Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/QbDQVDfp4L8STrKpYJ6I-8hWJT4.roa
File: QbDQVDfp4L8STrKpYJ6I-8hWJT4.roa (raw, json)
Hash identifier: HkaSzTUeDz24IrAQ61GaCUSrKcIB8S7Pyp4wtdFdQHU=
Subject key identifier: 41:B0:D0:54:37:E9:E0:BF:12:4E:B2:A9:60:9E:88:FB:C8:56:25:3E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01911319D229491D564840F8B90EED89BFFD
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/QbDQVDfp4L8STrKpYJ6I-8hWJT4.roa
Signing time: Fri 02 Aug 2024 12:39:04 +0000
ROA not before: Fri 02 Aug 2024 12:39:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 185.215.246.0/24 maxlen: 24
188.253.96.0/19 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 11 Oct 2024 13:45:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:19:d2:29:49:1d:56:48:40:f8:b9:0e:ed:89:bf:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 2 12:39:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41b0d05437e9e0bf124eb2a9609e88fbc856253e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:64:79:b9:0e:7b:d9:d5:5d:5c:87:81:06:c8:
50:cc:ba:0d:c6:47:19:d5:27:34:24:73:15:d0:06:
21:ab:9a:07:4c:68:71:ee:eb:ef:b2:3a:f6:b5:b0:
6e:54:c3:4f:aa:2c:ef:6b:65:f8:e9:96:c0:07:bd:
00:89:c5:d3:50:a7:24:89:04:9d:4a:77:95:70:80:
1d:be:81:f7:fd:d0:9a:ed:b7:27:13:50:7b:23:96:
a3:2e:f3:a4:f1:9d:b5:1f:2d:9a:e7:aa:ad:99:b2:
f5:8a:17:af:dd:b5:21:14:d6:09:8f:a6:d4:8f:2c:
df:1f:44:51:fb:50:79:ba:85:db:29:e3:bf:5b:ce:
76:28:05:3f:e6:5d:73:1b:cd:fa:39:f3:99:c1:84:
73:b0:29:3f:20:c5:80:b6:81:2a:f5:73:b8:37:f4:
7d:98:5c:02:c0:c8:63:85:29:f0:0a:a2:fe:0d:2d:
68:ad:ef:84:c3:18:41:b1:93:b3:9a:24:10:e7:aa:
2f:cd:59:26:f0:99:84:f3:40:b5:79:ee:2e:d7:07:
ee:7e:61:03:26:fd:18:44:85:81:c0:6f:48:17:ae:
2a:c9:9f:23:c4:2b:40:93:44:75:e4:86:8a:89:d6:
33:45:0b:44:b3:72:5e:11:cb:22:38:cc:c9:26:0f:
be:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B0:D0:54:37:E9:E0:BF:12:4E:B2:A9:60:9E:88:FB:C8:56:25:3E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/QbDQVDfp4L8STrKpYJ6I-8hWJT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.246.0/24
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
5a:4e:2e:f0:3a:e0:4d:32:23:97:43:12:ba:89:2e:98:16:af:
ff:cd:58:06:71:ea:44:37:4f:ff:ca:e0:01:94:e5:15:e1:d0:
a9:bb:68:30:b1:72:06:dc:b6:cf:87:5d:d1:3f:50:86:d4:a5:
0d:c0:01:e8:85:92:d3:d9:78:e8:01:bd:e9:aa:38:10:82:d6:
08:01:09:bb:42:a8:eb:9a:c9:b7:89:da:aa:78:60:ef:cc:06:
53:0e:a3:df:19:34:4c:18:a6:7b:a0:1b:b7:bc:07:c5:3f:e4:
29:1f:e0:6e:af:d7:2f:27:28:44:15:4f:69:96:54:d4:29:ed:
64:3f:5b:88:28:bf:9a:18:97:3a:80:61:51:ba:80:d5:66:9e:
3a:19:05:6b:fb:4b:50:6e:ec:3b:c7:05:9d:b3:0a:a9:fe:dd:
6b:a7:bb:8b:cb:76:74:60:b6:9c:2a:18:33:1f:7d:82:75:94:
fc:06:92:cb:06:b8:e6:11:98:2e:4f:e7:6d:aa:45:fc:a3:5c:
20:3d:e9:db:83:ff:96:5f:d3:53:eb:30:de:22:d6:ef:c9:8c:
ef:4c:09:91:a2:be:85:2f:82:3e:a3:5f:10:1c:e0:2d:81:5b:
ad:fe:53:d7:b2:a6:6a:0b:0a:68:ab:cd:86:0c:db:61:ff:8a:
2b:37:e5:08
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZETGdIpSR1WSED4uQ7tib/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwODAyMTIzOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWIwZDA1NDM3ZTllMGJmMTI0ZWIyYTk2MDllODhmYmM4NTYyNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGR5uQ572dVdXIeBBshQzLoNxkcZ
1Sc0JHMV0AYhq5oHTGhx7uvvsjr2tbBuVMNPqizva2X46ZbAB70AicXTUKckiQSd
SneVcIAdvoH3/dCa7bcnE1B7I5ajLvOk8Z21Hy2a56qtmbL1ihev3bUhFNYJj6bU
jyzfH0RR+1B5uoXbKeO/W852KAU/5l1zG836OfOZwYRzsCk/IMWAtoEq9XO4N/R9
mFwCwMhjhSnwCqL+DS1ore+EwxhBsZOzmiQQ56ovzVkm8JmE80C1ee4u1wfufmED
Jv0YRIWBwG9IF64qyZ8jxCtAk0R15IaKidYzRQtEs3JeEcsiOMzJJg++CQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEGw0FQ36eC/Ek6yqWCeiPvIViU+MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvUWJEUVZEZnA0TDhTVHJLcFlKNkktOGhXSlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAudf2AwQF
vP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IBAQBaTi7wOuBNMiOX
QxK6iS6YFq//zVgGcepEN0//yuABlOUV4dCpu2gwsXIG3LbPh13RP1CG1KUNwAHo
hZLT2XjoAb3pqjgQgtYIAQm7Qqjrmsm3idqqeGDvzAZTDqPfGTRMGKZ7oBu3vAfF
P+QpH+Bur9cvJyhEFU9pllTUKe1kP1uIKL+aGJc6gGFRuoDVZp46GQVr+0tQbuw7
xwWdswqp/t1rp7uLy3Z0YLacKhgzH32CdZT8BpLLBrjmEZguT+dtqkX8o1wgPenb
g/+WX9NT6zDeItbvyYzvTAmRor6FL4I+o18QHOAtgVut/lPXsqZqCwpoq82GDNth
/4orN+UI
-----END CERTIFICATE-----
Generated at Fri Oct 11 17:24:45 2024 by rpki-client on console-fra.rpki-client.org