Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/Qhms8coyDuD9NVk1TB1BNvzeD2s.roa
File: Qhms8coyDuD9NVk1TB1BNvzeD2s.roa (raw, json)
Hash identifier: wBycfSOwi5yGIbIBBZksT/10wxTtCUvmf2ZRMPiu5Oo=
Subject key identifier: 42:19:AC:F1:CA:32:0E:E0:FD:35:59:35:4C:1D:41:36:FC:DE:0F:6B
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 01856DE6493F8927BFE1C42A2613862BCC41
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/Qhms8coyDuD9NVk1TB1BNvzeD2s.roa
Signing time: Sun 01 Jan 2023 15:14:46 +0000
ROA not before: Sun 01 Jan 2023 15:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211106
IP address blocks: 85.88.58.0/24 maxlen: 24
85.88.63.0/24 maxlen: 24
85.88.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:49:3f:89:27:bf:e1:c4:2a:26:13:86:2b:cc:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 1 15:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4219acf1ca320ee0fd3559354c1d4136fcde0f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c7:7b:d9:2e:64:8c:e6:d6:dc:ed:a1:ac:cf:
f9:69:26:73:c2:df:75:1f:01:82:34:8f:4b:74:aa:
b5:84:e8:a1:60:b8:59:17:9a:24:f9:f3:4c:80:3c:
27:c0:14:22:bf:c3:1a:14:88:91:f6:f3:6d:24:c7:
e7:22:1d:77:7f:b0:84:6e:9f:e3:55:dd:39:21:99:
89:63:22:d3:8b:9b:eb:7f:a0:0b:8b:f2:9e:83:7e:
94:74:97:f5:c2:48:22:ab:11:7f:d1:46:00:b2:0c:
44:de:1a:20:d8:67:f5:8e:38:e3:8d:42:9d:50:c2:
94:8b:65:38:c9:d0:df:e0:18:7a:32:68:82:c8:ab:
14:4c:df:06:ed:da:be:ff:aa:18:05:d0:1d:b6:47:
bf:b9:a1:2c:47:56:35:87:3f:45:a6:0b:45:87:45:
69:94:a0:74:cf:ee:de:6f:23:c6:e3:33:41:7e:67:
c0:9a:86:c1:8f:b3:ac:23:5c:05:44:1c:5c:20:80:
18:eb:cd:16:5c:9c:ab:6f:aa:19:2e:ac:36:dc:16:
b7:69:20:aa:fc:85:c5:d7:6a:08:f5:3b:46:bc:b6:
e6:1a:f7:17:6b:f6:f2:e1:3e:45:a6:3d:95:2e:be:
f7:70:a4:c5:27:44:e3:d1:b5:bc:1e:a8:ca:f6:e9:
ea:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:19:AC:F1:CA:32:0E:E0:FD:35:59:35:4C:1D:41:36:FC:DE:0F:6B
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/Qhms8coyDuD9NVk1TB1BNvzeD2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.88.58.0/23
85.88.63.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:15:3c:db:ee:8a:f6:ad:e0:5e:7b:1a:56:d3:a3:ed:ec:76:
93:46:8d:92:e4:a0:6e:00:52:c4:c0:9e:37:d3:8b:f8:2f:52:
c5:0b:f5:81:9d:fb:b9:4c:96:2d:42:2f:02:7e:b4:66:a8:d3:
ac:33:ca:39:14:12:a8:90:92:31:d2:23:5e:d5:87:d3:28:e0:
2e:69:94:eb:54:2e:6a:17:81:43:cb:04:3a:4b:f4:4f:40:a0:
ce:1d:9c:09:b0:a1:48:b4:a1:08:95:cf:75:21:5d:b6:16:b9:
d6:73:7f:8f:f0:86:46:59:1a:a1:34:1f:29:a9:2a:ef:0f:6d:
45:1d:18:2d:b8:40:4b:8b:9b:18:34:b6:4d:d8:9f:fb:89:3d:
a2:46:df:22:e9:cd:5a:12:50:46:30:d2:dd:b7:8f:64:7c:c4:
db:0f:7f:57:20:ad:85:8a:12:7f:02:16:f2:f4:e0:74:e1:34:
bb:c6:67:9a:65:b3:82:0f:8c:96:11:99:8a:be:44:c4:51:ab:
b1:ff:b8:67:51:6f:c9:90:63:d6:75:fb:1d:f9:04:fb:e3:9b:
bd:a6:3f:a1:e2:49:6f:53:c3:22:d4:a0:9b:0b:95:f2:a0:53:
f9:02:56:22:de:bd:ea:22:e8:22:c3:1b:8c:83:58:b3:35:66:
94:3a:14:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt5kk/iSe/4cQqJhOGK8xBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjMwMTAxMTUxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE5YWNmMWNhMzIwZWUwZmQzNTU5MzU0YzFkNDEzNmZjZGUwZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMd72S5kjObW3O2hrM/5aSZzwt91
HwGCNI9LdKq1hOihYLhZF5ok+fNMgDwnwBQiv8MaFIiR9vNtJMfnIh13f7CEbp/j
Vd05IZmJYyLTi5vrf6ALi/Keg36UdJf1wkgiqxF/0UYAsgxE3hog2Gf1jjjjjUKd
UMKUi2U4ydDf4Bh6MmiCyKsUTN8G7dq+/6oYBdAdtke/uaEsR1Y1hz9FpgtFh0Vp
lKB0z+7ebyPG4zNBfmfAmobBj7OsI1wFRBxcIIAY680WXJyrb6oZLqw23Ba3aSCq
/IXF12oI9TtGvLbmGvcXa/by4T5Fpj2VLr73cKTFJ0Tj0bW8HqjK9unqEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEIZrPHKMg7g/TVZNUwdQTb83g9rMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvUWhtczhjb3lEdUQ5TlZrMVRCMUJOdnplRDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVVg6AwQA
VVg/MA0GCSqGSIb3DQEBCwUAA4IBAQBtFTzb7or2reBeexpW06Pt7HaTRo2S5KBu
AFLEwJ4304v4L1LFC/WBnfu5TJYtQi8CfrRmqNOsM8o5FBKokJIx0iNe1YfTKOAu
aZTrVC5qF4FDywQ6S/RPQKDOHZwJsKFItKEIlc91IV22FrnWc3+P8IZGWRqhNB8p
qSrvD21FHRgtuEBLi5sYNLZN2J/7iT2iRt8i6c1aElBGMNLdt49kfMTbD39XIK2F
ihJ/Ahby9OB04TS7xmeaZbOCD4yWEZmKvkTEUaux/7hnUW/JkGPWdfsd+QT745u9
pj+h4klvU8Mi1KCbC5XyoFP5AlYi3r3qIugiwxuMg1izNWaUOhTv
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:00:58 2024 by rpki-client on console.sobornost.net