Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/QUN5b9hyTdpWHcaYoXtLLGDBBl8.roa
File: QUN5b9hyTdpWHcaYoXtLLGDBBl8.roa (raw, json)
Hash identifier: qOH73NWDuVhS508Ze7AXKWOZEXHNwxiyn3hnnDmejIE=
Subject key identifier: 41:43:79:6F:D8:72:4D:DA:56:1D:C6:98:A1:7B:4B:2C:60:C1:06:5F
Certificate issuer: /CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Certificate serial: 018BD4B7310A645FBF38E0352730FB5E2693
Authority key identifier: 2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/QUN5b9hyTdpWHcaYoXtLLGDBBl8.roa
Signing time: Wed 15 Nov 2023 20:40:57 +0000
ROA not before: Wed 15 Nov 2023 20:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216018
IP address blocks: 46.235.12.0/24 maxlen: 24
185.23.74.0/24 maxlen: 24
185.113.220.0/24 maxlen: 24
185.113.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d4:b7:31:0a:64:5f:bf:38:e0:35:27:30:fb:5e:26:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Validity
Not Before: Nov 15 20:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4143796fd8724dda561dc698a17b4b2c60c1065f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b1:58:71:63:94:d6:e1:45:78:d9:f0:5d:b2:
93:9c:c4:25:dc:e7:47:0f:1f:23:01:bd:e8:f3:4d:
6f:78:ca:9a:e2:24:8b:44:f0:a9:8a:9e:36:85:f4:
fb:cf:d1:ec:68:f3:71:fa:6c:94:66:37:30:d7:16:
1c:44:03:ed:0d:4b:ec:9a:20:29:77:a0:6a:a8:a7:
2b:14:b1:50:98:7a:54:51:06:29:d5:59:b7:3c:46:
bd:08:1f:28:d2:68:fd:94:00:b0:b9:b4:a0:c0:19:
7a:78:c7:cc:32:8b:62:ac:3f:ba:db:f3:d3:6e:2d:
f5:32:13:7c:c5:a0:21:1e:f1:55:1d:14:7b:69:3f:
1d:ee:05:90:b1:f1:df:c0:48:09:c6:0b:7c:d9:f1:
56:0e:dc:e5:aa:53:ec:47:ab:33:c8:42:59:3a:6f:
dd:20:6d:b8:97:70:d1:41:be:61:9b:12:1e:81:7c:
bc:0b:bb:a9:4c:20:d8:3a:4c:3e:f2:94:5c:f2:2c:
fd:43:29:a1:44:37:0f:e7:61:ea:1b:f1:f5:14:78:
a2:2f:d6:51:7a:d3:95:60:d1:f9:64:7f:f5:8a:14:
73:2e:ca:63:fe:ed:61:d5:e7:b8:8b:54:bf:c6:bb:
58:d2:bf:73:f7:f4:46:ed:8f:32:0a:55:09:9d:5e:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:43:79:6F:D8:72:4D:DA:56:1D:C6:98:A1:7B:4B:2C:60:C1:06:5F
X509v3 Authority Key Identifier:
keyid:2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/QUN5b9hyTdpWHcaYoXtLLGDBBl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.12.0/24
185.23.74.0/24
185.113.220.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:d9:ac:c5:32:d0:46:c8:4e:cb:a8:79:91:b1:1f:c3:28:5b:
c6:54:0b:6d:b3:a9:31:fe:92:fb:4c:41:21:83:22:76:70:94:
af:d4:be:29:38:23:14:88:f0:bf:b2:1a:95:45:23:93:91:3a:
2a:d4:44:df:b3:5a:bb:b7:d2:04:a4:f6:55:ee:0a:81:e1:c5:
d4:5b:02:5a:55:e2:4a:84:49:8a:f6:dc:7a:09:f1:96:fd:85:
cf:66:8e:40:ba:24:36:55:ee:95:72:2d:c2:93:d0:f3:03:bd:
51:bb:78:ce:32:f8:73:0a:f6:7c:32:83:bf:e1:c7:4a:62:da:
40:12:41:12:bd:60:bb:97:38:00:fe:d6:bc:27:30:c8:6d:2b:
ea:f9:5b:9e:4e:70:57:e5:26:be:66:50:65:b5:a2:3e:8e:01:
7c:ae:e8:64:30:dd:36:57:e2:3f:ee:19:1b:94:07:f2:cb:90:
ec:10:58:66:3c:85:c9:58:3f:05:17:c9:3a:92:cf:9f:fd:6f:
07:13:d8:97:f2:4e:f8:9b:b7:8b:05:7d:2b:ad:ab:a1:63:41:
36:0a:8f:0c:f3:bf:f5:0a:91:d8:e4:a0:41:0a:43:26:07:ac:
86:8a:0e:7a:89:88:5e:41:a5:c1:95:d5:31:30:41:41:7a:69:
52:ce:ba:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvUtzEKZF+/OOA1JzD7XiaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGE5MzMzZjkzY2NhNTQ0ZmRhYmUyZWE3YTY3MzhhNTRh
Zjc1OWUwHhcNMjMxMTE1MjA0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQzNzk2ZmQ4NzI0ZGRhNTYxZGM2OThhMTdiNGIyYzYwYzEwNjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprFYcWOU1uFFeNnwXbKTnMQl3OdH
Dx8jAb3o801veMqa4iSLRPCpip42hfT7z9HsaPNx+myUZjcw1xYcRAPtDUvsmiAp
d6BqqKcrFLFQmHpUUQYp1Vm3PEa9CB8o0mj9lACwubSgwBl6eMfMMotirD+62/PT
bi31MhN8xaAhHvFVHRR7aT8d7gWQsfHfwEgJxgt82fFWDtzlqlPsR6szyEJZOm/d
IG24l3DRQb5hmxIegXy8C7upTCDYOkw+8pRc8iz9QymhRDcP52HqG/H1FHiiL9ZR
etOVYNH5ZH/1ihRzLspj/u1h1ee4i1S/xrtY0r9z9/RG7Y8yClUJnV6kZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEFDeW/Yck3aVh3GmKF7SyxgwQZfMB8GA1UdIwQY
MBaAFC4KkzP5PMpUT9q+Lqemc4pUr3WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEt
MGEwYWFlYWVlNGYxLzEvUVVONWI5aHlUZHBXSGNhWW9YdExMR0RCQmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEtMGEwYWFlYWVlNGYx
LzEvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALusMAwQA
uRdKAwQBuXHcMA0GCSqGSIb3DQEBCwUAA4IBAQBf2azFMtBGyE7LqHmRsR/DKFvG
VAtts6kx/pL7TEEhgyJ2cJSv1L4pOCMUiPC/shqVRSOTkToq1ETfs1q7t9IEpPZV
7gqB4cXUWwJaVeJKhEmK9tx6CfGW/YXPZo5AuiQ2Ve6Vci3Ck9DzA71Ru3jOMvhz
CvZ8MoO/4cdKYtpAEkESvWC7lzgA/ta8JzDIbSvq+VueTnBX5Sa+ZlBltaI+jgF8
ruhkMN02V+I/7hkblAfyy5DsEFhmPIXJWD8FF8k6ks+f/W8HE9iX8k74m7eLBX0r
rauhY0E2Co8M87/1CpHY5KBBCkMmB6yGig56iYheQaXBldUxMEFBemlSzrqE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:35 2024 by rpki-client on console-ams.rpki-client.org