CF:0B:97:2A:2A:41
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0187746D7F20A6EF418140E0D66E0D1FD50E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qcYDQLNjH4PBh5Tmt-3PC5cqKkE.roa
Signing time: Wed 12 Apr 2023 07:45:45 +0000
ROA not before: Wed 12 Apr 2023 07:45:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.230.52.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 May 2023 10:10:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:6d:7f:20:a6:ef:41:81:40:e0:d6:6e:0d:1f:d5:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 12 07:45:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9c60340b3631f83c18794e6b7edcf0b972a2a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c4:70:f7:e2:8c:09:80:0b:74:88:9e:4d:07:
9e:f1:8b:45:f7:8d:2a:54:b0:b0:69:e4:ae:6e:35:
97:56:47:1e:e0:41:21:79:33:25:da:48:2f:2c:70:
30:21:bd:bf:93:8b:55:8a:ed:2b:77:a6:f1:69:eb:
db:95:20:84:07:65:f3:f5:af:e7:4b:ca:b3:27:18:
52:dc:29:8f:88:67:c0:c7:fc:88:c5:1c:23:7f:88:
e7:fd:c4:bc:db:85:7b:95:8a:00:aa:52:da:12:5b:
ab:29:4a:71:18:c5:34:18:6e:e5:ad:96:d1:09:8b:
b3:8d:02:9a:75:0d:43:82:77:1d:63:05:a0:34:a9:
1c:95:a4:94:70:e3:a9:34:04:4e:a7:b2:0b:54:f8:
60:8d:09:67:51:ad:e7:0f:de:3c:f8:23:0c:6f:1b:
c4:e2:f3:46:d5:16:6b:59:45:41:cc:92:52:a4:3c:
80:f7:52:dc:e3:e2:cd:68:e0:49:d2:66:fa:54:3c:
dd:25:41:dd:ea:f7:d9:52:88:52:74:37:b7:bf:1e:
66:55:a3:09:af:b9:40:d3:13:ef:4f:c4:76:0e:0e:
33:25:ce:40:54:80:ef:f9:40:9e:30:7e:ff:c3:d5:
d0:92:b9:5f:3a:77:a3:36:7f:22:33:a9:1f:d7:bf:
6f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C6:03:40:B3:63:1F:83:C1:87:94:E6:B7:ED:CF:0B:97:2A:2A:41
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qcYDQLNjH4PBh5Tmt-3PC5cqKkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.52.0/24
193.58.145.0/24
Signature Algorithm: sha256WithRSAEncryption
09:5f:4f:15:53:c7:2f:8f:3f:44:3e:fc:30:e5:35:65:22:36:
0d:f6:16:f8:97:a2:a0:72:64:b7:b9:a9:59:b4:00:18:27:59:
1c:29:08:21:05:10:af:91:45:12:21:0d:e8:cc:82:a5:94:d8:
d8:ee:12:00:8b:1d:e6:fa:76:fa:70:39:e2:f4:08:d2:31:cc:
52:46:b0:54:b2:0a:60:a5:d4:f8:0a:99:ad:ab:08:5b:84:24:
63:91:0a:b1:65:ca:4a:aa:04:a2:3e:30:99:24:a5:f1:18:d0:
68:5f:02:43:07:41:29:0a:38:be:46:96:5e:77:c2:ca:14:47:
76:ee:dd:31:3a:fe:cb:d2:7b:5f:33:88:6e:78:35:be:d9:ff:
48:6b:f1:a9:c0:71:27:d8:44:17:26:24:51:b0:57:34:cd:ad:
17:96:ff:2f:55:ab:e2:03:54:f1:a1:ee:b6:8b:41:8d:e6:6d:
f3:b1:b5:8b:44:e2:0f:fa:ae:ed:88:e0:13:a5:95:92:7c:db:
aa:df:7b:63:1e:0d:dc:cf:94:ba:35:36:14:83:e7:e3:89:70:
ed:0c:6f:2c:12:11:86:0a:4f:6a:81:18:37:68:f3:0f:aa:fe:
43:35:7a:87:f6:1d:d5:3e:c3:46:ce:bd:95:72:da:45:93:64:
99:3f:b6:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd0bX8gpu9BgUDg1m4NH9UOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDEyMDc0NTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWM2MDM0MGIzNjMxZjgzYzE4Nzk0ZTZiN2VkY2YwYjk3MmEyYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sRw9+KMCYALdIieTQee8YtF940q
VLCwaeSubjWXVkce4EEheTMl2kgvLHAwIb2/k4tViu0rd6bxaevblSCEB2Xz9a/n
S8qzJxhS3CmPiGfAx/yIxRwjf4jn/cS824V7lYoAqlLaElurKUpxGMU0GG7lrZbR
CYuzjQKadQ1DgncdYwWgNKkclaSUcOOpNAROp7ILVPhgjQlnUa3nD948+CMMbxvE
4vNG1RZrWUVBzJJSpDyA91Lc4+LNaOBJ0mb6VDzdJUHd6vfZUohSdDe3vx5mVaMJ
r7lA0xPvT8R2Dg4zJc5AVIDv+UCeMH7/w9XQkrlfOnejNn8iM6kf179v8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKnGA0CzYx+DwYeU5rftzwuXKipBMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcWNZRFFMTmpINFBCaDVUbXQtM1BDNWNxS2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueY0AwQA
wTqRMA0GCSqGSIb3DQEBCwUAA4IBAQAJX08VU8cvjz9EPvww5TVlIjYN9hb4l6Kg
cmS3ualZtAAYJ1kcKQghBRCvkUUSIQ3ozIKllNjY7hIAix3m+nb6cDni9AjSMcxS
RrBUsgpgpdT4CpmtqwhbhCRjkQqxZcpKqgSiPjCZJKXxGNBoXwJDB0EpCji+RpZe
d8LKFEd27t0xOv7L0ntfM4hueDW+2f9Ia/GpwHEn2EQXJiRRsFc0za0Xlv8vVavi
A1Txoe62i0GN5m3zsbWLROIP+q7tiOATpZWSfNuq33tjHg3cz5S6NTYUg+fjiXDt
DG8sEhGGCk9qgRg3aPMPqv5DNXqH9h3VPsNGzr2VctpFk2SZP7YR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org