Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/QGWO3SFNTb0H5Z3kZsZzNHxuxIs.roa
File: QGWO3SFNTb0H5Z3kZsZzNHxuxIs.roa (raw, json)
Hash identifier: fcu/taUDMCeljRLEHbkPwceJHtJ8WZ+JewHMQrmJWq4=
Subject key identifier: 40:65:8E:DD:21:4D:4D:BD:07:E5:9D:E4:66:C6:73:34:7C:6E:C4:8B
Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial: 018963788C4EF67411BEDA807E790D6107EF
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/QGWO3SFNTb0H5Z3kZsZzNHxuxIs.roa
Signing time: Mon 17 Jul 2023 10:49:51 +0000
ROA not before: Mon 17 Jul 2023 10:49:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 95.142.117.0/24 maxlen: 24
95.142.114.0/24 maxlen: 24
185.54.231.0/24 maxlen: 24
185.54.229.0/24 maxlen: 24
95.142.120.0/24 maxlen: 24
95.142.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:78:8c:4e:f6:74:11:be:da:80:7e:79:0d:61:07:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Validity
Not Before: Jul 17 10:49:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40658edd214d4dbd07e59de466c673347c6ec48b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:4e:ed:33:8e:e4:5f:02:75:ca:7d:a2:cc:
9c:04:5e:61:3f:0c:e1:04:79:03:9e:ac:2b:c6:d9:
c2:c2:f4:b1:bb:42:0a:3c:9a:9b:a8:6d:ca:23:57:
86:31:77:78:24:8f:1c:fa:4c:a2:1c:f5:fc:0b:ec:
cc:2d:d4:b7:8c:4e:15:08:b4:d1:1b:dc:82:59:f6:
d2:64:2d:73:db:83:64:aa:b5:18:f7:6d:5a:85:87:
db:2a:c9:2e:aa:1f:eb:ff:bb:7a:3b:b8:bd:07:0d:
47:46:5e:75:4f:35:4a:15:98:1c:1c:8b:ab:71:0c:
57:01:91:9f:77:b9:57:0b:0a:82:5c:68:4d:1a:51:
b0:c3:5d:ec:4d:bd:9b:0c:d4:f8:61:35:79:6a:be:
69:7c:10:0a:9d:d5:14:67:de:72:3a:b1:72:95:50:
e0:c0:2c:9c:bf:d3:34:3a:f7:24:72:b4:c8:05:bf:
ba:ed:41:46:8f:77:18:16:b8:45:6a:bc:32:04:b8:
ef:40:25:63:88:83:0e:44:1f:0d:dc:ee:c2:8c:d3:
a3:4b:50:40:b6:84:85:8a:00:9b:ec:f6:b9:9a:e1:
57:ad:57:64:4b:56:09:6f:04:09:9c:84:9d:c9:01:
17:2e:7a:5b:b5:46:57:f1:c0:02:29:5a:26:13:93:
d7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:65:8E:DD:21:4D:4D:BD:07:E5:9D:E4:66:C6:73:34:7C:6E:C4:8B
X509v3 Authority Key Identifier:
keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/QGWO3SFNTb0H5Z3kZsZzNHxuxIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.114.0/24
95.142.117.0/24
95.142.120.0/24
95.142.126.0/24
185.54.229.0/24
185.54.231.0/24
Signature Algorithm: sha256WithRSAEncryption
41:26:9f:0b:41:05:da:d1:28:cc:91:bc:8f:c8:85:6d:67:bb:
e4:50:80:84:36:51:23:f7:4a:80:35:4f:35:48:95:b4:03:9a:
64:66:a8:52:73:f8:18:05:23:b9:f4:d2:b7:30:7f:05:29:db:
38:59:0c:d9:c9:18:0e:c0:1b:83:24:f5:1a:22:65:0f:9c:f8:
e8:e1:9c:01:a2:8e:81:92:86:a8:ea:e6:dc:42:82:95:d2:e0:
4c:17:58:0d:ff:ff:a8:25:50:f3:c0:db:e3:47:d9:0b:0c:bb:
e8:5f:37:03:61:98:27:e4:fb:54:29:62:62:b3:85:19:e4:90:
4d:b8:6e:31:43:de:4f:ac:3c:8d:24:cf:2b:89:99:57:b0:ef:
4d:81:f9:60:a5:17:54:28:b6:59:06:26:8b:ec:16:e8:82:b9:
54:ec:ea:f4:81:99:1d:c5:a0:74:fe:82:28:48:90:88:c3:39:
fc:cc:ff:34:04:cb:eb:6c:91:02:a1:4f:ae:b2:5d:89:76:f5:
1e:bd:1b:2a:91:7c:7e:10:66:85:22:8f:7d:3b:bd:90:29:33:
2c:a6:4c:9a:85:5f:ec:62:ad:75:5d:cd:f9:d0:1a:31:c2:9c:
f7:d3:05:70:d1:7c:d7:2d:ff:12:22:87:28:70:6c:05:36:e0:
a5:f8:9c:51
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYljeIxO9nQRvtqAfnkNYQfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjMwNzE3MTA0OTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDY1OGVkZDIxNGQ0ZGJkMDdlNTlkZTQ2NmM2NzMzNDdjNmVjNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVNO7TOO5F8Cdcp9osycBF5hPwzh
BHkDnqwrxtnCwvSxu0IKPJqbqG3KI1eGMXd4JI8c+kyiHPX8C+zMLdS3jE4VCLTR
G9yCWfbSZC1z24NkqrUY921ahYfbKskuqh/r/7t6O7i9Bw1HRl51TzVKFZgcHIur
cQxXAZGfd7lXCwqCXGhNGlGww13sTb2bDNT4YTV5ar5pfBAKndUUZ95yOrFylVDg
wCycv9M0OvckcrTIBb+67UFGj3cYFrhFarwyBLjvQCVjiIMORB8N3O7CjNOjS1BA
toSFigCb7Pa5muFXrVdkS1YJbwQJnISdyQEXLnpbtUZX8cACKVomE5PXWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEBljt0hTU29B+Wd5GbGczR8bsSLMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvUUdXTzNTRk5UYjBINVoza1pzWnpOSHh1eElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX45yAwQA
X451AwQAX454AwQAX45+AwQAuTblAwQAuTbnMA0GCSqGSIb3DQEBCwUAA4IBAQBB
Jp8LQQXa0SjMkbyPyIVtZ7vkUICENlEj90qANU81SJW0A5pkZqhSc/gYBSO59NK3
MH8FKds4WQzZyRgOwBuDJPUaImUPnPjo4ZwBoo6Bkoao6ubcQoKV0uBMF1gN//+o
JVDzwNvjR9kLDLvoXzcDYZgn5PtUKWJis4UZ5JBNuG4xQ95PrDyNJM8riZlXsO9N
gflgpRdUKLZZBiaL7BbogrlU7Or0gZkdxaB0/oIoSJCIwzn8zP80BMvrbJECoU+u
sl2JdvUevRsqkXx+EGaFIo99O72QKTMspkyahV/sYq11Xc350Boxwpz30wVw0XzX
Lf8SIococGwFNuCl+JxR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:51 2024 by rpki-client on console-fra.rpki-client.org