Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/QusJYQOoD1TaSnJOXBkc0EHHuWI.roa
File: QusJYQOoD1TaSnJOXBkc0EHHuWI.roa (raw, json)
Hash identifier: aTNuk1a6JLTvfPACnq2FOJNk2jzdQRDMsjU0VMHJhyk=
Subject key identifier: 42:EB:09:61:03:A8:0F:54:DA:4A:72:4E:5C:19:1C:D0:41:C7:B9:62
Certificate issuer: /CN=7dbacb1fc2c2063042781631b517ce475233a2bd
Certificate serial: 01856D788E6D950F5027AC96C3BBDE1F9F5A
Authority key identifier: 7D:BA:CB:1F:C2:C2:06:30:42:78:16:31:B5:17:CE:47:52:33:A2:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fbrLH8LCBjBCeBYxtRfOR1Izor0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/QusJYQOoD1TaSnJOXBkc0EHHuWI.roa
Signing time: Sun 01 Jan 2023 13:14:55 +0000
ROA not before: Sun 01 Jan 2023 13:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209288
IP address blocks: 185.88.64.0/22 maxlen: 22
185.88.67.0/24 maxlen: 24
185.88.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:8e:6d:95:0f:50:27:ac:96:c3:bb:de:1f:9f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dbacb1fc2c2063042781631b517ce475233a2bd
Validity
Not Before: Jan 1 13:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42eb096103a80f54da4a724e5c191cd041c7b962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8d:0a:88:3b:ac:1b:09:60:8c:79:10:dd:01:
92:d1:7e:e0:1d:50:4a:d7:4c:47:ff:d9:a5:e1:11:
c0:d3:a3:9e:3d:e8:67:40:e3:68:ee:aa:18:48:d0:
df:4b:3a:ce:e6:a8:97:ad:78:87:66:21:e8:6f:18:
60:0f:4f:b6:f9:99:64:c9:40:aa:c9:2b:d2:38:c0:
bf:a8:d7:9e:90:95:e9:df:90:5e:e7:2d:cd:6b:dc:
52:64:5d:96:d8:fc:77:0c:b6:86:c2:d2:84:80:28:
a3:a8:a7:a3:c8:26:51:cd:16:fe:61:7e:86:60:01:
98:8d:f6:06:5e:6d:71:e9:5f:5b:7b:f7:ac:7d:f9:
7c:35:fc:61:62:4b:db:01:a0:79:86:99:86:89:d7:
93:ad:5e:c3:fb:95:43:9c:88:f6:4a:f6:26:a9:f4:
4d:a4:61:e9:ab:ad:18:6a:d1:a0:52:97:73:5d:a7:
1d:8e:d8:c2:70:02:6f:cc:69:f4:23:57:66:ea:72:
7d:0a:ef:d5:1d:fa:8c:f1:57:a7:e9:ef:3f:46:dd:
33:01:f1:99:6b:e0:53:0e:8e:dd:84:2d:69:8b:50:
b0:73:98:11:22:9a:42:49:8b:d2:b6:5c:99:23:36:
e0:4a:e8:a8:27:91:88:cf:b8:b4:6f:da:c0:bb:62:
c8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:EB:09:61:03:A8:0F:54:DA:4A:72:4E:5C:19:1C:D0:41:C7:B9:62
X509v3 Authority Key Identifier:
keyid:7D:BA:CB:1F:C2:C2:06:30:42:78:16:31:B5:17:CE:47:52:33:A2:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fbrLH8LCBjBCeBYxtRfOR1Izor0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/QusJYQOoD1TaSnJOXBkc0EHHuWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/3d2d7b-2c5c-498f-85bf-285ec8fe8ec6/1/fbrLH8LCBjBCeBYxtRfOR1Izor0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.64.0/22
