Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ql_7yJ-1nmKSzpT4KaJOzLWuuiA.roa
File: ql_7yJ-1nmKSzpT4KaJOzLWuuiA.roa (raw, json)
Hash identifier: Sr7AJ9rY8iAq4p1AFF9qDFhTCngGr1npUTIsrgCbo18=
Subject key identifier: AA:5F:FB:C8:9F:B5:9E:62:92:CE:94:F8:29:A2:4E:CC:B5:AE:BA:20
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01872E0F56139B6FD8B2CA55A0E34F14AD94
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ql_7yJ-1nmKSzpT4KaJOzLWuuiA.roa
Signing time: Wed 29 Mar 2023 15:49:29 +0000
ROA not before: Wed 29 Mar 2023 15:49:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
194.135.32.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
212.192.15.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 16:03:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2e:0f:56:13:9b:6f:d8:b2:ca:55:a0:e3:4f:14:ad:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 29 15:49:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa5ffbc89fb59e6292ce94f829a24eccb5aeba20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5c:c3:39:7d:e9:2d:fb:95:cf:76:52:75:5c:
1f:d0:d8:a9:92:10:f9:22:7c:64:a2:58:81:7a:de:
4c:bb:64:e6:14:35:40:97:c8:ac:9d:17:3b:ff:7d:
86:9a:de:6b:f5:43:4c:18:9d:ea:60:0a:43:5a:16:
b2:29:47:00:2d:0f:56:fa:a9:36:e6:90:a2:d5:2a:
bb:50:43:da:f6:d3:6e:b8:3a:7e:36:92:21:39:ee:
3a:da:7e:07:33:5e:63:d6:d0:d0:19:ab:df:ca:b4:
4a:44:3c:83:1f:08:c3:fa:24:00:90:70:b6:b0:7f:
14:5b:2e:f7:38:53:f8:ef:96:32:62:77:93:ec:bf:
66:09:24:11:fb:ec:4e:b1:9e:dc:4b:60:fd:0f:4b:
e9:1d:2d:24:b8:e0:fd:ac:c5:07:0d:f6:d0:80:eb:
a7:65:7e:dd:55:d1:9d:21:90:a9:f8:55:ac:c3:be:
94:f0:49:c2:ef:3d:76:ac:fe:2b:45:21:80:80:73:
fa:6d:ea:02:eb:56:99:31:4f:46:50:32:cb:df:55:
ce:ac:60:4e:bc:8e:f4:2e:62:11:a0:17:09:d5:d1:
17:67:9b:a4:a0:c9:fc:8a:ba:62:19:cf:40:d2:46:
91:df:64:5e:a5:b6:5f:a9:4d:9b:95:e7:c4:b9:66:
e2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5F:FB:C8:9F:B5:9E:62:92:CE:94:F8:29:A2:4E:CC:B5:AE:BA:20
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ql_7yJ-1nmKSzpT4KaJOzLWuuiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
194.87.118.0/23
194.135.32.0/24
195.133.26.0/23
195.133.59.0/24
212.192.15.0/24
Signature Algorithm: sha256WithRSAEncryption
42:87:c0:ae:63:ea:f8:48:06:ef:38:18:fa:cd:d3:2a:bf:88:
57:13:81:31:3b:16:da:e9:40:9f:45:11:e0:8d:2f:d1:37:8b:
d3:91:95:41:ab:ec:2d:73:8f:72:58:cf:b0:9d:df:92:cc:e4:
67:a9:18:6e:f1:50:be:f9:0d:f7:cd:cd:4d:e3:33:c8:57:5e:
ca:38:15:fd:2d:c0:f2:3b:b6:70:77:31:6b:3c:0e:5e:b3:8d:
c1:6f:20:e1:64:38:73:93:83:94:bb:e2:d0:f8:64:a6:b5:23:
5e:66:2f:e4:06:7f:92:48:b9:2c:f8:3b:b2:fa:fb:b4:cc:23:
45:40:bc:6f:65:56:78:b0:77:0e:d4:c6:42:08:95:0c:aa:c7:
80:91:5f:14:d0:37:b6:5c:6a:b8:c8:a5:ff:03:1e:a3:2a:af:
2d:70:bb:f9:4a:ee:1b:3e:66:38:61:e6:78:77:5f:d1:19:62:
d0:20:cb:45:30:c8:26:ce:1c:c0:9b:f5:c9:61:d5:a2:e0:69:
1b:80:93:f9:1d:9a:db:04:41:92:59:c2:51:12:63:e9:00:50:
fa:4f:37:db:3d:31:5c:5c:eb:d8:b7:c5:28:00:cd:e0:e6:e7:
81:9c:00:24:ca:11:93:01:38:fb:2f:d2:30:64:62:ba:c1:24:
9e:3b:2d:7b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYcuD1YTm2/YsspVoONPFK2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzI5MTU0OTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTVmZmJjODlmYjU5ZTYyOTJjZTk0ZjgyOWEyNGVjY2I1YWViYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1zDOX3pLfuVz3ZSdVwf0NipkhD5
InxkoliBet5Mu2TmFDVAl8isnRc7/32Gmt5r9UNMGJ3qYApDWhayKUcALQ9W+qk2
5pCi1Sq7UEPa9tNuuDp+NpIhOe462n4HM15j1tDQGavfyrRKRDyDHwjD+iQAkHC2
sH8UWy73OFP475YyYneT7L9mCSQR++xOsZ7cS2D9D0vpHS0kuOD9rMUHDfbQgOun
ZX7dVdGdIZCp+FWsw76U8EnC7z12rP4rRSGAgHP6beoC61aZMU9GUDLL31XOrGBO
vI70LmIRoBcJ1dEXZ5ukoMn8irpiGc9A0kaR32RepbZfqU2blefEuWbiJwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKpf+8iftZ5iks6U+CmiTsy1rrogMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcWxfN3lKLTFubUtTenBUNEthSk96TFd1dWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuUgKAwQB
wld2AwQAwocgAwQBw4UaAwQAw4U7AwQA1MAPMA0GCSqGSIb3DQEBCwUAA4IBAQBC
h8CuY+r4SAbvOBj6zdMqv4hXE4ExOxba6UCfRRHgjS/RN4vTkZVBq+wtc49yWM+w
nd+SzORnqRhu8VC++Q33zc1N4zPIV17KOBX9LcDyO7ZwdzFrPA5es43BbyDhZDhz
k4OUu+LQ+GSmtSNeZi/kBn+SSLks+Duy+vu0zCNFQLxvZVZ4sHcO1MZCCJUMqseA
kV8U0De2XGq4yKX/Ax6jKq8tcLv5Su4bPmY4YeZ4d1/RGWLQIMtFMMgmzhzAm/XJ
YdWi4GkbgJP5HZrbBEGSWcJREmPpAFD6TzfbPTFcXOvYt8UoAM3g5ueBnAAkyhGT
ATj7L9IwZGK6wSSeOy17
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org