Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/qqgqAlmqcQ_LeSOdivGVc-8KBfU.roa
File: qqgqAlmqcQ_LeSOdivGVc-8KBfU.roa (raw, json)
Hash identifier: P8WHrz6Q7/9RSez75n1kZafZCP61b/bncfVvuccu2g0=
Subject key identifier: AA:A8:2A:02:59:AA:71:0F:CB:79:23:9D:8A:F1:95:73:EF:0A:05:F5
Certificate issuer: /CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Certificate serial: 018CC56EEA7F1950745AFC4C9B9226C672A6
Authority key identifier: C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/qqgqAlmqcQ_LeSOdivGVc-8KBfU.roa
Signing time: Mon 01 Jan 2024 14:30:29 +0000
ROA not before: Mon 01 Jan 2024 14:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211804
IP address blocks: 185.250.240.0/24 maxlen: 24
185.250.242.0/24 maxlen: 24
185.250.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 May 2024 08:39:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ea:7f:19:50:74:5a:fc:4c:9b:92:26:c6:72:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Validity
Not Before: Jan 1 14:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaa82a0259aa710fcb79239d8af19573ef0a05f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:aa:38:3d:6e:63:6f:70:bd:1f:2f:2d:42:e7:
57:d1:63:ea:51:48:d6:60:8b:39:0c:1a:a3:07:06:
42:24:16:56:a7:09:a6:0f:96:f7:0f:09:5d:13:c4:
97:fd:e1:eb:17:cf:f6:9c:54:92:68:f4:5b:50:99:
c2:db:52:bc:78:25:48:02:32:48:db:43:6c:a8:eb:
37:c4:fe:98:d1:a4:05:58:26:16:44:53:7b:11:74:
ba:ea:8e:fe:5a:be:17:c7:d4:90:fc:eb:ed:78:83:
50:6b:66:b3:79:d3:13:65:7d:47:fc:88:69:77:43:
7c:e2:67:08:f8:8d:1e:6a:49:15:9f:14:ca:63:29:
80:d0:57:9b:a7:b1:39:7f:c8:e9:5f:8b:d4:cf:b9:
e3:94:40:0b:2d:73:99:43:5d:1a:da:39:80:6d:98:
5b:4a:cc:f0:e6:17:ce:ae:fb:88:f0:51:c0:e0:d1:
c6:4d:26:62:af:73:5c:68:01:79:ed:61:09:5d:93:
d7:00:72:14:c3:13:e1:3d:81:47:63:26:80:16:66:
92:a3:68:f3:2f:46:3a:06:fc:8b:73:c2:dd:87:c9:
a0:73:c6:16:81:ba:14:54:ec:46:ba:80:a9:ad:c4:
50:62:db:af:02:4e:36:f6:42:47:75:48:11:5f:51:
ce:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A8:2A:02:59:AA:71:0F:CB:79:23:9D:8A:F1:95:73:EF:0A:05:F5
X509v3 Authority Key Identifier:
keyid:C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/qqgqAlmqcQ_LeSOdivGVc-8KBfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.240.0/24
185.250.242.0/23
Signature Algorithm: sha256WithRSAEncryption
85:ea:92:12:d3:cf:09:c7:ca:96:bb:2b:b3:4c:fa:86:65:53:
12:d6:25:57:86:ba:6d:0b:c9:61:59:64:23:02:90:4a:a2:54:
0a:53:17:e3:25:58:f2:14:e3:c8:bb:8e:45:c7:88:e1:b9:e6:
b5:a7:e2:0e:ca:13:51:42:d4:fd:13:fd:85:88:d3:76:92:19:
b1:91:0e:71:c6:70:b8:92:0a:8f:1b:d2:71:9e:1b:5f:18:47:
9a:a3:bf:6c:de:85:4b:0c:46:6d:8f:08:b0:f1:9d:45:db:6f:
d7:39:d6:05:cb:2d:63:15:51:4f:c3:a1:8b:cd:bb:60:c4:68:
4e:85:6a:7f:f7:1d:dc:74:56:7d:e6:8a:0c:2e:42:bd:10:f9:
1c:89:ff:bb:7d:de:9b:4c:fd:93:82:82:9e:38:2a:c6:4b:d0:
81:7d:4c:d4:e4:c1:1a:51:91:c9:ac:89:26:2e:c9:a8:e8:fd:
fe:9e:51:e1:61:94:46:b7:68:fb:2e:da:c5:5f:82:5a:91:b7:
7c:68:3f:67:07:ce:46:9d:ff:ea:42:4f:e7:a6:29:cf:3d:e6:
26:28:2c:26:c3:01:53:7f:ef:c6:3b:74:76:c9:c5:66:e1:a8:
fe:a1:41:9e:4c:28:1b:55:6e:79:ae:60:fe:a9:6e:5f:b0:35:
67:d8:c8:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbup/GVB0WvxMm5ImxnKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhYzFkN2M5ZWNjZjU2NThiODhmMTZmNjEzZDdiM2U4
ZThjNzIwHhcNMjQwMTAxMTQzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWE4MmEwMjU5YWE3MTBmY2I3OTIzOWQ4YWYxOTU3M2VmMGEwNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjao4PW5jb3C9Hy8tQudX0WPqUUjW
YIs5DBqjBwZCJBZWpwmmD5b3DwldE8SX/eHrF8/2nFSSaPRbUJnC21K8eCVIAjJI
20NsqOs3xP6Y0aQFWCYWRFN7EXS66o7+Wr4Xx9SQ/OvteINQa2azedMTZX1H/Ihp
d0N84mcI+I0eakkVnxTKYymA0Febp7E5f8jpX4vUz7njlEALLXOZQ10a2jmAbZhb
Sszw5hfOrvuI8FHA4NHGTSZir3NcaAF57WEJXZPXAHIUwxPhPYFHYyaAFmaSo2jz
L0Y6BvyLc8Ldh8mgc8YWgboUVOxGuoCprcRQYtuvAk429kJHdUgRX1HOZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKqoKgJZqnEPy3kjnYrxlXPvCgX1MB8GA1UdIwQY
MBaAFMLSrB18nsz1ZYuI8W9hPXs+joxyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYt
MTk3ZmU4MzY1NjQzLzEvcXFncUFsbXFjUV9MZVNPZGl2R1ZjLThLQmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYtMTk3ZmU4MzY1NjQz
LzEvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufrwAwQB
ufryMA0GCSqGSIb3DQEBCwUAA4IBAQCF6pIS088Jx8qWuyuzTPqGZVMS1iVXhrpt
C8lhWWQjApBKolQKUxfjJVjyFOPIu45Fx4jhuea1p+IOyhNRQtT9E/2FiNN2khmx
kQ5xxnC4kgqPG9JxnhtfGEeao79s3oVLDEZtjwiw8Z1F22/XOdYFyy1jFVFPw6GL
zbtgxGhOhWp/9x3cdFZ95ooMLkK9EPkcif+7fd6bTP2TgoKeOCrGS9CBfUzU5MEa
UZHJrIkmLsmo6P3+nlHhYZRGt2j7LtrFX4Jakbd8aD9nB85Gnf/qQk/npinPPeYm
KCwmwwFTf+/GO3R2ycVm4aj+oUGeTCgbVW55rmD+qW5fsDVn2MiT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:47 2024 by rpki-client on console-ams.rpki-client.org