Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/Q-pGAZ2pp26EJNiJHAlJNmdYp8A.roa
File: Q-pGAZ2pp26EJNiJHAlJNmdYp8A.roa (raw, json)
Hash identifier: gviRnmaJrltowsJAbmeGNaaQZhgSJj+H0VQ7I2zr/4k=
Subject key identifier: 43:EA:46:01:9D:A9:A7:6E:84:24:D8:89:1C:09:49:36:67:58:A7:C0
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 01856E942B4D2CD8691BF649B609DC1C939C
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/Q-pGAZ2pp26EJNiJHAlJNmdYp8A.roa
Signing time: Sun 01 Jan 2023 18:24:42 +0000
ROA not before: Sun 01 Jan 2023 18:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 192.144.52.0/22 maxlen: 24
193.187.168.0/22 maxlen: 24
193.9.36.0/22 maxlen: 24
185.161.252.0/22 maxlen: 24
185.220.28.0/22 maxlen: 24
193.9.40.0/22 maxlen: 24
45.83.112.0/22 maxlen: 24
194.39.68.0/22 maxlen: 24
185.181.56.0/22 maxlen: 24
80.254.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Mar 2023 11:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:94:2b:4d:2c:d8:69:1b:f6:49:b6:09:dc:1c:93:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jan 1 18:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43ea46019da9a76e8424d8891c0949366758a7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2c:81:b8:f3:92:c9:ab:e5:03:bd:9d:de:87:
72:c8:61:56:cd:21:b7:62:07:7f:96:a7:43:21:bd:
e0:ab:76:33:35:c0:05:74:6d:0c:c2:bd:c4:e7:b3:
e5:54:d6:9c:7e:db:d1:d7:c3:4c:2f:4b:6f:c2:24:
ae:d8:89:4a:19:b8:d2:1b:60:04:58:ca:cc:c8:98:
4b:21:a9:36:c2:55:a7:54:97:42:3e:99:47:31:89:
51:a7:82:c7:26:f4:38:5c:62:bb:95:f2:a7:67:55:
53:33:51:66:d3:42:01:38:7e:f7:47:e4:fe:4f:3b:
04:2a:af:e0:0d:30:49:14:2b:36:c3:15:f7:36:e2:
7f:eb:c3:bf:09:43:4b:b6:b1:6f:70:a6:0c:7f:32:
8c:72:9c:30:c7:0a:13:d3:2d:94:97:99:f0:98:85:
3f:f5:fa:67:00:c0:b0:b4:6f:d8:7d:79:79:99:bb:
6e:7e:61:5f:9c:7f:ed:2f:5b:05:14:02:a5:db:ed:
c7:fd:12:3e:b5:ac:14:ab:f4:24:80:1c:55:1c:ad:
e3:a6:20:3e:73:55:ac:56:40:67:99:a3:c7:f2:9e:
8d:92:a1:3a:6f:27:6b:c9:02:64:60:2a:2e:d0:49:
3c:5c:6e:17:dd:65:ea:e8:78:d1:e4:a0:ba:43:79:
b5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EA:46:01:9D:A9:A7:6E:84:24:D8:89:1C:09:49:36:67:58:A7:C0
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/Q-pGAZ2pp26EJNiJHAlJNmdYp8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.112.0/22
80.254.236.0/22
185.161.252.0/22
185.181.56.0/22
185.220.28.0/22
192.144.52.0/22
193.9.36.0-193.9.43.255
193.187.168.0/22
194.39.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:37:57:51:c8:1f:27:95:64:b3:35:49:3c:c3:08:d8:ec:37:
a0:7d:f1:99:e7:b2:ac:89:cd:c9:8d:1b:cc:e9:a9:0b:4f:5f:
e5:84:a3:95:30:a5:91:c3:79:7e:ba:20:18:d9:36:aa:4d:f5:
c9:90:22:18:9b:43:4d:70:02:90:4e:ba:48:2e:0a:65:95:61:
31:23:b9:cb:69:10:ce:36:47:c8:e8:a3:66:e4:9e:f4:78:95:
8c:df:b2:dc:c2:dd:55:40:33:4a:5a:e3:fa:13:95:65:0d:d7:
65:01:9c:fc:49:60:7a:26:03:e8:8b:59:d1:43:8f:8d:06:30:
34:c4:1b:bd:05:12:5d:2e:51:39:38:91:5d:95:99:08:46:6b:
ff:9d:38:dc:37:45:03:a1:68:69:c2:8e:34:fe:2d:ac:ef:12:
8d:75:56:73:d1:6f:88:d8:71:09:3a:31:6a:d4:c3:5e:60:b9:
4c:89:6f:e6:0b:57:2c:e0:f5:74:86:58:62:9a:0a:4e:3f:de:
1a:dd:a5:da:fa:2b:bc:ab:7a:88:96:bd:a3:e9:53:eb:c9:52:
bb:bb:bc:84:2d:1e:63:c4:f5:c6:ca:e3:6e:0b:5c:6f:70:53:
27:93:87:ea:b6:1e:c7:2b:e1:e0:67:34:0c:21:6f:ab:ae:93:
d2:6b:60:9d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYVulCtNLNhpG/ZJtgncHJOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjMwMTAxMTgyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2VhNDYwMTlkYTlhNzZlODQyNGQ4ODkxYzA5NDkzNjY3NThhN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSyBuPOSyavlA72d3odyyGFWzSG3
Ygd/lqdDIb3gq3YzNcAFdG0Mwr3E57PlVNacftvR18NML0tvwiSu2IlKGbjSG2AE
WMrMyJhLIak2wlWnVJdCPplHMYlRp4LHJvQ4XGK7lfKnZ1VTM1Fm00IBOH73R+T+
TzsEKq/gDTBJFCs2wxX3NuJ/68O/CUNLtrFvcKYMfzKMcpwwxwoT0y2Ul5nwmIU/
9fpnAMCwtG/YfXl5mbtufmFfnH/tL1sFFAKl2+3H/RI+tawUq/QkgBxVHK3jpiA+
c1WsVkBnmaPH8p6NkqE6bydryQJkYCou0Ek8XG4X3WXq6HjR5KC6Q3m1GQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEPqRgGdqaduhCTYiRwJSTZnWKfAMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvUS1wR0FaMnBwMjZFSk5pSkhBbEpObWRZcDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCLVNwAwQC
UP7sAwQCuaH8AwQCubU4AwQCudwcAwQCwJA0MAwDBALBCSQDBALBCSgDBALBu6gD
BALCJ0QwDQYJKoZIhvcNAQELBQADggEBAF83V1HIHyeVZLM1STzDCNjsN6B98Znn
sqyJzcmNG8zpqQtPX+WEo5UwpZHDeX66IBjZNqpN9cmQIhibQ01wApBOukguCmWV
YTEjuctpEM42R8joo2bknvR4lYzfstzC3VVAM0pa4/oTlWUN12UBnPxJYHomA+iL
WdFDj40GMDTEG70FEl0uUTk4kV2VmQhGa/+dONw3RQOhaGnCjjT+LazvEo11VnPR
b4jYcQk6MWrUw15guUyJb+YLVyzg9XSGWGKaCk4/3hrdpdr6K7yreoiWvaPpU+vJ
Uru7vIQtHmPE9cbK424LXG9wUyeTh+q2Hscr4eBnNAwhb6uuk9JrYJ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:34 2024 by rpki-client on console-ams.rpki-client.org