Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qaQsVy2GwV00FpwcwdbXYAcy0PE.roa
File: qaQsVy2GwV00FpwcwdbXYAcy0PE.roa (raw, json)
Hash identifier: VSR9ll6AlZTG3cGEf4HV+xHAHlJANixHp9AY/RoanSg=
Subject key identifier: A9:A4:2C:57:2D:86:C1:5D:34:16:9C:1C:C1:D6:D7:60:07:32:D0:F1
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01930760244350F6F6113B464E567F955C91
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qaQsVy2GwV00FpwcwdbXYAcy0PE.roa
Signing time: Thu 07 Nov 2024 16:06:01 +0000
ROA not before: Thu 07 Nov 2024 16:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.241.0/24 maxlen: 24
45.135.181.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.141.216.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 21:43:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:60:24:43:50:f6:f6:11:3b:46:4e:56:7f:95:5c:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 7 16:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9a42c572d86c15d34169c1cc1d6d7600732d0f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ba:a4:6f:b8:15:cf:56:42:63:60:22:38:da:
a2:33:2e:c5:0d:1e:7e:4f:01:40:c1:d2:45:d6:bb:
bc:8a:c9:7e:f1:f9:7e:b1:70:99:f9:c1:f2:a5:cf:
39:db:c1:c0:2c:28:3e:40:f0:80:3e:8a:8a:56:c5:
92:70:d6:1f:c5:27:da:5c:87:c5:a5:65:65:0d:30:
e3:47:4c:1e:aa:12:f7:10:d1:40:2a:52:bd:bf:d5:
59:65:32:9b:9c:f9:4b:da:df:b6:7e:a0:6a:c2:be:
d9:2e:47:c8:bb:a5:e9:40:bb:e7:30:df:6b:66:4f:
7f:ef:ee:08:81:85:89:d5:8c:0d:fa:5d:b9:d7:2b:
25:33:91:4f:be:73:8c:86:4b:06:4f:94:d6:27:f8:
d8:75:14:e7:43:b0:f2:f1:9b:17:06:db:26:8c:4b:
8d:b2:26:61:62:6e:5e:2c:50:ef:b3:b4:38:72:a6:
94:fe:76:8a:e0:fa:ed:70:43:e6:f5:56:78:cc:54:
cd:a3:99:e6:16:d9:5e:77:da:86:f3:91:87:20:3f:
ed:f9:ed:30:d6:4d:ca:c5:61:72:64:81:95:b6:8d:
be:2c:b8:33:b4:b5:3c:15:64:67:91:26:71:9d:2e:
db:d8:fc:d8:4b:67:0e:ab:37:11:b6:1a:1b:9b:bb:
bd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A4:2C:57:2D:86:C1:5D:34:16:9C:1C:C1:D6:D7:60:07:32:D0:F1
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qaQsVy2GwV00FpwcwdbXYAcy0PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.241.0/24
45.135.181.0-45.135.183.255
89.34.106.0/24
93.114.183.0/24
185.141.216.0/24
188.64.142.0/24
Signature Algorithm: sha256WithRSAEncryption
84:0a:37:8e:15:af:4d:8d:71:8a:d1:71:57:cc:74:2e:c8:44:
e5:73:05:4e:52:7c:54:b2:76:e4:55:4a:3c:46:57:9d:b3:4a:
14:48:d3:f3:93:17:83:39:7a:6c:d5:fa:b1:62:52:74:72:3a:
7a:4a:b5:7b:37:fc:e1:44:aa:67:96:fa:90:cb:95:ce:c8:2c:
c2:bf:2e:c6:a0:1e:bb:57:22:cd:04:b1:05:59:08:fa:1c:ea:
4a:7f:18:6f:b2:95:7b:59:38:6b:f1:27:31:9d:56:cf:2a:8b:
36:70:56:68:84:d7:4c:55:af:69:88:6e:50:32:25:65:61:b1:
3e:55:81:4a:a4:44:ce:05:09:0d:c1:7d:0e:27:ab:35:6d:3f:
1c:1d:de:bd:26:e9:9f:e7:15:6e:4c:6a:0c:43:3f:d9:a5:7c:
4e:0f:b1:f9:7b:3d:76:5a:5f:d0:a7:54:35:23:6f:78:df:e5:
d7:59:21:c2:0b:89:15:a6:e4:11:d8:ef:64:77:96:a6:ec:ea:
79:65:26:74:44:21:98:be:4f:ea:da:d2:4c:9e:20:e2:23:ca:
db:ac:13:cd:2f:0b:2d:5a:30:8f:61:d7:da:af:9d:81:21:3c:
9f:63:ff:56:10:c4:4f:9b:b8:5f:9e:84:c6:fd:f7:4f:2a:7a:
8b:de:a5:26
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZMHYCRDUPb2ETtGTlZ/lVyRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTA3MTYwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWE0MmM1NzJkODZjMTVkMzQxNjljMWNjMWQ2ZDc2MDA3MzJkMGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrqkb7gVz1ZCY2AiONqiMy7FDR5+
TwFAwdJF1ru8isl+8fl+sXCZ+cHypc8528HALCg+QPCAPoqKVsWScNYfxSfaXIfF
pWVlDTDjR0weqhL3ENFAKlK9v9VZZTKbnPlL2t+2fqBqwr7ZLkfIu6XpQLvnMN9r
Zk9/7+4IgYWJ1YwN+l251yslM5FPvnOMhksGT5TWJ/jYdRTnQ7Dy8ZsXBtsmjEuN
siZhYm5eLFDvs7Q4cqaU/naK4PrtcEPm9VZ4zFTNo5nmFtled9qG85GHID/t+e0w
1k3KxWFyZIGVto2+LLgztLU8FWRnkSZxnS7b2PzYS2cOqzcRthobm7u9DwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKmkLFcthsFdNBacHMHW12AHMtDxMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvcWFRc1Z5Mkd3VjAwRnB3Y3dkYlhZQWN5MFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAAjnxMAwD
BAAth7UDBAMth7ADBABZImoDBABdcrcDBAC5jdgDBAC8QI4wDQYJKoZIhvcNAQEL
BQADggEBAIQKN44Vr02NcYrRcVfMdC7IROVzBU5SfFSyduRVSjxGV52zShRI0/OT
F4M5emzV+rFiUnRyOnpKtXs3/OFEqmeW+pDLlc7ILMK/LsagHrtXIs0EsQVZCPoc
6kp/GG+ylXtZOGvxJzGdVs8qizZwVmiE10xVr2mIblAyJWVhsT5VgUqkRM4FCQ3B
fQ4nqzVtPxwd3r0m6Z/nFW5MagxDP9mlfE4Psfl7PXZaX9CnVDUjb3jf5ddZIcIL
iRWm5BHY72R3lqbs6nllJnREIZi+T+ra0kyeIOIjytusE80vCy1aMI9h19qvnYEh
PJ9j/1YQxE+buF+ehMb9908qeovepSY=
Generated at Fri Nov 15 23:33:18 2024 by rpki-client on console-fra.rpki-client.org