Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/ffc3c6-f64f-4090-8292-e95e2d3d23e0/1/QbyO5iZOrmms4wPE5N2fDc7xflw.roa
File: QbyO5iZOrmms4wPE5N2fDc7xflw.roa (raw, json)
Hash identifier: hSnPivsgXEozsHVpzQP0One9iUCleSMUCUtOovVWdks=
Subject key identifier: 41:BC:8E:E6:26:4E:AE:69:AC:E3:03:C4:E4:DD:9F:0D:CE:F1:7E:5C
Certificate issuer: /CN=6d939eb74abbcd2227c2192aa2a37e6dcb898e53
Certificate serial: 01856D5D168814D6CC3B0E678002F8E3E83B
Authority key identifier: 6D:93:9E:B7:4A:BB:CD:22:27:C2:19:2A:A2:A3:7E:6D:CB:89:8E:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bZOet0q7zSInwhkqoqN-bcuJjlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/ffc3c6-f64f-4090-8292-e95e2d3d23e0/1/QbyO5iZOrmms4wPE5N2fDc7xflw.roa
Signing time: Sun 01 Jan 2023 12:44:55 +0000
ROA not before: Sun 01 Jan 2023 12:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200428
IP address blocks: 185.107.188.0/22 maxlen: 22
2a06:4540::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:16:88:14:d6:cc:3b:0e:67:80:02:f8:e3:e8:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d939eb74abbcd2227c2192aa2a37e6dcb898e53
Validity
Not Before: Jan 1 12:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41bc8ee6264eae69ace303c4e4dd9f0dcef17e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b8:23:7a:3a:ad:00:ec:e9:48:9c:2e:fe:85:
5f:91:33:72:e5:13:e0:f8:ee:4f:ad:4d:cf:c0:67:
cc:33:9b:65:f3:6f:65:7d:18:30:f7:04:b4:89:27:
45:ac:34:0f:02:b2:1e:27:83:65:28:06:a3:d4:6c:
23:e8:ae:cd:e6:ac:6c:5d:0b:e4:b5:83:14:18:dd:
ad:79:0c:e8:2f:88:ac:1c:fd:79:a5:43:5f:56:71:
6e:03:6c:20:ef:87:f6:8b:90:1a:aa:ff:29:8b:ed:
2f:14:b6:3a:80:85:dc:2d:b1:b8:0b:f9:4b:a8:4d:
a6:be:39:d8:99:90:92:37:e5:f0:7d:31:d8:c0:22:
f2:35:8a:5e:4f:4d:6a:69:83:ea:80:7c:88:96:9e:
74:c3:a2:4b:c0:db:73:51:37:70:6d:46:bf:44:07:
72:a6:97:bc:fc:91:bf:d4:b1:99:ae:5b:d4:fb:13:
70:0a:1b:c9:68:dc:bd:7a:c9:8e:ad:dd:9a:39:ff:
36:82:d2:d5:f7:98:b5:47:09:51:78:70:53:70:b8:
80:eb:2b:43:35:28:7b:38:92:94:0e:b9:84:f7:f8:
85:30:70:ca:48:d5:46:cb:8c:7e:72:13:5d:40:4b:
98:3f:a0:47:21:93:1d:63:a6:db:64:72:d7:0d:a7:
62:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BC:8E:E6:26:4E:AE:69:AC:E3:03:C4:E4:DD:9F:0D:CE:F1:7E:5C
X509v3 Authority Key Identifier:
keyid:6D:93:9E:B7:4A:BB:CD:22:27:C2:19:2A:A2:A3:7E:6D:CB:89:8E:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bZOet0q7zSInwhkqoqN-bcuJjlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ffc3c6-f64f-4090-8292-e95e2d3d23e0/1/QbyO5iZOrmms4wPE5N2fDc7xflw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/ffc3c6-f64f-4090-8292-e95e2d3d23e0/1/bZOet0q7zSInwhkqoqN-bcuJjlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.188.0/22
