Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/QANyC8CG_Pt9_eoW4AnBBDldBCg.roa
File: QANyC8CG_Pt9_eoW4AnBBDldBCg.roa (raw, json)
Hash identifier: gVp/9TqQWFZklxcARJl4vPu80gVMJKk7G3L1SKyFiJA=
Subject key identifier: 40:03:72:0B:C0:86:FC:FB:7D:FD:EA:16:E0:09:C1:04:39:5D:04:28
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 019130E51567943EF5E31FBCD113D84BFB5C
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/QANyC8CG_Pt9_eoW4AnBBDldBCg.roa
Signing time: Thu 08 Aug 2024 07:30:05 +0000
ROA not before: Thu 08 Aug 2024 07:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44654
IP address blocks: 37.252.208.0/23 maxlen: 23
37.252.208.0/24 maxlen: 24
37.252.209.0/24 maxlen: 24
37.252.210.0/23 maxlen: 23
37.252.210.0/24 maxlen: 24
37.252.211.0/24 maxlen: 24
37.252.212.0/23 maxlen: 23
37.252.212.0/24 maxlen: 24
37.252.213.0/24 maxlen: 24
37.252.215.0/24 maxlen: 24
109.205.8.0/21 maxlen: 24
185.36.124.0/22 maxlen: 24
185.36.124.0/23 maxlen: 23
185.36.124.0/24 maxlen: 24
185.36.125.0/24 maxlen: 24
185.36.127.0/24 maxlen: 24
2a02:d8::/32 maxlen: 48
2a02:d8:8::/48 maxlen: 48
2a02:d8:9::/48 maxlen: 48
2a02:d8:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Sep 2024 08:11:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:30:e5:15:67:94:3e:f5:e3:1f:bc:d1:13:d8:4b:fb:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Aug 8 07:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4003720bc086fcfb7dfdea16e009c104395d0428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:60:06:0b:ec:f9:f7:43:87:77:d1:7c:54:d5:
53:2f:4c:81:13:5a:f0:6a:9f:57:ce:f2:5d:27:62:
eb:b1:ae:60:66:22:cf:94:79:d1:30:a5:99:2d:02:
b2:88:c3:a6:d8:c7:43:98:3c:3a:fb:87:e0:52:13:
f3:38:70:25:28:a7:61:7d:7c:ac:5f:61:3a:89:9c:
6a:05:0b:ff:29:92:73:ab:05:f5:7a:f5:dd:bd:e3:
5b:4b:22:77:ec:e3:10:0f:f4:dc:28:e8:4b:86:9e:
a3:e8:b6:7a:f3:65:07:79:e2:6b:40:d0:05:93:77:
bc:d4:19:71:63:dd:61:38:7a:6f:98:45:45:d4:0a:
dd:20:7a:bf:6f:a5:dd:16:b8:c7:27:06:75:0c:a1:
a7:42:31:04:f1:8c:e4:d5:e0:ad:6a:15:66:8a:67:
20:f2:0e:a7:6e:27:d2:31:2e:a5:bb:6f:e2:12:bf:
84:90:75:32:0c:b5:a8:17:6e:25:44:51:b3:e6:78:
51:09:03:9f:e1:68:36:25:f6:af:a5:c9:0b:ab:ec:
a0:b7:d1:b1:b5:71:c6:63:21:71:55:9b:c8:fc:83:
29:15:24:23:7e:5d:97:f2:58:c2:69:27:d0:dc:46:
8e:64:26:73:39:0e:ce:2f:42:55:66:cc:af:45:e0:
45:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:03:72:0B:C0:86:FC:FB:7D:FD:EA:16:E0:09:C1:04:39:5D:04:28
