Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/CQYmjvNU-FOjFf7YpQj4nUKi6xU.roa
File: CQYmjvNU-FOjFf7YpQj4nUKi6xU.roa (raw, json)
Hash identifier: hZW0fnEZwrGMbD0d3NDAw6H/DZv7QRwKfgy1NtS7WgE=
Subject key identifier: 09:06:26:8E:F3:54:F8:53:A3:15:FE:D8:A5:08:F8:9D:42:A2:EB:15
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 0189B67573E1302A4E53791BFFAAFA11805A
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/CQYmjvNU-FOjFf7YpQj4nUKi6xU.roa
Signing time: Wed 02 Aug 2023 13:34:57 +0000
ROA not before: Wed 02 Aug 2023 13:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.66.93.0/24 maxlen: 24
45.66.94.0/23 maxlen: 23
37.44.228.0/22 maxlen: 24
192.145.52.0/22 maxlen: 24
192.145.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Sep 2023 08:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:75:73:e1:30:2a:4e:53:79:1b:ff:aa:fa:11:80:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Aug 2 13:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0906268ef354f853a315fed8a508f89d42a2eb15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:dc:c2:cb:92:39:34:c9:18:78:c6:f1:64:6a:
e8:2a:de:86:00:20:63:ad:b6:e1:ca:dd:24:92:c8:
98:e0:74:f9:fc:91:be:4e:5c:0c:45:95:dd:f7:6c:
5b:79:9d:55:4a:be:27:ee:82:d2:0d:c9:b4:3c:2b:
8c:61:5b:00:0f:21:3f:01:97:2e:93:be:99:9c:23:
01:89:44:50:d0:4f:0a:06:4f:fb:57:77:be:85:4a:
67:27:df:c1:5c:be:6b:b0:48:83:cc:11:e6:00:03:
b5:33:13:03:09:48:3a:ff:f4:2f:9c:24:20:95:17:
1f:27:2b:5c:38:4a:50:3b:03:47:9d:5e:e5:56:50:
9a:b5:7a:ad:b6:37:72:e6:54:58:8e:6f:83:1e:f2:
62:d1:72:e4:bf:34:d9:53:a5:17:c8:ca:c5:c9:ec:
2f:bd:89:4f:8d:4e:cb:39:74:72:67:4b:08:4e:98:
db:cd:b6:86:36:4c:0d:66:e8:bb:04:78:db:20:29:
d8:ff:f5:7c:5e:f0:e7:e5:1a:6f:23:fb:f5:80:ab:
88:f0:9e:aa:c2:14:74:0e:33:82:6a:b6:3f:cc:81:
37:40:1b:20:54:32:08:c2:f2:e5:31:e5:7c:56:9b:
74:df:f0:2e:c5:a3:ae:f0:73:74:83:84:63:7e:c1:
f0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:06:26:8E:F3:54:F8:53:A3:15:FE:D8:A5:08:F8:9D:42:A2:EB:15
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/CQYmjvNU-FOjFf7YpQj4nUKi6xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.93.0-45.66.95.255
192.145.52.0/22
Signature Algorithm: sha256WithRSAEncryption
02:25:d7:58:ca:16:5c:73:6b:0a:87:19:6c:76:e9:91:2d:5f:
d8:e8:da:9b:0f:45:4f:2f:34:e3:0d:1e:6d:63:0c:cf:04:31:
b5:9c:b4:dd:4e:0a:24:ca:23:b6:d7:7c:65:06:0a:bd:94:0b:
e1:44:c2:bb:94:4d:97:dd:cf:a6:6d:08:c7:98:c1:66:0b:c3:
18:89:e7:9e:53:47:dc:e9:f6:fc:17:18:ab:ec:f9:c7:ad:f6:
aa:11:86:76:a7:dd:2a:90:a5:3d:5a:2a:89:56:86:45:a1:ea:
76:e5:4c:57:d0:10:7a:7e:84:a8:27:82:7e:2f:fc:9e:cc:af:
a3:84:0b:91:a3:52:d9:33:f9:61:b9:89:3f:c8:0d:eb:d2:eb:
21:b8:43:df:79:b6:54:77:be:e2:09:5f:6d:5c:0b:12:bb:29:
4e:70:53:ca:b8:7f:78:26:f2:7f:25:51:6e:de:d6:0f:2c:86:
87:d4:1e:06:fd:c9:5b:90:33:0d:f6:5d:ea:3f:42:e3:5a:d1:
29:7b:43:d1:80:b7:1f:82:59:64:bf:1c:c1:d8:83:98:71:36:
b1:75:fb:7d:8c:b3:1a:07:91:c2:bb:89:a0:02:09:28:ef:f2:
35:8d:31:71:70:95:dd:de:77:5d:89:5a:3c:e3:6e:37:61:8a:
7d:c5:22:bd
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYm2dXPhMCpOU3kb/6r6EYBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjMwODAyMTMzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA2MjY4ZWYzNTRmODUzYTMxNWZlZDhhNTA4Zjg5ZDQyYTJlYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNzCy5I5NMkYeMbxZGroKt6GACBj
rbbhyt0kksiY4HT5/JG+TlwMRZXd92xbeZ1VSr4n7oLSDcm0PCuMYVsADyE/AZcu
k76ZnCMBiURQ0E8KBk/7V3e+hUpnJ9/BXL5rsEiDzBHmAAO1MxMDCUg6//QvnCQg
lRcfJytcOEpQOwNHnV7lVlCatXqttjdy5lRYjm+DHvJi0XLkvzTZU6UXyMrFyewv
vYlPjU7LOXRyZ0sITpjbzbaGNkwNZui7BHjbICnY//V8XvDn5RpvI/v1gKuI8J6q
whR0DjOCarY/zIE3QBsgVDIIwvLlMeV8Vpt03/AuxaOu8HN0g4RjfsHwgwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAkGJo7zVPhToxX+2KUI+J1CousVMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvQ1FZbWp2TlUtRk9qRmY3WXBRajRuVUtpNnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCJSzkMAwD
BAAtQl0DBAUtQkADBALAkTQwDQYJKoZIhvcNAQELBQADggEBAAIl11jKFlxzawqH
GWx26ZEtX9jo2psPRU8vNOMNHm1jDM8EMbWctN1OCiTKI7bXfGUGCr2UC+FEwruU
TZfdz6ZtCMeYwWYLwxiJ555TR9zp9vwXGKvs+cet9qoRhnan3SqQpT1aKolWhkWh
6nblTFfQEHp+hKgngn4v/J7Mr6OEC5GjUtkz+WG5iT/IDevS6yG4Q995tlR3vuIJ
X21cCxK7KU5wU8q4f3gm8n8lUW7e1g8shofUHgb9yVuQMw32Xeo/QuNa0Sl7Q9GA
tx+CWWS/HMHYg5hxNrF1+32MsxoHkcK7iaACCSjv8jWNMXFwld3ed12JWjzjbjdh
in3FIr0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org