Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/QlKkaV6EWRCHU0nxergqlR6nwaQ.roa
File: QlKkaV6EWRCHU0nxergqlR6nwaQ.roa (raw, json)
Hash identifier: f7D/Eq80cIlnI9yQUi+hwYPKdrEBCB5vF7fkmHwb37k=
Subject key identifier: 42:52:A4:69:5E:84:59:10:87:53:49:F1:7A:B8:2A:95:1E:A7:C1:A4
Certificate issuer: /CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Certificate serial: 0186DFD6E2DA2B9F0D1B711EE9C3C8899F6E
Authority key identifier: 23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/QlKkaV6EWRCHU0nxergqlR6nwaQ.roa
Signing time: Tue 14 Mar 2023 11:17:27 +0000
ROA not before: Tue 14 Mar 2023 11:17:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60751
IP address blocks: 185.104.216.0/22 maxlen: 24
185.24.233.0/24 maxlen: 24
185.24.235.0/24 maxlen: 24
185.24.234.0/24 maxlen: 24
2a04:2e01::/32 maxlen: 36
2a04:2e00::/32 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:df:d6:e2:da:2b:9f:0d:1b:71:1e:e9:c3:c8:89:9f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Validity
Not Before: Mar 14 11:17:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4252a4695e845910875349f17ab82a951ea7c1a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:33:d3:66:26:40:85:b7:db:83:bd:9e:e9:d4:
f4:c8:2b:23:f9:41:38:8b:52:cd:d0:2b:10:68:12:
1c:f8:33:07:fc:aa:62:61:36:6b:b2:14:b5:28:61:
40:23:a0:4e:a7:65:2f:16:4f:28:14:08:da:73:d6:
1f:67:03:55:7e:0b:06:32:2c:d5:b8:80:16:10:9e:
75:78:8a:6e:ed:50:85:7b:a9:a2:7b:d0:52:12:e5:
f4:a9:47:6d:99:75:69:1a:c2:c7:21:09:16:3f:5b:
85:46:fd:41:b7:75:8b:c3:20:de:e6:f3:79:a9:71:
5a:fb:ec:7c:89:a8:5c:e3:b2:09:f0:fc:e3:9a:2f:
73:78:33:57:6b:56:e5:51:dd:66:2b:f2:d3:7b:84:
b2:dd:b7:27:24:6c:d8:cc:37:30:be:9f:52:13:3d:
ed:7e:b3:10:81:6e:77:98:ef:ec:64:54:a6:4f:3a:
f5:53:42:a1:a4:ae:31:d5:47:a0:55:a1:c9:30:98:
da:35:95:05:06:31:8d:07:5d:5d:aa:e5:17:9f:94:
87:ec:47:01:45:75:72:3d:bd:42:2d:29:53:28:44:
3b:81:7f:e3:a6:6b:b9:d1:e6:34:e8:51:ff:4a:50:
a4:e6:97:10:b7:e7:33:6e:3c:09:b7:cf:96:1c:4a:
35:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:52:A4:69:5E:84:59:10:87:53:49:F1:7A:B8:2A:95:1E:A7:C1:A4
X509v3 Authority Key Identifier:
keyid:23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/QlKkaV6EWRCHU0nxergqlR6nwaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.233.0-185.24.235.255
185.104.216.0/22
IPv6:
2a04:2e00::/31
Signature Algorithm: sha256WithRSAEncryption
