Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/9ff8a1-3647-4134-b15f-e5dd6382a1c7/1/QuvCseDKSes56RnsBKqOrbB-2XA.roa
File: QuvCseDKSes56RnsBKqOrbB-2XA.roa (raw, json)
Hash identifier: V+y/5ZiDGM5YxR0628U2QXKqMe+u487VzQwj/tfBkDY=
Subject key identifier: 42:EB:C2:B1:E0:CA:49:EB:39:E9:19:EC:04:AA:8E:AD:B0:7E:D9:70
Certificate issuer: /CN=46078b2dc086ce5955e62db922f354b82d13cd5b
Certificate serial: 01856CF8753222581A163079508062908819
Authority key identifier: 46:07:8B:2D:C0:86:CE:59:55:E6:2D:B9:22:F3:54:B8:2D:13:CD:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RgeLLcCGzllV5i25IvNUuC0TzVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/9ff8a1-3647-4134-b15f-e5dd6382a1c7/1/QuvCseDKSes56RnsBKqOrbB-2XA.roa
Signing time: Sun 01 Jan 2023 10:55:00 +0000
ROA not before: Sun 01 Jan 2023 10:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60524
IP address blocks: 185.153.84.0/24 maxlen: 24
185.153.84.0/22 maxlen: 22
185.153.85.0/24 maxlen: 24
185.153.86.0/24 maxlen: 24
185.153.87.0/24 maxlen: 24
2a0a:6c00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:75:32:22:58:1a:16:30:79:50:80:62:90:88:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46078b2dc086ce5955e62db922f354b82d13cd5b
Validity
Not Before: Jan 1 10:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42ebc2b1e0ca49eb39e919ec04aa8eadb07ed970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b4:2d:73:58:de:8b:62:82:ab:62:1b:19:cb:
b1:65:06:be:54:5d:98:3b:01:72:07:66:e6:5a:6e:
91:04:d8:ba:0d:ae:f1:6a:44:18:87:ef:b5:3f:61:
f7:9c:a8:6c:f1:8a:fb:67:ed:05:fc:0f:90:2b:c9:
61:79:47:6c:02:d1:a0:6d:a2:f5:f6:c7:0a:9e:bc:
43:bd:3d:21:c6:16:f6:40:2e:db:fd:a2:9f:78:ce:
80:c5:be:6f:71:51:53:fe:19:69:d9:70:95:83:d9:
60:f6:dc:7d:9b:72:1f:94:a1:09:42:26:e6:fb:54:
07:53:70:d1:79:80:99:99:93:cf:48:29:d5:73:e4:
2a:55:7c:19:17:b2:90:97:50:c8:18:65:ea:4c:da:
00:29:ae:4c:96:1f:aa:6a:36:f0:f4:1a:9c:f7:17:
2d:ae:8d:f9:47:f7:d7:58:e3:ec:53:a6:09:38:c4:
31:b6:fe:40:e4:d5:9b:e0:10:2d:a2:c2:ce:35:de:
46:be:b3:54:06:d8:17:d3:00:d7:eb:e0:ac:81:dd:
bf:ad:fb:e8:00:3a:a8:8e:77:26:8d:c0:16:48:4e:
ea:8e:a7:ba:31:09:eb:f8:0c:f9:47:44:5b:2a:fd:
10:5a:6d:2b:1c:9a:d0:fe:98:8b:ac:19:b6:7b:90:
9a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:EB:C2:B1:E0:CA:49:EB:39:E9:19:EC:04:AA:8E:AD:B0:7E:D9:70
X509v3 Authority Key Identifier:
keyid:46:07:8B:2D:C0:86:CE:59:55:E6:2D:B9:22:F3:54:B8:2D:13:CD:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RgeLLcCGzllV5i25IvNUuC0TzVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9ff8a1-3647-4134-b15f-e5dd6382a1c7/1/QuvCseDKSes56RnsBKqOrbB-2XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9ff8a1-3647-4134-b15f-e5dd6382a1c7/1/RgeLLcCGzllV5i25IvNUuC0TzVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.84.0/22
