Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QsRqr8mBspUhcktEfe6aBG38oqo.roa
File: QsRqr8mBspUhcktEfe6aBG38oqo.roa (raw, json)
Hash identifier: kS8yx7qkhHXt0a0IIAD9lzbgHje3BwQY3uxXRPjqJdE=
Subject key identifier: 42:C4:6A:AF:C9:81:B2:95:21:72:4B:44:7D:EE:9A:04:6D:FC:A2:AA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01923D309BEE30A6331AECADAC05C0A0319D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QsRqr8mBspUhcktEfe6aBG38oqo.roa
Signing time: Sun 29 Sep 2024 09:50:48 +0000
ROA not before: Sun 29 Sep 2024 09:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
94.176.214.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 04:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:3d:30:9b:ee:30:a6:33:1a:ec:ad:ac:05:c0:a0:31:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 29 09:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42c46aafc981b29521724b447dee9a046dfca2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fd:2e:6d:60:8e:a4:3a:bd:7a:2d:fa:6c:ce:
26:d2:cb:0a:fe:ef:0c:f2:4e:20:98:07:6f:da:08:
ba:9e:3a:ef:cb:1d:2a:d8:68:46:a2:9d:8f:e1:bf:
0b:0e:11:44:a6:01:83:e6:56:68:c9:4c:85:b5:c0:
c3:0a:f7:f2:11:b6:50:52:a2:08:6e:db:ab:1e:88:
a9:87:cc:be:9e:b5:f9:5f:24:c3:9e:6d:16:3c:ef:
0e:01:57:9e:f0:53:a2:8a:81:55:f7:8d:20:42:ac:
91:17:7d:f5:4a:54:76:de:34:b2:e6:01:15:7e:e0:
4d:a9:36:18:8a:f0:18:53:65:6d:e8:57:d4:05:0b:
db:24:63:78:49:d7:0d:f6:52:9c:52:f9:80:9b:07:
89:8f:5a:a1:8c:ed:ec:d1:9c:ee:47:fd:a8:25:75:
7d:ef:f6:f3:7f:c4:65:42:b3:1a:89:bb:46:f5:c9:
fb:b5:8b:3a:de:eb:88:ce:19:1f:04:72:46:b1:c2:
d4:ca:ba:46:10:44:2e:5c:84:72:a1:76:09:2e:6c:
71:13:7a:32:ea:75:5e:cf:a3:39:ff:20:c3:1e:a6:
8e:63:75:7d:fd:39:4c:bc:38:f2:2f:2c:66:ae:3b:
0c:91:20:1c:88:1c:8a:39:23:14:4d:ea:e6:23:18:
84:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C4:6A:AF:C9:81:B2:95:21:72:4B:44:7D:EE:9A:04:6D:FC:A2:AA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QsRqr8mBspUhcktEfe6aBG38oqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
77.81.100.0/24
89.34.106.0/24
91.132.51.0/24
93.114.183.0/24
94.176.214.0/24
188.64.142.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:8b:e4:1e:81:ec:fc:2e:ff:98:4c:c7:2b:b5:90:70:57:ad:
b6:82:ec:10:65:f9:d1:c7:3b:c8:48:3e:5f:bd:60:ec:25:fe:
3c:34:30:be:e9:c5:09:dc:c9:d1:0e:07:41:fe:95:f3:8a:42:
1d:70:f2:c7:61:9a:f1:ac:a2:77:52:fc:15:eb:01:ac:9d:f9:
46:e2:72:fa:6b:a2:98:ba:29:58:3c:85:80:26:7b:ee:c8:54:
74:29:b5:77:b7:cb:92:37:72:44:54:a5:6d:c6:4b:19:fc:d3:
4c:ea:8e:c0:af:4e:2e:3e:cb:8d:31:59:a2:9d:80:19:4d:76:
0d:6d:84:04:1d:f1:33:db:ac:73:bc:bc:6a:72:e9:c1:3b:43:
33:df:7c:4f:04:dd:0b:89:76:67:b4:4d:4b:e3:d0:8e:05:26:
ee:3e:41:1d:ae:99:1e:81:82:6a:1f:45:d2:00:82:3a:ac:12:
eb:44:d8:b1:e1:69:c3:c3:9b:20:2c:f7:a7:2c:7d:d5:25:c6:
17:90:a4:00:e1:3d:2f:cf:b5:7a:cd:17:f5:8c:af:f1:76:48:
ca:9f:d8:74:63:9f:0b:a5:47:a8:06:d6:cd:ef:e4:90:14:b5:
35:26:b9:80:68:97:41:bb:11:12:0f:25:72:ba:54:5d:e1:8b:
71:c7:5f:89
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZI9MJvuMKYzGuytrAXAoDGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwOTI5MDk1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmM0NmFhZmM5ODFiMjk1MjE3MjRiNDQ3ZGVlOWEwNDZkZmNhMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv0ubWCOpDq9ei36bM4m0ssK/u8M
8k4gmAdv2gi6njrvyx0q2GhGop2P4b8LDhFEpgGD5lZoyUyFtcDDCvfyEbZQUqII
bturHoiph8y+nrX5XyTDnm0WPO8OAVee8FOiioFV940gQqyRF331SlR23jSy5gEV
fuBNqTYYivAYU2Vt6FfUBQvbJGN4SdcN9lKcUvmAmweJj1qhjO3s0ZzuR/2oJXV9
7/bzf8RlQrMaibtG9cn7tYs63uuIzhkfBHJGscLUyrpGEEQuXIRyoXYJLmxxE3oy
6nVez6M5/yDDHqaOY3V9/TlMvDjyLyxmrjsMkSAciByKOSMUTermIxiEPQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFELEaq/JgbKVIXJLRH3umgRt/KKqMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUXNScXI4bUJzcFVoY2t0RWZlNmFCRzM4b3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLYe2AwQA
TVFkAwQAWSJqAwQAW4QzAwQAXXK3AwQAXrDWAwQAvECOAwQA2RMEMA0GCSqGSIb3
DQEBCwUAA4IBAQB7i+Qegez8Lv+YTMcrtZBwV622guwQZfnRxzvISD5fvWDsJf48
NDC+6cUJ3MnRDgdB/pXzikIdcPLHYZrxrKJ3UvwV6wGsnflG4nL6a6KYuilYPIWA
JnvuyFR0KbV3t8uSN3JEVKVtxksZ/NNM6o7Ar04uPsuNMVminYAZTXYNbYQEHfEz
26xzvLxqcunBO0Mz33xPBN0LiXZntE1L49COBSbuPkEdrpkegYJqH0XSAII6rBLr
RNix4WnDw5sgLPenLH3VJcYXkKQA4T0vz7V6zRf1jK/xdkjKn9h0Y58LpUeoBtbN
7+SQFLU1JrmAaJdBuxESDyVyulRd4Ytxx1+J
-----END CERTIFICATE-----
Generated at Wed Oct 2 04:59:38 2024 by rpki-client on console-fra.rpki-client.org