Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QZ0RflyeGH6v02gCVFdFwu52-jE.roa
File: QZ0RflyeGH6v02gCVFdFwu52-jE.roa (raw, json)
Hash identifier: UOm0zgRB4Gl4PAV8N45W1H19pnSV33/KVeidD9hAUcU=
Subject key identifier: 41:9D:11:7E:5C:9E:18:7E:AF:D3:68:02:54:57:45:C2:EE:76:FA:31
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01857102FB9C4CCBC24298934040C8D41943
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QZ0RflyeGH6v02gCVFdFwu52-jE.roa
Signing time: Mon 02 Jan 2023 05:44:58 +0000
ROA not before: Mon 02 Jan 2023 05:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8038
IP address blocks: 203.25.124.0/24 maxlen: 24
37.46.151.0/24 maxlen: 24
194.5.84.0/24 maxlen: 24
193.84.134.0/24 maxlen: 24
194.242.3.0/24 maxlen: 24
193.26.114.0/24 maxlen: 24
45.144.224.0/24 maxlen: 24
185.165.44.0/24 maxlen: 24
46.229.255.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
91.190.107.0/24 maxlen: 24
203.159.82.0/24 maxlen: 24
185.217.118.0/24 maxlen: 24
203.159.90.0/24 maxlen: 24
185.228.226.0/24 maxlen: 24
185.244.220.0/24 maxlen: 24
89.31.218.0/24 maxlen: 24
194.76.134.0/24 maxlen: 24
45.133.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Dec 2023 10:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:fb:9c:4c:cb:c2:42:98:93:40:40:c8:d4:19:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=419d117e5c9e187eafd36802545745c2ee76fa31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2b:57:64:ee:38:98:a2:ae:45:e2:b6:d9:1e:
9a:19:ad:90:1a:98:0f:56:55:7d:10:be:d6:f6:c2:
8f:d6:dc:27:a6:e0:97:6c:8a:be:5e:81:32:d9:f6:
43:a4:5b:ba:6f:d2:44:22:a2:39:20:63:90:2c:52:
00:f2:1f:6e:a7:08:0d:25:65:71:20:41:31:44:cc:
a7:4f:fb:13:eb:8c:5a:6b:63:5f:a8:07:10:23:cd:
ce:4c:c4:23:cf:ec:7b:9b:59:a9:9b:1c:36:4b:2b:
9c:f3:37:7d:a6:b2:96:e1:2f:b2:c5:e5:82:c9:4e:
04:6c:da:ae:9d:ba:7d:6e:5d:f7:c0:0c:70:35:74:
00:0b:58:81:a7:ae:3f:8b:49:9d:4e:65:31:dd:26:
df:3a:89:70:53:41:ff:15:44:30:29:d3:a9:45:46:
04:7c:75:0b:63:5f:bc:be:a0:4a:35:15:ff:16:37:
e0:23:ed:e0:30:af:f0:c7:ab:34:35:60:78:f4:5a:
93:61:ad:f6:52:4c:25:d8:19:91:d3:b0:bd:a3:1e:
e1:29:f3:a6:25:83:68:21:d1:b8:4c:6f:8b:52:4d:
7a:21:b0:0a:84:4b:c3:b0:0f:e7:17:02:cd:92:ac:
4f:11:56:df:fc:eb:ca:31:a4:a3:31:54:3a:ee:e9:
c0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9D:11:7E:5C:9E:18:7E:AF:D3:68:02:54:57:45:C2:EE:76:FA:31
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QZ0RflyeGH6v02gCVFdFwu52-jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.151.0/24
45.133.0.0/24
