Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Qn4lboOSHVQ9ImH9IbdfefHHqxM.roa
File: Qn4lboOSHVQ9ImH9IbdfefHHqxM.roa (raw, json)
Hash identifier: 66Lw/LV6xCpl8QN27TdoMyk60me1YeoyTHds71273rA=
Subject key identifier: 42:7E:25:6E:83:92:1D:54:3D:22:61:FD:21:B7:5F:79:F1:C7:AB:13
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0185706763D00416976480A4ABAF0EB39C1F
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Qn4lboOSHVQ9ImH9IbdfefHHqxM.roa
Signing time: Mon 02 Jan 2023 02:55:01 +0000
ROA not before: Mon 02 Jan 2023 02:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 109.206.248.0/22 maxlen: 23
109.206.250.0/23 maxlen: 23
45.152.8.0/23 maxlen: 23
45.152.36.0/23 maxlen: 23
2a0c:9e06::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 10 Jan 2023 15:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:63:d0:04:16:97:64:80:a4:ab:af:0e:b3:9c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 2 02:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=427e256e83921d543d2261fd21b75f79f1c7ab13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:df:90:9d:af:d0:5c:54:5f:74:10:3b:fc:4c:
28:23:de:2a:13:b7:37:46:e8:76:fe:02:ac:bf:e0:
f7:59:11:c2:39:89:bc:00:96:a3:6c:db:7a:11:cf:
65:26:63:71:90:25:a6:b9:49:94:59:22:40:dc:d7:
bc:39:7b:ba:3f:9a:28:a0:49:5d:d9:a7:a0:18:5e:
b1:1c:cb:e2:6d:7c:8e:cd:76:f0:5f:14:af:e8:85:
df:21:cf:76:5a:e6:89:44:94:08:c2:0b:fd:ec:82:
9e:63:b0:06:b7:ae:b3:9c:24:4c:e7:f8:b2:79:27:
2c:52:83:07:0c:32:52:2b:4c:93:fd:28:ed:6a:08:
50:2f:b3:8c:65:a3:35:14:92:b7:23:de:4f:9f:6a:
c7:04:0a:c7:48:43:00:15:e5:92:e1:27:d4:09:15:
4d:3f:b8:b2:d8:46:08:80:5d:ce:c5:6f:27:37:6a:
65:17:c2:4f:3c:7a:e5:6e:d1:e7:26:80:37:33:51:
e1:1d:5d:5f:dd:fd:5e:80:3d:8f:dd:5a:02:24:65:
44:ae:f3:12:23:c5:5d:6b:27:2e:50:24:ea:c4:4c:
43:17:7a:e7:bb:59:af:27:4f:4f:ab:21:e9:2f:a7:
a7:96:86:4b:5a:65:65:7f:78:f5:db:f4:04:63:10:
5b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:7E:25:6E:83:92:1D:54:3D:22:61:FD:21:B7:5F:79:F1:C7:AB:13
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Qn4lboOSHVQ9ImH9IbdfefHHqxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.8.0/23
45.152.36.0/23
109.206.248.0/22
IPv6:
2a0c:9e06::/32
Signature Algorithm: sha256WithRSAEncryption
59:e9:fd:70:f7:64:9e:76:f1:ca:29:22:6d:34:24:dd:de:e1:
64:8b:04:9c:92:a1:f2:e7:5c:78:29:31:ce:1a:0d:04:d4:39:
eb:31:81:f0:4a:fb:df:40:bd:01:b8:c7:c8:56:77:e1:46:ad:
6b:78:ff:c5:12:c3:d0:b8:52:d7:a5:43:f2:72:61:91:c0:89:
13:dc:da:dc:b6:da:db:46:cc:99:88:48:20:c6:d3:96:fd:66:
f0:49:27:f1:9d:af:cb:a1:f7:32:74:26:4a:72:bf:81:4c:aa:
cc:8c:7f:b1:58:f6:10:7b:ef:d4:37:25:8a:68:0e:33:07:b0:
a6:3d:b7:40:bb:59:75:4f:5c:d6:1d:99:00:e8:61:a4:01:6e:
cd:7a:1b:a8:0c:b4:05:e5:08:16:49:af:2d:4c:e3:a8:5e:a7:
c3:37:62:b0:54:6a:bb:aa:f0:03:38:aa:59:e7:b9:21:a2:3e:
00:db:51:5b:ab:7e:e3:40:68:be:22:7b:1d:d8:33:35:ae:03:
1f:78:e9:b3:48:86:81:78:2e:3c:47:ab:2d:77:01:ad:b8:fc:
fa:04:71:f0:38:bc:cc:d9:a7:f8:a8:81:49:29:4c:ba:9f:c9:
d5:55:7c:7f:01:fd:b8:28:e7:3c:15:83:60:00:9d:4f:37:77:
a5:5c:90:39
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwZ2PQBBaXZICkq68Os5wfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAyMDI1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjdlMjU2ZTgzOTIxZDU0M2QyMjYxZmQyMWI3NWY3OWYxYzdhYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8t+Qna/QXFRfdBA7/EwoI94qE7c3
Ruh2/gKsv+D3WRHCOYm8AJajbNt6Ec9lJmNxkCWmuUmUWSJA3Ne8OXu6P5oooEld
2aegGF6xHMvibXyOzXbwXxSv6IXfIc92WuaJRJQIwgv97IKeY7AGt66znCRM5/iy
eScsUoMHDDJSK0yT/SjtaghQL7OMZaM1FJK3I95Pn2rHBArHSEMAFeWS4SfUCRVN
P7iy2EYIgF3OxW8nN2plF8JPPHrlbtHnJoA3M1HhHV1f3f1egD2P3VoCJGVErvMS
I8VdaycuUCTqxExDF3rnu1mvJ09PqyHpL6enloZLWmVlf3j12/QEYxBbCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEJ+JW6Dkh1UPSJh/SG3X3nxx6sTMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvUW40bGJvT1NIVlE5SW1IOUliZGZlZkhIcXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBLZgIAwQB
LZgkAwQCbc74MA0EAgACMAcDBQAqDJ4GMA0GCSqGSIb3DQEBCwUAA4IBAQBZ6f1w
92SedvHKKSJtNCTd3uFkiwSckqHy51x4KTHOGg0E1DnrMYHwSvvfQL0BuMfIVnfh
Rq1reP/FEsPQuFLXpUPycmGRwIkT3NrcttrbRsyZiEggxtOW/WbwSSfxna/Lofcy
dCZKcr+BTKrMjH+xWPYQe+/UNyWKaA4zB7CmPbdAu1l1T1zWHZkA6GGkAW7Nehuo
DLQF5QgWSa8tTOOoXqfDN2KwVGq7qvADOKpZ57khoj4A21Fbq37jQGi+Insd2DM1
rgMfeOmzSIaBeC48R6stdwGtuPz6BHHwOLzM2af4qIFJKUy6n8nVVXx/Af24KOc8
FYNgAJ1PN3elXJA5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org