Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/Qph_YZL1lclXIhAqttR1U6Tc6Y4.roa
File: Qph_YZL1lclXIhAqttR1U6Tc6Y4.roa (raw, json)
Hash identifier: c4sP7gGoKjwhdBirPBDDoB4NWTiNSKLwHxjpVJgHZfk=
Subject key identifier: 42:98:7F:61:92:F5:95:C9:57:22:10:2A:B6:D4:75:53:A4:DC:E9:8E
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 018F61D938134B0B32726806B93BD2CB9B37
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/Qph_YZL1lclXIhAqttR1U6Tc6Y4.roa
Signing time: Fri 10 May 2024 09:32:56 +0000
ROA not before: Fri 10 May 2024 09:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 45.114.12.0/22 maxlen: 32
45.145.104.0/22 maxlen: 32
91.132.114.0/23 maxlen: 32
103.240.180.0/22 maxlen: 32
193.19.204.0/24 maxlen: 32
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
193.28.237.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 May 2024 08:58:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:d9:38:13:4b:0b:32:72:68:06:b9:3b:d2:cb:9b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: May 10 09:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42987f6192f595c95722102ab6d47553a4dce98e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cb:48:cb:03:97:24:f2:7b:d7:0a:23:2f:82:
f7:13:18:cd:87:3c:3a:b2:e6:f5:b7:ce:49:08:71:
28:4c:02:03:16:8c:5a:ce:85:27:b6:9d:0f:af:1d:
bd:63:05:ea:78:71:cc:3d:5c:8e:5b:bf:de:13:25:
9a:e2:c9:07:ec:93:7d:f8:f9:0b:a2:3e:31:2b:84:
27:cd:14:06:7f:a6:9c:b6:2e:28:4d:8b:72:29:46:
59:cc:1b:41:5a:a4:9d:08:1c:48:35:c5:79:a4:ef:
87:23:f3:e6:14:5d:36:01:a1:d2:63:ab:69:ce:35:
26:58:60:c1:49:a6:6c:ad:23:e5:d5:ce:e6:14:fa:
ec:1e:d7:0b:17:d6:0d:4c:09:24:d5:6f:6a:59:6a:
db:04:ac:f0:05:5b:d3:ac:ca:d8:38:28:bf:7a:5f:
73:ef:33:5c:74:6b:f2:ec:9e:85:5f:b2:a9:d8:03:
87:46:f9:10:12:22:22:9a:e7:f9:c1:df:d7:05:53:
3e:26:63:f3:41:f0:d2:40:3d:5b:50:8b:07:c9:08:
43:fb:cf:84:30:8d:ac:98:96:eb:ad:c8:46:ee:c9:
37:b6:e9:67:bb:c4:70:86:88:6e:3a:73:6b:31:9c:
fc:86:c5:3f:8a:50:e4:ca:c0:2f:2d:db:77:91:e9:
45:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:98:7F:61:92:F5:95:C9:57:22:10:2A:B6:D4:75:53:A4:DC:E9:8E
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/Qph_YZL1lclXIhAqttR1U6Tc6Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.12.0/22
45.145.104.0/22
91.132.114.0/23
103.240.180.0/22
193.19.204.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:97:65:53:ff:b1:c5:e6:a0:62:29:9d:e9:b4:72:bc:07:59:
92:1c:b9:e9:2a:b5:5f:ef:1b:e4:e9:a1:35:e2:fc:1e:1a:4e:
5d:25:bf:b8:14:bc:9d:c9:f5:94:13:4c:bb:41:9f:1d:0a:34:
23:a6:6e:48:04:d7:37:86:78:c4:3c:35:c4:11:71:9a:87:18:
89:22:41:e3:22:c7:26:6c:22:ef:5e:e4:54:32:d5:80:15:72:
57:3a:fa:83:40:8f:92:4c:c1:ee:41:3e:e8:d6:dd:6a:e0:9b:
4c:ed:33:a3:ff:01:ed:c2:b3:87:b4:f4:18:11:a3:53:48:16:
42:ff:27:7c:6e:53:7c:52:f7:71:24:c9:b0:ba:f7:77:86:6f:
65:f5:6e:91:b0:d3:90:8e:fd:f7:62:98:e7:bd:7e:f6:03:1b:
a8:ac:d7:2a:21:4c:a0:06:9e:d8:50:93:fc:27:11:52:43:49:
23:b9:92:eb:87:80:1c:12:88:a4:07:eb:0a:15:a7:16:7e:bb:
86:90:a2:82:86:93:79:ed:64:5a:fb:63:b1:dc:f0:8d:8e:f3:
be:9e:08:2a:98:e9:e7:35:3a:57:88:6f:c5:e5:b0:01:2d:47:
74:fa:7d:15:60:ab:fe:2f:a7:7f:8a:91:c6:f6:2b:b0:b5:31:
0b:57:45:1b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY9h2TgTSwsycmgGuTvSy5s3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjQwNTEwMDkzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk4N2Y2MTkyZjU5NWM5NTcyMjEwMmFiNmQ0NzU1M2E0ZGNlOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8tIywOXJPJ71wojL4L3ExjNhzw6
sub1t85JCHEoTAIDFoxazoUntp0Prx29YwXqeHHMPVyOW7/eEyWa4skH7JN9+PkL
oj4xK4QnzRQGf6acti4oTYtyKUZZzBtBWqSdCBxINcV5pO+HI/PmFF02AaHSY6tp
zjUmWGDBSaZsrSPl1c7mFPrsHtcLF9YNTAkk1W9qWWrbBKzwBVvTrMrYOCi/el9z
7zNcdGvy7J6FX7Kp2AOHRvkQEiIimuf5wd/XBVM+JmPzQfDSQD1bUIsHyQhD+8+E
MI2smJbrrchG7sk3tulnu8RwhohuOnNrMZz8hsU/ilDkysAvLdt3kelFVwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEKYf2GS9ZXJVyIQKrbUdVOk3OmOMB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvUXBoX1laTDFsY2xYSWhBcXR0UjFVNlRjNlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLXIMAwQC
LZFoAwQBW4RyAwQCZ/C0AwQCwRPMAwQAwRy2AwQAwRy/AwQAwRzKAwQAwRztMA0G
CSqGSIb3DQEBCwUAA4IBAQBMl2VT/7HF5qBiKZ3ptHK8B1mSHLnpKrVf7xvk6aE1
4vweGk5dJb+4FLydyfWUE0y7QZ8dCjQjpm5IBNc3hnjEPDXEEXGahxiJIkHjIscm
bCLvXuRUMtWAFXJXOvqDQI+STMHuQT7o1t1q4JtM7TOj/wHtwrOHtPQYEaNTSBZC
/yd8blN8UvdxJMmwuvd3hm9l9W6RsNOQjv33YpjnvX72AxuorNcqIUygBp7YUJP8
JxFSQ0kjuZLrh4AcEoikB+sKFacWfruGkKKChpN57WRa+2Ox3PCNjvO+nggqmOnn
NTpXiG/F5bABLUd0+n0VYKv+L6d/ipHG9iuwtTELV0Ub
-----END CERTIFICATE-----
Generated at Wed May 15 14:14:14 2024 by rpki-client on console-fra.rpki-client.org