Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qld8qsvkTGTzw_KsvXVPwa7nNQA.roa
File: Qld8qsvkTGTzw_KsvXVPwa7nNQA.roa (raw, json)
Hash identifier: GaMCPfkoKbQJp3AEUSSlVmx7AYlwf/3gK3kxlaKFfug=
Subject key identifier: 42:57:7C:AA:CB:E4:4C:64:F3:C3:F2:AC:BD:75:4F:C1:AE:E7:35:00
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193324B851B506CEA188F68FB9B27B2B0E5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qld8qsvkTGTzw_KsvXVPwa7nNQA.roa
Signing time: Sat 16 Nov 2024 00:07:10 +0000
ROA not before: Sat 16 Nov 2024 00:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.253.64.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
93.123.80.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Nov 2024 20:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:32:4b:85:1b:50:6c:ea:18:8f:68:fb:9b:27:b2:b0:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 16 00:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42577caacbe44c64f3c3f2acbd754fc1aee73500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:35:25:a6:32:53:e8:72:a8:c3:a7:15:b0:e5:
80:4f:38:64:70:1a:40:7f:0f:d1:c9:1b:71:ee:d5:
34:d0:8c:61:17:97:87:0b:a9:c1:f8:81:27:48:05:
2a:bd:85:8f:7d:06:26:18:f7:4e:c6:07:83:65:4d:
54:ed:a9:85:3c:ef:a7:18:25:d5:54:78:4a:25:39:
61:5b:20:b9:9c:e5:f1:42:4f:2c:77:10:59:f1:dd:
16:c2:11:c3:28:5b:e4:06:d0:3c:61:d9:20:10:12:
aa:6e:3e:8a:6a:00:87:aa:36:6c:d6:a1:2b:19:9b:
96:a6:c3:5c:46:fe:1d:03:a7:b8:4c:60:4c:1e:83:
25:7c:36:c0:1f:e2:b3:4b:3e:73:78:c2:81:e7:ee:
42:16:69:68:07:c3:c4:90:a9:53:9d:7a:ef:60:a2:
74:6c:8b:44:d2:86:a3:17:2b:2f:2b:85:94:9c:b1:
45:85:26:bc:60:cd:5c:46:96:81:aa:79:11:3a:fa:
83:95:b9:4b:00:df:71:e3:b1:02:f7:b7:85:13:af:
b2:ca:a5:18:01:e6:3b:22:91:e7:84:66:7d:71:17:
88:ae:8f:7c:b4:f0:01:68:1f:2f:9b:ff:8b:b2:7a:
16:89:ca:e0:c1:5f:73:7d:bb:36:7e:a0:4e:cd:02:
92:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:57:7C:AA:CB:E4:4C:64:F3:C3:F2:AC:BD:75:4F:C1:AE:E7:35:00
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qld8qsvkTGTzw_KsvXVPwa7nNQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.64.0/24
87.120.68.0/23
93.123.74.0/23
93.123.80.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
76:ab:cd:63:bb:0d:12:fb:43:b3:78:1a:5f:9c:34:76:29:12:
bf:47:0f:76:9d:0b:3d:08:9d:9f:96:2c:c2:6f:c8:21:39:64:
85:df:8d:8a:0c:7f:1a:73:42:13:de:7c:c1:4e:72:5a:46:6d:
e5:ba:da:25:54:90:c2:0c:28:fc:84:a3:2d:55:bd:63:17:2c:
42:d2:b7:cc:12:22:64:fe:25:55:01:c7:20:57:a0:1c:f2:aa:
ce:98:81:5c:00:08:ff:b2:bb:38:92:e7:6c:a1:a7:61:04:c7:
04:2c:9e:f7:56:fc:a7:ef:0c:47:86:90:de:25:2c:19:1e:83:
71:4f:0f:05:62:25:05:8d:3e:c3:06:19:1f:b9:aa:f6:09:3a:
fb:96:eb:fb:c8:79:bf:49:48:42:9f:80:ed:4e:1e:aa:e2:32:
6c:9d:98:05:68:a0:5d:44:69:4d:6a:f5:b0:f3:af:cd:e0:67:
08:f6:f6:da:3f:be:b7:73:5c:0e:ca:88:8b:4a:2c:f2:a6:e0:
ee:1a:ff:d8:e1:a7:8e:75:65:ad:3c:30:b0:3d:8a:a8:e5:3c:
23:06:17:a6:00:57:88:ff:c8:88:58:4e:2f:6e:43:c4:af:ab:
41:13:fa:4f:44:b5:3d:19:5e:39:47:89:be:cf:31:4e:92:e5:
60:1c:03:a0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZMyS4UbUGzqGI9o+5snsrDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTE2MDAwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjU3N2NhYWNiZTQ0YzY0ZjNjM2YyYWNiZDc1NGZjMWFlZTczNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjUlpjJT6HKow6cVsOWATzhkcBpA
fw/RyRtx7tU00IxhF5eHC6nB+IEnSAUqvYWPfQYmGPdOxgeDZU1U7amFPO+nGCXV
VHhKJTlhWyC5nOXxQk8sdxBZ8d0WwhHDKFvkBtA8YdkgEBKqbj6KagCHqjZs1qEr
GZuWpsNcRv4dA6e4TGBMHoMlfDbAH+KzSz5zeMKB5+5CFmloB8PEkKlTnXrvYKJ0
bItE0oajFysvK4WUnLFFhSa8YM1cRpaBqnkROvqDlblLAN9x47EC97eFE6+yyqUY
AeY7IpHnhGZ9cReIro98tPABaB8vm/+LsnoWicrgwV9zfbs2fqBOzQKSGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEJXfKrL5Exk88PyrL11T8Gu5zUAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUWxkOHFzdmtUR1R6d19Lc3ZYVlB3YTduTlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABf1AAwQB
V3hEAwQBXXtKAwQAXXtQAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQB2q81juw0S
+0OzeBpfnDR2KRK/Rw92nQs9CJ2flizCb8ghOWSF342KDH8ac0IT3nzBTnJaRm3l
utolVJDCDCj8hKMtVb1jFyxC0rfMEiJk/iVVAccgV6Ac8qrOmIFcAAj/srs4kuds
oadhBMcELJ73Vvyn7wxHhpDeJSwZHoNxTw8FYiUFjT7DBhkfuar2CTr7luv7yHm/
SUhCn4DtTh6q4jJsnZgFaKBdRGlNavWw86/N4GcI9vbaP763c1wOyoiLSizypuDu
Gv/Y4aeOdWWtPDCwPYqo5TwjBhemAFeI/8iIWE4vbkPEr6tBE/pPRLU9GV45R4m+
zzFOkuVgHAOg
Generated at Sun Nov 17 21:52:13 2024 by rpki-client on console-fra.rpki-client.org