Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QY2k-ISkzzjSS4IYw1Or1DxE08I.roa
File: QY2k-ISkzzjSS4IYw1Or1DxE08I.roa (raw, json)
Hash identifier: 7whGbwMBOShJxV3KJgmC6mK6qVBIEgT0DJk7penQJ0s=
Subject key identifier: 41:8D:A4:F8:84:A4:CF:38:D2:4B:82:18:C3:53:AB:D4:3C:44:D3:C2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CF2F1DA8A5E6B0C6481EE03015B1B0E3C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QY2k-ISkzzjSS4IYw1Or1DxE08I.roa
Signing time: Wed 10 Jan 2024 10:36:25 +0000
ROA not before: Wed 10 Jan 2024 10:36:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 92.249.48.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 12:28:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:f1:da:8a:5e:6b:0c:64:81:ee:03:01:5b:1b:0e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 10 10:36:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=418da4f884a4cf38d24b8218c353abd43c44d3c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:51:c0:4b:d9:56:c4:0b:87:69:ad:9c:01:e3:
05:d0:69:b6:f0:85:2c:87:08:02:c2:8c:3b:78:8f:
c2:f3:3f:85:d2:75:65:77:8e:70:1f:58:30:8d:b1:
b8:53:7a:bb:58:8a:8a:79:4f:68:b1:ea:d5:8e:1a:
7a:dd:5d:7e:77:33:71:d7:2f:fa:57:57:03:01:fc:
c3:aa:c4:38:cb:68:30:01:03:d4:dd:18:9c:6e:86:
27:68:54:e3:b8:78:f8:ab:f3:0e:b6:2a:43:98:0e:
3e:97:38:8c:01:84:b8:b8:80:55:2a:e0:fe:51:e3:
2a:32:9a:ad:87:d4:9f:e8:aa:76:12:0c:0c:a1:5d:
5a:fc:a1:ac:b4:0a:2b:f9:86:8b:98:02:00:f3:e8:
34:92:8d:d3:6e:7c:cc:39:ee:4b:11:73:bd:9a:f3:
33:e5:15:e6:44:b3:7d:6d:63:bd:8d:47:84:3b:1e:
4b:7d:a5:9c:91:5c:fe:26:66:f7:1c:2f:ad:34:c1:
dd:79:fa:c3:3e:d5:d8:41:f3:61:81:be:b0:47:20:
f4:40:06:08:05:68:fb:28:ba:b4:c2:0d:19:9f:90:
de:dd:55:2a:ba:f5:0f:5d:b2:09:f8:4f:f5:29:08:
14:36:4d:d6:66:cb:15:d7:cd:1a:7f:31:fe:6d:29:
e5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:8D:A4:F8:84:A4:CF:38:D2:4B:82:18:C3:53:AB:D4:3C:44:D3:C2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QY2k-ISkzzjSS4IYw1Or1DxE08I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.230.0/24
92.249.48.0/24
193.37.41.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:4e:e4:64:d5:67:f9:28:92:2b:07:0d:25:f8:55:d9:d3:9e:
60:40:a4:0c:dc:ca:0e:db:6f:63:d8:dd:ac:d5:d9:4e:75:cb:
ee:72:3f:1b:d6:85:cb:1c:3a:37:00:1e:1a:fe:32:b3:16:b5:
d5:33:20:94:d1:5f:39:5d:4e:48:4a:cf:45:06:46:da:65:52:
06:38:c2:8c:2e:af:64:f5:4d:9f:98:15:a2:06:20:d3:76:f6:
0b:49:de:38:e5:87:0b:22:93:04:ad:f0:ba:04:44:d6:03:a4:
89:77:33:44:71:61:b7:8f:1f:d6:a8:e4:44:a9:04:c6:15:20:
1d:5e:c8:00:e1:fe:76:50:d3:2c:e3:a3:ea:af:9d:a5:4d:15:
57:51:e2:56:d7:e4:91:b4:1e:c9:69:f9:c9:6c:d0:06:3b:ac:
9f:f7:e1:ee:aa:30:c8:e0:c4:06:26:49:b6:2e:51:82:ee:f6:
c0:40:65:9a:d5:fa:cc:3c:6e:c4:b6:00:59:7a:aa:88:d7:26:
14:ea:32:24:cb:8b:c3:19:02:20:49:7e:c7:f2:1a:c4:d9:c1:
8d:9b:f2:ef:d6:7e:36:03:09:8b:6e:ad:fe:7b:2a:06:de:35:
cf:6a:30:99:42:4d:12:9f:43:70:bb:bc:52:9b:be:f4:be:da:
60:89:5c:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzy8dqKXmsMZIHuAwFbGw48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTEwMTAzNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MThkYTRmODg0YTRjZjM4ZDI0YjgyMThjMzUzYWJkNDNjNDRkM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8lHAS9lWxAuHaa2cAeMF0Gm28IUs
hwgCwow7eI/C8z+F0nVld45wH1gwjbG4U3q7WIqKeU9oserVjhp63V1+dzNx1y/6
V1cDAfzDqsQ4y2gwAQPU3RicboYnaFTjuHj4q/MOtipDmA4+lziMAYS4uIBVKuD+
UeMqMpqth9Sf6Kp2EgwMoV1a/KGstAor+YaLmAIA8+g0ko3TbnzMOe5LEXO9mvMz
5RXmRLN9bWO9jUeEOx5LfaWckVz+Jmb3HC+tNMHdefrDPtXYQfNhgb6wRyD0QAYI
BWj7KLq0wg0Zn5De3VUquvUPXbIJ+E/1KQgUNk3WZssV180afzH+bSnl+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEGNpPiEpM840kuCGMNTq9Q8RNPCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUVkyay1JU2t6empTUzRJWXcxT3IxRHhFMDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALULmAwQA
XPkwAwQAwSUpMA0GCSqGSIb3DQEBCwUAA4IBAQCjTuRk1Wf5KJIrBw0l+FXZ055g
QKQM3MoO229j2N2s1dlOdcvucj8b1oXLHDo3AB4a/jKzFrXVMyCU0V85XU5ISs9F
BkbaZVIGOMKMLq9k9U2fmBWiBiDTdvYLSd445YcLIpMErfC6BETWA6SJdzNEcWG3
jx/WqOREqQTGFSAdXsgA4f52UNMs46Pqr52lTRVXUeJW1+SRtB7JafnJbNAGO6yf
9+HuqjDI4MQGJkm2LlGC7vbAQGWa1frMPG7EtgBZeqqI1yYU6jIky4vDGQIgSX7H
8hrE2cGNm/Lv1n42AwmLbq3+eyoG3jXPajCZQk0Sn0Nwu7xSm770vtpgiVx+
-----END CERTIFICATE-----
Generated at Mon Jan 22 16:40:13 2024 by rpki-client on console-ams.rpki-client.org