Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/Qqz8KytjmvarhXmLOq6pG69iXbk.roa
File: Qqz8KytjmvarhXmLOq6pG69iXbk.roa (raw, json)
Hash identifier: djstxSXTQ1nV24V8QopUejVnR9TnlUhfPAvrNfF76uw=
Subject key identifier: 42:AC:FC:2B:2B:63:9A:F6:AB:85:79:8B:3A:AE:A9:1B:AF:62:5D:B9
Certificate issuer: /CN=98a533308740bbbd217bf69dce90b3f541208457
Certificate serial: 01856C4A41B09E83B66C889FA8BE0262CD9D
Authority key identifier: 98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/Qqz8KytjmvarhXmLOq6pG69iXbk.roa
Signing time: Sun 01 Jan 2023 07:44:43 +0000
ROA not before: Sun 01 Jan 2023 07:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51557
IP address blocks: 185.33.232.0/22 maxlen: 22
185.111.232.0/23 maxlen: 23
185.111.235.0/24 maxlen: 24
185.111.234.0/24 maxlen: 24
93.89.224.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:41:b0:9e:83:b6:6c:88:9f:a8:be:02:62:cd:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a533308740bbbd217bf69dce90b3f541208457
Validity
Not Before: Jan 1 07:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42acfc2b2b639af6ab85798b3aaea91baf625db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:78:5f:72:a1:e6:87:02:f1:7a:ec:69:7a:08:
b9:71:3a:9a:ba:0c:94:81:2e:d5:72:c5:0f:85:b3:
b6:40:20:75:ff:7e:84:c9:05:21:4b:f5:84:75:63:
e7:3e:be:c8:5a:9d:4c:4d:41:17:75:09:73:5f:a6:
4e:7f:b0:fd:01:bf:91:26:e5:95:b0:e9:a1:d4:9b:
6f:7f:e3:36:c6:c5:59:d0:ca:76:39:c9:a6:0b:e1:
bb:e9:38:c9:9a:cd:74:59:78:87:d5:63:98:dd:ef:
2b:e2:54:1b:de:3c:61:e8:25:2e:5f:ed:0f:7c:79:
a2:e2:7f:a3:1f:21:fe:2c:16:3c:3d:86:0c:db:97:
bf:7d:f1:3e:f6:1c:d3:61:e1:b7:27:2a:e4:95:51:
03:a5:8e:f2:aa:f3:17:9b:cb:66:bd:be:15:ea:a0:
cd:d9:5b:2b:24:9b:13:81:e0:a3:25:99:32:4a:c1:
85:c6:19:f9:aa:ae:f9:73:98:9e:6c:59:5f:14:22:
27:ac:ad:19:e8:d1:58:88:30:6e:4c:7b:b9:b9:54:
ce:30:d8:0d:e5:3c:c2:43:e3:14:51:f6:61:a5:7f:
29:9b:4b:f4:d5:7a:fa:9e:61:3c:ee:53:60:91:db:
b0:94:ed:d9:a1:f0:ba:98:69:59:3c:fe:3b:5d:27:
7e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:AC:FC:2B:2B:63:9A:F6:AB:85:79:8B:3A:AE:A9:1B:AF:62:5D:B9
X509v3 Authority Key Identifier:
keyid:98:A5:33:30:87:40:BB:BD:21:7B:F6:9D:CE:90:B3:F5:41:20:84:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKUzMIdAu70he_adzpCz9UEghFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/Qqz8KytjmvarhXmLOq6pG69iXbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6a5394-0b05-4538-b0cd-9f6890f92e60/1/mKUzMIdAu70he_adzpCz9UEghFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.224.0/20