ad:79:85:01:f0:27:7e:30:75:0b:18:a3:13:d0:0c:e9:ad:ba:
0e:39:eb:65:6a:84:41:86:71:10:3e:c0:4b:8b:d4:39:e6:44:
57:b9:d3:64:45:a8:83:fb:f3:ff:71:f9:8e:6b:53:6e:e5:c4:
18:3b:e0:34:2f:4e:2c:d9:04:f3:6a:c6:06:f8:f3:26:89:43:
53:43:da:60:c5:d8:df:ae:71:79:62:4d:bc:c7:0e:f7:30:bf:
0e:d3:c5:82:d7:52:59:51:a5:c2:39:9c:ad:20:09:93:56:e7:
da:d4:73:48:39:44:f6:da:45:ca:74:20:ed:27:2e:e3:72:16:
75:2d:8f:9b:d9:55:4e:bb:ad:ce:8d:fd:18:cd:58:17:a6:40:
88:56:d4:26:a8:19:74:d5:ee:b1:40:0d:be:96:e4:a5:ff:e6:
36:3a:61:c6:63:9f:7c:d5:47:32:bb:8e:3b:ba:f9:b3:43:ba:
f0:a0:59:4d:5f:b5:67:33:d1:1a:69:ff:54:b7:24:b3:a5:5b:
69:56:ce:e2:8e:da:02:c0:5d:ff:83:18:12:c6:4a:88:e9:36:
a1:51:1c:a6:80:8c:9f:71:21:c5:18:fd:53:dc:8e:62:84:0e:
9f:42:82:5e:5e:9d:e5:df:00:55:bd:3b:52:4a:56:e2:38:f7:
70:4b:2d:18
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYbf1uLaK58NG3Ee6cPIiZ9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzY2JiZjkzNDhhZTU1OGM2ZWZhMGMwODZmMjRiZTA0Y2Iy
M2M2ZTkwHhcNMjMwMzE0MTExNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjUyYTQ2OTVlODQ1OTEwODc1MzQ5ZjE3YWI4MmE5NTFlYTdjMWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizPTZiZAhbfbg72e6dT0yCsj+UE4
i1LN0CsQaBIc+DMH/KpiYTZrshS1KGFAI6BOp2UvFk8oFAjac9YfZwNVfgsGMizV
uIAWEJ51eIpu7VCFe6mie9BSEuX0qUdtmXVpGsLHIQkWP1uFRv1Bt3WLwyDe5vN5
qXFa++x8iahc47IJ8Pzjmi9zeDNXa1blUd1mK/LTe4Sy3bcnJGzYzDcwvp9SEz3t
frMQgW53mO/sZFSmTzr1U0KhpK4x1UegVaHJMJjaNZUFBjGNB11dquUXn5SH7EcB
RXVyPb1CLSlTKEQ7gX/jpmu50eY06FH/SlCk5pcQt+czbjwJt8+WHEo1BQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEJSpGlehFkQh1NJ8Xq4KpUep8GkMB8GA1UdIwQY
MBaAFCPLv5NIrlWMbvoMCG8kvgTLI8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMt
NjIxZWUwNTJhNmZjLzEvUWxLa2FWNkVXUkNIVTBueGVyZ3FsUjZud2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMtNjIxZWUwNTJhNmZj
LzEvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC5GOkD
BAK5GOgDBAK5aNgwDQQCAAIwBwMFASoELgAwDQYJKoZIhvcNAQELBQADggEBAK15
hQHwJ34wdQsYoxPQDOmtug4562VqhEGGcRA+wEuL1DnmRFe502RFqIP78/9x+Y5r
U27lxBg74DQvTizZBPNqxgb48yaJQ1ND2mDF2N+ucXliTbzHDvcwvw7TxYLXUllR
pcI5nK0gCZNW59rUc0g5RPbaRcp0IO0nLuNyFnUtj5vZVU67rc6N/RjNWBemQIhW
1CaoGXTV7rFADb6W5KX/5jY6YcZjn3zVRzK7jju6+bNDuvCgWU1ftWcz0Rpp/1S3
JLOlW2lWzuKO2gLAXf+DGBLGSojpNqFRHKaAjJ9xIcUY/VPcjmKEDp9Cgl5eneXf
AFW9O1JKVuI493BLLRg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:18 2023 by rpki-client on console-fra.rpki-client.org