Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/QY0NR-ob_2BMvQvlVZmUlUZLJ9o.roa
File: QY0NR-ob_2BMvQvlVZmUlUZLJ9o.roa (raw, json)
Hash identifier: nwE/1SnjQ2N77MwOjyVeifiKEW3VaJ+q3zRwzTuQFjI=
Subject key identifier: 41:8D:0D:47:EA:1B:FF:60:4C:BD:0B:E5:55:99:94:95:46:4B:27:DA
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 018B4D37FA9BF6D8D92BD3FF0468F6CA93A3
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/QY0NR-ob_2BMvQvlVZmUlUZLJ9o.roa
Signing time: Fri 20 Oct 2023 13:13:16 +0000
ROA not before: Fri 20 Oct 2023 13:13:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208660
IP address blocks: 185.213.72.0/22 maxlen: 22
185.226.12.0/22 maxlen: 22
185.226.252.0/22 maxlen: 22
185.226.254.0/24 maxlen: 24
185.226.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:37:fa:9b:f6:d8:d9:2b:d3:ff:04:68:f6:ca:93:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Oct 20 13:13:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=418d0d47ea1bff604cbd0be555999495464b27da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:96:3e:ee:69:e2:ad:0b:6c:51:90:08:2c:d2:
4c:4c:0c:b2:bc:15:46:12:da:db:67:f8:e2:d1:9b:
19:6d:f5:17:60:8d:5d:83:fd:81:0e:c6:0a:9a:2c:
8e:03:8c:8d:7b:38:65:16:11:82:aa:3c:16:bd:69:
e7:59:b9:e5:62:e9:eb:67:d8:6e:1f:97:9d:eb:55:
ec:7e:6a:e6:2b:d6:b5:a5:dd:2f:f0:c2:b9:a4:1d:
51:4c:18:d6:a0:b8:f1:e4:0f:47:fa:96:8e:9e:2f:
e2:be:76:8d:bd:5a:c5:a3:ad:59:fb:96:ac:86:30:
6b:ce:82:7d:90:0c:b7:78:50:37:7f:ec:fa:b8:78:
e1:c2:3d:4f:f8:c6:ff:a3:cb:57:6c:86:43:72:52:
c1:a3:9b:0a:cf:06:b6:b4:d3:1a:91:ea:42:50:8b:
2d:77:0c:33:46:6f:79:a4:db:ce:43:5b:d1:ec:52:
7c:b3:47:c2:e9:06:c0:4d:94:8e:79:7b:1e:8f:73:
b5:50:c6:e3:f2:c8:da:c3:11:db:4e:f0:e1:ec:a7:
fc:04:3e:d7:5f:4f:3a:66:d4:4e:bd:2a:04:34:2b:
61:1f:92:3a:9c:c6:0e:8f:44:cd:e3:aa:0a:c0:f3:
20:0f:c1:86:83:3e:12:37:1b:b9:fe:39:45:47:3b:
e3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:8D:0D:47:EA:1B:FF:60:4C:BD:0B:E5:55:99:94:95:46:4B:27:DA
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/QY0NR-ob_2BMvQvlVZmUlUZLJ9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.72.0/22
185.226.12.0/22
185.226.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:dd:03:19:5e:ad:9a:a0:83:49:d3:d6:0d:de:f5:31:ba:a1:
95:58:c5:18:f0:24:58:3b:e8:96:a1:e5:e5:7a:5e:19:e1:d9:
da:51:16:f5:fd:27:fa:60:4c:48:5f:cc:b1:51:8e:51:9b:15:
18:d6:59:e4:e5:7c:ad:dd:a6:c4:38:7e:41:49:0e:1d:e7:ca:
6e:02:7a:80:47:3d:4a:18:d3:80:90:3a:38:d0:ab:14:9a:39:
81:85:f7:8e:6b:e7:6c:76:d0:e2:93:94:42:28:78:95:f7:0f:
50:d3:47:d5:4e:26:bf:46:f0:fc:7d:48:50:45:a9:d4:78:79:
e8:c9:1c:18:e0:e9:84:84:e9:56:5c:bc:ff:80:4f:5b:1f:4b:
94:b2:fe:b7:08:f8:86:84:a0:46:f1:85:2c:e8:01:03:64:52:
32:a7:1e:56:a4:27:21:6e:29:2b:12:45:41:2b:2d:97:bb:56:
ce:7f:59:9f:05:e9:f3:a4:1a:b2:49:ff:6e:2d:0b:c4:c6:6d:
2e:c1:3a:7d:ac:bf:43:7d:17:a4:b5:0c:97:b5:8d:ce:b9:f7:
f0:85:38:8f:a7:4c:c6:5e:f1:ea:a6:b9:2b:8d:39:ae:35:66:
83:1b:03:44:8b:a4:d2:aa:4b:8f:fe:49:75:11:94:1c:e8:2c:
02:13:9f:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtNN/qb9tjZK9P/BGj2ypOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjMxMDIwMTMxMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MThkMGQ0N2VhMWJmZjYwNGNiZDBiZTU1NTk5OTQ5NTQ2NGIyN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJY+7mnirQtsUZAILNJMTAyyvBVG
EtrbZ/ji0ZsZbfUXYI1dg/2BDsYKmiyOA4yNezhlFhGCqjwWvWnnWbnlYunrZ9hu
H5ed61XsfmrmK9a1pd0v8MK5pB1RTBjWoLjx5A9H+paOni/ivnaNvVrFo61Z+5as
hjBrzoJ9kAy3eFA3f+z6uHjhwj1P+Mb/o8tXbIZDclLBo5sKzwa2tNMakepCUIst
dwwzRm95pNvOQ1vR7FJ8s0fC6QbATZSOeXsej3O1UMbj8sjawxHbTvDh7Kf8BD7X
X086ZtROvSoENCthH5I6nMYOj0TN46oKwPMgD8GGgz4SNxu5/jlFRzvj8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEGNDUfqG/9gTL0L5VWZlJVGSyfaMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvUVkwTlItb2JfMkJNdlF2bFZabVVsVVpMSjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCudVIAwQC
ueIMAwQCueL8MA0GCSqGSIb3DQEBCwUAA4IBAQBb3QMZXq2aoINJ09YN3vUxuqGV
WMUY8CRYO+iWoeXlel4Z4dnaURb1/Sf6YExIX8yxUY5RmxUY1lnk5Xyt3abEOH5B
SQ4d58puAnqARz1KGNOAkDo40KsUmjmBhfeOa+dsdtDik5RCKHiV9w9Q00fVTia/
RvD8fUhQRanUeHnoyRwY4OmEhOlWXLz/gE9bH0uUsv63CPiGhKBG8YUs6AEDZFIy
px5WpCchbikrEkVBKy2Xu1bOf1mfBenzpBqySf9uLQvExm0uwTp9rL9DfRektQyX
tY3OuffwhTiPp0zGXvHqprkrjTmuNWaDGwNEi6TSqkuP/kl1EZQc6CwCE582
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:31 2024 by rpki-client on console-ams.rpki-client.org