Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/QlOUugnwnaWFmXUPEj5FX9bUGo0.roa
File: QlOUugnwnaWFmXUPEj5FX9bUGo0.roa (raw, json)
Hash identifier: sc3h6UIq4b/UVcGzMGpxvunEKdr2dJydspotsBUt50E=
Subject key identifier: 42:53:94:BA:09:F0:9D:A5:85:99:75:0F:12:3E:45:5F:D6:D4:1A:8D
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018D2D73ABE036FD81A931EE2F9821ECC93C
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/QlOUugnwnaWFmXUPEj5FX9bUGo0.roa
Signing time: Sun 21 Jan 2024 19:16:11 +0000
ROA not before: Sun 21 Jan 2024 19:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.10.109.0/24 maxlen: 24
45.88.208.0/24 maxlen: 24
45.88.211.0/24 maxlen: 24
176.53.187.0/24 maxlen: 24
193.56.185.0/24 maxlen: 24
193.160.211.0/24 maxlen: 24
194.32.124.0/24 maxlen: 24
194.32.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 08:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:73:ab:e0:36:fd:81:a9:31:ee:2f:98:21:ec:c9:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 21 19:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=425394ba09f09da58599750f123e455fd6d41a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f9:63:e0:1f:73:96:a5:73:d9:91:99:dc:88:
50:27:26:3e:99:51:5a:38:46:7a:1c:9a:a8:d9:77:
9d:2c:f9:3c:33:4f:68:b3:e6:c8:8d:36:36:c7:18:
53:c9:6a:b3:cd:1d:88:da:b7:0f:04:ef:65:de:11:
d6:f3:3a:11:6d:56:7a:8d:2a:b6:4d:fe:36:8f:04:
d5:ac:92:f4:59:72:e7:de:10:2e:8a:0d:22:d6:ba:
ff:4b:f6:28:57:c4:ef:65:fe:43:88:03:b3:1e:0e:
99:5d:58:f4:2e:40:3e:ac:5b:ca:49:93:39:fa:ad:
51:88:ea:69:62:c9:50:8d:08:3c:00:dd:ee:c4:6c:
d1:69:ac:43:ce:5f:d6:b5:e1:5e:b5:65:66:49:5a:
32:b4:62:28:94:05:30:f2:1a:56:1a:b6:52:cf:c0:
5e:97:3b:75:d1:05:99:97:2b:c1:36:00:46:15:e3:
da:7c:5d:ce:9c:6f:06:b6:72:79:c9:b9:b8:80:4f:
8f:92:93:06:ab:9f:81:86:fa:27:4f:18:b1:53:77:
f7:0d:4f:88:ef:79:dd:7b:4b:53:11:94:fa:64:c5:
7c:d2:ad:f9:e4:45:56:f3:a3:64:82:12:86:dd:52:
1c:6f:93:74:d3:fe:45:e2:98:05:e2:0f:5a:bc:b4:
d9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:53:94:BA:09:F0:9D:A5:85:99:75:0F:12:3E:45:5F:D6:D4:1A:8D
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/QlOUugnwnaWFmXUPEj5FX9bUGo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.109.0/24
45.88.208.0/24
45.88.211.0/24
176.53.187.0/24
193.56.185.0/24
193.160.211.0/24
194.32.124.0/24
194.32.126.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d9:55:15:88:8b:cd:11:56:a5:57:7f:36:02:7b:f5:9c:30:
fd:0c:43:34:da:0b:d0:34:d0:65:62:40:b8:f0:f6:ba:97:0b:
8f:74:13:00:22:0d:28:8b:5e:24:bc:20:2c:7c:c6:b0:97:8a:
fe:6c:b1:62:9b:c2:a2:6b:98:6d:dd:21:b2:2f:55:c5:5a:c3:
5c:ca:f2:bb:9e:e1:2b:4e:f2:de:a3:56:e9:5c:29:5c:53:c6:
0b:21:1d:86:dd:92:ca:79:bf:fb:0c:46:7a:4d:86:28:44:e2:
55:e9:e2:48:6b:ff:c7:ac:24:f4:4e:04:d5:90:b7:ee:7e:43:
98:f4:72:e2:46:dd:7b:50:b6:b9:9e:1b:8d:fd:a8:c5:07:df:
36:55:10:68:b8:2e:42:e2:31:df:1a:fc:5b:90:5f:f5:5e:51:
7e:07:00:56:74:f0:87:76:22:c3:65:fd:6d:d1:88:0a:46:ca:
04:74:40:29:6c:56:4b:18:6f:b1:2f:bd:5c:9a:06:a6:4c:3d:
b7:16:29:90:75:17:06:6c:6b:63:e6:49:be:29:91:08:a9:13:
b1:92:9d:a5:33:1b:7d:f4:97:05:53:65:00:00:43:82:b4:e2:
39:fd:57:60:db:09:50:37:77:57:91:03:d3:0b:b3:30:95:12:
42:a7:98:2a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY0tc6vgNv2BqTHuL5gh7Mk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMTIxMTkxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjUzOTRiYTA5ZjA5ZGE1ODU5OTc1MGYxMjNlNDU1ZmQ2ZDQxYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPlj4B9zlqVz2ZGZ3IhQJyY+mVFa
OEZ6HJqo2XedLPk8M09os+bIjTY2xxhTyWqzzR2I2rcPBO9l3hHW8zoRbVZ6jSq2
Tf42jwTVrJL0WXLn3hAuig0i1rr/S/YoV8TvZf5DiAOzHg6ZXVj0LkA+rFvKSZM5
+q1RiOppYslQjQg8AN3uxGzRaaxDzl/WteFetWVmSVoytGIolAUw8hpWGrZSz8Be
lzt10QWZlyvBNgBGFePafF3OnG8GtnJ5ybm4gE+PkpMGq5+BhvonTxixU3f3DU+I
73nde0tTEZT6ZMV80q355EVW86NkghKG3VIcb5N00/5F4pgF4g9avLTZJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEJTlLoJ8J2lhZl1DxI+RV/W1BqNMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvUWxPVXVnbnduYVdGbVhVUEVqNUZYOWJVR28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQptAwQA
LVjQAwQALVjTAwQAsDW7AwQAwTi5AwQAwaDTAwQAwiB8AwQAwiB+MA0GCSqGSIb3
DQEBCwUAA4IBAQBY2VUViIvNEValV382Anv1nDD9DEM02gvQNNBlYkC48Pa6lwuP
dBMAIg0oi14kvCAsfMawl4r+bLFim8Kia5ht3SGyL1XFWsNcyvK7nuErTvLeo1bp
XClcU8YLIR2G3ZLKeb/7DEZ6TYYoROJV6eJIa//HrCT0TgTVkLfufkOY9HLiRt17
ULa5nhuN/ajFB982VRBouC5C4jHfGvxbkF/1XlF+BwBWdPCHdiLDZf1t0YgKRsoE
dEApbFZLGG+xL71cmgamTD23FimQdRcGbGtj5km+KZEIqROxkp2lMxt99JcFU2UA
AEOCtOI5/Vdg2wlQN3dXkQPTC7MwlRJCp5gq
Generated at Mon Jan 22 11:00:56 2024 by rpki-client on console-ams.rpki-client.org