Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/qhu5i914tyyrI2UY_7sKVCh0bs4.roa
File: qhu5i914tyyrI2UY_7sKVCh0bs4.roa (raw, json)
Hash identifier: RMJ4PZIamI8flHEz2dqL2xmnXzQ9MBrDSdVgSKEE5+w=
Subject key identifier: AA:1B:B9:8B:DD:78:B7:2C:AB:23:65:18:FF:BB:0A:54:28:74:6E:CE
Certificate issuer: /CN=612aef4c7bfe7e072f62d2dd505ab57e37ea385e
Certificate serial: 018570672C9EBE4BE871D81048963BCD569C
Authority key identifier: 61:2A:EF:4C:7B:FE:7E:07:2F:62:D2:DD:50:5A:B5:7E:37:EA:38:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YSrvTHv-fgcvYtLdUFq1fjfqOF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/qhu5i914tyyrI2UY_7sKVCh0bs4.roa
Signing time: Mon 02 Jan 2023 02:54:47 +0000
ROA not before: Mon 02 Jan 2023 02:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59494
IP address blocks: 185.145.140.0/22 maxlen: 22
185.145.140.0/23 maxlen: 23
185.145.142.0/23 maxlen: 23
193.187.80.0/23 maxlen: 23
2a07:4480::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:2c:9e:be:4b:e8:71:d8:10:48:96:3b:cd:56:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=612aef4c7bfe7e072f62d2dd505ab57e37ea385e
Validity
Not Before: Jan 2 02:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1bb98bdd78b72cab236518ffbb0a5428746ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1c:a8:96:91:27:c9:28:3a:94:58:42:22:3c:
62:eb:d6:22:27:56:06:bd:3a:e8:02:28:d3:5a:04:
c6:ae:66:1a:ec:04:e8:f0:e6:a8:e2:b1:a2:5f:36:
7b:3c:b2:6d:46:a3:da:f0:24:e5:1d:9c:a0:44:6e:
9d:ff:0f:e9:cc:d0:8c:7b:af:7c:44:30:b7:19:b2:
e3:a8:dd:19:a1:95:52:8f:6e:b1:d7:12:0c:25:e8:
ca:20:df:ee:65:b1:a0:e8:7e:d5:30:8a:ad:e4:56:
a2:90:99:1f:d8:a8:25:74:4c:43:26:4c:da:8b:f4:
c9:6f:50:47:af:0e:89:5b:69:bf:44:2a:10:fa:27:
eb:18:74:68:6b:c7:5d:62:5f:e5:5e:cc:21:8a:d8:
e0:b2:3a:27:a6:41:61:ea:53:80:01:42:f4:9f:a6:
49:94:8f:5e:f4:72:dd:51:43:54:0f:38:43:a9:38:
9f:f2:0e:ee:e7:06:66:6d:ea:40:f5:3d:b3:3c:ab:
79:ae:58:6a:09:83:12:7b:4c:01:b3:f1:7d:d8:73:
f9:ca:43:a3:91:06:54:23:19:3d:06:2f:85:77:d0:
40:13:7a:8f:5c:37:3c:5c:e7:0a:ee:3d:5c:4b:18:
30:52:a6:d2:8d:52:e6:d7:df:09:6a:b9:05:63:b8:
36:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1B:B9:8B:DD:78:B7:2C:AB:23:65:18:FF:BB:0A:54:28:74:6E:CE
X509v3 Authority Key Identifier:
keyid:61:2A:EF:4C:7B:FE:7E:07:2F:62:D2:DD:50:5A:B5:7E:37:EA:38:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YSrvTHv-fgcvYtLdUFq1fjfqOF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/qhu5i914tyyrI2UY_7sKVCh0bs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7207a9-27f4-44ec-bf78-a207c7a19ed2/1/YSrvTHv-fgcvYtLdUFq1fjfqOF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.140.0/22
