Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QaiGtIqzgdOjjAfWfT4eHTpWMZo.roa
File: QaiGtIqzgdOjjAfWfT4eHTpWMZo.roa (raw, json)
Hash identifier: M9djNaXWpakWVWVROIMcekj+qNMGGrdcRszQbUUWI/E=
Subject key identifier: 41:A8:86:B4:8A:B3:81:D3:A3:8C:07:D6:7D:3E:1E:1D:3A:56:31:9A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018C8C21DC25EC9F18F5E691A980A4E9FB5E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QaiGtIqzgdOjjAfWfT4eHTpWMZo.roa
Signing time: Thu 21 Dec 2023 11:27:58 +0000
ROA not before: Thu 21 Dec 2023 11:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47392
IP address blocks: 93.115.255.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Dec 2023 12:03:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:21:dc:25:ec:9f:18:f5:e6:91:a9:80:a4:e9:fb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Dec 21 11:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41a886b48ab381d3a38c07d67d3e1e1d3a56319a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:24:c3:ad:d5:bd:23:f0:ad:3c:db:24:03:ca:
84:39:80:b0:36:95:79:e5:dd:23:ce:be:0f:0b:dd:
9f:7e:06:cb:84:7a:69:0e:92:1c:a6:c4:b4:72:e0:
93:0b:ae:68:5e:be:2c:9c:4a:3c:12:96:24:9e:ec:
f0:20:3f:84:52:73:1a:c6:e5:a9:70:b6:e2:91:95:
5a:4e:66:48:00:9f:bd:f2:50:54:68:3e:d7:be:07:
be:76:25:11:07:f6:77:47:a0:8b:67:07:79:4f:cf:
a6:a8:89:87:38:28:fc:d2:d0:96:4b:18:0c:9e:17:
36:9d:5d:81:fa:10:57:04:24:88:06:38:cb:4e:56:
69:18:98:36:fb:c4:e7:54:19:60:05:3c:94:1d:b0:
04:78:b8:05:82:c8:8a:06:4b:0a:2d:6d:09:f2:c6:
98:cf:9c:b9:ea:63:11:ef:88:a5:21:f7:1c:ea:9c:
b7:3c:9f:03:55:96:2f:f9:c6:eb:ae:87:d0:35:01:
81:dd:66:6f:45:79:a7:56:49:2e:a8:6a:63:20:0d:
75:d6:d1:83:e5:e9:3e:30:f6:bd:ce:7b:b7:34:a0:
2e:11:85:71:71:47:2d:22:87:a2:f2:91:26:32:9a:
10:df:cb:51:97:93:7b:af:2a:d6:98:e9:6e:7c:b3:
ed:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A8:86:B4:8A:B3:81:D3:A3:8C:07:D6:7D:3E:1E:1D:3A:56:31:9A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QaiGtIqzgdOjjAfWfT4eHTpWMZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.255.0/24
188.212.155.0/24
188.213.202.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:30:7c:e3:ca:54:be:77:70:2c:b9:74:dd:ee:99:b6:b7:43:
0e:66:91:c8:cc:f0:4e:64:2b:29:69:72:62:8e:fe:57:96:5f:
88:3a:d9:6d:48:dd:88:f1:7a:c9:7e:63:53:3b:d8:b3:39:5b:
6c:9a:f5:3c:63:02:b6:92:79:7d:02:26:d2:c6:96:4d:31:4c:
ae:d0:58:2b:bd:49:26:51:8f:14:ed:6b:2e:0e:6b:74:c9:99:
ed:4a:ef:d8:42:86:b8:4f:33:26:1f:d7:b2:6e:d1:ac:3f:54:
3a:ea:57:6b:4e:91:5c:71:24:02:ec:4b:bf:ba:a6:51:63:59:
47:5f:32:1c:ab:2c:1e:4b:85:7c:56:dc:c1:cb:18:df:9b:8a:
0d:c6:d5:c0:f1:1b:23:c8:60:04:c7:16:b1:c7:95:da:62:ad:
68:e6:81:5a:a7:c3:b4:ac:f4:e5:f3:09:97:03:72:56:5a:81:
29:21:41:2c:9c:fe:2a:5a:af:4f:25:37:d9:d4:b3:d0:97:dc:
3a:d4:e7:93:97:98:c5:34:29:92:92:b0:e3:92:1f:54:2c:3f:
d5:9e:ea:bd:90:72:c3:5b:2b:b5:6b:5f:49:cb:73:b0:fa:3e:
e5:3c:c3:03:4b:b9:c7:bc:48:d8:28:8c:d9:62:24:3a:74:6a:
50:4c:2a:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyMIdwl7J8Y9eaRqYCk6fteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjIxMTEyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE4ODZiNDhhYjM4MWQzYTM4YzA3ZDY3ZDNlMWUxZDNhNTYzMTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyTDrdW9I/CtPNskA8qEOYCwNpV5
5d0jzr4PC92ffgbLhHppDpIcpsS0cuCTC65oXr4snEo8EpYknuzwID+EUnMaxuWp
cLbikZVaTmZIAJ+98lBUaD7Xvge+diURB/Z3R6CLZwd5T8+mqImHOCj80tCWSxgM
nhc2nV2B+hBXBCSIBjjLTlZpGJg2+8TnVBlgBTyUHbAEeLgFgsiKBksKLW0J8saY
z5y56mMR74ilIfcc6py3PJ8DVZYv+cbrrofQNQGB3WZvRXmnVkkuqGpjIA111tGD
5ek+MPa9znu3NKAuEYVxcUctIoei8pEmMpoQ38tRl5N7ryrWmOlufLPtHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEGohrSKs4HTo4wH1n0+Hh06VjGaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUWFpR3RJcXpnZE9qakFmV2ZUNGVIVHBXTVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXP/AwQA
vNSbAwQAvNXKMA0GCSqGSIb3DQEBCwUAA4IBAQBqMHzjylS+d3AsuXTd7pm2t0MO
ZpHIzPBOZCspaXJijv5Xll+IOtltSN2I8XrJfmNTO9izOVtsmvU8YwK2knl9AibS
xpZNMUyu0FgrvUkmUY8U7WsuDmt0yZntSu/YQoa4TzMmH9eybtGsP1Q66ldrTpFc
cSQC7Eu/uqZRY1lHXzIcqyweS4V8VtzByxjfm4oNxtXA8RsjyGAExxaxx5XaYq1o
5oFap8O0rPTl8wmXA3JWWoEpIUEsnP4qWq9PJTfZ1LPQl9w61OeTl5jFNCmSkrDj
kh9ULD/Vnuq9kHLDWyu1a19Jy3Ow+j7lPMMDS7nHvEjYKIzZYiQ6dGpQTCr0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org