Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/qkJRd1xIQ4tY8j7QYAWsPzQxnQU.roa
File: qkJRd1xIQ4tY8j7QYAWsPzQxnQU.roa (raw, json)
Hash identifier: +bjiguBz92jv/AqXABLM8PJacEXJchW65HL1BKWnkI8=
Subject key identifier: AA:42:51:77:5C:48:43:8B:58:F2:3E:D0:60:05:AC:3F:34:31:9D:05
Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial: 0190529B1876E49EB93267793875F8166F06
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/qkJRd1xIQ4tY8j7QYAWsPzQxnQU.roa
Signing time: Wed 26 Jun 2024 03:33:34 +0000
ROA not before: Wed 26 Jun 2024 03:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5413
IP address blocks: 37.252.60.0/22 maxlen: 24
95.172.224.0/19 maxlen: 24
212.105.160.0/19 maxlen: 24
2a00:10ef::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Nov 2024 02:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:52:9b:18:76:e4:9e:b9:32:67:79:38:75:f8:16:6f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Validity
Not Before: Jun 26 03:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa4251775c48438b58f23ed06005ac3f34319d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:31:70:c7:51:6f:fd:86:34:4d:63:4a:a2:35:
ff:36:08:ac:69:e2:ae:27:be:5b:d5:50:22:56:03:
d0:83:f6:cd:67:07:c6:bb:c0:1c:8d:5b:4b:7b:15:
12:67:40:68:13:a0:77:0b:4b:fe:80:0c:53:8a:dc:
16:b7:57:26:34:85:93:97:f7:ce:0d:ee:ac:6c:b9:
cd:37:67:3b:15:d1:55:5a:c9:51:a8:3f:64:95:b9:
a0:7c:29:ff:30:d1:43:10:22:1f:75:de:8c:5d:c5:
20:0b:7d:39:fa:8c:03:bc:83:a7:37:91:7b:91:01:
e6:87:fa:83:95:34:a6:15:ad:8e:49:f4:29:f6:f8:
cb:e3:18:e6:49:89:ef:24:ca:b2:53:ae:ce:ee:00:
36:c1:9c:03:be:56:e8:17:09:3b:93:56:88:bf:38:
0f:4f:0c:1b:58:4d:1a:95:f3:05:93:80:61:a9:db:
25:d5:99:ce:9f:22:7d:26:01:20:11:e5:97:c7:e2:
5e:5d:27:9c:cf:10:f4:bd:cf:36:af:78:35:2d:c8:
36:ae:16:47:50:40:20:8b:8b:8d:47:a5:74:dc:44:
b6:21:ba:d8:cf:d3:19:69:aa:92:7b:c8:15:2f:d0:
95:e9:b2:a0:dd:2c:53:1b:0f:60:15:8a:5f:02:df:
f2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:42:51:77:5C:48:43:8B:58:F2:3E:D0:60:05:AC:3F:34:31:9D:05
X509v3 Authority Key Identifier:
keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/qkJRd1xIQ4tY8j7QYAWsPzQxnQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.60.0/22
95.172.224.0/19
212.105.160.0/19
IPv6:
2a00:10ef::/32
Signature Algorithm: sha256WithRSAEncryption
a1:66:7f:be:1d:5f:a8:29:4d:67:df:80:f0:91:73:3e:51:41:
f8:a4:03:29:ad:db:4a:6d:cf:86:34:b8:3e:8a:2c:cf:99:8f:
3d:30:16:72:d9:ec:c8:85:af:84:a5:c9:61:58:85:09:ed:bf:
ff:89:94:03:96:f3:5a:16:88:26:c3:56:d3:31:b6:9d:b8:64:
24:16:21:3a:a5:44:d8:93:4e:a4:8b:a8:9b:8f:a9:0f:65:cd:
cd:37:21:94:43:d0:97:f4:7d:41:34:38:8d:20:c2:f4:0a:e8:
25:6a:e2:94:6f:63:b2:cf:06:51:4f:dc:85:ed:20:7b:de:01:
25:00:8c:6e:5a:64:04:6b:f4:18:c0:70:d3:5b:8b:08:42:6f:
fd:0a:77:11:d8:60:59:4a:20:1b:9d:40:f7:5e:fa:9d:57:71:
8b:19:e1:bb:2f:86:ed:d3:d0:f6:dd:af:0d:f0:74:a9:f3:41:
1d:9b:b9:75:c7:0d:9c:22:5b:f2:b0:13:f7:d5:71:f9:a1:ba:
d4:56:71:0d:3a:78:0d:ae:43:31:f4:c4:2e:a1:bb:bc:fd:f1:
64:02:db:f8:c6:1c:e1:75:6c:0a:20:fe:8d:29:0d:25:b3:08:
b5:ed:9b:2e:e7:cc:64:21:31:28:a9:3d:c6:d8:cb:14:12:eb:
03:1c:9d:38
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZBSmxh25J65Mmd5OHX4Fm8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTk2ZDAyYTgyMmY0NjI1M2MyYWVlNjgwNDQxZDVhYzI3
YzNkZjUwHhcNMjQwNjI2MDMzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTQyNTE3NzVjNDg0MzhiNThmMjNlZDA2MDA1YWMzZjM0MzE5ZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zFwx1Fv/YY0TWNKojX/NgisaeKu
J75b1VAiVgPQg/bNZwfGu8AcjVtLexUSZ0BoE6B3C0v+gAxTitwWt1cmNIWTl/fO
De6sbLnNN2c7FdFVWslRqD9klbmgfCn/MNFDECIfdd6MXcUgC305+owDvIOnN5F7
kQHmh/qDlTSmFa2OSfQp9vjL4xjmSYnvJMqyU67O7gA2wZwDvlboFwk7k1aIvzgP
TwwbWE0alfMFk4Bhqdsl1ZnOnyJ9JgEgEeWXx+JeXSeczxD0vc82r3g1Lcg2rhZH
UEAgi4uNR6V03ES2IbrYz9MZaaqSe8gVL9CV6bKg3SxTGw9gFYpfAt/yWQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKpCUXdcSEOLWPI+0GAFrD80MZ0FMB8GA1UdIwQY
MBaAFL2pbQKoIvRiU8Ku5oBEHVrCfD31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzIt
Y2Y4M2Q2ZTQwNTU4LzEvcWtKUmQxeElRNHRZOGo3UVlBV3NQelF4blFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzItY2Y4M2Q2ZTQwNTU4
LzEvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCJfw8AwQF
X6zgAwQF1GmgMA0EAgACMAcDBQAqABDvMA0GCSqGSIb3DQEBCwUAA4IBAQChZn++
HV+oKU1n34DwkXM+UUH4pAMprdtKbc+GNLg+iizPmY89MBZy2ezIha+EpclhWIUJ
7b//iZQDlvNaFogmw1bTMbaduGQkFiE6pUTYk06ki6ibj6kPZc3NNyGUQ9CX9H1B
NDiNIML0CuglauKUb2OyzwZRT9yF7SB73gElAIxuWmQEa/QYwHDTW4sIQm/9CncR
2GBZSiAbnUD3XvqdV3GLGeG7L4bt09D23a8N8HSp80Edm7l1xw2cIlvysBP31XH5
obrUVnENOngNrkMx9MQuobu8/fFkAtv4xhzhdWwKIP6NKQ0lswi17Zsu58xkITEo
qT3G2MsUEusDHJ04
-----END CERTIFICATE-----
Generated at Wed Nov 13 05:56:10 2024 by rpki-client on console-fra.rpki-client.org