Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Q4rr4VAhUajY_yOcMQMXbRqhsAU.roa
File: Q4rr4VAhUajY_yOcMQMXbRqhsAU.roa (raw, json)
Hash identifier: JZIk3XmhwsrKDZG20X4JeqXcTV38GHHZX/y8LjFHsR4=
Subject key identifier: 43:8A:EB:E1:50:21:51:A8:D8:FF:23:9C:31:03:17:6D:1A:A1:B0:05
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018DEA3C2C8518B63DAA832A0FB8D83236AE
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Q4rr4VAhUajY_yOcMQMXbRqhsAU.roa
Signing time: Tue 27 Feb 2024 11:03:48 +0000
ROA not before: Tue 27 Feb 2024 11:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212552
IP address blocks: 46.249.98.0/23 maxlen: 24
46.249.100.0/22 maxlen: 24
82.115.13.0/24 maxlen: 24
82.115.16.0/24 maxlen: 24
82.115.17.0/24 maxlen: 24
82.115.18.0/24 maxlen: 24
82.115.19.0/24 maxlen: 24
82.115.20.0/23 maxlen: 24
82.115.24.0/22 maxlen: 24
89.251.8.0/23 maxlen: 24
103.75.196.0/22 maxlen: 24
185.215.244.0/23 maxlen: 24
193.36.84.0/23 maxlen: 24
202.133.88.0/24 maxlen: 24
202.133.89.0/24 maxlen: 24
212.90.102.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Mar 2024 03:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:3c:2c:85:18:b6:3d:aa:83:2a:0f:b8:d8:32:36:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 27 11:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=438aebe1502151a8d8ff239c3103176d1aa1b005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:29:41:1a:c4:6d:0c:e3:70:07:28:31:62:79:
aa:80:33:33:91:9c:6c:f7:28:67:c3:36:84:0d:ca:
b3:3d:79:46:b0:3f:77:29:2d:e9:10:f1:43:01:32:
de:70:2c:43:33:5b:88:58:a4:35:92:db:36:49:e8:
0e:3b:ef:46:89:89:a2:a7:37:59:1c:68:8a:a0:b4:
e4:d3:1c:81:40:d7:f8:1f:e1:54:ec:fc:06:fe:a3:
5d:3f:dd:87:28:c5:53:72:61:e7:c4:ed:c0:af:fe:
5a:62:ef:66:6b:9b:a9:2e:7b:b5:1b:df:b7:ea:1d:
27:c2:54:d2:04:59:73:e4:3a:4e:ec:45:39:81:00:
41:15:d4:1b:e8:25:ec:de:bb:b8:08:e9:e2:b1:9a:
b0:b9:7e:4e:9c:14:09:f9:1c:e1:1e:f0:35:ae:49:
5d:46:3b:c4:57:63:23:3a:ce:e1:67:a3:72:7c:03:
e0:5d:9d:e5:10:23:e5:d4:cf:84:fd:fa:a1:85:29:
94:c0:f9:8a:91:01:36:b8:70:bc:4d:6a:ea:1b:83:
a8:26:01:cb:89:6b:3f:e0:49:c4:b2:7f:ef:48:20:
ce:f9:06:d8:ad:13:35:23:46:6a:be:fd:64:c7:61:
b3:dc:79:ec:c4:c5:3b:8e:96:65:6b:25:7a:15:76:
74:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8A:EB:E1:50:21:51:A8:D8:FF:23:9C:31:03:17:6D:1A:A1:B0:05
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Q4rr4VAhUajY_yOcMQMXbRqhsAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.98.0-46.249.103.255
