Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/qk-RSsmgxJty1CzqMgqxFoNraiM.roa
File: qk-RSsmgxJty1CzqMgqxFoNraiM.roa (raw, json)
Hash identifier: atbLAZfuagRJmqSy7tzA496uhHoQzYkMY2pgmeL95pM=
Subject key identifier: AA:4F:91:4A:C9:A0:C4:9B:72:D4:2C:EA:32:0A:B1:16:83:6B:6A:23
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 01910DC4C46B2C4EA76580FA56D6346AB2AD
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/qk-RSsmgxJty1CzqMgqxFoNraiM.roa
Signing time: Thu 01 Aug 2024 11:48:04 +0000
ROA not before: Thu 01 Aug 2024 11:48:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 185.148.243.0/24 maxlen: 24
185.169.183.0/24 maxlen: 24
185.174.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 20:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0d:c4:c4:6b:2c:4e:a7:65:80:fa:56:d6:34:6a:b2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Aug 1 11:48:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa4f914ac9a0c49b72d42cea320ab116836b6a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ef:95:3c:35:f0:7b:98:bd:f6:f0:3d:e4:d6:
d1:f0:3c:05:69:27:f6:a8:5d:02:f7:a2:75:42:96:
ba:89:a2:c4:f8:d0:96:72:bc:68:62:20:6a:ee:f7:
d4:af:ec:40:74:4a:2d:74:39:8a:bf:7c:70:9a:4f:
79:e4:16:7b:3f:c7:cb:7c:e2:81:ff:f3:44:cd:93:
9d:91:d1:71:fb:22:f5:bd:76:b2:06:ea:cc:82:f8:
2b:3b:51:d5:e6:54:ce:75:28:c7:17:10:31:c6:cf:
d6:1c:a1:4b:cc:ac:0f:55:a0:f7:69:40:7c:08:75:
19:3d:a3:f6:3d:d6:1a:42:19:29:59:bb:98:b2:91:
65:e7:e2:54:db:12:24:6c:8b:fc:0c:69:dc:c3:2a:
3e:c7:3a:a3:e1:08:d8:61:46:ac:45:0b:6a:c8:39:
08:6f:18:99:8d:a9:3d:7c:3d:81:1f:fd:96:63:44:
04:d4:ae:38:27:21:8b:91:98:54:67:05:5d:96:a7:
de:28:c4:41:68:25:d5:84:35:4c:04:87:09:e4:e4:
4d:6f:a9:c8:33:03:b9:26:70:d5:31:fd:87:e8:ca:
a3:9c:ca:e1:2c:33:15:ab:8f:8c:3b:7c:7e:94:41:
bf:7a:ec:d3:86:6e:81:18:80:05:f9:57:a0:72:f3:
2f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4F:91:4A:C9:A0:C4:9B:72:D4:2C:EA:32:0A:B1:16:83:6B:6A:23
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/qk-RSsmgxJty1CzqMgqxFoNraiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.243.0/24
185.169.183.0/24
185.174.20.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:74:7c:3e:e6:36:8e:32:5b:d1:a2:a5:fb:6a:7b:0e:62:d3:
c1:10:94:0a:b0:b1:61:0d:63:38:60:fe:26:8b:73:22:16:1a:
2e:33:c6:59:47:7a:14:22:46:b1:b5:11:d1:c4:b0:55:99:ed:
9e:3e:54:d6:d0:68:f8:01:f5:a6:f8:c2:07:bd:2e:35:79:97:
1f:cd:1b:0e:34:df:e7:ac:fd:8f:36:44:30:e4:56:61:5f:07:
fa:20:5b:f8:38:2b:64:af:04:7d:79:4f:de:c9:e9:e8:f6:d4:
1f:0f:92:56:49:65:81:ae:39:c7:70:b4:c5:7c:fc:a1:97:9f:
d6:1c:2e:00:e4:17:d0:d9:8e:92:d4:a6:21:a4:f2:ac:c7:90:
9b:0e:c3:a6:ee:02:3a:bc:7d:5f:c4:b3:ad:b3:38:16:9c:0b:
5e:f6:30:42:30:41:dd:5c:a8:cc:96:5b:85:2f:31:06:44:2b:
a5:e1:73:26:18:04:85:c8:7b:41:5a:cd:55:3d:54:42:4a:61:
a9:e4:ff:0a:93:f5:a5:d9:df:be:f8:c6:c6:a7:2a:4f:47:75:
bb:d5:2c:46:db:0a:b1:47:64:3b:a2:0e:cd:fe:55:88:79:1f:
45:1a:36:e1:b4:10:50:1f:f0:3e:ac:fe:77:bc:3b:f5:20:ae:
3a:f8:80:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZENxMRrLE6nZYD6VtY0arKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwODAxMTE0ODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTRmOTE0YWM5YTBjNDliNzJkNDJjZWEzMjBhYjExNjgzNmI2YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx++VPDXwe5i99vA95NbR8DwFaSf2
qF0C96J1Qpa6iaLE+NCWcrxoYiBq7vfUr+xAdEotdDmKv3xwmk955BZ7P8fLfOKB
//NEzZOdkdFx+yL1vXayBurMgvgrO1HV5lTOdSjHFxAxxs/WHKFLzKwPVaD3aUB8
CHUZPaP2PdYaQhkpWbuYspFl5+JU2xIkbIv8DGncwyo+xzqj4QjYYUasRQtqyDkI
bxiZjak9fD2BH/2WY0QE1K44JyGLkZhUZwVdlqfeKMRBaCXVhDVMBIcJ5ORNb6nI
MwO5JnDVMf2H6MqjnMrhLDMVq4+MO3x+lEG/euzThm6BGIAF+VegcvMvOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKpPkUrJoMSbctQs6jIKsRaDa2ojMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvcWstUlNzbWd4SnR5MUN6cU1ncXhGb05yYWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuZTzAwQA
uam3AwQAua4UMA0GCSqGSIb3DQEBCwUAA4IBAQALdHw+5jaOMlvRoqX7ansOYtPB
EJQKsLFhDWM4YP4mi3MiFhouM8ZZR3oUIkaxtRHRxLBVme2ePlTW0Gj4AfWm+MIH
vS41eZcfzRsONN/nrP2PNkQw5FZhXwf6IFv4OCtkrwR9eU/eyeno9tQfD5JWSWWB
rjnHcLTFfPyhl5/WHC4A5BfQ2Y6S1KYhpPKsx5CbDsOm7gI6vH1fxLOtszgWnAte
9jBCMEHdXKjMlluFLzEGRCul4XMmGASFyHtBWs1VPVRCSmGp5P8Kk/Wl2d+++MbG
pypPR3W71SxG2wqxR2Q7og7N/lWIeR9FGjbhtBBQH/A+rP53vDv1IK46+IAD
-----END CERTIFICATE-----
Generated at Wed Sep 11 21:46:36 2024 by rpki-client on console-fra.rpki-client.org