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/QANyC8CG_Pt9_eoW4AnBBDldBCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.208.0-37.252.213.255
37.252.215.0/24
109.205.8.0/21
185.36.124.0/22
IPv6:
2a02:d8::/32
Signature Algorithm: sha256WithRSAEncryption
9f:a8:42:41:d7:17:56:87:e1:48:a9:05:63:f1:19:4a:bb:2d:
06:c7:61:a7:98:4a:93:fb:47:1b:7b:e3:f4:0a:3c:5a:20:23:
0f:46:03:dd:79:f0:91:30:39:bc:0f:03:c7:74:12:78:7a:62:
7a:5a:8a:0d:fc:8d:b9:15:20:ff:b7:83:9b:d8:19:6b:ec:38:
3c:97:cb:a2:fb:84:95:7b:4f:cd:bd:6b:c6:50:f8:54:27:f0:
8c:08:f6:16:93:dc:9b:2b:47:ba:94:07:8a:21:d1:69:a6:b6:
1d:75:3f:9b:fa:0e:84:3a:c6:00:d3:a6:2e:29:25:3c:e2:31:
32:5c:8d:c3:65:b4:f9:89:74:70:e7:ef:c8:57:20:bd:91:84:
24:fd:d1:4f:83:f2:7e:0f:f3:91:e4:5d:e5:27:31:ad:18:2f:
08:d4:fb:af:16:dc:67:b3:99:eb:b6:0e:97:72:7a:1c:7f:15:
d7:a2:5c:32:79:5b:60:4c:af:c4:88:83:37:5b:a2:27:e7:b9:
10:a6:62:e3:1e:4c:4e:d0:2f:5b:e9:eb:4d:a8:e3:97:d2:0f:
4f:22:2b:28:07:9f:f7:8d:84:b2:48:7e:29:d2:13:37:80:38:
3c:ae:0f:b1:84:df:86:57:4e:13:45:c1:a0:9f:34:d2:23:d9:
27:5a:92:97
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZEw5RVnlD714x+80RPYS/tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjQwODA4MDczMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDAzNzIwYmMwODZmY2ZiN2RmZGVhMTZlMDA5YzEwNDM5NWQwNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWAGC+z590OHd9F8VNVTL0yBE1rw
ap9XzvJdJ2Lrsa5gZiLPlHnRMKWZLQKyiMOm2MdDmDw6+4fgUhPzOHAlKKdhfXys
X2E6iZxqBQv/KZJzqwX1evXdveNbSyJ37OMQD/TcKOhLhp6j6LZ682UHeeJrQNAF
k3e81BlxY91hOHpvmEVF1ArdIHq/b6XdFrjHJwZ1DKGnQjEE8Yzk1eCtahVmimcg
8g6nbifSMS6lu2/iEr+EkHUyDLWoF24lRFGz5nhRCQOf4Wg2JfavpckLq+ygt9Gx
tXHGYyFxVZvI/IMpFSQjfl2X8ljCaSfQ3EaOZCZzOQ7OL0JVZsyvReBFHQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFEADcgvAhvz7ff3qFuAJwQQ5XQQoMB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvUUFOeUM4Q0dfUHQ5X2VvVzRBbkJCRGxkQkNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAQl/NAD
BAEl/NQDBAAl/NcDBANtzQgDBAK5JHwwDQQCAAIwBwMFACoCANgwDQYJKoZIhvcN
AQELBQADggEBAJ+oQkHXF1aH4UipBWPxGUq7LQbHYaeYSpP7Rxt74/QKPFogIw9G
A9158JEwObwPA8d0Enh6Ynpaig38jbkVIP+3g5vYGWvsODyXy6L7hJV7T829a8ZQ
+FQn8IwI9haT3JsrR7qUB4oh0Wmmth11P5v6DoQ6xgDTpi4pJTziMTJcjcNltPmJ
dHDn78hXIL2RhCT90U+D8n4P85HkXeUnMa0YLwjU+68W3Gezmeu2Dpdyehx/Fdei
XDJ5W2BMr8SIgzdboifnuRCmYuMeTE7QL1vp602o45fSD08iKygHn/eNhLJIfinS
EzeAODyuD7GE34ZXThNFwaCfNNIj2Sdakpc=
-----END CERTIFICATE-----
Generated at Tue Sep 3 10:16:08 2024 by rpki-client on console-ams.rpki-client.org