IPv6:
2a0a:6c00::/29
Signature Algorithm: sha256WithRSAEncryption
56:11:8a:99:84:c6:82:62:76:fe:8f:14:a9:52:10:37:48:7c:
4d:d7:b1:7b:ae:31:88:d4:65:bc:05:8d:04:d4:d7:c1:d4:0f:
e6:10:37:46:82:31:e9:22:8a:f7:b2:a1:b8:ce:e7:c8:37:26:
15:8d:27:68:cb:49:6f:a1:3a:0f:52:52:d6:15:87:97:9e:3b:
cd:82:97:bb:24:94:73:ab:69:b7:ce:b1:e5:b3:2f:0e:f1:01:
f1:27:0f:a2:4e:c4:ea:e9:45:64:f2:b6:f9:51:41:16:ec:9e:
a6:49:66:ec:14:69:f5:55:06:5d:94:7d:35:7d:f7:39:4d:52:
12:3d:2d:6a:86:4e:cd:de:43:58:8e:b3:96:5f:b4:26:bb:20:
35:5c:72:94:20:ba:e4:74:76:f0:df:bb:b6:87:4a:5c:1b:f5:
dc:5b:f9:b4:cd:27:34:b7:e7:23:3a:22:b0:88:62:0a:a3:35:
ea:b0:35:50:9c:04:f3:e4:84:bb:68:89:be:60:c4:51:75:71:
21:0f:2a:f1:52:5e:04:b3:16:db:5a:2e:50:c0:19:4b:8f:8f:
d0:3d:15:56:5a:4d:54:b5:ce:85:66:b3:b0:3d:2c:04:b5:85:
75:d0:ff:2f:47:4c:1a:1c:db:ee:0e:61:85:f3:47:12:73:fc:
fb:ee:de:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+HUyIlgaFjB5UIBikIgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MDc4YjJkYzA4NmNlNTk1NWU2MmRiOTIyZjM1NGI4MmQx
M2NkNWIwHhcNMjMwMTAxMTA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmViYzJiMWUwY2E0OWViMzllOTE5ZWMwNGFhOGVhZGIwN2VkOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirQtc1jei2KCq2IbGcuxZQa+VF2Y
OwFyB2bmWm6RBNi6Da7xakQYh++1P2H3nKhs8Yr7Z+0F/A+QK8lheUdsAtGgbaL1
9scKnrxDvT0hxhb2QC7b/aKfeM6Axb5vcVFT/hlp2XCVg9lg9tx9m3IflKEJQibm
+1QHU3DReYCZmZPPSCnVc+QqVXwZF7KQl1DIGGXqTNoAKa5Mlh+qajbw9Bqc9xct
ro35R/fXWOPsU6YJOMQxtv5A5NWb4BAtosLONd5GvrNUBtgX0wDX6+Csgd2/rfvo
ADqojncmjcAWSE7qjqe6MQnr+Az5R0RbKv0QWm0rHJrQ/piLrBm2e5CatwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFELrwrHgyknrOekZ7ASqjq2wftlwMB8GA1UdIwQY
MBaAFEYHiy3Ahs5ZVeYtuSLzVLgtE81bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmdlTExjQ0d6bGxWNWkyNUl2TlV1QzBUelZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS85ZmY4YTEtMzY0Ny00MTM0LWIxNWYt
ZTVkZDYzODJhMWM3LzEvUXV2Q3NlREtTZXM1NlJuc0JLcU9yYkItMlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS85ZmY4YTEtMzY0Ny00MTM0LWIxNWYtZTVkZDYzODJhMWM3
LzEvUmdlTExjQ0d6bGxWNWkyNUl2TlV1QzBUelZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZlUMA0E
AgACMAcDBQMqCmwAMA0GCSqGSIb3DQEBCwUAA4IBAQBWEYqZhMaCYnb+jxSpUhA3
SHxN17F7rjGI1GW8BY0E1NfB1A/mEDdGgjHpIor3sqG4zufINyYVjSdoy0lvoToP
UlLWFYeXnjvNgpe7JJRzq2m3zrHlsy8O8QHxJw+iTsTq6UVk8rb5UUEW7J6mSWbs
FGn1VQZdlH01ffc5TVISPS1qhk7N3kNYjrOWX7QmuyA1XHKUILrkdHbw37u2h0pc
G/XcW/m0zSc0t+cjOiKwiGIKozXqsDVQnATz5IS7aIm+YMRRdXEhDyrxUl4Esxbb
Wi5QwBlLj4/QPRVWWk1Utc6FZrOwPSwEtYV10P8vR0waHNvuDmGF80cSc/z77t7D
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:30:53 2024 by rpki-client on console.sobornost.net