Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/QMaMR5iAwkLquUsKp0Li0PTy8R8.roa
File: QMaMR5iAwkLquUsKp0Li0PTy8R8.roa (raw, json)
Hash identifier: QrCJITP5No4qDH975cq7ObTsVAIQ5h7RRnI/cJ4Hp0s=
Subject key identifier: 40:C6:8C:47:98:80:C2:42:EA:B9:4B:0A:A7:42:E2:D0:F4:F2:F1:1F
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DC740BD1DFC12AB2C901AA2E94227E283
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/QMaMR5iAwkLquUsKp0Li0PTy8R8.roa
Signing time: Tue 20 Feb 2024 16:02:05 +0000
ROA not before: Tue 20 Feb 2024 16:02:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 2.59.48.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
212.18.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 15:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:40:bd:1d:fc:12:ab:2c:90:1a:a2:e9:42:27:e2:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 20 16:02:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40c68c479880c242eab94b0aa742e2d0f4f2f11f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:71:ae:0f:50:7b:32:9d:a5:39:c1:b8:c0:d7:
1f:22:53:c8:6c:14:91:bb:ca:69:6e:08:84:e4:9b:
a2:9f:7c:c0:13:bb:43:e5:03:f9:d2:48:30:9c:c9:
9a:37:13:26:8d:fa:30:37:fa:ad:74:e4:87:27:7b:
ff:fb:2a:e1:52:66:d3:b9:af:e8:94:8c:17:4f:7b:
9b:11:49:e0:18:c5:cb:a3:50:31:51:7c:0f:c0:85:
18:7d:d0:5d:75:c0:94:78:de:aa:0a:97:a5:cd:92:
6c:88:c6:2e:04:8d:8d:a1:fd:fa:7d:51:c0:da:64:
47:04:68:a3:4f:8c:63:77:79:a4:97:1f:8f:ec:b4:
38:ea:ee:42:ef:b9:51:4c:ec:a8:3b:5f:58:5d:28:
6c:73:52:9e:de:a1:36:db:ad:b3:e6:58:10:50:e0:
f9:4b:44:90:50:b9:22:68:29:5e:78:ab:50:19:3e:
7b:f8:d5:24:2b:25:4f:44:f8:32:2c:16:b5:36:88:
39:8b:b7:6b:17:1d:08:57:ba:32:0a:e7:5d:6c:7d:
1c:43:81:29:e1:64:e7:d8:97:62:01:c7:04:67:dc:
a9:a1:12:eb:eb:e3:a0:fd:93:31:b5:35:d4:cf:52:
ec:7c:3d:e7:bf:f1:fa:1e:5c:63:82:06:bd:79:73:
ce:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C6:8C:47:98:80:C2:42:EA:B9:4B:0A:A7:42:E2:D0:F4:F2:F1:1F
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/QMaMR5iAwkLquUsKp0Li0PTy8R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
37.221.80.0/24
45.11.22.0/24
45.14.221.0/24
94.158.188.0/24
176.124.34.0/24
185.212.112.0/24
193.3.18.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
212.18.100.0/24
Signature Algorithm: sha256WithRSAEncryption
69:37:03:f4:1e:11:36:39:45:9b:5a:36:04:d0:5a:09:0f:72:
63:98:af:0c:2e:7b:22:6d:3a:ba:b8:1b:1c:da:ef:5b:a3:6f:
c4:e5:a0:67:18:ae:c0:49:b9:71:67:e3:b3:3e:fd:b8:78:25:
be:13:bb:56:33:5f:50:15:65:c6:b3:69:b9:68:20:01:8a:3d:
54:d6:66:99:5c:b4:2b:c9:2c:e6:6e:de:77:b8:28:fa:d6:24:
79:fa:90:fa:cb:3d:78:32:40:ca:95:d8:67:0d:ce:cd:67:f2:
5b:cd:b2:54:74:c0:d1:dd:a8:1a:62:3e:dd:48:1c:d7:96:b3:
3b:a5:10:d0:c1:9e:18:31:0e:56:c7:de:d0:d5:5f:e1:00:db:
ca:2a:8d:8c:2b:34:56:5e:3e:dd:40:08:b2:29:dd:45:ae:99:
44:4a:d2:84:bb:fe:60:44:7c:68:67:fc:6e:f5:df:f4:f6:48:
82:51:28:ca:79:b6:9c:10:1b:47:d0:17:78:90:ba:63:af:79:
b2:f4:39:30:88:b7:bc:78:71:6d:de:f5:3c:a0:94:3a:69:80:
ec:e1:4e:76:92:83:c9:35:33:43:e8:f7:80:93:ae:53:65:a0:
44:ad:85:e0:6e:41:5b:39:22:d4:78:12:02:22:39:2e:31:bb:
4f:28:e5:8f
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY3HQL0d/BKrLJAaoulCJ+KDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIwMTYwMjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM2OGM0Nzk4ODBjMjQyZWFiOTRiMGFhNzQyZTJkMGY0ZjJmMTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXGuD1B7Mp2lOcG4wNcfIlPIbBSR
u8ppbgiE5Juin3zAE7tD5QP50kgwnMmaNxMmjfowN/qtdOSHJ3v/+yrhUmbTua/o
lIwXT3ubEUngGMXLo1AxUXwPwIUYfdBddcCUeN6qCpelzZJsiMYuBI2Nof36fVHA
2mRHBGijT4xjd3mklx+P7LQ46u5C77lRTOyoO19YXShsc1Ke3qE2262z5lgQUOD5
S0SQULkiaCleeKtQGT57+NUkKyVPRPgyLBa1Nog5i7drFx0IV7oyCuddbH0cQ4Ep
4WTn2JdiAccEZ9ypoRLr6+Og/ZMxtTXUz1LsfD3nv/H6Hlxjgga9eXPOWQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEDGjEeYgMJC6rlLCqdC4tD08vEfMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvUU1hTVI1aUF3a0xxdVVzS3AwTGkwUFR5OFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAAjswAwQA
Jd1QAwQALQsWAwQALQ7dAwQAXp68AwQAsHwiAwQAudRwAwQAwQMSAwQAwiDwAwQA
wxIaAwQAw0WUAwQAw0WWAwQA1BJkMA0GCSqGSIb3DQEBCwUAA4IBAQBpNwP0HhE2
OUWbWjYE0FoJD3JjmK8MLnsibTq6uBsc2u9bo2/E5aBnGK7ASblxZ+OzPv24eCW+
E7tWM19QFWXGs2m5aCABij1U1maZXLQrySzmbt53uCj61iR5+pD6yz14MkDKldhn
Dc7NZ/JbzbJUdMDR3agaYj7dSBzXlrM7pRDQwZ4YMQ5Wx97Q1V/hANvKKo2MKzRW
Xj7dQAiyKd1FrplEStKEu/5gRHxoZ/xu9d/09kiCUSjKebacEBtH0Bd4kLpjr3my
9DkwiLe8eHFt3vU8oJQ6aYDs4U52koPJNTND6PeAk65TZaBErYXgbkFbOSLUeBIC
IjkuMbtPKOWP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org