Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/QvVEOHS7oLv3T0S-mS2q9fFbrdQ.roa
File: QvVEOHS7oLv3T0S-mS2q9fFbrdQ.roa (raw, json)
Hash identifier: HYJvhh+dwsJeElH3QmEubNMSIRaYnoYuuChS2Bn5PFw=
Subject key identifier: 42:F5:44:38:74:BB:A0:BB:F7:4F:44:BE:99:2D:AA:F5:F1:5B:AD:D4
Certificate issuer: /CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Certificate serial: 018DAA199CEFEBC32F7E9C7BA93A336B5413
Authority key identifier: 8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/QvVEOHS7oLv3T0S-mS2q9fFbrdQ.roa
Signing time: Thu 15 Feb 2024 00:10:21 +0000
ROA not before: Thu 15 Feb 2024 00:10:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207054
IP address blocks: 45.15.92.0/22 maxlen: 22
185.167.112.0/22 maxlen: 22
185.231.192.0/22 maxlen: 22
194.58.24.0/22 maxlen: 22
2a0b:1a07::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 08 Mar 2024 09:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:aa:19:9c:ef:eb:c3:2f:7e:9c:7b:a9:3a:33:6b:54:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ac7eae649d9547b0ad0ab007ab4e8a48ded4d5d
Validity
Not Before: Feb 15 00:10:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42f5443874bba0bbf74f44be992daaf5f15badd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:49:77:20:8e:b2:f6:f2:2e:fa:aa:d7:b9:ac:
28:03:8a:7b:8d:a7:18:bd:81:05:2c:b5:d9:07:30:
98:2b:c4:d0:a2:1e:a3:45:15:7d:cb:80:71:7a:96:
01:b7:f0:59:b9:9f:48:c5:f6:9e:b6:e9:37:12:b3:
02:f8:78:c4:7f:f4:2a:65:0f:6c:b7:a0:03:1f:8a:
39:7e:9b:ba:f1:af:52:26:8f:07:b1:38:4c:53:d0:
9e:6c:68:34:b4:52:19:03:6d:f4:51:04:68:31:f8:
e8:59:3c:94:52:67:17:3f:37:39:c9:95:20:15:0d:
33:54:f7:ff:35:62:95:57:9d:a2:e2:d5:b9:d0:ae:
66:99:8b:ac:a3:4c:c6:4d:4f:dc:50:6b:fa:4f:1e:
a2:e5:11:80:7c:ba:0e:dd:b3:7c:68:c8:cf:0b:0c:
b6:4e:4a:78:63:0c:a2:99:94:98:4d:54:c8:c6:ed:
21:79:3f:51:37:ec:28:f9:01:39:37:5c:24:c1:b0:
2a:6a:dc:7d:18:3f:d1:bb:a9:01:34:01:99:73:77:
b3:d2:df:88:96:f0:95:bd:9a:67:4d:3b:2e:7b:fb:
81:91:12:f9:f3:ee:de:41:93:9b:a5:06:a8:10:76:
1b:e9:bd:49:9f:38:84:26:d7:5f:45:92:40:87:19:
f1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F5:44:38:74:BB:A0:BB:F7:4F:44:BE:99:2D:AA:F5:F1:5B:AD:D4
X509v3 Authority Key Identifier:
keyid:8A:C7:EA:E6:49:D9:54:7B:0A:D0:AB:00:7A:B4:E8:A4:8D:ED:4D:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/isfq5knZVHsK0KsAerTopI3tTV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/QvVEOHS7oLv3T0S-mS2q9fFbrdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/67db0b-1d10-4c97-9af6-ac01f0c5662b/1/isfq5knZVHsK0KsAerTopI3tTV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.92.0/22
