Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qh-FIyzerei_Ehmi0LThfJnk4kg.roa
File: qh-FIyzerei_Ehmi0LThfJnk4kg.roa (raw, json)
Hash identifier: sbLeaC5mW6E9RaPlEaDSa6MZLvoAf3bSJH3iF5v4Uek=
Subject key identifier: AA:1F:85:23:2C:DE:AD:E8:BF:12:19:A2:D0:B4:E1:7C:99:E4:E2:48
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018BB32D61B8C128B9D7085B824B7805C839
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qh-FIyzerei_Ehmi0LThfJnk4kg.roa
Signing time: Thu 09 Nov 2023 08:22:57 +0000
ROA not before: Thu 09 Nov 2023 08:22:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 188.241.243.0/24 maxlen: 24
185.255.39.0/24 maxlen: 24
188.214.209.0/24 maxlen: 24
185.241.210.0/23 maxlen: 24
93.115.254.0/23 maxlen: 24
193.23.129.0/24 maxlen: 24
193.23.128.0/24 maxlen: 24
213.232.93.0/24 maxlen: 24
213.232.92.0/24 maxlen: 24
213.232.94.0/23 maxlen: 24
45.156.157.0/24 maxlen: 24
89.33.85.0/24 maxlen: 24
185.255.169.0/24 maxlen: 24
185.255.170.0/23 maxlen: 24
185.255.170.0/24 maxlen: 24
185.255.168.0/24 maxlen: 24
89.35.154.0/24 maxlen: 24
188.212.132.0/24 maxlen: 24
188.212.133.0/24 maxlen: 24
188.212.159.0/24 maxlen: 24
87.247.148.0/24 maxlen: 24
87.247.150.0/24 maxlen: 24
87.247.149.0/24 maxlen: 24
87.247.151.0/24 maxlen: 24
188.240.224.0/24 maxlen: 24
188.240.225.0/24 maxlen: 24
188.240.227.0/24 maxlen: 24
91.188.205.0/24 maxlen: 24
91.188.204.0/24 maxlen: 24
91.188.206.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
91.188.207.0/24 maxlen: 24
89.37.63.0/24 maxlen: 24
45.146.184.0/22 maxlen: 24
185.135.140.0/24 maxlen: 24
185.135.141.0/24 maxlen: 24
185.135.143.0/24 maxlen: 24
185.238.10.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:2d:61:b8:c1:28:b9:d7:08:5b:82:4b:78:05:c8:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 9 08:22:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1f85232cdeade8bf1219a2d0b4e17c99e4e248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:52:3c:64:7c:01:db:63:b3:bb:13:29:ee:f9:
b6:23:19:26:87:88:05:26:7e:f3:95:90:0e:fb:b3:
cf:3a:31:25:ee:46:a4:06:98:24:24:4a:d4:be:0a:
88:0d:6d:bd:36:d4:dd:10:ed:59:8f:dd:7b:b3:73:
f2:cd:54:dc:97:83:d0:69:94:cf:95:1e:c6:7e:25:
a2:b3:0f:d4:69:bc:da:33:61:7f:bb:a6:ab:6a:93:
ad:b2:30:8a:68:34:80:f0:ff:6f:d5:ef:c3:05:3f:
55:72:8f:9b:f8:d4:7e:e2:86:66:18:92:e8:25:d2:
20:76:63:3e:f7:85:16:f3:e0:28:3d:e9:c0:d8:bd:
82:9b:12:65:1d:44:90:ed:e3:12:72:70:8f:2b:66:
a3:4f:c2:b3:d1:59:d7:58:d5:b1:0e:8f:9e:d0:c8:
61:06:84:25:2c:d8:fc:57:89:da:09:23:3f:10:f2:
49:f5:c3:bd:f0:b0:5f:7f:74:2b:da:6c:aa:89:bf:
41:60:e5:65:14:2a:3d:f1:ff:e0:6b:7d:3c:3d:0b:
e2:e0:35:4f:3e:81:e3:5a:4e:3f:9a:96:13:c8:5f:
50:e9:fc:51:ce:14:3c:f0:f1:f9:e5:fd:41:85:f4:
fa:77:a1:c3:b7:48:ab:47:19:e5:db:d8:a6:dd:cd:
53:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1F:85:23:2C:DE:AD:E8:BF:12:19:A2:D0:B4:E1:7C:99:E4:E2:48
