Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/fbc3a9-0564-4a2c-ab11-e2c9228aac53/1/QuX0_rJ-bfdrpZ1D1KUuON8397c.roa
File: QuX0_rJ-bfdrpZ1D1KUuON8397c.roa (raw, json)
Hash identifier: r6b8kLERDwVaF97jHdT6MRhN2S9/yCabXdnW8k0aYl8=
Subject key identifier: 42:E5:F4:FE:B2:7E:6D:F7:6B:A5:9D:43:D4:A5:2E:38:DF:37:F7:B7
Certificate issuer: /CN=43496584e5cf39b56874de8dc77aa3a6ff9e8a1e
Certificate serial: 01856E9D524A3FF59DA22B60B73309099CAE
Authority key identifier: 43:49:65:84:E5:CF:39:B5:68:74:DE:8D:C7:7A:A3:A6:FF:9E:8A:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q0llhOXPObVodN6Nx3qjpv-eih4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/fbc3a9-0564-4a2c-ab11-e2c9228aac53/1/QuX0_rJ-bfdrpZ1D1KUuON8397c.roa
Signing time: Sun 01 Jan 2023 18:34:42 +0000
ROA not before: Sun 01 Jan 2023 18:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.106.0/24 maxlen: 24
2001:7f8:c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:9d:52:4a:3f:f5:9d:a2:2b:60:b7:33:09:09:9c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43496584e5cf39b56874de8dc77aa3a6ff9e8a1e
Validity
Not Before: Jan 1 18:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42e5f4feb27e6df76ba59d43d4a52e38df37f7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0d:01:2a:28:7c:4f:47:9a:5e:c1:50:9d:12:
8d:7a:70:91:77:34:f4:24:e7:f8:b5:a5:8a:f5:e2:
bf:6a:0d:8c:4e:48:5a:50:35:e3:84:60:ba:d0:2b:
c9:1e:7b:40:6c:34:15:80:23:f8:d5:25:c1:43:ae:
d6:d5:7d:49:fb:19:36:75:e3:b0:a6:b3:cb:d4:ab:
2d:b2:4a:df:ed:56:bf:f5:62:4a:75:4b:ee:78:0c:
0b:90:41:81:cb:ee:fa:7a:3b:ee:cc:60:95:76:8d:
da:af:18:c3:e7:35:49:6f:ff:4d:58:18:fa:0d:89:
5a:18:31:e6:b5:fd:54:53:9c:f2:72:42:85:8e:db:
21:e5:c0:ab:13:cb:2d:20:33:9f:c9:32:71:6c:2a:
a3:7d:e1:56:eb:f5:de:ad:ac:75:d1:9e:16:97:46:
19:e6:0d:d6:80:7e:02:1c:18:94:ec:56:55:05:79:
fe:fe:e2:dd:4a:00:00:6a:e8:0d:3b:fd:84:a0:61:
31:f1:5f:f4:1b:43:5e:d8:a6:31:b7:18:3a:1b:ff:
50:ad:1a:c2:7d:ff:b4:a0:63:d3:64:07:4c:cc:9c:
ae:2c:d8:d1:66:b5:30:88:b3:32:6b:ea:0f:ac:fc:
3a:92:a4:58:4c:54:d4:86:1f:75:b9:1f:0d:1f:03:
0a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E5:F4:FE:B2:7E:6D:F7:6B:A5:9D:43:D4:A5:2E:38:DF:37:F7:B7
X509v3 Authority Key Identifier:
keyid:43:49:65:84:E5:CF:39:B5:68:74:DE:8D:C7:7A:A3:A6:FF:9E:8A:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q0llhOXPObVodN6Nx3qjpv-eih4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/fbc3a9-0564-4a2c-ab11-e2c9228aac53/1/QuX0_rJ-bfdrpZ1D1KUuON8397c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/fbc3a9-0564-4a2c-ab11-e2c9228aac53/1/Q0llhOXPObVodN6Nx3qjpv-eih4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.106.0/24
