Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/kqldSoQ7RkwcGAf_huCjM4EFcjk.roa
File: kqldSoQ7RkwcGAf_huCjM4EFcjk.roa (raw, json)
Hash identifier: ZCVCHVpp42LhfevhVzZRfr3SaSbhNqtn5YhTDt3Q7fA=
Subject key identifier: 92:A9:5D:4A:84:3B:46:4C:1C:18:07:FF:86:E0:A3:33:81:05:72:39
Certificate issuer: /CN=6d8bc5d2c69b91615cca26dbb6ea70577036e26d
Certificate serial: 018FCDCD220ADA6B8D0EB8374F157FA4D86C
Authority key identifier: 6D:8B:C5:D2:C6:9B:91:61:5C:CA:26:DB:B6:EA:70:57:70:36:E2:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bYvF0sabkWFcyibbtupwV3A24m0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/kqldSoQ7RkwcGAf_huCjM4EFcjk.roa
Signing time: Fri 31 May 2024 08:38:43 +0000
ROA not before: Fri 31 May 2024 08:38:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12859
IP address blocks: 45.152.251.0/24 maxlen: 24
91.247.184.0/24 maxlen: 24
161.51.101.0/24 maxlen: 24
188.241.247.0/24 maxlen: 24
2a14:5bc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Oct 2024 21:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cd:cd:22:0a:da:6b:8d:0e:b8:37:4f:15:7f:a4:d8:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d8bc5d2c69b91615cca26dbb6ea70577036e26d
Validity
Not Before: May 31 08:38:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92a95d4a843b464c1c1807ff86e0a33381057239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:93:71:1d:69:3f:9e:9b:2a:40:45:ef:02:01:
9f:66:2e:99:01:a6:71:a7:ce:d4:50:37:cf:3c:27:
f5:dc:46:3f:67:6c:45:17:39:3a:ea:8f:17:94:a2:
83:e0:b6:96:81:15:5a:bf:bc:0b:3c:c3:b3:1f:1f:
58:76:3a:5a:48:4e:e4:6f:e4:92:9d:79:ec:1e:81:
c2:84:43:70:f0:0f:a3:5c:24:57:16:b7:2d:0f:cb:
6c:e5:0f:b3:1f:72:bb:3d:53:86:41:0b:4f:23:0a:
0e:02:19:31:23:67:b5:27:5b:16:87:ad:0c:d8:fd:
85:61:0b:3d:e0:08:a1:4f:c3:bb:ca:b8:9f:34:d9:
83:18:75:70:7c:88:98:ea:27:ff:2e:42:48:00:bd:
f3:a4:50:e1:17:3b:46:f4:2d:38:d5:96:bd:cf:ad:
f3:12:a7:92:df:02:95:6d:7e:a4:d0:37:4c:17:60:
38:26:53:22:10:0e:c4:8f:2f:fe:e0:cf:f1:c5:69:
67:83:af:9e:e3:60:9b:b3:b7:63:85:72:0e:0a:d4:
d2:95:95:7b:96:1c:a1:0c:cd:0a:13:5b:c2:25:4f:
bf:38:1c:6a:86:19:94:96:a9:b4:68:38:25:06:44:
60:53:c8:90:d9:9c:6d:e1:4e:5e:d3:ee:d8:23:bf:
cc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A9:5D:4A:84:3B:46:4C:1C:18:07:FF:86:E0:A3:33:81:05:72:39
X509v3 Authority Key Identifier:
keyid:6D:8B:C5:D2:C6:9B:91:61:5C:CA:26:DB:B6:EA:70:57:70:36:E2:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bYvF0sabkWFcyibbtupwV3A24m0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/kqldSoQ7RkwcGAf_huCjM4EFcjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/03e196-fc28-43ad-bd51-71c296d4969f/1/bYvF0sabkWFcyibbtupwV3A24m0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.251.0/24
