Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qulP9Oq8NQ-5GYPSQQsPzB6YTTA.roa
File: qulP9Oq8NQ-5GYPSQQsPzB6YTTA.roa (raw, json)
Hash identifier: hgAhH8mMjx+NXnRgUEoSFxxJ1vJVfuCL87Go5FCNbCw=
Subject key identifier: AA:E9:4F:F4:EA:BC:35:0F:B9:19:83:D2:41:0B:0F:CC:1E:98:4D:30
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A70DC83B75163B66A3B809A368AF99BDF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qulP9Oq8NQ-5GYPSQQsPzB6YTTA.roa
Signing time: Thu 07 Sep 2023 18:16:54 +0000
ROA not before: Thu 07 Sep 2023 18:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 185.221.22.0/23 maxlen: 24
185.209.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Sep 2023 08:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:dc:83:b7:51:63:b6:6a:3b:80:9a:36:8a:f9:9b:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 7 18:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aae94ff4eabc350fb91983d2410b0fcc1e984d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d2:82:0b:71:2d:a2:b0:06:70:c2:8b:f8:e4:
24:9f:16:df:2e:ad:f2:c9:fb:46:b9:ae:60:c3:d4:
e5:19:1f:fe:b4:36:9a:4f:fe:03:53:a2:58:da:5d:
71:e2:04:25:6a:b1:99:4e:fd:d8:29:43:03:76:ab:
0b:f2:0d:c9:11:61:c1:71:45:8a:d8:52:b0:e5:e6:
ec:63:70:83:85:09:fd:36:1d:fa:df:b7:62:26:52:
f3:e6:5d:91:7d:ae:00:85:49:34:2c:2e:93:5d:79:
e3:76:25:c9:c3:02:6d:25:3f:11:41:c4:20:e0:ab:
4a:fe:a8:98:8d:58:cc:a8:f5:58:1e:16:a7:09:fe:
cd:94:89:2d:ca:aa:3e:86:15:27:fa:9c:21:59:83:
dc:bb:0d:e7:54:a8:45:7d:fb:93:b0:60:31:10:e8:
d2:4b:f8:5c:06:23:93:1d:d4:76:84:35:1a:5f:e5:
20:17:45:05:7c:fe:9b:0b:82:1c:31:b7:73:ab:00:
24:40:5a:ef:21:2e:db:75:44:68:e1:be:d2:24:f2:
d9:00:ab:3c:34:35:06:40:3d:d1:b4:0e:5b:06:45:
d8:25:ec:38:f5:24:3a:e5:54:5f:85:eb:bd:c0:b5:
6f:60:d7:9d:c4:f7:cf:21:52:09:73:aa:e7:47:4b:
35:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E9:4F:F4:EA:BC:35:0F:B9:19:83:D2:41:0B:0F:CC:1E:98:4D:30
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qulP9Oq8NQ-5GYPSQQsPzB6YTTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.73.0/24
185.221.22.0/23
Signature Algorithm: sha256WithRSAEncryption
66:6d:23:4c:16:a2:1e:ff:8d:70:a6:75:b6:f0:b7:47:36:d0:
6b:ef:d1:00:90:41:e9:ff:29:8e:5a:f1:9b:d0:27:f3:05:14:
64:7e:ed:3b:d2:60:33:71:90:1e:fc:10:81:8d:eb:70:72:52:
48:d9:13:9b:a3:4f:ae:bd:e7:b6:fa:6f:06:a3:f7:21:20:29:
2b:90:7f:6f:31:9f:7b:92:11:95:74:b3:de:4f:30:7f:4d:0d:
86:81:0a:88:c3:ee:c4:77:54:d0:28:58:46:d6:42:0f:67:ef:
25:fe:61:ec:7a:8e:f7:fe:f6:98:e5:af:d5:9e:07:43:98:fb:
2b:bf:e7:f5:f1:51:df:c2:5c:d4:6e:38:8a:9c:a6:34:8f:6d:
b4:4f:3d:c4:88:22:b2:37:7f:64:bb:db:89:b0:00:c5:ed:61:
0d:bf:75:91:92:b1:b7:2b:27:7e:34:98:92:46:31:2c:e0:40:
87:6e:31:d6:b6:b8:b1:66:d2:e4:0a:69:e9:47:72:5d:0e:ad:
1a:47:59:63:4e:de:12:9e:85:c4:36:07:58:fb:c5:ff:e3:de:
09:3e:cb:df:18:e4:12:bf:da:1b:e5:56:36:15:51:35:bd:3a:
63:99:e9:85:69:96:ea:ed:9f:d7:ee:71:fc:cf:cd:d0:6c:47:
4b:c7:bf:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpw3IO3UWO2ajuAmjaK+ZvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTA3MTgxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWU5NGZmNGVhYmMzNTBmYjkxOTgzZDI0MTBiMGZjYzFlOTg0ZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNKCC3EtorAGcMKL+OQknxbfLq3y
yftGua5gw9TlGR/+tDaaT/4DU6JY2l1x4gQlarGZTv3YKUMDdqsL8g3JEWHBcUWK
2FKw5ebsY3CDhQn9Nh3637diJlLz5l2Rfa4AhUk0LC6TXXnjdiXJwwJtJT8RQcQg
4KtK/qiYjVjMqPVYHhanCf7NlIktyqo+hhUn+pwhWYPcuw3nVKhFffuTsGAxEOjS
S/hcBiOTHdR2hDUaX+UgF0UFfP6bC4IcMbdzqwAkQFrvIS7bdURo4b7SJPLZAKs8
NDUGQD3RtA5bBkXYJew49SQ65VRfheu9wLVvYNedxPfPIVIJc6rnR0s1OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKrpT/TqvDUPuRmD0kELD8wemE0wMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcXVsUDlPcThOUS01R1lQU1FRc1B6QjZZVFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudFJAwQB
ud0WMA0GCSqGSIb3DQEBCwUAA4IBAQBmbSNMFqIe/41wpnW28LdHNtBr79EAkEHp
/ymOWvGb0CfzBRRkfu070mAzcZAe/BCBjetwclJI2RObo0+uvee2+m8Go/chICkr
kH9vMZ97khGVdLPeTzB/TQ2GgQqIw+7Ed1TQKFhG1kIPZ+8l/mHseo73/vaY5a/V
ngdDmPsrv+f18VHfwlzUbjiKnKY0j220Tz3EiCKyN39ku9uJsADF7WENv3WRkrG3
Kyd+NJiSRjEs4ECHbjHWtrixZtLkCmnpR3JdDq0aR1ljTt4SnoXENgdY+8X/494J
PsvfGOQSv9ob5VY2FVE1vTpjmemFaZbq7Z/X7nH8z83QbEdLx78S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org