Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/qyGaVNhp7anlcmYPuT41hoDS8TE.roa
File: qyGaVNhp7anlcmYPuT41hoDS8TE.roa (raw, json)
Hash identifier: Z0sZiff0vFA2PN+qE4RsRVkBtf49YSsgUQZG59zaJi8=
Subject key identifier: AB:21:9A:54:D8:69:ED:A9:E5:72:66:0F:B9:3E:35:86:80:D2:F1:31
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 01925695C5E88ED30F0771866274BBC6F55D
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/qyGaVNhp7anlcmYPuT41hoDS8TE.roa
Signing time: Fri 04 Oct 2024 08:11:49 +0000
ROA not before: Fri 04 Oct 2024 08:11:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59745
IP address blocks: 45.151.92.0/22 maxlen: 24
45.151.94.0/24 maxlen: 24
80.66.96.0/20 maxlen: 24
80.66.106.0/24 maxlen: 24
80.66.109.0/24 maxlen: 24
185.198.200.0/22 maxlen: 24
195.20.20.0/22 maxlen: 24
2a0a:8ec0::/29 maxlen: 48
2a0a:8ec0:3000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 29 Oct 2024 08:28:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:95:c5:e8:8e:d3:0f:07:71:86:62:74:bb:c6:f5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Oct 4 08:11:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab219a54d869eda9e572660fb93e358680d2f131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8a:7f:20:cd:74:1a:bb:b5:02:55:5a:ce:85:
cc:66:58:79:1b:d4:1a:0e:e6:2b:85:7a:0b:4a:ed:
4f:ff:53:fb:a8:73:74:f4:ba:7e:54:32:24:82:6f:
39:7d:b5:ec:ce:24:cf:f2:ce:9d:f9:24:0c:d6:f5:
0e:ac:5b:79:cb:bf:8e:bb:d9:f3:6e:a0:4a:5b:c8:
94:d8:f5:a4:9b:f0:21:cd:7f:69:9b:8c:10:8c:e0:
c6:6b:14:2d:1d:bd:ce:66:08:1d:25:5e:bf:c4:2e:
65:11:39:7c:c1:a3:bb:fd:7e:d6:5c:33:48:80:74:
6c:50:5c:98:b9:f5:55:17:3d:e9:50:d8:30:7a:c3:
21:a9:b9:3f:10:be:bf:12:17:8d:b5:a9:c4:7d:0f:
5f:49:79:0b:e5:5c:51:3a:06:95:73:7a:88:f6:d4:
7a:25:93:64:2a:dc:bb:91:06:95:43:61:0f:91:cb:
3c:97:c0:86:fa:9b:a3:81:a5:2d:b8:68:58:b9:32:
e4:5f:c2:ef:75:d3:d2:77:e8:84:63:da:ff:45:6f:
93:32:4e:c8:b6:6f:30:03:d3:58:60:16:27:99:f4:
71:7e:36:bf:79:7c:cd:bb:d8:5f:2a:b0:ed:6e:ce:
3a:f1:c5:0f:97:66:a9:bc:0f:11:fd:34:15:73:57:
17:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:21:9A:54:D8:69:ED:A9:E5:72:66:0F:B9:3E:35:86:80:D2:F1:31
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/qyGaVNhp7anlcmYPuT41hoDS8TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.92.0/22
80.66.96.0/20
185.198.200.0/22
195.20.20.0/22
IPv6:
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
21:0e:b4:b3:08:ec:24:6e:1b:76:7a:47:cb:79:20:11:e5:6d:
ee:98:4f:88:7a:17:fa:33:a3:bc:b2:40:96:1a:23:19:6e:4d:
b1:8d:ad:e1:59:78:f7:43:94:38:b2:fd:a7:42:58:65:5c:0d:
81:8a:de:78:51:77:0a:1d:e8:88:26:20:5a:0a:20:58:cb:8a:
48:3e:e8:fd:a9:aa:ba:7e:a4:76:84:fc:5d:0c:c7:99:f4:b6:
6e:59:4a:18:ea:6f:ad:23:fc:75:e8:91:27:af:c8:2e:78:2b:
c3:35:ec:3b:54:81:00:1f:30:91:2c:c1:0c:ee:5f:67:37:8e:
08:c2:c0:b2:ed:d9:26:77:80:31:30:6c:49:e9:c7:9e:6b:da:
0b:b5:6c:28:56:16:ca:c2:72:2c:db:ac:0a:5c:54:29:50:85:
a1:29:aa:2d:06:0f:9f:32:05:43:d5:f6:71:43:e3:f9:73:f0:
45:37:e0:ca:e6:25:e2:72:7a:45:60:85:57:8b:30:25:17:ab:
3d:a9:b8:ed:ec:b7:0c:77:65:30:b4:12:c0:7c:17:d0:d9:80:
7c:40:d3:11:44:5b:5b:c4:df:af:94:99:c8:93:18:d0:08:91:
2e:d1:0b:b3:d1:f3:40:7f:a6:67:5f:95:79:cf:a5:39:0f:49:
39:db:e3:fd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZJWlcXojtMPB3GGYnS7xvVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjQxMDA0MDgxMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjIxOWE1NGQ4NjllZGE5ZTU3MjY2MGZiOTNlMzU4NjgwZDJmMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArop/IM10Gru1AlVazoXMZlh5G9Qa
DuYrhXoLSu1P/1P7qHN09Lp+VDIkgm85fbXsziTP8s6d+SQM1vUOrFt5y7+Ou9nz
bqBKW8iU2PWkm/AhzX9pm4wQjODGaxQtHb3OZggdJV6/xC5lETl8waO7/X7WXDNI
gHRsUFyYufVVFz3pUNgwesMhqbk/EL6/EheNtanEfQ9fSXkL5VxROgaVc3qI9tR6
JZNkKty7kQaVQ2EPkcs8l8CG+pujgaUtuGhYuTLkX8LvddPSd+iEY9r/RW+TMk7I
tm8wA9NYYBYnmfRxfja/eXzNu9hfKrDtbs468cUPl2apvA8R/TQVc1cX7wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKshmlTYae2p5XJmD7k+NYaA0vExMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvcXlHYVZOaHA3YW5sY21ZUHVUNDFob0RTOFRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZdcAwQE
UEJgAwQCucbIAwQCwxQUMA0EAgACMAcDBQMqCo7AMA0GCSqGSIb3DQEBCwUAA4IB
AQAhDrSzCOwkbht2ekfLeSAR5W3umE+Iehf6M6O8skCWGiMZbk2xja3hWXj3Q5Q4
sv2nQlhlXA2Bit54UXcKHeiIJiBaCiBYy4pIPuj9qaq6fqR2hPxdDMeZ9LZuWUoY
6m+tI/x16JEnr8gueCvDNew7VIEAHzCRLMEM7l9nN44IwsCy7dkmd4AxMGxJ6cee
a9oLtWwoVhbKwnIs26wKXFQpUIWhKaotBg+fMgVD1fZxQ+P5c/BFN+DK5iXicnpF
YIVXizAlF6s9qbjt7LcMd2UwtBLAfBfQ2YB8QNMRRFtbxN+vlJnIkxjQCJEu0Quz
0fNAf6ZnX5V5z6U5D0k52+P9
-----END CERTIFICATE-----
Generated at Tue Oct 29 10:56:53 2024 by rpki-client on console-fra.rpki-client.org