Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/QDyGOcrAm3HzyrHY1rknLQgWxcQ.roa
File: QDyGOcrAm3HzyrHY1rknLQgWxcQ.roa (raw, json)
Hash identifier: OvmGuRXwMLUhixdB/t9xm/XSFQFQEGyTZcRayJsTSEg=
Subject key identifier: 40:3C:86:39:CA:C0:9B:71:F3:CA:B1:D8:D6:B9:27:2D:08:16:C5:C4
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 018B0442BA0888D4ABD772D98336AC0D2673
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/QDyGOcrAm3HzyrHY1rknLQgWxcQ.roa
Signing time: Fri 06 Oct 2023 09:12:43 +0000
ROA not before: Fri 06 Oct 2023 09:12:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 185.251.44.0/22 maxlen: 32
195.66.216.0/21 maxlen: 32
185.247.228.0/22 maxlen: 32
95.175.64.0/19 maxlen: 32
185.251.248.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Nov 2023 15:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:42:ba:08:88:d4:ab:d7:72:d9:83:36:ac:0d:26:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Oct 6 09:12:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=403c8639cac09b71f3cab1d8d6b9272d0816c5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a5:30:5c:34:7e:bb:e5:09:c9:fb:18:3d:41:
9c:1c:9e:4c:5a:06:99:9e:83:e9:d4:63:41:02:4e:
fe:ae:d8:30:70:87:99:a2:21:41:a5:bb:25:63:c6:
bf:78:64:f0:46:38:46:51:c4:ca:4e:9e:6b:6a:ff:
6c:6c:af:b9:34:be:e6:9a:49:66:26:c6:6c:d6:2a:
28:12:3e:75:ae:fb:32:e0:89:36:ee:79:ec:6b:21:
8b:98:9e:87:c9:36:07:16:d5:be:23:05:32:17:df:
df:76:2f:be:d9:e3:c4:2e:ed:4b:d0:0f:fe:2e:6a:
41:7c:d3:40:f9:60:fd:3d:bd:56:9c:80:d1:7a:17:
a5:db:71:2d:82:70:a5:1d:89:89:9d:7b:cb:d4:a0:
01:5b:4a:f1:de:a9:26:af:17:05:ed:64:84:61:87:
76:fe:1c:af:e4:94:7b:41:3c:53:69:f2:78:2c:1c:
bb:3b:25:58:c5:56:de:31:d2:ed:50:cc:34:9e:04:
5f:8a:5c:f1:a4:b2:ad:3a:2b:cd:5e:c8:f8:38:a6:
a8:9d:02:a4:db:eb:08:ff:58:f7:e9:d2:10:65:8f:
73:db:aa:d5:50:84:6f:67:39:4c:b3:00:18:9b:5f:
4e:ae:0f:16:aa:69:98:e9:08:04:6b:c3:27:ce:c3:
6d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3C:86:39:CA:C0:9B:71:F3:CA:B1:D8:D6:B9:27:2D:08:16:C5:C4
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/QDyGOcrAm3HzyrHY1rknLQgWxcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.64.0/19
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
195.66.216.0/21
Signature Algorithm: sha256WithRSAEncryption
b8:56:26:1f:36:84:f4:2b:ed:d6:cb:d8:2f:91:a5:98:20:8f:
18:e0:6b:7e:d6:a3:cb:08:1a:d4:ca:aa:39:73:28:0b:f4:6b:
03:9e:83:bd:16:45:ff:2b:d9:5b:41:6a:1a:5b:23:cc:cd:c0:
34:48:20:33:46:b1:ec:fa:26:3f:69:dd:9c:75:d1:52:ea:9c:
e8:5c:a4:cb:ec:40:1e:ee:8b:e0:11:ee:cd:73:81:fe:9a:3f:
75:ab:8d:ce:cb:8a:2c:bc:de:98:54:86:9a:02:e5:36:52:8d:
7c:c5:a2:f8:82:55:36:b3:31:5f:83:08:b7:8a:27:f5:42:ca:
21:86:a2:d3:35:44:a4:be:28:a2:7b:89:82:67:9e:6d:2c:08:
72:35:dd:7b:67:97:6e:9d:f3:76:5b:0e:16:8c:bf:31:ec:c0:
30:b4:05:07:b0:07:d7:29:f8:b0:2e:71:2f:54:f5:a9:84:bd:
31:7a:25:d3:8b:f1:8b:25:be:cf:8c:0a:80:f0:2d:c1:c3:19:
61:6f:f5:2d:ee:7e:ec:fb:6f:77:22:a2:c9:43:8a:1c:9c:aa:
9f:19:91:5d:33:76:e8:3f:8d:d4:0d:fb:ae:80:de:84:ac:d4:
cb:1b:37:d5:c7:13:09:73:93:62:61:93:d1:03:53:8b:2c:3a:
6a:01:53:92
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYsEQroIiNSr13LZgzasDSZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMxMDA2MDkxMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDNjODYzOWNhYzA5YjcxZjNjYWIxZDhkNmI5MjcyZDA4MTZjNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6UwXDR+u+UJyfsYPUGcHJ5MWgaZ
noPp1GNBAk7+rtgwcIeZoiFBpbslY8a/eGTwRjhGUcTKTp5rav9sbK+5NL7mmklm
JsZs1iooEj51rvsy4Ik27nnsayGLmJ6HyTYHFtW+IwUyF9/fdi++2ePELu1L0A/+
LmpBfNNA+WD9Pb1WnIDRehel23EtgnClHYmJnXvL1KABW0rx3qkmrxcF7WSEYYd2
/hyv5JR7QTxTafJ4LBy7OyVYxVbeMdLtUMw0ngRfilzxpLKtOivNXsj4OKaonQKk
2+sI/1j36dIQZY9z26rVUIRvZzlMswAYm19Org8WqmmY6QgEa8MnzsNtyQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEA8hjnKwJtx88qx2Na5Jy0IFsXEMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvUUR5R09jckFtM0h6eXJIWTFya25MUWdXeGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFX69AAwQC
uffkAwQCufssAwQCufv4AwQDw0LYMA0GCSqGSIb3DQEBCwUAA4IBAQC4ViYfNoT0
K+3Wy9gvkaWYII8Y4Gt+1qPLCBrUyqo5cygL9GsDnoO9FkX/K9lbQWoaWyPMzcA0
SCAzRrHs+iY/ad2cddFS6pzoXKTL7EAe7ovgEe7Nc4H+mj91q43Oy4osvN6YVIaa
AuU2Uo18xaL4glU2szFfgwi3iif1QsohhqLTNUSkviiie4mCZ55tLAhyNd17Z5du
nfN2Ww4WjL8x7MAwtAUHsAfXKfiwLnEvVPWphL0xeiXTi/GLJb7PjAqA8C3Bwxlh
b/Ut7n7s+293IqLJQ4ocnKqfGZFdM3boP43UDfuugN6ErNTLGzfVxxMJc5NiYZPR
A1OLLDpqAVOS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:32 2024 by rpki-client on console-fra.rpki-client.org