Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/QCyABNS3dlkGym9f3QoIYFA_uLg.roa
File: QCyABNS3dlkGym9f3QoIYFA_uLg.roa (raw, json)
Hash identifier: 2xEA6OSuviIWaDmellDyr2M9vAxL5uo4a6AqMWUYXhk=
Subject key identifier: 40:2C:80:04:D4:B7:76:59:06:CA:6F:5F:DD:0A:08:60:50:3F:B8:B8
Certificate issuer: /CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Certificate serial: 01856F393A8391CB0FB8E78D3E3741307784
Authority key identifier: A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/QCyABNS3dlkGym9f3QoIYFA_uLg.roa
Signing time: Sun 01 Jan 2023 21:24:59 +0000
ROA not before: Sun 01 Jan 2023 21:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 185.200.208.0/22 maxlen: 24
185.200.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 May 2023 03:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:3a:83:91:cb:0f:b8:e7:8d:3e:37:41:30:77:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Validity
Not Before: Jan 1 21:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=402c8004d4b7765906ca6f5fdd0a0860503fb8b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d0:ed:bd:70:6d:c0:77:98:79:98:7c:7d:f1:
dc:fb:14:b4:9d:d0:a9:fb:64:1e:f8:cd:b6:5c:94:
1d:13:ac:e8:c1:3a:ed:e7:29:df:b8:db:1d:23:14:
09:14:2d:e0:1d:fe:cc:89:6a:80:b7:a7:33:d9:b9:
98:b1:7c:47:14:68:67:5e:35:9e:f1:01:c6:a1:d6:
3e:67:54:e9:65:f8:ae:70:2d:c5:43:5b:20:47:31:
06:3c:8a:e4:69:b6:89:db:44:69:cd:7f:60:5d:33:
d0:a6:27:3d:8a:4e:bb:77:cc:be:d0:21:7c:6a:aa:
6b:26:ee:35:09:5d:f8:d3:52:8b:07:f0:ac:f2:c0:
0f:7a:f8:46:33:98:fe:c6:95:d8:6e:44:ae:d5:e3:
6d:e2:c0:e9:b3:13:7a:42:fd:53:4a:ad:ac:5f:c4:
6a:9e:65:b1:8c:91:52:a6:64:8e:b3:75:09:76:8a:
4c:90:97:18:d2:1b:1d:07:19:69:be:3d:01:e8:5e:
4a:51:3f:e8:9a:1b:9f:fa:ad:57:b1:cc:c5:f9:6d:
63:e0:0a:fb:1f:07:1c:8e:ee:63:da:be:ed:ef:e5:
06:5a:57:8b:3f:9c:49:bd:7a:61:90:b9:16:70:cb:
bf:27:64:72:ef:2c:6f:49:3a:6b:9b:b5:b2:37:a1:
89:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:2C:80:04:D4:B7:76:59:06:CA:6F:5F:DD:0A:08:60:50:3F:B8:B8
X509v3 Authority Key Identifier:
keyid:A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/QCyABNS3dlkGym9f3QoIYFA_uLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.208.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:7a:b2:cd:68:7d:53:02:34:87:ae:2d:ac:08:02:ef:0b:0b:
61:28:3c:7f:26:ad:6d:5e:1a:b7:1a:e5:0a:90:28:cb:49:e4:
84:ff:e1:13:a8:fe:d2:1d:bb:9d:24:91:09:ca:6b:73:76:75:
2a:a7:94:6c:b8:80:65:14:79:62:13:8d:45:4e:e5:73:cd:ed:
4a:53:52:05:e6:af:42:8f:56:81:97:e9:77:f0:c5:fc:cd:7f:
09:d9:11:4f:0f:0d:78:ba:00:41:fa:66:36:76:41:1e:b9:00:
56:97:42:c5:b6:28:32:80:1d:29:ac:af:bb:7c:5d:84:22:01:
5c:3e:e2:27:eb:a1:b3:3b:e8:ba:0e:26:62:9e:1c:60:97:92:
04:35:a9:04:ca:38:10:f7:f5:80:a2:78:1b:78:6d:2a:bc:17:
09:16:8e:db:b4:9f:fd:2a:e5:07:1c:e1:ca:8c:ad:de:66:ef:
34:84:59:43:bd:3f:2c:96:a5:99:8b:c6:92:cb:c8:cd:98:c3:
76:a4:92:58:99:17:cc:a2:37:4e:8b:f8:0e:9e:ca:55:24:bc:
39:90:f1:96:a8:10:6b:d5:c8:c4:e6:15:2d:77:62:e7:a7:a9:
40:0f:dd:22:86:cb:3a:e4:e8:b9:f5:ae:c4:6f:f7:44:f8:a8:
31:14:91:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOTqDkcsPuOeNPjdBMHeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGJkNWQxZjg2ZGQ5ZGQ2NjYwNmExNGQzMWQ2NGNiMGVh
YWM4M2IwHhcNMjMwMTAxMjEyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDJjODAwNGQ0Yjc3NjU5MDZjYTZmNWZkZDBhMDg2MDUwM2ZiOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9DtvXBtwHeYeZh8ffHc+xS0ndCp
+2Qe+M22XJQdE6zowTrt5ynfuNsdIxQJFC3gHf7MiWqAt6cz2bmYsXxHFGhnXjWe
8QHGodY+Z1TpZfiucC3FQ1sgRzEGPIrkabaJ20RpzX9gXTPQpic9ik67d8y+0CF8
aqprJu41CV3401KLB/Cs8sAPevhGM5j+xpXYbkSu1eNt4sDpsxN6Qv1TSq2sX8Rq
nmWxjJFSpmSOs3UJdopMkJcY0hsdBxlpvj0B6F5KUT/omhuf+q1XsczF+W1j4Ar7
Hwccju5j2r7t7+UGWleLP5xJvXphkLkWcMu/J2Ry7yxvSTprm7WyN6GJKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEAsgATUt3ZZBspvX90KCGBQP7i4MB8GA1UdIwQY
MBaAFKDb1dH4bdndZmBqFNMdZMsOqsg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAt
MTM1YzkxZWMxOTllLzEvUUN5QUJOUzNkbGtHeW05ZjNRb0lZRkFfdUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAtMTM1YzkxZWMxOTll
LzEvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucjQMA0G
CSqGSIb3DQEBCwUAA4IBAQBPerLNaH1TAjSHri2sCALvCwthKDx/Jq1tXhq3GuUK
kCjLSeSE/+ETqP7SHbudJJEJymtzdnUqp5RsuIBlFHliE41FTuVzze1KU1IF5q9C
j1aBl+l38MX8zX8J2RFPDw14ugBB+mY2dkEeuQBWl0LFtigygB0prK+7fF2EIgFc
PuIn66GzO+i6DiZinhxgl5IENakEyjgQ9/WAongbeG0qvBcJFo7btJ/9KuUHHOHK
jK3eZu80hFlDvT8slqWZi8aSy8jNmMN2pJJYmRfMojdOi/gOnspVJLw5kPGWqBBr
1cjE5hUtd2Lnp6lAD90ihss65Oi59a7Eb/dE+KgxFJHX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:58 2024 by rpki-client on console-ams.rpki-client.org