Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/qB1wAFLR_D6Vnoj9rGYGdKfWz14.roa
File: qB1wAFLR_D6Vnoj9rGYGdKfWz14.roa (raw, json)
Hash identifier: 94D2Gipxoc67zHxgwQz9RBLpDgUUEUQp/82bSelz0mA=
Subject key identifier: A8:1D:70:00:52:D1:FC:3E:95:9E:88:FD:AC:66:06:74:A7:D6:CF:5E
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 01856FD53C6D688CBF7E8C6F4E5960F7E176
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/qB1wAFLR_D6Vnoj9rGYGdKfWz14.roa
Signing time: Mon 02 Jan 2023 00:15:23 +0000
ROA not before: Mon 02 Jan 2023 00:15:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212228
IP address blocks: 185.158.250.0/24 maxlen: 24
91.242.217.0/24 maxlen: 24
91.240.202.0/24 maxlen: 24
37.10.71.0/24 maxlen: 24
2a0b:7140:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:3c:6d:68:8c:bf:7e:8c:6f:4e:59:60:f7:e1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 00:15:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a81d700052d1fc3e959e88fdac660674a7d6cf5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b5:4b:f9:e9:5a:0a:75:b6:c0:7d:7d:ef:ea:
33:08:91:7c:b2:f5:44:00:6b:6e:5e:25:3f:d4:bd:
46:d7:04:9f:cd:54:67:5b:f4:74:98:f7:e5:85:01:
02:16:a6:a5:37:29:94:56:3a:d5:f1:6b:1c:c6:41:
8d:7b:58:a8:ee:a3:3b:50:0f:a1:a4:70:1c:fd:91:
40:54:5e:42:d3:ce:d0:10:5f:87:bd:a8:e6:c7:d2:
e0:6e:3d:a7:56:b5:04:6e:a9:a9:9b:4e:3e:d4:15:
c3:b2:6a:c4:cb:d6:02:e9:c0:d7:f0:04:46:85:ce:
85:49:ff:b8:b4:04:30:b1:1f:13:e1:96:ed:90:a6:
10:38:c0:28:7e:b2:2a:ff:c0:a6:77:99:09:95:bd:
ae:da:20:7d:c6:02:02:92:ed:ad:0f:11:69:dd:68:
67:a1:23:43:3b:8b:9b:4d:f6:d1:56:d9:c0:b0:6c:
76:3a:6d:a6:15:2b:6f:b8:13:ae:b7:d5:d3:f4:0a:
d6:90:d3:63:c2:3d:48:e7:6e:a0:32:e0:c4:28:cc:
74:98:b4:43:5c:10:b8:e2:c4:d6:41:ae:d6:58:c5:
67:72:92:f9:9f:88:ac:7f:12:c7:b9:99:c5:1d:b4:
05:44:0c:e3:fe:4b:88:ed:57:2a:c9:ea:2d:d0:9a:
8b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:1D:70:00:52:D1:FC:3E:95:9E:88:FD:AC:66:06:74:A7:D6:CF:5E
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/qB1wAFLR_D6Vnoj9rGYGdKfWz14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.10.71.0/24
91.240.202.0/24
91.242.217.0/24
185.158.250.0/24
IPv6:
2a0b:7140:2::/48
Signature Algorithm: sha256WithRSAEncryption
6b:15:53:cb:11:08:7f:73:13:63:22:db:56:37:46:0f:1d:0b:
7d:8f:d2:18:1a:6b:05:1a:36:4c:25:23:8c:e4:36:3e:f9:29:
6c:a4:b0:b8:e7:cf:2a:3c:d3:53:67:2b:2c:a1:dd:71:01:bb:
41:92:c4:b6:27:0d:c0:a0:18:f7:0c:89:c2:8e:31:3e:33:b3:
3a:96:7c:ab:2a:ae:ab:b9:c2:a7:11:77:db:3a:f9:d6:8f:6f:
94:11:e6:33:17:b2:ec:70:54:a5:ad:e9:fb:d5:ab:51:87:d4:
86:db:65:f0:c5:e1:15:73:c5:37:0f:44:fb:30:25:2c:f4:ff:
31:62:97:b9:02:4e:a7:24:6f:f9:75:75:98:bd:96:25:2c:d7:
d8:d8:0e:db:38:eb:b5:4a:95:fd:bf:2b:fa:74:e1:00:6f:d0:
39:8d:6c:c5:47:0e:85:77:73:97:dd:15:9d:c2:d3:3b:8d:73:
cd:5b:ab:96:e1:d8:8f:75:a7:61:06:56:82:5a:5e:17:50:52:
5e:2b:a3:bb:e3:2d:98:0e:19:a4:f2:95:97:47:4d:68:e9:89:
c1:37:a7:40:f3:d3:18:07:66:d6:e1:d6:92:13:9a:5d:f1:83:
04:06:aa:aa:0b:86:c4:b8:a0:aa:b2:5c:49:d3:c0:e2:f7:41:
a6:91:84:40
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVv1TxtaIy/foxvTllg9+F2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwMTAyMDAxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFkNzAwMDUyZDFmYzNlOTU5ZTg4ZmRhYzY2MDY3NGE3ZDZjZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbVL+elaCnW2wH197+ozCJF8svVE
AGtuXiU/1L1G1wSfzVRnW/R0mPflhQECFqalNymUVjrV8WscxkGNe1io7qM7UA+h
pHAc/ZFAVF5C087QEF+Hvajmx9Lgbj2nVrUEbqmpm04+1BXDsmrEy9YC6cDX8ARG
hc6FSf+4tAQwsR8T4ZbtkKYQOMAofrIq/8Cmd5kJlb2u2iB9xgICku2tDxFp3Whn
oSNDO4ubTfbRVtnAsGx2Om2mFStvuBOut9XT9ArWkNNjwj1I526gMuDEKMx0mLRD
XBC44sTWQa7WWMVncpL5n4isfxLHuZnFHbQFRAzj/kuI7Vcqyeot0JqLlwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKgdcABS0fw+lZ6I/axmBnSn1s9eMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvcUIxd0FGTFJfRDZWbm9qOXJHWUdkS2ZXejE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAJQpHAwQA
W/DKAwQAW/LZAwQAuZ76MA8EAgACMAkDBwAqC3FAAAIwDQYJKoZIhvcNAQELBQAD
ggEBAGsVU8sRCH9zE2Mi21Y3Rg8dC32P0hgaawUaNkwlI4zkNj75KWyksLjnzyo8
01NnKyyh3XEBu0GSxLYnDcCgGPcMicKOMT4zszqWfKsqrqu5wqcRd9s6+daPb5QR
5jMXsuxwVKWt6fvVq1GH1IbbZfDF4RVzxTcPRPswJSz0/zFil7kCTqckb/l1dZi9
liUs19jYDts467VKlf2/K/p04QBv0DmNbMVHDoV3c5fdFZ3C0zuNc81bq5bh2I91
p2EGVoJaXhdQUl4ro7vjLZgOGaTylZdHTWjpicE3p0Dz0xgHZtbh1pITml3xgwQG
qqoLhsS4oKqyXEnTwOL3QaaRhEA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:56 2024 by rpki-client on console-ams.rpki-client.org