Signature Algorithm: sha256WithRSAEncryption
47:9a:89:35:25:c3:cc:1e:2a:70:9e:c3:57:b5:28:f4:6f:52:
00:21:b9:99:e1:97:a5:33:5e:2a:91:12:ee:ce:40:40:8d:56:
bc:4a:b9:f9:7c:4f:ce:c8:db:10:63:97:59:49:3e:74:7b:7c:
9c:ea:d3:80:0b:8a:7a:ab:c9:b0:c8:96:0a:e6:0c:00:5b:ea:
39:e9:7d:79:5b:6e:41:03:49:60:f0:49:e4:cc:55:88:c9:9c:
89:31:06:27:74:88:7d:43:35:07:ff:6f:f7:2a:08:e6:91:95:
b8:ea:fb:54:24:7b:5a:55:b1:17:a5:6d:e6:27:b9:0c:70:0f:
86:e8:d0:4b:07:e8:9c:af:c5:00:a6:26:44:94:ff:04:e9:95:
cf:6d:c7:9e:82:e3:0b:87:c8:b9:4a:aa:51:76:50:d4:b7:ee:
c5:0f:8b:6f:3b:d5:56:36:07:fa:e9:e2:41:03:38:ae:14:4a:
fc:2e:ad:04:78:27:57:eb:38:9e:62:54:16:0c:39:7b:9e:da:
17:9c:6b:cb:2a:8f:bb:f8:3b:2d:97:47:ef:5f:a2:03:73:fc:
c3:d7:97:74:47:5b:1f:e5:34:9d:a3:1e:cc:43:c8:02:57:06:
11:ce:fc:b8:ff:01:98:63:1a:64:c3:48:16:7d:57:b9:d9:c6:
37:73:43:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteI5tlQ9QJ6yWw7veH59aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYmFjYjFmYzJjMjA2MzA0Mjc4MTYzMWI1MTdjZTQ3NTIz
M2EyYmQwHhcNMjMwMTAxMTMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmViMDk2MTAzYTgwZjU0ZGE0YTcyNGU1YzE5MWNkMDQxYzdiOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY0KiDusGwlgjHkQ3QGS0X7gHVBK
10xH/9ml4RHA06OePehnQONo7qoYSNDfSzrO5qiXrXiHZiHobxhgD0+2+ZlkyUCq
ySvSOMC/qNeekJXp35Be5y3Na9xSZF2W2Px3DLaGwtKEgCijqKejyCZRzRb+YX6G
YAGYjfYGXm1x6V9be/esffl8NfxhYkvbAaB5hpmGideTrV7D+5VDnIj2SvYmqfRN
pGHpq60YatGgUpdzXacdjtjCcAJvzGn0I1dm6nJ9Cu/VHfqM8Ven6e8/Rt0zAfGZ
a+BTDo7dhC1pi1Cwc5gRIppCSYvStlyZIzbgSuioJ5GIz7i0b9rAu2LIBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFELrCWEDqA9U2kpyTlwZHNBBx7liMB8GA1UdIwQY
MBaAFH26yx/CwgYwQngWMbUXzkdSM6K9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmJyTEg4TENCakJDZUJZeHRSZk9SMUl6b3IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zZDJkN2ItMmM1Yy00OThmLTg1YmYt
Mjg1ZWM4ZmU4ZWM2LzEvUXVzSllRT29EMVRhU25KT1hCa2MwRUhIdVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zZDJkN2ItMmM1Yy00OThmLTg1YmYtMjg1ZWM4ZmU4ZWM2
LzEvZmJyTEg4TENCakJDZUJZeHRSZk9SMUl6b3IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVhAMA0G
CSqGSIb3DQEBCwUAA4IBAQBHmok1JcPMHipwnsNXtSj0b1IAIbmZ4ZelM14qkRLu
zkBAjVa8Srn5fE/OyNsQY5dZST50e3yc6tOAC4p6q8mwyJYK5gwAW+o56X15W25B
A0lg8EnkzFWIyZyJMQYndIh9QzUH/2/3KgjmkZW46vtUJHtaVbEXpW3mJ7kMcA+G
6NBLB+icr8UApiZElP8E6ZXPbceeguMLh8i5SqpRdlDUt+7FD4tvO9VWNgf66eJB
AziuFEr8Lq0EeCdX6zieYlQWDDl7ntoXnGvLKo+7+Dstl0fvX6IDc/zD15d0R1sf
5TSdox7MQ8gCVwYRzvy4/wGYYxpkw0gWfVe52cY3c0MV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:57 2024 by rpki-client on console-ams.rpki-client.org