Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/QuG_9vTSJyq9d5vmC2RqB5STPmQ.roa
File: QuG_9vTSJyq9d5vmC2RqB5STPmQ.roa (raw, json)
Hash identifier: 9jaNY5FxsVMvwJqhAB1MBbWXjMe21VGxn2nFjgsMKu0=
Subject key identifier: 42:E1:BF:F6:F4:D2:27:2A:BD:77:9B:E6:0B:64:6A:07:94:93:3E:64
Certificate issuer: /CN=4978d328bcde5294f372765c11aeef28155b0f02
Certificate serial: 01920081F1DBA836B3971BD04ED17CA4247A
Authority key identifier: 49:78:D3:28:BC:DE:52:94:F3:72:76:5C:11:AE:EF:28:15:5B:0F:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SXjTKLzeUpTzcnZcEa7vKBVbDwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/QuG_9vTSJyq9d5vmC2RqB5STPmQ.roa
Signing time: Tue 17 Sep 2024 15:02:48 +0000
ROA not before: Tue 17 Sep 2024 15:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47745
IP address blocks: 85.187.1.0/24 maxlen: 24
87.246.6.0/24 maxlen: 24
87.246.39.0/24 maxlen: 24
151.237.60.0/24 maxlen: 24
151.237.61.0/24 maxlen: 24
185.255.59.0/24 maxlen: 24
212.5.56.0/24 maxlen: 24
212.5.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 07:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:00:81:f1:db:a8:36:b3:97:1b:d0:4e:d1:7c:a4:24:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4978d328bcde5294f372765c11aeef28155b0f02
Validity
Not Before: Sep 17 15:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42e1bff6f4d2272abd779be60b646a0794933e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ba:97:39:ba:2a:72:7c:1d:68:6e:56:fd:4d:
8a:b8:3b:85:54:65:31:98:06:93:2c:67:5b:ec:71:
94:be:38:61:be:21:c6:0d:cf:85:26:ba:e2:b7:6a:
9a:3d:75:04:c6:97:b4:1a:50:3c:fd:92:8e:18:63:
6d:7c:77:b2:26:5b:f0:7a:9a:a1:03:0b:a4:9e:9a:
eb:7c:f2:0a:c8:1e:bf:20:b5:f6:fe:3e:2f:f8:f3:
ad:e4:6d:3c:ee:01:f8:fb:83:e7:9b:64:6f:1e:50:
25:b5:48:46:80:0c:ff:60:cd:14:14:ea:14:fa:fb:
5e:0a:24:fa:bf:6b:eb:e6:07:f5:38:08:46:55:f5:
fc:85:79:dc:26:ca:5d:bf:f8:33:68:7d:81:18:0d:
ee:84:71:5e:c9:03:67:2b:98:8e:96:ab:54:df:5d:
7c:45:0a:60:26:75:3b:9a:63:31:bc:8f:3e:da:14:
11:f1:63:e1:4e:ec:c2:7f:fe:dd:4a:6b:65:29:1d:
d6:9e:78:9e:05:98:ad:c0:b6:f9:6f:cf:b9:17:2a:
5d:0b:b4:08:50:7c:f7:21:23:b6:01:38:12:3a:fd:
a7:dc:b8:f8:76:cc:b3:c9:5b:28:2d:2d:63:18:f1:
e3:89:68:ee:b6:3f:0a:92:93:f7:70:a3:74:f3:cb:
d7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E1:BF:F6:F4:D2:27:2A:BD:77:9B:E6:0B:64:6A:07:94:93:3E:64
X509v3 Authority Key Identifier:
keyid:49:78:D3:28:BC:DE:52:94:F3:72:76:5C:11:AE:EF:28:15:5B:0F:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SXjTKLzeUpTzcnZcEa7vKBVbDwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/QuG_9vTSJyq9d5vmC2RqB5STPmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe173b-f87f-464f-b1b9-8c7d20923b08/1/SXjTKLzeUpTzcnZcEa7vKBVbDwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.1.0/24