193.187.80.0/23
IPv6:
2a07:4480::/32
Signature Algorithm: sha256WithRSAEncryption
30:05:66:4a:7f:b0:50:39:18:af:bc:00:45:88:b9:79:95:7f:
a3:23:f9:32:fa:17:35:79:e3:9d:bd:9e:c4:aa:b1:fc:4e:b2:
d5:6b:71:39:0f:a2:24:78:d4:55:41:e8:1e:81:0f:f0:6f:c5:
42:3d:53:f8:4a:14:0f:a4:68:24:f5:77:ca:16:da:6d:4b:a9:
ec:e6:90:8c:3b:4f:34:37:ce:71:a9:24:04:92:bf:9e:be:04:
78:62:26:c0:86:c1:6e:bd:a9:51:67:0b:54:b4:e8:d7:9e:7a:
e9:b6:ef:89:00:9f:7c:96:7f:5a:0a:27:ac:59:73:8b:ec:f8:
2c:e1:b2:a8:de:71:be:cc:49:cd:74:68:2b:8e:f2:f2:5f:99:
a8:62:4e:5b:fa:29:44:81:21:f5:3e:14:ec:4b:19:7e:bb:a5:
c2:6c:03:8c:bf:c3:28:22:2d:37:2f:ed:79:5d:fe:90:f3:79:
a5:78:9b:b0:2a:6f:89:8f:25:0c:08:e7:60:88:ac:1a:48:ad:
03:56:7a:5f:e5:20:24:eb:60:12:6b:d1:da:89:b4:f1:a4:21:
e1:7e:f3:d7:e0:29:5b:12:4c:0b:83:05:00:b2:a7:81:37:b2:
d5:ad:cb:d5:3e:ae:80:e2:e1:2f:4d:8d:27:e2:4b:52:67:8d:
a0:c2:fa:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwZyyevkvocdgQSJY7zVacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMmFlZjRjN2JmZTdlMDcyZjYyZDJkZDUwNWFiNTdlMzdl
YTM4NWUwHhcNMjMwMTAyMDI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFiYjk4YmRkNzhiNzJjYWIyMzY1MThmZmJiMGE1NDI4NzQ2ZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgByolpEnySg6lFhCIjxi69YiJ1YG
vTroAijTWgTGrmYa7ATo8Oao4rGiXzZ7PLJtRqPa8CTlHZygRG6d/w/pzNCMe698
RDC3GbLjqN0ZoZVSj26x1xIMJejKIN/uZbGg6H7VMIqt5FaikJkf2KgldExDJkza
i/TJb1BHrw6JW2m/RCoQ+ifrGHRoa8ddYl/lXswhitjgsjonpkFh6lOAAUL0n6ZJ
lI9e9HLdUUNUDzhDqTif8g7u5wZmbepA9T2zPKt5rlhqCYMSe0wBs/F92HP5ykOj
kQZUIxk9Bi+Fd9BAE3qPXDc8XOcK7j1cSxgwUqbSjVLm198JarkFY7g2iQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKobuYvdeLcsqyNlGP+7ClQodG7OMB8GA1UdIwQY
MBaAFGEq70x7/n4HL2LS3VBatX436jheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVNydlRIdi1mZ2N2WXRMZFVGcTFmamZxT0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC83MjA3YTktMjdmNC00NGVjLWJmNzgt
YTIwN2M3YTE5ZWQyLzEvcWh1NWk5MTR0eXlySTJVWV83c0tWQ2gwYnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC83MjA3YTktMjdmNC00NGVjLWJmNzgtYTIwN2M3YTE5ZWQy
LzEvWVNydlRIdi1mZ2N2WXRMZFVGcTFmamZxT0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZGMAwQB
wbtQMA0EAgACMAcDBQAqB0SAMA0GCSqGSIb3DQEBCwUAA4IBAQAwBWZKf7BQORiv
vABFiLl5lX+jI/ky+hc1eeOdvZ7EqrH8TrLVa3E5D6IkeNRVQegegQ/wb8VCPVP4
ShQPpGgk9XfKFtptS6ns5pCMO080N85xqSQEkr+evgR4YibAhsFuvalRZwtUtOjX
nnrptu+JAJ98ln9aCiesWXOL7Pgs4bKo3nG+zEnNdGgrjvLyX5moYk5b+ilEgSH1
PhTsSxl+u6XCbAOMv8MoIi03L+15Xf6Q83mleJuwKm+JjyUMCOdgiKwaSK0DVnpf
5SAk62ASa9HaibTxpCHhfvPX4ClbEkwLgwUAsqeBN7LVrcvVPq6A4uEvTY0n4ktS
Z42gwvpn
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:09:30 2024 by rpki-client on console.sobornost.net