91.247.184.0/24
161.51.101.0/24
188.241.247.0/24
IPv6:
2a14:5bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:28:4f:04:c9:bb:2b:df:c0:de:cb:1a:a2:87:88:44:55:48:
e1:d5:50:e5:0e:ad:42:e9:c8:4f:ee:52:21:73:8d:b4:aa:af:
5f:f6:7d:f7:a4:db:00:08:d6:52:31:da:36:b0:e3:fc:a6:5c:
d8:fd:85:90:57:e6:b9:d6:b1:1f:29:ee:db:fa:7d:43:69:65:
09:03:c6:ed:fc:df:25:d8:e8:fc:86:8b:fd:cc:e3:cc:aa:41:
01:db:3d:b6:99:40:ba:18:3a:76:7f:0b:32:f0:23:b1:dd:fe:
85:b0:63:ba:08:45:bf:46:26:eb:c8:95:a1:ba:5b:80:69:29:
90:af:ec:9a:84:a0:e6:f1:d0:b4:96:b1:22:62:b7:cd:cb:c7:
af:b0:ea:df:c9:23:cf:fe:ba:dd:db:b9:77:10:67:e5:59:8f:
32:b6:35:f5:7d:ca:67:4a:02:af:c7:a4:31:1f:cf:7f:4f:68:
60:2b:ca:68:ce:41:d5:59:b2:23:97:40:25:58:91:3f:6c:33:
3c:89:9b:96:89:60:3f:32:f9:b0:1d:95:13:a8:ae:10:20:7b:
2c:8e:bd:8b:d5:5e:a0:0a:f2:92:73:3a:dc:a0:f0:b7:9a:fd:
71:28:a1:0e:cb:a2:f7:3c:47:6e:5a:38:be:c4:35:e7:7b:88:
09:f8:2f:21
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY/NzSIK2muNDrg3TxV/pNhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkOGJjNWQyYzY5YjkxNjE1Y2NhMjZkYmI2ZWE3MDU3NzAz
NmUyNmQwHhcNMjQwNTMxMDgzODQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmE5NWQ0YTg0M2I0NjRjMWMxODA3ZmY4NmUwYTMzMzgxMDU3MjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZNxHWk/npsqQEXvAgGfZi6ZAaZx
p87UUDfPPCf13EY/Z2xFFzk66o8XlKKD4LaWgRVav7wLPMOzHx9YdjpaSE7kb+SS
nXnsHoHChENw8A+jXCRXFrctD8ts5Q+zH3K7PVOGQQtPIwoOAhkxI2e1J1sWh60M
2P2FYQs94AihT8O7yrifNNmDGHVwfIiY6if/LkJIAL3zpFDhFztG9C041Za9z63z
EqeS3wKVbX6k0DdMF2A4JlMiEA7Ejy/+4M/xxWlng6+e42Cbs7djhXIOCtTSlZV7
lhyhDM0KE1vCJU+/OBxqhhmUlqm0aDglBkRgU8iQ2Zxt4U5e0+7YI7/MiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJKpXUqEO0ZMHBgH/4bgozOBBXI5MB8GA1UdIwQY
MBaAFG2LxdLGm5FhXMom27bqcFdwNuJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYll2RjBzYWJrV0ZjeWliYnR1cHdWM0EyNG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wM2UxOTYtZmMyOC00M2FkLWJkNTEt
NzFjMjk2ZDQ5NjlmLzEva3FsZFNvUTdSa3djR0FmX2h1Q2pNNEVGY2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wM2UxOTYtZmMyOC00M2FkLWJkNTEtNzFjMjk2ZDQ5Njlm
LzEvYll2RjBzYWJrV0ZjeWliYnR1cHdWM0EyNG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQALZj7AwQA
W/e4AwQAoTNlAwQAvPH3MA0EAgACMAcDBQMqFFvAMA0GCSqGSIb3DQEBCwUAA4IB
AQCeKE8Eybsr38Deyxqih4hEVUjh1VDlDq1C6chP7lIhc420qq9f9n33pNsACNZS
Mdo2sOP8plzY/YWQV+a51rEfKe7b+n1DaWUJA8bt/N8l2Oj8hov9zOPMqkEB2z22
mUC6GDp2fwsy8COx3f6FsGO6CEW/RibryJWhuluAaSmQr+yahKDm8dC0lrEiYrfN
y8evsOrfySPP/rrd27l3EGflWY8ytjX1fcpnSgKvx6QxH89/T2hgK8pozkHVWbIj
l0AlWJE/bDM8iZuWiWA/MvmwHZUTqK4QIHssjr2L1V6gCvKSczrcoPC3mv1xKKEO
y6L3PEduWji+xDXne4gJ+C8h
-----END CERTIFICATE-----
Generated at Wed Oct 9 00:34:43 2024 by rpki-client on console-ams.rpki-client.org