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/qh-FIyzerei_Ehmi0LThfJnk4kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.184.0/22
45.156.157.0/24
87.247.148.0/22
89.33.85.0/24
89.35.154.0/24
89.37.62.0/23
91.188.204.0/22
93.115.254.0/23
185.135.140.0/23
185.135.143.0/24
185.238.10.0/24
185.241.210.0/23
185.255.39.0/24
185.255.168.0/22
188.212.132.0/23
188.212.159.0/24
188.214.209.0/24
188.240.224.0/23
188.240.227.0/24
188.241.110.0/24
188.241.243.0/24
193.23.128.0/23
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
92:ac:86:40:11:41:38:b2:be:51:ab:98:69:f6:59:9d:90:89:
af:52:11:2e:7e:86:54:19:3a:83:23:32:7a:64:73:f8:f3:01:
5e:5a:dc:49:c7:94:2f:4e:da:7b:30:b9:50:0a:94:2f:7d:d1:
86:6a:86:5d:22:e7:6d:60:af:50:29:d3:6f:ad:03:cd:db:f1:
49:73:dc:18:fc:17:83:9a:26:84:56:07:b8:20:ba:3b:ed:e4:
0d:eb:71:dc:a8:bc:0e:b4:60:99:ef:63:bb:25:e1:70:b5:6c:
f2:db:23:9f:63:ca:ca:ca:80:19:d0:49:54:eb:6a:86:22:d6:
b8:aa:41:73:3c:3b:80:11:58:66:fb:67:ef:4e:32:e1:4d:97:
ae:bb:ed:5d:b1:9c:1e:c8:d6:56:b6:99:61:76:ae:cc:ac:29:
0f:86:67:13:60:38:59:42:a3:36:f0:9f:cc:2b:b7:00:29:d3:
92:d1:db:8d:52:50:58:4a:50:f5:fb:d2:bd:30:ca:0d:a5:a4:
1b:43:cf:41:12:96:8f:9b:7c:88:4b:ee:ba:d9:6b:65:a4:e0:
79:5f:f0:9b:7a:6c:3f:f9:d5:89:16:84:ee:76:32:fc:0f:48:
51:5d:ef:88:26:69:b0:5a:ad:09:ed:57:ad:0c:b5:f8:56:fd:
1c:f8:8e:5f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYuzLWG4wSi51whbgkt4Bcg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTA5MDgyMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFmODUyMzJjZGVhZGU4YmYxMjE5YTJkMGI0ZTE3Yzk5ZTRlMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplI8ZHwB22OzuxMp7vm2Ixkmh4gF
Jn7zlZAO+7PPOjEl7kakBpgkJErUvgqIDW29NtTdEO1Zj917s3PyzVTcl4PQaZTP
lR7GfiWisw/UabzaM2F/u6arapOtsjCKaDSA8P9v1e/DBT9Vco+b+NR+4oZmGJLo
JdIgdmM+94UW8+AoPenA2L2CmxJlHUSQ7eMScnCPK2ajT8Kz0VnXWNWxDo+e0Mhh
BoQlLNj8V4naCSM/EPJJ9cO98LBff3Qr2myqib9BYOVlFCo98f/ga308PQvi4DVP
PoHjWk4/mpYTyF9Q6fxRzhQ88PH55f1BhfT6d6HDt0irRxnl29im3c1TEQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFKofhSMs3q3ovxIZotC04XyZ5OJIMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcWgtRkl5emVyZWlfRWhtaTBMVGhmSm5rNGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
krgDBAAtnJ0DBAJX95QDBABZIVUDBABZI5oDBAFZJT4DBAJbvMwDBAFdc/4DBAG5
h4wDBAC5h48DBAC57goDBAG58dIDBAC5/ycDBAK5/6gDBAG81IQDBAC81J8DBAC8
1tEDBAG88OADBAC88OMDBAC88W4DBAC88fMDBAHBF4ADBALV6FwwDQYJKoZIhvcN
AQELBQADggEBAJKshkARQTiyvlGrmGn2WZ2Qia9SES5+hlQZOoMjMnpkc/jzAV5a
3EnHlC9O2nswuVAKlC990YZqhl0i521gr1Ap02+tA83b8Ulz3Bj8F4OaJoRWB7gg
ujvt5A3rcdyovA60YJnvY7sl4XC1bPLbI59jysrKgBnQSVTraoYi1riqQXM8O4AR
WGb7Z+9OMuFNl6677V2xnB7I1la2mWF2rsysKQ+GZxNgOFlCozbwn8wrtwAp05LR
241SUFhKUPX70r0wyg2lpBtDz0ESlo+bfIhL7rrZa2Wk4Hlf8Jt6bD/51YkWhO52
MvwPSFFd74gmabBarQntV60MtfhW/Rz4jl8=
-----END CERTIFICATE-----
Generated at Thu Nov 9 15:54:00 2023 by rpki-client on console-fra.rpki-client.org