Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/PQkDSOo-z_ti8dye2svkAiYKkeY.roa
File: PQkDSOo-z_ti8dye2svkAiYKkeY.roa (raw, json)
Hash identifier: aA/AiG5MUelx/bdEfzmCK1T28/smhPJmfeBPvQTwwi4=
Subject key identifier: 3D:09:03:48:EA:3E:CF:FB:62:F1:DC:9E:DA:CB:E4:02:26:0A:91:E6
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018B1B950FE010718E9D09635FF33FD443F9
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/PQkDSOo-z_ti8dye2svkAiYKkeY.roa
Signing time: Tue 10 Oct 2023 21:53:55 +0000
ROA not before: Tue 10 Oct 2023 21:53:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 45.141.196.0/24 maxlen: 24
213.139.228.0/24 maxlen: 24
91.191.186.0/24 maxlen: 24
85.209.105.0/24 maxlen: 24
85.209.107.0/24 maxlen: 24
85.209.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1b:95:0f:e0:10:71:8e:9d:09:63:5f:f3:3f:d4:43:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Oct 10 21:53:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d090348ea3ecffb62f1dc9edacbe402260a91e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:52:9a:6c:00:a3:e5:d1:ae:d8:1b:be:fa:ce:
f0:21:b6:9e:ad:3e:79:f4:78:2e:c0:bf:7b:a9:8a:
fb:ab:68:ba:06:b4:b6:52:85:1d:f7:a9:0b:81:cb:
f9:6a:d6:da:a8:49:e2:75:79:ca:99:ab:c3:5d:3c:
39:08:eb:fd:b6:67:f9:59:88:d8:44:6c:02:cd:0e:
3c:ff:c4:54:2a:eb:de:4f:19:e7:d7:e1:a9:b1:91:
a2:31:d8:94:fc:fd:68:84:41:32:ad:40:e7:b7:22:
fd:c2:ee:e0:b7:6d:22:1a:70:24:7d:c6:4f:40:a4:
3b:c1:49:28:2a:c1:8d:08:1a:95:8e:8b:cd:36:64:
d6:2d:57:30:59:2f:f4:f1:ff:e8:92:ae:c4:fd:41:
53:c6:96:ff:62:06:b8:11:b7:ad:56:6c:62:60:c2:
08:da:6d:2a:81:24:9e:c2:47:f9:86:2a:4a:10:e7:
d0:00:7a:1b:01:a8:f5:45:ee:b4:9f:b5:7d:b7:06:
f1:24:b2:61:12:23:14:73:e9:66:0d:92:d2:99:61:
45:ef:c9:fd:f8:ca:49:0d:ec:91:4f:b8:d5:d4:bb:
81:f4:0a:c8:83:ac:43:29:b2:fa:62:3e:43:88:a7:
c7:0e:c2:97:47:8b:c7:02:47:98:c2:ff:91:7e:fa:
0f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:09:03:48:EA:3E:CF:FB:62:F1:DC:9E:DA:CB:E4:02:26:0A:91:E6
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/PQkDSOo-z_ti8dye2svkAiYKkeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.196.0/24
85.209.105.0-85.209.107.255
91.191.186.0/24
213.139.228.0/24
Signature Algorithm: sha256WithRSAEncryption
67:65:21:55:de:25:31:24:cb:ee:4d:14:a2:50:65:4c:d1:0a:
72:14:67:4f:28:c4:1f:e1:47:04:a0:7a:bb:d9:24:c3:78:d5:
7c:18:c7:38:3d:e2:f9:56:bd:b6:bc:17:e6:36:8c:c7:d8:e5:
ab:9a:ac:09:f3:35:44:63:5a:23:80:1c:8c:61:47:d1:83:8b:
d9:f7:fe:ad:5d:4b:4d:03:3a:fc:49:2d:4e:00:c2:c0:e4:88:
c1:5c:b9:23:e7:ee:3c:17:d0:47:72:15:30:d7:9e:65:c6:7d:
78:07:4f:fc:35:e7:8e:f6:7e:dd:65:b6:1c:ab:6c:04:0a:fd:
00:ab:04:3b:9a:5b:9d:b2:6d:89:db:a3:82:15:40:49:88:5c:
07:04:58:ed:36:94:3f:d9:f4:9e:55:bb:be:7f:fb:30:18:bb:
a3:12:72:5d:d4:44:3a:16:4b:78:12:6c:06:62:6c:74:61:6b:
f4:b7:8c:d3:d7:17:fe:e8:bf:3e:11:83:c9:26:67:14:50:aa:
ed:42:07:4c:1d:95:3d:34:23:58:e5:47:12:df:41:ab:0e:61:
2a:0a:70:f5:cf:b6:db:26:5e:12:82:61:51:dd:15:9f:1a:fe:
1d:6a:4d:5c:53:a2:ab:60:2a:0b:bb:24:78:7e:91:93:86:b8:
98:cd:fb:4a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYsblQ/gEHGOnQljX/M/1EP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMxMDEwMjE1MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA5MDM0OGVhM2VjZmZiNjJmMWRjOWVkYWNiZTQwMjI2MGE5MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lKabACj5dGu2Bu++s7wIbaerT55
9HguwL97qYr7q2i6BrS2UoUd96kLgcv5atbaqEnidXnKmavDXTw5COv9tmf5WYjY
RGwCzQ48/8RUKuveTxnn1+GpsZGiMdiU/P1ohEEyrUDntyL9wu7gt20iGnAkfcZP
QKQ7wUkoKsGNCBqVjovNNmTWLVcwWS/08f/okq7E/UFTxpb/Yga4EbetVmxiYMII
2m0qgSSewkf5hipKEOfQAHobAaj1Re60n7V9twbxJLJhEiMUc+lmDZLSmWFF78n9
+MpJDeyRT7jV1LuB9ArIg6xDKbL6Yj5DiKfHDsKXR4vHAkeYwv+RfvoPnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFD0JA0jqPs/7YvHcntrL5AImCpHmMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvUFFrRFNPby16X3RpOGR5ZTJzdmtBaVlLa2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALY3EMAwD
BABV0WkDBAJV0WgDBABbv7oDBADVi+QwDQYJKoZIhvcNAQELBQADggEBAGdlIVXe
JTEky+5NFKJQZUzRCnIUZ08oxB/hRwSgervZJMN41XwYxzg94vlWvba8F+Y2jMfY
5auarAnzNURjWiOAHIxhR9GDi9n3/q1dS00DOvxJLU4AwsDkiMFcuSPn7jwX0Edy
FTDXnmXGfXgHT/w15472ft1lthyrbAQK/QCrBDuaW52ybYnbo4IVQEmIXAcEWO02
lD/Z9J5Vu75/+zAYu6MScl3URDoWS3gSbAZibHRha/S3jNPXF/7ovz4Rg8kmZxRQ
qu1CB0wdlT00I1jlRxLfQasOYSoKcPXPttsmXhKCYVHdFZ8a/h1qTVxToqtgKgu7
JHh+kZOGuJjN+0o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org