Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/QAP2sqdbrkMS6spjMLIu2GwlUo8.roa
File: QAP2sqdbrkMS6spjMLIu2GwlUo8.roa (raw, json)
Hash identifier: aHiDrV730jU3aFPzNx55Kto9r0de4nGOUZx7X9WrGBU=
Subject key identifier: 40:03:F6:B2:A7:5B:AE:43:12:EA:CA:63:30:B2:2E:D8:6C:25:52:8F
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018ED7EA66DA2303236F3DA3711E935D7CE4
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/QAP2sqdbrkMS6spjMLIu2GwlUo8.roa
Signing time: Sat 13 Apr 2024 14:44:06 +0000
ROA not before: Sat 13 Apr 2024 14:44:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50340
IP address blocks: 85.142.144.0/22 maxlen: 24
85.142.243.0/24 maxlen: 24
85.143.52.0/22 maxlen: 24
85.143.57.0/24 maxlen: 24
85.143.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 16:36:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d7:ea:66:da:23:03:23:6f:3d:a3:71:1e:93:5d:7c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Apr 13 14:44:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4003f6b2a75bae4312eaca6330b22ed86c25528f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3a:94:4d:03:da:cc:12:a3:aa:db:7b:79:7f:
f3:b1:f3:1a:30:5f:c3:9e:17:87:6c:13:72:ff:50:
71:a2:ad:11:d9:2b:88:82:ba:d1:d4:e6:91:a2:49:
a3:d4:d3:eb:8e:ac:d4:4f:04:06:23:a8:4e:a3:89:
76:86:44:62:91:f5:d0:52:de:7e:07:92:ea:bd:9b:
e3:33:56:c5:cb:76:2d:8b:95:aa:d7:a0:08:de:03:
42:52:59:fd:fd:a4:ef:e1:3c:3e:20:7f:d1:a6:ec:
c4:5f:ca:9f:09:74:d9:1b:46:52:98:ee:6e:5c:ca:
4b:a7:58:a7:81:5c:4d:1f:fd:b4:8b:29:c4:cc:7f:
6a:d9:eb:bc:cc:aa:8b:61:3f:d8:05:fa:4f:cc:16:
47:f0:5e:aa:ac:69:a8:73:48:06:87:49:e8:01:a1:
cb:fe:2e:f7:56:d7:e7:20:e3:bf:a5:c6:f7:82:c5:
67:9b:e4:d6:df:e5:2e:c4:80:8b:8c:13:a2:cf:0f:
ce:74:44:e6:a8:d6:41:03:e1:f1:b9:d8:d5:6e:d5:
6f:27:dc:6c:be:a4:f5:1f:67:33:1d:2a:e7:c3:55:
7e:a8:af:ad:03:98:dd:17:23:f1:0f:a7:0a:6c:be:
64:21:b5:79:5f:6f:d9:9c:50:2d:22:03:e5:cf:23:
69:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:03:F6:B2:A7:5B:AE:43:12:EA:CA:63:30:B2:2E:D8:6C:25:52:8F
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/QAP2sqdbrkMS6spjMLIu2GwlUo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.144.0/22
85.142.243.0/24
85.143.52.0/22
85.143.57.0-85.143.58.255
Signature Algorithm: sha256WithRSAEncryption
10:15:8a:24:90:a0:b5:1a:52:a0:a3:bb:ce:97:bb:8a:4a:fa:
14:ab:c9:32:03:35:be:9f:0a:be:89:be:d0:10:ec:bf:18:5e:
10:55:28:16:89:86:e6:16:2b:d4:4d:52:5c:62:94:6c:c6:aa:
b3:7c:42:3d:cb:b6:ab:3d:7a:16:0d:34:82:2e:a8:8b:dc:18:
4a:22:77:f8:b8:62:cf:f5:37:3c:05:75:63:8f:41:d0:f0:0b:
fb:8c:11:19:80:4e:93:e4:76:a5:66:09:10:1f:68:85:7c:d4:
05:af:6f:08:54:38:94:87:63:af:5f:82:57:5e:d5:eb:ed:23:
9b:f5:59:3a:bc:42:28:4f:3f:e3:01:5d:da:7b:87:4b:c6:90:
6a:94:82:f9:ad:7b:f7:62:2d:88:d1:c3:48:c2:6e:d8:4f:3f:
a6:a9:b3:87:1f:e4:87:9a:03:3a:93:0f:c9:23:9b:37:d8:8b:
b9:e3:35:47:a7:f9:5a:e3:6f:d0:30:c4:83:7e:94:25:fd:24:
7a:70:89:2b:bc:1c:61:21:a2:a6:24:04:54:39:31:48:c7:58:
e3:07:3d:dd:c4:3c:e9:be:66:a6:1d:92:29:29:44:2f:1a:07:
31:49:dd:24:28:b3:20:f0:b5:19:bd:86:93:12:de:60:28:f9:
3d:cb:87:44
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY7X6mbaIwMjbz2jcR6TXXzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwNDEzMTQ0NDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDAzZjZiMmE3NWJhZTQzMTJlYWNhNjMzMGIyMmVkODZjMjU1MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjqUTQPazBKjqtt7eX/zsfMaMF/D
nheHbBNy/1Bxoq0R2SuIgrrR1OaRokmj1NPrjqzUTwQGI6hOo4l2hkRikfXQUt5+
B5LqvZvjM1bFy3Yti5Wq16AI3gNCUln9/aTv4Tw+IH/RpuzEX8qfCXTZG0ZSmO5u
XMpLp1ingVxNH/20iynEzH9q2eu8zKqLYT/YBfpPzBZH8F6qrGmoc0gGh0noAaHL
/i73VtfnIOO/pcb3gsVnm+TW3+UuxICLjBOizw/OdETmqNZBA+HxudjVbtVvJ9xs
vqT1H2czHSrnw1V+qK+tA5jdFyPxD6cKbL5kIbV5X2/ZnFAtIgPlzyNpawIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEAD9rKnW65DEurKYzCyLthsJVKPMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvUUFQMnNxZGJya01TNnNwak1MSXUyR3dsVW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCVY6QAwQA
VY7zAwQCVY80MAwDBABVjzkDBABVjzowDQYJKoZIhvcNAQELBQADggEBABAViiSQ
oLUaUqCju86Xu4pK+hSryTIDNb6fCr6JvtAQ7L8YXhBVKBaJhuYWK9RNUlxilGzG
qrN8Qj3Ltqs9ehYNNIIuqIvcGEoid/i4Ys/1NzwFdWOPQdDwC/uMERmATpPkdqVm
CRAfaIV81AWvbwhUOJSHY69fglde1evtI5v1WTq8QihPP+MBXdp7h0vGkGqUgvmt
e/diLYjRw0jCbthPP6aps4cf5IeaAzqTD8kjmzfYi7njNUen+Vrjb9AwxIN+lCX9
JHpwiSu8HGEhoqYkBFQ5MUjHWOMHPd3EPOm+ZqYdkikpRC8aBzFJ3SQosyDwtRm9
hpMS3mAo+T3Lh0Q=
-----END CERTIFICATE-----
Generated at Thu Nov 7 19:59:58 2024 by rpki-client on console-ams.rpki-client.org