45.144.224.0/24
46.229.255.0/24
89.31.218.0/24
91.190.107.0/24
185.150.0.0/24
185.165.44.0/24
185.217.118.0/24
185.228.226.0/24
185.244.220.0/24
193.26.114.0/24
193.84.134.0/24
194.5.84.0/24
194.76.134.0/24
194.242.3.0/24
203.25.124.0/24
203.159.82.0/24
203.159.90.0/24
Signature Algorithm: sha256WithRSAEncryption
52:24:b7:a8:b9:1f:ba:ef:8d:3f:bc:a7:c9:37:af:bf:b7:70:
ab:64:c1:60:81:0a:a5:63:b7:ad:37:30:e1:23:76:05:0f:96:
c9:b6:b9:d4:e2:31:a3:77:08:6e:8d:b7:b2:b9:d8:47:5d:cd:
69:44:c7:df:ae:f8:00:e2:5a:2d:31:c4:68:7f:ff:58:d7:c3:
e7:d1:65:30:c3:59:9a:27:5e:2e:f7:a2:44:e4:db:3d:1b:34:
36:f3:5c:e8:68:3d:ec:5b:88:d5:eb:b0:71:66:dd:ad:33:aa:
f4:67:0c:82:4c:1a:12:d5:c2:27:94:83:b1:d2:ab:91:bf:82:
b8:0b:bf:b7:a6:09:ae:40:03:76:a9:f9:39:80:9a:3e:b5:80:
5e:90:32:99:70:e3:f4:12:63:27:84:8c:a9:6d:8e:15:cb:f6:
0e:80:ed:5f:18:a9:86:85:83:29:a1:cd:0c:5f:fd:51:61:49:
cc:8f:c2:9e:3a:7c:8e:48:6e:64:d9:50:76:62:5d:f4:e9:c8:
1e:4d:b8:7c:cd:d0:05:ba:7a:41:1b:24:6e:47:8f:52:77:a8:
47:b9:81:84:11:92:d0:c7:2f:91:2e:fe:51:3d:70:5a:ec:ac:
b1:e5:c9:0f:a3:ce:13:cb:89:8a:ed:05:ea:66:9c:4f:67:38:
86:56:da:a4
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYVxAvucTMvCQpiTQEDI1BlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTlkMTE3ZTVjOWUxODdlYWZkMzY4MDI1NDU3NDVjMmVlNzZmYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxitXZO44mKKuReK22R6aGa2QGpgP
VlV9EL7W9sKP1twnpuCXbIq+XoEy2fZDpFu6b9JEIqI5IGOQLFIA8h9upwgNJWVx
IEExRMynT/sT64xaa2NfqAcQI83OTMQjz+x7m1mpmxw2Syuc8zd9prKW4S+yxeWC
yU4EbNqunbp9bl33wAxwNXQAC1iBp64/i0mdTmUx3SbfOolwU0H/FUQwKdOpRUYE
fHULY1+8vqBKNRX/FjfgI+3gMK/wx6s0NWB49FqTYa32Ukwl2BmR07C9ox7hKfOm
JYNoIdG4TG+LUk16IbAKhEvDsA/nFwLNkqxPEVbf/OvKMaSjMVQ67unAYQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFEGdEX5cnhh+r9NoAlRXRcLudvoxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUVowUmZseWVHSDZ2MDJnQ1ZGZEZ3dTUyLWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEACUulwME
AC2FAAMEAC2Q4AMEAC7l/wMEAFkf2gMEAFu+awMEALmWAAMEALmlLAMEALnZdgME
ALnk4gMEALn03AMEAMEacgMEAMFUhgMEAMIFVAMEAMJMhgMEAMLyAwMEAMsZfAME
AMufUgMEAMufWjANBgkqhkiG9w0BAQsFAAOCAQEAUiS3qLkfuu+NP7ynyTevv7dw
q2TBYIEKpWO3rTcw4SN2BQ+Wyba51OIxo3cIbo23srnYR13NaUTH3674AOJaLTHE
aH//WNfD59FlMMNZmideLveiROTbPRs0NvNc6Gg97FuI1euwcWbdrTOq9GcMgkwa
EtXCJ5SDsdKrkb+CuAu/t6YJrkADdqn5OYCaPrWAXpAymXDj9BJjJ4SMqW2OFcv2
DoDtXxiphoWDKaHNDF/9UWFJzI/Cnjp8jkhuZNlQdmJd9OnIHk24fM3QBbp6QRsk
bkePUneoR7mBhBGS0McvkS7+UT1wWuysseXJD6POE8uJiu0F6macT2c4hlbapA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org