185.33.232.0/22
185.111.232.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:76:6c:86:2d:79:16:25:8b:41:be:79:6b:9b:d0:91:bc:a3:
74:c5:e3:45:48:b0:29:59:fd:c7:c4:75:95:c6:e7:3e:cc:5e:
12:f9:53:2e:11:92:1e:19:e6:eb:0c:59:06:13:e6:d7:f3:90:
54:d5:54:e8:22:72:0f:72:ad:32:ed:02:65:4b:c9:cf:82:af:
49:01:82:c5:7a:f5:cc:84:c5:8f:2c:48:3a:2e:09:27:1a:78:
46:a2:ba:69:f9:0b:d2:d6:9b:09:a9:3d:1f:68:cf:cc:8b:c9:
c2:3b:cf:f1:00:7c:ee:cf:fb:fd:cf:c8:50:9a:ac:76:fa:b2:
ef:c0:d3:35:98:43:58:db:99:dd:44:25:4a:e9:76:ca:a2:4a:
af:d1:18:7f:40:5a:96:1c:ea:b7:27:c3:59:01:8f:71:4d:fa:
e3:e2:a9:48:7e:fd:fc:2a:b9:d6:12:15:a2:44:7d:5d:dc:87:
fa:08:4f:5b:4f:dc:33:d6:60:69:3f:c6:d2:69:87:d6:0b:af:
af:b4:a0:8f:e5:44:fa:be:eb:89:8c:49:de:78:00:83:be:80:
d2:bc:cb:c3:13:a5:70:7b:06:36:99:74:28:a7:97:39:93:8f:
c0:52:99:02:5a:23:0f:c5:f5:f2:55:c5:55:cf:1d:b8:40:25:
4e:dc:89:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsSkGwnoO2bIifqL4CYs2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YTUzMzMwODc0MGJiYmQyMTdiZjY5ZGNlOTBiM2Y1NDEy
MDg0NTcwHhcNMjMwMTAxMDc0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmFjZmMyYjJiNjM5YWY2YWI4NTc5OGIzYWFlYTkxYmFmNjI1ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8HhfcqHmhwLxeuxpegi5cTqaugyU
gS7VcsUPhbO2QCB1/36EyQUhS/WEdWPnPr7IWp1MTUEXdQlzX6ZOf7D9Ab+RJuWV
sOmh1Jtvf+M2xsVZ0Mp2OcmmC+G76TjJms10WXiH1WOY3e8r4lQb3jxh6CUuX+0P
fHmi4n+jHyH+LBY8PYYM25e/ffE+9hzTYeG3JyrklVEDpY7yqvMXm8tmvb4V6qDN
2VsrJJsTgeCjJZkySsGFxhn5qq75c5iebFlfFCInrK0Z6NFYiDBuTHu5uVTOMNgN
5TzCQ+MUUfZhpX8pm0v01Xr6nmE87lNgkduwlO3ZofC6mGlZPP47XSd+8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEKs/CsrY5r2q4V5izquqRuvYl25MB8GA1UdIwQY
MBaAFJilMzCHQLu9IXv2nc6Qs/VBIIRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2Qt
OWY2ODkwZjkyZTYwLzEvUXF6OEt5dGptdmFyaFhtTE9xNnBHNjlpWGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82YTUzOTQtMGIwNS00NTM4LWIwY2QtOWY2ODkwZjkyZTYw
LzEvbUtVek1JZEF1NzBoZV9hZHpwQ3o5VUVnaEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEXVngAwQC
uSHoAwQCuW/oMA0GCSqGSIb3DQEBCwUAA4IBAQCKdmyGLXkWJYtBvnlrm9CRvKN0
xeNFSLApWf3HxHWVxuc+zF4S+VMuEZIeGebrDFkGE+bX85BU1VToInIPcq0y7QJl
S8nPgq9JAYLFevXMhMWPLEg6LgknGnhGorpp+QvS1psJqT0faM/Mi8nCO8/xAHzu
z/v9z8hQmqx2+rLvwNM1mENY25ndRCVK6XbKokqv0Rh/QFqWHOq3J8NZAY9xTfrj
4qlIfv38KrnWEhWiRH1d3If6CE9bT9wz1mBpP8bSaYfWC6+vtKCP5UT6vuuJjEne
eACDvoDSvMvDE6VwewY2mXQop5c5k4/AUpkCWiMPxfXyVcVVzx24QCVO3Ima
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:25 2024 by rpki-client on console-ams.rpki-client.org