Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QcYC3yvSSlpLO1GpP7OhRZcw_Rk.roa
File: QcYC3yvSSlpLO1GpP7OhRZcw_Rk.roa (raw, json)
Hash identifier: ZNNgKhCyyBtXXg/RXn3V4CZyV7DVTHA9EojWYyEt1ko=
Subject key identifier: 41:C6:02:DF:2B:D2:4A:5A:4B:3B:51:A9:3F:B3:A1:45:97:30:FD:19
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A75EF9D85832C324ECB59F807039AB2D2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QcYC3yvSSlpLO1GpP7OhRZcw_Rk.roa
Signing time: Fri 08 Sep 2023 17:55:52 +0000
ROA not before: Fri 08 Sep 2023 17:55:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.30.241.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/23 maxlen: 24
45.94.171.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
45.138.183.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:75:ef:9d:85:83:2c:32:4e:cb:59:f8:07:03:9a:b2:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 8 17:55:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41c602df2bd24a5a4b3b51a93fb3a1459730fd19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bf:d1:83:a6:7f:8a:3b:dc:97:4a:0d:40:68:
6b:40:92:35:22:13:ff:bf:e2:31:b4:1d:82:55:e6:
25:d4:c7:93:2d:2a:3b:3f:8f:cc:e7:fc:10:b9:1a:
d6:f8:13:b8:16:10:a6:2d:bb:7d:63:ba:1b:c2:f7:
1a:10:c3:d1:aa:11:fa:ef:5e:3d:14:47:41:81:73:
17:a2:76:79:59:12:37:2a:af:35:b6:9b:3c:a2:76:
5d:fb:ba:2b:f2:95:9a:38:2f:68:fe:3e:ff:79:72:
79:33:68:46:cc:36:90:a8:d1:84:61:6f:62:f2:97:
91:7d:22:92:e5:c3:e8:42:5e:32:16:cc:7a:57:5d:
c0:c8:9e:a5:c1:88:c8:25:dc:57:31:08:5e:b5:f3:
3b:ac:e7:a6:9b:00:90:05:77:34:f1:37:17:db:f0:
60:e6:33:80:a5:51:41:4a:14:b9:38:59:51:72:31:
cb:ec:3e:43:c5:ca:a1:22:a6:2e:28:1f:48:dc:02:
b6:07:74:2a:8d:50:56:8e:a2:8a:38:85:40:21:ca:
24:38:6a:d3:9d:e0:e0:67:8e:2d:b0:21:d3:fd:a9:
41:9d:0f:7d:07:6c:d0:f8:4e:86:0b:32:42:34:ec:
f6:47:37:68:29:64:99:40:c1:0d:5e:6e:fb:41:c6:
13:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C6:02:DF:2B:D2:4A:5A:4B:3B:51:A9:3F:B3:A1:45:97:30:FD:19
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/QcYC3yvSSlpLO1GpP7OhRZcw_Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.171.0/24
45.138.180.0/24
45.138.183.0/24
77.83.39.0/24
85.209.120.0/23
193.30.241.0/24
195.62.24.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:81:c2:61:38:c6:2f:81:4b:fd:32:13:ee:81:8c:54:29:85:
a5:66:0b:3c:92:82:f1:10:41:aa:e2:30:95:ed:2a:77:5e:07:
ff:eb:d6:35:9d:2c:4e:6f:3e:f8:c8:c8:df:ee:bf:66:9c:7e:
32:20:62:fc:b7:c0:ac:e8:86:27:7e:ef:db:d0:a4:5c:5d:36:
c6:14:3d:d4:ba:dd:5a:bd:7c:d5:44:2d:e2:92:3d:16:39:9e:
1c:a2:47:8f:27:47:58:67:93:0c:b4:1c:95:fa:7d:6f:c2:13:
88:61:0e:ed:7e:f4:c8:06:b8:47:bc:c4:c1:d7:76:fe:52:d1:
ec:e9:76:6f:b4:07:e7:c0:6c:9b:5b:af:df:8e:c5:ad:6f:f6:
15:de:f5:ed:7c:20:98:67:6c:ce:75:45:37:ba:89:54:9a:0c:
aa:c5:ff:1c:a7:5b:89:6c:31:1f:34:2f:32:ea:7b:04:0d:67:
11:c6:de:4a:fb:d3:0c:e0:37:36:a4:da:c9:23:70:39:a5:85:
35:4f:e1:6b:b4:5e:54:b8:d0:e7:cc:06:68:aa:63:48:dd:88:
a9:c7:08:30:c0:f8:d3:e7:f1:1a:64:b6:d3:10:a5:cc:15:ae:
9f:f1:79:35:aa:1a:c5:d6:02:3e:62:39:8f:0f:54:3c:9b:ee:
a2:77:9b:18
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYp1752FgywyTstZ+AcDmrLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwOTA4MTc1NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM2MDJkZjJiZDI0YTVhNGIzYjUxYTkzZmIzYTE0NTk3MzBmZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7/Rg6Z/ijvcl0oNQGhrQJI1IhP/
v+IxtB2CVeYl1MeTLSo7P4/M5/wQuRrW+BO4FhCmLbt9Y7obwvcaEMPRqhH67149
FEdBgXMXonZ5WRI3Kq81tps8onZd+7or8pWaOC9o/j7/eXJ5M2hGzDaQqNGEYW9i
8peRfSKS5cPoQl4yFsx6V13AyJ6lwYjIJdxXMQhetfM7rOemmwCQBXc08TcX2/Bg
5jOApVFBShS5OFlRcjHL7D5DxcqhIqYuKB9I3AK2B3QqjVBWjqKKOIVAIcokOGrT
neDgZ44tsCHT/alBnQ99B2zQ+E6GCzJCNOz2RzdoKWSZQMENXm77QcYTAwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEHGAt8r0kpaSztRqT+zoUWXMP0ZMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUWNZQzN5dlNTbHBMTzFHcFA3T2hSWmN3X1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALV6rAwQA
LYq0AwQALYq3AwQATVMnAwQBVdF4AwQAwR7xAwQAwz4YMA0GCSqGSIb3DQEBCwUA
A4IBAQAqgcJhOMYvgUv9MhPugYxUKYWlZgs8koLxEEGq4jCV7Sp3Xgf/69Y1nSxO
bz74yMjf7r9mnH4yIGL8t8Cs6IYnfu/b0KRcXTbGFD3Uut1avXzVRC3ikj0WOZ4c
okePJ0dYZ5MMtByV+n1vwhOIYQ7tfvTIBrhHvMTB13b+UtHs6XZvtAfnwGybW6/f
jsWtb/YV3vXtfCCYZ2zOdUU3uolUmgyqxf8cp1uJbDEfNC8y6nsEDWcRxt5K+9MM
4Dc2pNrJI3A5pYU1T+FrtF5UuNDnzAZoqmNI3YipxwgwwPjT5/EaZLbTEKXMFa6f
8Xk1qhrF1gI+YjmPD1Q8m+6id5sY
-----END CERTIFICATE-----
Generated at Sun Sep 10 10:41:07 2023 by rpki-client on console-fra.rpki-client.org