Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/fd757c-3a7c-4b31-b4a1-cfa7a310d542/1/Q4xItuHgfydqK0Q_NTLx8PQUeVw.roa
File: Q4xItuHgfydqK0Q_NTLx8PQUeVw.roa (raw, json)
Hash identifier: mCq41kVpEjRunyWr/p4KrNyYnp6XeC19hsZk2GvVq4M=
Subject key identifier: 43:8C:48:B6:E1:E0:7F:27:6A:2B:44:3F:35:32:F1:F0:F4:14:79:5C
Certificate issuer: /CN=42004477243ca20b95dc8efe07337639806f6075
Certificate serial: 01856D13BA9A13DFAB7D946F3CCA6564D2A8
Authority key identifier: 42:00:44:77:24:3C:A2:0B:95:DC:8E:FE:07:33:76:39:80:6F:60:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgBEdyQ8oguV3I7-BzN2OYBvYHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/fd757c-3a7c-4b31-b4a1-cfa7a310d542/1/Q4xItuHgfydqK0Q_NTLx8PQUeVw.roa
Signing time: Sun 01 Jan 2023 11:24:47 +0000
ROA not before: Sun 01 Jan 2023 11:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43242
IP address blocks: 185.135.97.0/24 maxlen: 24
185.135.98.0/24 maxlen: 24
185.135.96.0/24 maxlen: 24
185.135.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:ba:9a:13:df:ab:7d:94:6f:3c:ca:65:64:d2:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42004477243ca20b95dc8efe07337639806f6075
Validity
Not Before: Jan 1 11:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=438c48b6e1e07f276a2b443f3532f1f0f414795c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:74:34:fd:7d:44:a4:ba:b1:86:7a:64:c2:36:
d6:df:d2:ab:31:0b:9e:92:8e:dc:46:0b:ed:70:ed:
8b:95:36:fa:e6:b2:03:b7:3d:d1:7e:b5:60:d7:5b:
a8:d5:19:65:2f:a7:63:61:a9:30:7d:c6:70:fc:13:
0d:f4:1c:3c:1c:fc:2a:2a:aa:7b:a2:43:12:12:8a:
00:9b:22:68:5c:56:d5:2f:19:d9:b2:ce:4c:1a:46:
46:ba:d4:5f:3f:26:b6:ec:d7:73:03:67:d1:8e:4b:
c0:d1:36:d3:1c:ec:e4:90:1c:bd:63:d0:cb:5b:e6:
43:a3:85:b5:3d:c5:23:e6:e0:9e:73:73:c9:27:96:
1b:92:23:cb:a0:3d:9c:45:53:f4:bd:a9:78:0d:49:
6d:b9:c5:71:23:3c:23:78:8d:ff:53:94:7b:0a:87:
fb:d6:0a:35:c8:c7:c0:4a:77:09:21:df:b7:03:88:
a7:13:00:80:e8:2e:fa:c8:51:35:55:69:1a:6e:3d:
66:44:05:ff:0d:67:9b:41:04:05:30:da:15:ca:a8:
2f:b7:01:0b:63:04:88:67:e1:8a:29:d3:57:52:57:
eb:5c:1b:e0:c9:49:58:95:d0:5a:ea:ba:cf:34:db:
af:87:83:b5:66:09:12:3d:53:41:9d:cb:74:87:86:
c7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8C:48:B6:E1:E0:7F:27:6A:2B:44:3F:35:32:F1:F0:F4:14:79:5C
X509v3 Authority Key Identifier:
keyid:42:00:44:77:24:3C:A2:0B:95:DC:8E:FE:07:33:76:39:80:6F:60:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgBEdyQ8oguV3I7-BzN2OYBvYHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/fd757c-3a7c-4b31-b4a1-cfa7a310d542/1/Q4xItuHgfydqK0Q_NTLx8PQUeVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/fd757c-3a7c-4b31-b4a1-cfa7a310d542/1/QgBEdyQ8oguV3I7-BzN2OYBvYHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.96.0/22