IPv6:
2a06:4540::/29
Signature Algorithm: sha256WithRSAEncryption
85:ce:f9:68:db:23:5d:54:c0:80:89:46:a2:16:e2:1c:8a:2e:
91:43:80:44:aa:ed:a5:75:b9:3f:dc:10:32:40:82:8d:1d:49:
f7:d0:71:04:4b:0f:af:0f:11:83:87:e3:7f:a4:70:83:f8:b8:
01:ad:88:f4:53:62:86:8b:0f:aa:25:fe:25:f8:fd:cf:b5:47:
21:7e:6f:fd:24:b5:86:b6:dc:d1:a9:4a:e8:5e:7a:26:20:f1:
51:29:d0:4d:c6:f6:de:7c:77:80:d5:17:31:b8:0a:09:99:b4:
b7:d2:67:d9:5f:c8:d3:86:f1:0d:56:6c:08:10:f1:fa:4c:89:
7f:c8:fc:7b:1b:0a:86:0d:b5:a1:92:5c:5b:93:a2:fa:e5:8f:
1d:b6:ef:9c:8e:5e:86:49:92:a6:d7:6a:ce:e6:03:dc:27:35:
52:61:e2:4f:dc:ea:d6:b0:cd:63:fe:d8:fd:41:e3:f1:e6:4d:
00:99:d0:7b:70:b6:61:55:9b:87:94:14:f5:cd:2c:56:20:fd:
69:0a:41:e4:07:19:ea:59:61:86:39:e3:e0:b8:22:ae:df:d7:
b1:74:6e:dc:a9:41:e4:62:63:a0:3a:03:1b:fa:47:04:89:ca:
27:ec:fc:4c:0d:ca:a3:b9:81:63:ed:ff:7e:ec:79:a9:7f:45:
eb:02:02:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtXRaIFNbMOw5ngAL44+g7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkOTM5ZWI3NGFiYmNkMjIyN2MyMTkyYWEyYTM3ZTZkY2I4
OThlNTMwHhcNMjMwMTAxMTI0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJjOGVlNjI2NGVhZTY5YWNlMzAzYzRlNGRkOWYwZGNlZjE3ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbgjejqtAOzpSJwu/oVfkTNy5RPg
+O5PrU3PwGfMM5tl829lfRgw9wS0iSdFrDQPArIeJ4NlKAaj1Gwj6K7N5qxsXQvk
tYMUGN2teQzoL4isHP15pUNfVnFuA2wg74f2i5Aaqv8pi+0vFLY6gIXcLbG4C/lL
qE2mvjnYmZCSN+XwfTHYwCLyNYpeT01qaYPqgHyIlp50w6JLwNtzUTdwbUa/RAdy
ppe8/JG/1LGZrlvU+xNwChvJaNy9esmOrd2aOf82gtLV95i1RwlReHBTcLiA6ytD
NSh7OJKUDrmE9/iFMHDKSNVGy4x+chNdQEuYP6BHIZMdY6bbZHLXDadiRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEG8juYmTq5prOMDxOTdnw3O8X5cMB8GA1UdIwQY
MBaAFG2TnrdKu80iJ8IZKqKjfm3LiY5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlpPZXQwcTd6U0lud2hrcW9xTi1iY3VKamxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mZmMzYzYtZjY0Zi00MDkwLTgyOTIt
ZTk1ZTJkM2QyM2UwLzEvUWJ5TzVpWk9ybW1zNHdQRTVOMmZEYzd4Zmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mZmMzYzYtZjY0Zi00MDkwLTgyOTItZTk1ZTJkM2QyM2Uw
LzEvYlpPZXQwcTd6U0lud2hrcW9xTi1iY3VKamxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWu8MA0E
AgACMAcDBQMqBkVAMA0GCSqGSIb3DQEBCwUAA4IBAQCFzvlo2yNdVMCAiUaiFuIc
ii6RQ4BEqu2ldbk/3BAyQIKNHUn30HEESw+vDxGDh+N/pHCD+LgBrYj0U2KGiw+q
Jf4l+P3PtUchfm/9JLWGttzRqUroXnomIPFRKdBNxvbefHeA1RcxuAoJmbS30mfZ
X8jThvENVmwIEPH6TIl/yPx7GwqGDbWhklxbk6L65Y8dtu+cjl6GSZKm12rO5gPc
JzVSYeJP3OrWsM1j/tj9QePx5k0AmdB7cLZhVZuHlBT1zSxWIP1pCkHkBxnqWWGG
OePguCKu39exdG7cqUHkYmOgOgMb+kcEicon7PxMDcqjuYFj7f9+7Hmpf0XrAgJn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:31 2024 by rpki-client on console-ams.rpki-client.org