82.115.13.0/24
82.115.16.0-82.115.21.255
82.115.24.0/22
89.251.8.0/23
103.75.196.0/22
185.215.244.0/23
193.36.84.0/23
202.133.88.0/23
212.90.102.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:5b:ae:28:bf:34:b7:f7:d7:2e:9a:f0:3d:39:0f:6b:73:a7:
e1:5f:e3:ae:60:bf:90:85:d4:1d:a0:b0:a6:fd:44:5f:e8:a4:
ef:4c:33:55:fb:28:cb:ce:0a:d0:2d:a3:c1:0e:2d:2d:23:5d:
64:04:74:2c:45:ee:bb:57:77:09:87:d5:5b:cc:77:62:d3:cf:
83:39:96:77:b2:4c:89:16:52:0b:20:65:ef:1e:53:a3:69:3b:
a4:69:d2:ce:97:0e:54:b7:7f:9e:a8:7f:2b:da:e5:cc:c0:8a:
d5:72:b7:d4:de:39:b8:44:96:43:36:5e:dc:5b:80:f1:f4:3a:
a2:a8:53:5e:ba:69:76:bd:ca:e9:10:f1:d3:d3:db:fc:95:ae:
a6:0b:66:8b:4e:0d:1c:01:2b:fc:0e:7c:06:30:95:b6:e1:ac:
86:85:8b:7b:c9:4c:a0:fc:e2:44:40:61:8b:eb:dc:18:b0:0b:
cd:16:88:26:52:5c:59:e4:2c:73:fe:0a:9d:e4:af:7b:d2:bc:
cf:38:b5:19:9b:e0:3e:d0:3e:7c:c0:3e:b8:02:94:6c:3f:70:
b2:77:b0:59:4f:c6:f7:98:35:9d:7e:a4:ec:d1:b0:41:e8:06:
ef:9f:3d:bc:93:ab:5c:23:c7:01:34:14:ce:5f:6a:5f:27:0c:
3b:53:05:f5
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY3qPCyFGLY9qoMqD7jYMjauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMjI3MTEwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhhZWJlMTUwMjE1MWE4ZDhmZjIzOWMzMTAzMTc2ZDFhYTFiMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSlBGsRtDONwBygxYnmqgDMzkZxs
9yhnwzaEDcqzPXlGsD93KS3pEPFDATLecCxDM1uIWKQ1kts2SegOO+9GiYmipzdZ
HGiKoLTk0xyBQNf4H+FU7PwG/qNdP92HKMVTcmHnxO3Ar/5aYu9ma5upLnu1G9+3
6h0nwlTSBFlz5DpO7EU5gQBBFdQb6CXs3ru4COnisZqwuX5OnBQJ+RzhHvA1rkld
RjvEV2MjOs7hZ6NyfAPgXZ3lECPl1M+E/fqhhSmUwPmKkQE2uHC8TWrqG4OoJgHL
iWs/4EnEsn/vSCDO+QbYrRM1I0Zqvv1kx2Gz3HnsxMU7jpZlayV6FXZ09QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFEOK6+FQIVGo2P8jnDEDF20aobAFMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvUTRycjRWQWhVYWpZX3lPY01RTVhiUnFoc0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAEu+WID
BAMu+WADBABScw0wDAMEBFJzEAMEAVJzFAMEAlJzGAMEAVn7CAMEAmdLxAMEAbnX
9AMEAcEkVAMEAcqFWAMEAdRaZjANBgkqhkiG9w0BAQsFAAOCAQEAT1uuKL80t/fX
LprwPTkPa3On4V/jrmC/kIXUHaCwpv1EX+ik70wzVfsoy84K0C2jwQ4tLSNdZAR0
LEXuu1d3CYfVW8x3YtPPgzmWd7JMiRZSCyBl7x5To2k7pGnSzpcOVLd/nqh/K9rl
zMCK1XK31N45uESWQzZe3FuA8fQ6oqhTXrppdr3K6RDx09Pb/JWupgtmi04NHAEr
/A58BjCVtuGshoWLe8lMoPziREBhi+vcGLALzRaIJlJcWeQsc/4KneSve9K8zzi1
GZvgPtA+fMA+uAKUbD9wsnewWU/G95g1nX6k7NGwQegG7589vJOrXCPHATQUzl9q
XycMO1MF9Q==
-----END CERTIFICATE-----
Generated at Sat Mar 23 04:04:11 2024 by rpki-client on console-ams.rpki-client.org