IPv6:
2001:7f8:c0::/48
Signature Algorithm: sha256WithRSAEncryption
96:96:62:ed:73:99:a6:b7:86:97:12:e1:5c:b5:e3:17:61:9e:
69:d3:0c:67:d8:0d:63:24:f9:e0:1c:34:5b:ab:c4:ba:92:42:
40:5c:c4:b0:30:8b:a1:eb:62:26:96:c7:ee:77:4b:c6:33:b1:
76:9e:b5:f1:36:52:45:a9:e1:5e:84:8c:9e:e6:09:20:6b:d8:
a6:94:75:2a:85:3a:1e:3c:2d:7c:ac:6c:85:3b:9d:4d:2f:ea:
79:3b:a6:21:b4:ef:7b:80:f0:62:97:58:84:2c:08:df:5a:a0:
b4:ed:36:3e:c3:00:8e:8a:d6:3b:84:a2:2a:2a:03:30:e7:66:
8b:27:6c:fb:16:aa:04:87:8e:0b:22:24:d7:b8:55:aa:7d:be:
62:10:a7:55:a6:59:64:98:56:b4:87:17:8f:1d:d8:0a:06:89:
e6:e4:35:72:81:29:4f:4a:75:b0:6b:45:28:21:12:dc:86:6e:
f1:8d:41:c2:7d:08:50:ad:84:c9:8b:c1:2d:ae:91:1e:4e:b8:
f9:da:f4:40:90:82:d1:ff:f0:38:07:19:b7:d9:d3:85:e0:b0:
69:39:df:a0:50:97:fc:23:8d:aa:eb:04:d3:66:10:75:26:80:
dd:a2:32:3c:af:f9:77:63:5e:f1:f0:6b:c4:e1:c6:52:d6:63:
0a:0d:2b:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVunVJKP/WdoitgtzMJCZyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNDk2NTg0ZTVjZjM5YjU2ODc0ZGU4ZGM3N2FhM2E2ZmY5
ZThhMWUwHhcNMjMwMTAxMTgzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmU1ZjRmZWIyN2U2ZGY3NmJhNTlkNDNkNGE1MmUzOGRmMzdmN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA0BKih8T0eaXsFQnRKNenCRdzT0
JOf4taWK9eK/ag2MTkhaUDXjhGC60CvJHntAbDQVgCP41SXBQ67W1X1J+xk2deOw
prPL1Kstskrf7Va/9WJKdUvueAwLkEGBy+76ejvuzGCVdo3arxjD5zVJb/9NWBj6
DYlaGDHmtf1UU5zyckKFjtsh5cCrE8stIDOfyTJxbCqjfeFW6/Xerax10Z4Wl0YZ
5g3WgH4CHBiU7FZVBXn+/uLdSgAAaugNO/2EoGEx8V/0G0Ne2KYxtxg6G/9QrRrC
ff+0oGPTZAdMzJyuLNjRZrUwiLMya+oPrPw6kqRYTFTUhh91uR8NHwMK3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFELl9P6yfm33a6WdQ9SlLjjfN/e3MB8GA1UdIwQY
MBaAFENJZYTlzzm1aHTejcd6o6b/nooeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTBsbGhPWFBPYlZvZE42TngzcWpwdi1laWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mYmMzYTktMDU2NC00YTJjLWFiMTEt
ZTJjOTIyOGFhYzUzLzEvUXVYMF9ySi1iZmRycFoxRDFLVXVPTjgzOTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mYmMzYTktMDU2NC00YTJjLWFiMTEtZTJjOTIyOGFhYzUz
LzEvUTBsbGhPWFBPYlZvZE42TngzcWpwdi1laWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFqMA8E
AgACMAkDBwAgAQf4AMAwDQYJKoZIhvcNAQELBQADggEBAJaWYu1zmaa3hpcS4Vy1
4xdhnmnTDGfYDWMk+eAcNFurxLqSQkBcxLAwi6HrYiaWx+53S8YzsXaetfE2UkWp
4V6EjJ7mCSBr2KaUdSqFOh48LXysbIU7nU0v6nk7piG073uA8GKXWIQsCN9aoLTt
Nj7DAI6K1juEoioqAzDnZosnbPsWqgSHjgsiJNe4Vap9vmIQp1WmWWSYVrSHF48d
2AoGiebkNXKBKU9KdbBrRSghEtyGbvGNQcJ9CFCthMmLwS2ukR5OuPna9ECQgtH/
8DgHGbfZ04XgsGk536BQl/wjjarrBNNmEHUmgN2iMjyv+XdjXvHwa8ThxlLWYwoN
K7g=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:03:03 2024 by rpki-client on console-ams.rpki-client.org