Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/QwIei67u6Y532ASlkDVGZDu5CtQ.roa
File: QwIei67u6Y532ASlkDVGZDu5CtQ.roa (raw, json)
Hash identifier: hemBWhJyxwUj7S1Xfvf8ukUeM9pOk2cUHh9mVtIhPyg=
Subject key identifier: 43:02:1E:8B:AE:EE:E9:8E:77:D8:04:A5:90:35:46:64:3B:B9:0A:D4
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01898C5F0E1EF1B45C66A098418B0544A315
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/QwIei67u6Y532ASlkDVGZDu5CtQ.roa
Signing time: Tue 25 Jul 2023 09:26:27 +0000
ROA not before: Tue 25 Jul 2023 09:26:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:5f:0e:1e:f1:b4:5c:66:a0:98:41:8b:05:44:a3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jul 25 09:26:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43021e8baeeee98e77d804a5903546643bb90ad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:cf:cd:e0:8e:4e:91:01:71:91:7f:8e:72:4b:
70:c5:6e:60:85:51:38:a1:55:ae:60:d4:cc:bc:f8:
3a:fc:8e:41:b8:9d:02:23:55:80:0f:30:73:ba:b8:
33:71:6f:de:5b:32:28:12:24:40:4a:27:cc:71:dc:
4d:cb:87:2f:27:94:65:5e:12:01:40:d1:77:2d:f7:
ca:1c:bc:ae:83:10:e1:1c:c7:35:e4:b7:24:9c:16:
08:db:d7:e0:73:d6:9f:f8:b7:c2:22:36:e3:46:68:
a6:9c:7e:91:ae:e2:a1:59:9a:b5:41:c3:1d:0e:63:
53:b9:28:e2:fd:d8:60:8d:e7:75:01:cd:f8:26:4d:
fb:55:90:a6:6b:ef:7d:4d:36:25:1e:4a:b8:31:e7:
4e:21:15:e2:39:a9:44:1a:a1:dc:9e:60:29:3f:00:
78:72:0e:eb:d4:b2:5a:56:18:78:60:42:02:73:5c:
19:99:21:97:0c:97:8c:2f:c8:3e:07:c0:48:8c:f8:
4d:13:8c:dc:e3:b5:d4:5c:82:de:d0:91:19:08:87:
00:17:fe:76:5c:27:0b:0a:a7:93:51:e3:2e:ce:7f:
bf:8b:8a:36:e2:38:93:9e:e4:4f:37:01:e6:3d:04:
3e:c0:8c:08:df:9d:15:67:f2:17:1e:11:67:87:4d:
3e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:02:1E:8B:AE:EE:E9:8E:77:D8:04:A5:90:35:46:64:3B:B9:0A:D4
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/QwIei67u6Y532ASlkDVGZDu5CtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
89.46.217.0/24
185.3.200.0/24
185.239.0.0/24
185.239.2.0/23
Signature Algorithm: sha256WithRSAEncryption
26:94:bf:3b:04:38:9e:b3:b2:cd:e3:4f:ad:de:31:80:3b:8f:
15:d9:f0:bf:53:22:17:f7:a0:4d:9a:ec:2d:e4:e5:42:02:ae:
30:20:f4:21:0b:ca:7c:51:6f:0d:1e:a0:58:e1:09:09:9c:63:
3c:8b:67:b1:95:da:f5:b2:24:93:c6:42:76:03:35:fd:18:26:
82:22:61:8b:0c:bc:e1:80:61:6c:18:cf:b0:bf:0b:c6:ca:b6:
14:63:25:f8:37:37:aa:f8:e0:b6:fd:ca:53:10:ab:bd:e5:23:
04:64:63:eb:dd:02:40:7b:bf:bf:1b:40:f7:17:db:21:52:7b:
b0:d4:e1:4c:94:ce:33:50:3e:f0:eb:87:8a:c8:7c:bc:23:99:
4c:08:03:a5:b1:dd:6f:b0:74:e0:cd:74:4c:b8:c2:64:20:95:
8b:99:3a:54:f6:87:d8:a1:9b:c2:7d:23:b9:fa:ef:94:ee:23:
ca:19:bc:84:57:00:c8:9c:64:9d:56:b8:d7:b2:a8:1a:f9:76:
a8:34:ca:a8:a7:30:98:f8:3f:34:ea:57:02:87:7f:d9:bb:b5:
aa:94:32:36:0b:ec:3e:c9:60:6a:0b:26:ba:e8:4c:61:e8:d3:
cd:e6:d9:fb:00:6b:d1:9d:75:14:52:50:b6:95:24:20:a4:99:
ea:e5:c7:70
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmMXw4e8bRcZqCYQYsFRKMVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNzI1MDkyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzAyMWU4YmFlZWVlOThlNzdkODA0YTU5MDM1NDY2NDNiYjkwYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8/N4I5OkQFxkX+OcktwxW5ghVE4
oVWuYNTMvPg6/I5BuJ0CI1WADzBzurgzcW/eWzIoEiRASifMcdxNy4cvJ5RlXhIB
QNF3LffKHLyugxDhHMc15LcknBYI29fgc9af+LfCIjbjRmimnH6RruKhWZq1QcMd
DmNTuSji/dhgjed1Ac34Jk37VZCma+99TTYlHkq4MedOIRXiOalEGqHcnmApPwB4
cg7r1LJaVhh4YEICc1wZmSGXDJeML8g+B8BIjPhNE4zc47XUXILe0JEZCIcAF/52
XCcLCqeTUeMuzn+/i4o24jiTnuRPNwHmPQQ+wIwI350VZ/IXHhFnh00+zwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEMCHouu7umOd9gEpZA1RmQ7uQrUMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvUXdJZWk2N3U2WTUzMkFTbGtEVkdaRHU1Q3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABZ8xAwQA
BZ82AwQALV7VAwQAWS7ZAwQAuQPIAwQAue8AAwQBue8CMA0GCSqGSIb3DQEBCwUA
A4IBAQAmlL87BDies7LN40+t3jGAO48V2fC/UyIX96BNmuwt5OVCAq4wIPQhC8p8
UW8NHqBY4QkJnGM8i2exldr1siSTxkJ2AzX9GCaCImGLDLzhgGFsGM+wvwvGyrYU
YyX4Nzeq+OC2/cpTEKu95SMEZGPr3QJAe7+/G0D3F9shUnuw1OFMlM4zUD7w64eK
yHy8I5lMCAOlsd1vsHTgzXRMuMJkIJWLmTpU9ofYoZvCfSO5+u+U7iPKGbyEVwDI
nGSdVrjXsqga+XaoNMqopzCY+D806lcCh3/Zu7WqlDI2C+w+yWBqCya66Exh6NPN
5tn7AGvRnXUUUlC2lSQgpJnq5cdw
-----END CERTIFICATE-----
Generated at Wed Jul 26 13:14:29 2023 by rpki-client on console-ams.rpki-client.org