87.246.6.0/24
87.246.39.0/24
151.237.60.0/23
185.255.59.0/24
212.5.56.0/23
Signature Algorithm: sha256WithRSAEncryption
06:79:70:ee:96:2c:64:36:ae:98:28:d5:38:06:34:c6:60:a9:
ae:a5:e2:1c:b8:9b:a0:c8:13:21:04:fe:bf:80:bc:a9:83:a8:
c8:e3:15:76:f1:0e:5f:8c:24:76:d0:7a:d7:bb:a7:48:07:e1:
c2:eb:ea:b9:3b:04:45:39:07:0a:68:58:c2:90:4f:f0:60:3d:
4b:63:76:76:fe:65:ea:0e:6f:43:ee:47:42:67:b1:e3:f2:28:
fb:e5:af:58:1e:18:40:20:93:d2:06:28:16:c2:f5:dc:c5:7f:
9c:37:5d:2c:36:93:fd:c7:0c:42:b2:26:01:48:10:c4:22:f7:
b2:96:f5:57:7f:ac:9e:af:c7:74:22:b2:be:c3:d1:be:89:62:
82:84:1b:2b:7a:ac:aa:5f:6b:76:b1:e3:4e:0e:c3:ff:c2:90:
88:1d:f8:93:7d:36:30:45:26:59:f4:8c:be:62:3f:01:11:04:
1f:4d:fd:8c:64:d7:91:cc:85:9f:cb:e2:4a:c3:b4:d4:dd:c4:
71:d3:e2:d0:69:94:7b:78:31:c2:eb:24:2a:0a:be:66:3d:03:
10:98:11:20:fc:fe:c9:e2:c8:a1:b6:60:4e:33:0e:ec:a4:61:
fe:9b:7f:d4:d6:f0:63:a7:74:ec:21:11:b5:79:4c:06:19:1e:
80:89:1a:85
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZIAgfHbqDazlxvQTtF8pCR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NzhkMzI4YmNkZTUyOTRmMzcyNzY1YzExYWVlZjI4MTU1
YjBmMDIwHhcNMjQwOTE3MTUwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmUxYmZmNmY0ZDIyNzJhYmQ3NzliZTYwYjY0NmEwNzk0OTMzZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbqXOboqcnwdaG5W/U2KuDuFVGUx
mAaTLGdb7HGUvjhhviHGDc+FJrrit2qaPXUExpe0GlA8/ZKOGGNtfHeyJlvwepqh
AwuknprrfPIKyB6/ILX2/j4v+POt5G087gH4+4Pnm2RvHlAltUhGgAz/YM0UFOoU
+vteCiT6v2vr5gf1OAhGVfX8hXncJspdv/gzaH2BGA3uhHFeyQNnK5iOlqtU3118
RQpgJnU7mmMxvI8+2hQR8WPhTuzCf/7dSmtlKR3WnnieBZitwLb5b8+5FypdC7QI
UHz3ISO2ATgSOv2n3Lj4dsyzyVsoLS1jGPHjiWjutj8KkpP3cKN088vXFQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFELhv/b00icqvXeb5gtkageUkz5kMB8GA1UdIwQY
MBaAFEl40yi83lKU83J2XBGu7ygVWw8CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1hqVEtMemVVcFR6Y25aY0VhN3ZLQlZiRHdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9mZTE3M2ItZjg3Zi00NjRmLWIxYjkt
OGM3ZDIwOTIzYjA4LzEvUXVHXzl2VFNKeXE5ZDV2bUMyUnFCNVNUUG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9mZTE3M2ItZjg3Zi00NjRmLWIxYjktOGM3ZDIwOTIzYjA4
LzEvU1hqVEtMemVVcFR6Y25aY0VhN3ZLQlZiRHdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVbsBAwQA
V/YGAwQAV/YnAwQBl+08AwQAuf87AwQB1AU4MA0GCSqGSIb3DQEBCwUAA4IBAQAG
eXDulixkNq6YKNU4BjTGYKmupeIcuJugyBMhBP6/gLypg6jI4xV28Q5fjCR20HrX
u6dIB+HC6+q5OwRFOQcKaFjCkE/wYD1LY3Z2/mXqDm9D7kdCZ7Hj8ij75a9YHhhA
IJPSBigWwvXcxX+cN10sNpP9xwxCsiYBSBDEIveylvVXf6yer8d0IrK+w9G+iWKC
hBsreqyqX2t2seNODsP/wpCIHfiTfTYwRSZZ9Iy+Yj8BEQQfTf2MZNeRzIWfy+JK
w7TU3cRx0+LQaZR7eDHC6yQqCr5mPQMQmBEg/P7J4sihtmBOMw7spGH+m3/U1vBj
p3TsIRG1eUwGGR6AiRqF
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:10:19 2025 by rpki-client