Signature Algorithm: sha256WithRSAEncryption
45:dc:bc:84:52:10:f2:c4:00:d4:5c:95:52:77:6f:54:a9:7e:
ac:4f:63:d6:a7:7d:9c:cf:1b:8a:86:bc:44:b9:d9:c0:f1:1f:
e0:4b:61:6a:ce:87:50:64:e5:b5:1f:9e:58:91:bd:88:56:31:
96:36:65:34:80:61:a1:56:70:4c:09:a1:d5:09:ba:32:27:65:
1b:1d:4f:81:43:78:a8:03:17:0b:c5:f0:cd:0b:9c:c9:d3:56:
3d:fd:eb:44:bc:4f:f8:fe:c5:81:8f:f3:2b:fe:5a:97:4b:57:
ae:e0:bd:a2:c7:9e:fa:b4:b3:5a:6d:4d:bd:52:2c:69:59:b4:
22:28:67:22:3a:b6:8c:47:f1:6e:e9:a7:53:59:3b:9c:0b:b1:
47:40:1f:a1:f6:20:91:c7:7a:8e:04:50:fa:ca:48:5d:84:69:
55:44:56:d3:33:92:ac:f6:80:cd:2f:80:98:a9:da:31:a4:ef:
1d:ac:cf:9f:8b:69:63:b8:7a:41:26:fd:44:6f:db:b0:4b:7f:
2b:55:e1:19:d5:1f:e3:6a:c0:aa:46:cf:1f:a6:8a:6a:e0:01:
ff:62:15:13:80:f5:03:69:a9:82:cd:77:e8:f3:4e:af:3d:ed:
fe:0f:9b:72:b2:8c:d0:e4:58:90:24:d0:c5:13:20:2a:49:5b:
01:4f:3c:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtE7qaE9+rfZRvPMplZNKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA0NDc3MjQzY2EyMGI5NWRjOGVmZTA3MzM3NjM5ODA2
ZjYwNzUwHhcNMjMwMTAxMTEyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhjNDhiNmUxZTA3ZjI3NmEyYjQ0M2YzNTMyZjFmMGY0MTQ3OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XQ0/X1EpLqxhnpkwjbW39KrMQue
ko7cRgvtcO2LlTb65rIDtz3RfrVg11uo1RllL6djYakwfcZw/BMN9Bw8HPwqKqp7
okMSEooAmyJoXFbVLxnZss5MGkZGutRfPya27NdzA2fRjkvA0TbTHOzkkBy9Y9DL
W+ZDo4W1PcUj5uCec3PJJ5YbkiPLoD2cRVP0val4DUltucVxIzwjeI3/U5R7Cof7
1go1yMfASncJId+3A4inEwCA6C76yFE1VWkabj1mRAX/DWebQQQFMNoVyqgvtwEL
YwSIZ+GKKdNXUlfrXBvgyUlYldBa6rrPNNuvh4O1ZgkSPVNBnct0h4bH4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOMSLbh4H8naitEPzUy8fD0FHlcMB8GA1UdIwQY
MBaAFEIARHckPKILldyO/gczdjmAb2B1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdCRWR5UThvZ3VWM0k3LUJ6TjJPWUJ2WUhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9mZDc1N2MtM2E3Yy00YjMxLWI0YTEt
Y2ZhN2EzMTBkNTQyLzEvUTR4SXR1SGdmeWRxSzBRX05UTHg4UFFVZVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9mZDc1N2MtM2E3Yy00YjMxLWI0YTEtY2ZhN2EzMTBkNTQy
LzEvUWdCRWR5UThvZ3VWM0k3LUJ6TjJPWUJ2WUhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYdgMA0G
CSqGSIb3DQEBCwUAA4IBAQBF3LyEUhDyxADUXJVSd29UqX6sT2PWp32czxuKhrxE
udnA8R/gS2FqzodQZOW1H55Ykb2IVjGWNmU0gGGhVnBMCaHVCboyJ2UbHU+BQ3io
AxcLxfDNC5zJ01Y9/etEvE/4/sWBj/Mr/lqXS1eu4L2ix576tLNabU29UixpWbQi
KGciOraMR/Fu6adTWTucC7FHQB+h9iCRx3qOBFD6ykhdhGlVRFbTM5Ks9oDNL4CY
qdoxpO8drM+fi2ljuHpBJv1Eb9uwS38rVeEZ1R/jasCqRs8fpopq4AH/YhUTgPUD
aamCzXfo806vPe3+D5tysozQ5FiQJNDFEyAqSVsBTzxJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:43 2024 by rpki-client on console-fra.rpki-client.org