Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/qtmnfBcr0yy3kDHir4eO5riYTL8.roa
File: qtmnfBcr0yy3kDHir4eO5riYTL8.roa (raw, json)
Hash identifier: UYHaFR+zqzhsDQXfwE1GN+w6oi/De9bkjO1NX7KHDzw=
Subject key identifier: AA:D9:A7:7C:17:2B:D3:2C:B7:90:31:E2:AF:87:8E:E6:B8:98:4C:BF
Certificate issuer: /CN=2af5e4866ba09820124a6e511104fc41fa541995
Certificate serial: 01886705F90863562F17A03679ECDDBB824D
Authority key identifier: 2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/qtmnfBcr0yy3kDHir4eO5riYTL8.roa
Signing time: Mon 29 May 2023 10:20:24 +0000
ROA not before: Mon 29 May 2023 10:20:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49100
IP address blocks: 185.110.239.0/24 maxlen: 24
185.110.237.0/24 maxlen: 24
185.110.238.0/24 maxlen: 24
185.110.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:67:05:f9:08:63:56:2f:17:a0:36:79:ec:dd:bb:82:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2af5e4866ba09820124a6e511104fc41fa541995
Validity
Not Before: May 29 10:20:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aad9a77c172bd32cb79031e2af878ee6b8984cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e0:bf:cc:c0:cc:a3:10:c3:19:ea:68:4f:36:
09:c6:3b:f3:5a:0e:c8:f2:94:02:4a:e5:d5:4e:f5:
c7:e4:0c:c3:61:97:e7:fc:2d:b5:bb:49:bb:de:de:
3f:d6:70:1c:38:fc:d9:61:4e:b1:b4:ee:ba:07:15:
e2:d3:08:8d:39:77:90:58:57:dd:69:15:ea:cd:cd:
ae:a8:ad:b5:81:95:39:f5:3c:67:d3:ef:c9:1f:b4:
61:01:df:a6:b4:96:7f:61:1e:ad:20:42:28:78:43:
4d:24:2d:d9:71:67:1b:5f:cd:93:63:d2:e8:47:59:
1f:c5:32:15:3d:a1:2e:0f:07:65:3c:64:cc:ac:92:
de:85:51:4e:b3:6a:95:f7:cf:f0:33:77:59:d5:16:
1d:82:05:ab:dc:85:e3:bb:b0:53:1c:ba:ea:cd:9f:
b2:13:41:de:20:fb:1a:60:c2:84:1b:41:cd:58:d4:
d1:4e:33:3a:0f:dd:78:78:d2:fb:36:c6:91:66:c7:
c2:f0:88:1f:1c:18:24:7f:5d:e9:2d:5f:89:1f:5e:
58:71:5d:5f:06:3f:23:bd:4d:47:98:3f:23:17:dc:
96:3b:b5:f6:eb:f0:c8:8d:b3:2f:ad:c3:8c:84:96:
80:45:e7:d7:a7:48:5b:4c:a9:84:7c:32:3e:b3:85:
c5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D9:A7:7C:17:2B:D3:2C:B7:90:31:E2:AF:87:8E:E6:B8:98:4C:BF
X509v3 Authority Key Identifier:
keyid:2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/qtmnfBcr0yy3kDHir4eO5riYTL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.236.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:58:ea:f4:68:9f:13:7d:27:5a:58:f6:42:4f:6d:c0:d1:09:
9c:8c:7d:8a:64:24:16:f3:61:97:61:55:14:81:92:5c:ba:f1:
8a:fc:11:5f:79:32:59:5b:a5:42:a5:e1:65:62:8b:c7:ee:82:
b5:e4:f9:52:55:03:de:f3:75:d1:0b:93:be:39:1a:b5:d8:aa:
2b:7d:43:c4:2e:f3:58:64:af:d8:ef:08:1c:4f:bd:22:b5:c2:
4d:f7:44:ce:a1:ef:a2:8c:5b:25:cf:36:dd:01:a0:36:9b:3d:
56:7d:98:dc:c8:ad:62:80:df:18:47:f8:db:f7:75:ff:f9:11:
2f:44:3b:e7:d0:ca:b4:06:e6:e9:f5:21:9a:6e:e3:d4:ae:77:
96:5d:5c:94:29:97:07:e4:ea:54:36:a4:6b:60:30:c6:16:cb:
4d:1d:47:e0:1f:9f:ab:89:94:84:04:38:94:f7:9b:d4:d3:63:
db:35:e1:91:2c:b5:58:79:79:aa:67:ee:19:85:66:d9:51:d2:
b2:29:0a:3a:d6:3f:c9:77:d7:54:a5:6d:29:c1:af:08:05:aa:
7d:5b:cb:0e:0f:2d:f2:a5:f9:a3:1a:f9:8f:ae:b6:cc:a6:e3:
73:fc:c6:98:61:40:39:57:11:bd:78:0a:9b:a9:b4:fb:e9:32:
14:28:8c:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhnBfkIY1YvF6A2eezdu4JNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZjVlNDg2NmJhMDk4MjAxMjRhNmU1MTExMDRmYzQxZmE1
NDE5OTUwHhcNMjMwNTI5MTAyMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQ5YTc3YzE3MmJkMzJjYjc5MDMxZTJhZjg3OGVlNmI4OTg0Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleC/zMDMoxDDGepoTzYJxjvzWg7I
8pQCSuXVTvXH5AzDYZfn/C21u0m73t4/1nAcOPzZYU6xtO66BxXi0wiNOXeQWFfd
aRXqzc2uqK21gZU59Txn0+/JH7RhAd+mtJZ/YR6tIEIoeENNJC3ZcWcbX82TY9Lo
R1kfxTIVPaEuDwdlPGTMrJLehVFOs2qV98/wM3dZ1RYdggWr3IXju7BTHLrqzZ+y
E0HeIPsaYMKEG0HNWNTRTjM6D914eNL7NsaRZsfC8IgfHBgkf13pLV+JH15YcV1f
Bj8jvU1HmD8jF9yWO7X26/DIjbMvrcOMhJaARefXp0hbTKmEfDI+s4XFzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrZp3wXK9Mst5Ax4q+Hjua4mEy/MB8GA1UdIwQY
MBaAFCr15IZroJggEkpuUREE/EH6VBmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2Qt
YzMyMGU1MGEzYzc5LzEvcXRtbmZCY3IweXkza0RIaXI0ZU81cmlZVEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2QtYzMyMGU1MGEzYzc5
LzEvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW7sMA0G
CSqGSIb3DQEBCwUAA4IBAQC8WOr0aJ8TfSdaWPZCT23A0QmcjH2KZCQW82GXYVUU
gZJcuvGK/BFfeTJZW6VCpeFlYovH7oK15PlSVQPe83XRC5O+ORq12KorfUPELvNY
ZK/Y7wgcT70itcJN90TOoe+ijFslzzbdAaA2mz1WfZjcyK1igN8YR/jb93X/+REv
RDvn0Mq0Bubp9SGabuPUrneWXVyUKZcH5OpUNqRrYDDGFstNHUfgH5+riZSEBDiU
95vU02PbNeGRLLVYeXmqZ+4ZhWbZUdKyKQo61j/Jd9dUpW0pwa8IBap9W8sODy3y
pfmjGvmPrrbMpuNz/MaYYUA5VxG9eAqbqbT76TIUKIx5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:18 2024 by rpki-client on console-ams.rpki-client.org