185.167.112.0/22
185.231.192.0/22
194.58.24.0/22
IPv6:
2a0b:1a07::/32
Signature Algorithm: sha256WithRSAEncryption
13:0f:16:2f:f0:47:a3:a4:bc:f4:6b:c5:d4:98:fb:2f:58:25:
3a:36:ba:3a:d1:aa:8f:8c:d1:82:47:62:de:bd:8e:75:f0:45:
70:9e:5b:39:2e:e4:57:ff:6f:b2:55:11:3b:ca:e1:7f:3a:0c:
23:b0:21:f6:64:7d:87:a8:89:d0:18:3c:cc:ba:9f:03:a3:9c:
24:db:fe:b3:20:bf:ae:88:5b:f3:f1:83:19:02:3a:00:57:b9:
cf:8b:ce:3b:cd:5f:28:50:47:24:61:00:7a:4a:b5:68:70:df:
ae:56:db:cd:c6:b0:99:5c:25:f6:f3:8e:98:a6:7e:c1:d2:4f:
7a:c7:61:31:b9:f9:fd:a8:3c:25:77:b7:e7:5f:a1:5d:5a:7f:
4d:49:6f:c7:78:6f:3f:d2:75:57:bc:d2:e7:e1:1b:f7:c5:43:
91:2a:50:cb:a3:76:16:5e:f5:3e:89:8e:9d:0c:41:fe:6d:fd:
8c:15:98:18:f7:8d:b9:c6:4e:5d:ca:25:42:d3:de:4c:f1:6d:
67:0e:90:3c:b9:da:66:cc:2a:d0:3a:3d:62:7b:f3:70:2d:94:
0c:36:ce:67:06:e5:57:12:a0:25:df:14:84:05:ed:f7:7f:da:
28:06:5b:f0:2e:e4:26:72:39:df:4b:0c:cb:87:7b:8e:d7:41:
f6:82:1d:43
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY2qGZzv68Mvfpx7qToza1QTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYzdlYWU2NDlkOTU0N2IwYWQwYWIwMDdhYjRlOGE0OGRl
ZDRkNWQwHhcNMjQwMjE1MDAxMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY1NDQzODc0YmJhMGJiZjc0ZjQ0YmU5OTJkYWFmNWYxNWJhZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEl3II6y9vIu+qrXuawoA4p7jacY
vYEFLLXZBzCYK8TQoh6jRRV9y4BxepYBt/BZuZ9Ixfaetuk3ErMC+HjEf/QqZQ9s
t6ADH4o5fpu68a9SJo8HsThMU9CebGg0tFIZA230UQRoMfjoWTyUUmcXPzc5yZUg
FQ0zVPf/NWKVV52i4tW50K5mmYuso0zGTU/cUGv6Tx6i5RGAfLoO3bN8aMjPCwy2
Tkp4YwyimZSYTVTIxu0heT9RN+wo+QE5N1wkwbAqatx9GD/Ru6kBNAGZc3ez0t+I
lvCVvZpnTTsue/uBkRL58+7eQZObpQaoEHYb6b1JnziEJtdfRZJAhxnx3QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEL1RDh0u6C7909EvpktqvXxW63UMB8GA1UdIwQY
MBaAFIrH6uZJ2VR7CtCrAHq06KSN7U1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYt
YWMwMWYwYzU2NjJiLzEvUXZWRU9IUzdvTHYzVDBTLW1TMnE5ZkZicmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC82N2RiMGItMWQxMC00Yzk3LTlhZjYtYWMwMWYwYzU2NjJi
LzEvaXNmcTVrblpWSHNLMEtzQWVyVG9wSTN0VFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLQ9cAwQC
uadwAwQCuefAAwQCwjoYMA0EAgACMAcDBQAqCxoHMA0GCSqGSIb3DQEBCwUAA4IB
AQATDxYv8EejpLz0a8XUmPsvWCU6Nro60aqPjNGCR2LevY518EVwnls5LuRX/2+y
VRE7yuF/OgwjsCH2ZH2HqInQGDzMup8Do5wk2/6zIL+uiFvz8YMZAjoAV7nPi847
zV8oUEckYQB6SrVocN+uVtvNxrCZXCX2846Ypn7B0k96x2Exufn9qDwld7fnX6Fd
Wn9NSW/HeG8/0nVXvNLn4Rv3xUORKlDLo3YWXvU+iY6dDEH+bf2MFZgY9425xk5d
yiVC095M8W1nDpA8udpmzCrQOj1ie/NwLZQMNs5nBuVXEqAl3xSEBe33f9ooBlvw
LuQmcjnfSwzLh3uO10H2gh1D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:41 2024 by rpki-client on console-fra.rpki-client.org