Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Q6t2mT_aF1wFALTMti-uyMMfIdk.roa
File: Q6t2mT_aF1wFALTMti-uyMMfIdk.roa (raw, json)
Hash identifier: CQDPPcfp4r6iYcbqPrk363LoSBa6Vc9QcwKJNkEU9RY=
Subject key identifier: 43:AB:76:99:3F:DA:17:5C:05:00:B4:CC:B6:2F:AE:C8:C3:1F:21:D9
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01916C1E7BCFAB9E6FEA9FEF59A67EBC2963
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Q6t2mT_aF1wFALTMti-uyMMfIdk.roa
Signing time: Mon 19 Aug 2024 19:30:22 +0000
ROA not before: Mon 19 Aug 2024 19:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 5.42.220.0/24 maxlen: 24
80.68.156.0/24 maxlen: 24
91.240.254.0/24 maxlen: 24
185.201.28.0/24 maxlen: 24
185.211.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 16:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6c:1e:7b:cf:ab:9e:6f:ea:9f:ef:59:a6:7e:bc:29:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 19 19:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43ab76993fda175c0500b4ccb62faec8c31f21d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3e:97:c2:9a:2b:4f:e4:f9:fd:c7:85:b2:da:
bc:bd:87:79:ad:fa:cd:6e:93:45:31:99:15:86:38:
4a:8e:88:93:67:62:6d:79:ef:7b:55:97:d0:08:53:
0c:91:bc:a7:e7:e6:c5:b4:fd:62:a6:c5:4f:e7:b2:
7c:05:99:5b:30:05:93:4f:47:32:b1:d5:c0:69:ce:
34:99:52:5d:22:01:37:4c:6f:73:43:bd:8f:32:ba:
21:5b:3c:aa:c9:be:13:04:06:31:a4:23:88:a1:5d:
7e:2d:8a:9a:c6:9a:b4:21:3e:65:0e:b7:c6:52:a9:
53:f1:09:62:22:c2:11:24:9a:e9:b8:59:17:05:2d:
42:a9:b6:30:fa:8b:0c:57:b1:f8:31:99:65:74:1f:
3c:81:e5:ee:34:69:6a:58:f1:31:bd:6d:db:75:37:
f6:2c:4b:21:12:9e:ae:fc:9f:fa:e9:77:3d:80:9d:
5c:a7:74:b6:55:d0:46:f9:04:05:01:7b:41:1c:9d:
00:96:d3:ff:09:49:0a:a4:01:31:41:90:e1:1d:be:
a1:65:e0:8d:cb:eb:76:44:d2:7c:d8:49:eb:11:8c:
18:c3:79:2e:e3:31:df:ab:4f:2b:b5:bf:ce:3a:aa:
c4:02:cc:73:91:1b:df:2d:8b:6e:24:e2:1e:24:51:
c1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AB:76:99:3F:DA:17:5C:05:00:B4:CC:B6:2F:AE:C8:C3:1F:21:D9
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Q6t2mT_aF1wFALTMti-uyMMfIdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.220.0/24
80.68.156.0/24
91.240.254.0/24
185.201.28.0/24
185.211.170.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:1d:6d:a4:92:ba:ed:cf:6d:22:cd:49:73:b5:eb:4a:6c:74:
e2:5c:57:d5:9e:a0:05:a0:d5:2d:4a:16:94:cc:29:78:61:72:
f3:7a:1f:9b:36:52:02:fe:48:92:af:53:8d:af:0c:c6:e2:f4:
ae:18:96:82:2f:19:f7:5a:bf:b2:d8:53:68:54:88:17:49:c9:
82:db:a9:d5:97:5b:c0:55:ea:d6:d0:ec:3b:50:1f:92:eb:7f:
e5:66:8a:7f:95:46:e2:60:c1:4e:a1:e8:48:9b:8c:ad:cd:0f:
35:c8:69:73:92:3a:f2:1e:b2:ce:57:3d:dd:37:93:13:55:ce:
37:f2:16:84:00:23:cf:62:5e:86:08:0b:72:f3:4f:bc:1a:c6:
8e:87:3d:71:cf:c0:8f:fe:1f:69:af:3c:86:1d:f0:e1:2b:54:
25:c1:6d:7e:6b:e5:23:f5:31:f8:de:59:0f:fe:66:1e:d5:d0:
d3:33:d0:1d:c1:bf:9f:76:6f:66:93:83:04:e4:0e:97:db:a1:
12:9e:fd:96:e0:8a:fc:c4:04:80:9b:15:c5:df:73:d8:99:58:
5a:5b:c2:6e:8a:fd:c1:21:0a:42:30:16:c1:18:e5:9c:da:ca:
82:d5:3d:94:56:5c:83:e9:2d:e8:a2:bc:3f:3b:77:bd:1e:ab:
e0:42:b9:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFsHnvPq55v6p/vWaZ+vCljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODE5MTkzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FiNzY5OTNmZGExNzVjMDUwMGI0Y2NiNjJmYWVjOGMzMWYyMWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT6XwporT+T5/ceFstq8vYd5rfrN
bpNFMZkVhjhKjoiTZ2Jtee97VZfQCFMMkbyn5+bFtP1ipsVP57J8BZlbMAWTT0cy
sdXAac40mVJdIgE3TG9zQ72PMrohWzyqyb4TBAYxpCOIoV1+LYqaxpq0IT5lDrfG
UqlT8QliIsIRJJrpuFkXBS1CqbYw+osMV7H4MZlldB88geXuNGlqWPExvW3bdTf2
LEshEp6u/J/66Xc9gJ1cp3S2VdBG+QQFAXtBHJ0AltP/CUkKpAExQZDhHb6hZeCN
y+t2RNJ82EnrEYwYw3ku4zHfq08rtb/OOqrEAsxzkRvfLYtuJOIeJFHB8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEOrdpk/2hdcBQC0zLYvrsjDHyHZMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUTZ0Mm1UX2FGMXdGQUxUTXRpLXV5TU1mSWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABSrcAwQA
UEScAwQAW/D+AwQAuckcAwQAudOqMA0GCSqGSIb3DQEBCwUAA4IBAQAeHW2kkrrt
z20izUlztetKbHTiXFfVnqAFoNUtShaUzCl4YXLzeh+bNlIC/kiSr1ONrwzG4vSu
GJaCLxn3Wr+y2FNoVIgXScmC26nVl1vAVerW0Ow7UB+S63/lZop/lUbiYMFOoehI
m4ytzQ81yGlzkjryHrLOVz3dN5MTVc438haEACPPYl6GCAty80+8GsaOhz1xz8CP
/h9przyGHfDhK1QlwW1+a+Uj9TH43lkP/mYe1dDTM9Adwb+fdm9mk4ME5A6X26ES
nv2W4Ir8xASAmxXF33PYmVhaW8Juiv3BIQpCMBbBGOWc2sqC1T2UVlyD6S3oorw/
O3e9HqvgQrk/
-----END CERTIFICATE-----
Generated at Sat Aug 31 17:58:30 2024 by rpki-client on console-ams.rpki-client.org