Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QREPJTn_QM7c09fG3S4lD2ooL2A.roa
File: QREPJTn_QM7c09fG3S4lD2ooL2A.roa (raw, json)
Hash identifier: k1eOJ5EnP3Uyi8FI2uNb8rUOZSig840DnEyMpWZzNvs=
Subject key identifier: 41:11:0F:25:39:FF:40:CE:DC:D3:D7:C6:DD:2E:25:0F:6A:28:2F:60
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC80292699D7AF81246B4302CDD6860EE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QREPJTn_QM7c09fG3S4lD2ooL2A.roa
Signing time: Tue 02 Jan 2024 02:31:00 +0000
ROA not before: Tue 02 Jan 2024 02:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210876
IP address blocks: 194.35.40.0/24 maxlen: 24
185.226.8.0/24 maxlen: 24
45.134.84.0/23 maxlen: 23
45.134.84.0/22 maxlen: 24
45.147.116.0/22 maxlen: 24
185.216.30.0/24 maxlen: 24
185.216.31.0/24 maxlen: 24
45.159.76.0/22 maxlen: 24
45.142.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 20:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:92:69:9d:7a:f8:12:46:b4:30:2c:dd:68:60:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41110f2539ff40cedcd3d7c6dd2e250f6a282f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e1:eb:52:b7:3e:04:a4:2a:6e:f7:6d:4e:b2:
40:9f:dd:0e:6a:34:dd:d9:79:b0:c0:97:25:62:c8:
47:61:5b:0c:2c:13:1f:74:bb:4d:be:57:fd:a2:75:
37:a7:f1:b0:5c:93:20:2d:41:c7:df:d3:6b:07:7a:
0a:93:6f:0a:2a:52:fd:d9:1d:d1:73:91:b4:f7:84:
ea:78:f5:fb:d5:17:32:23:32:89:04:df:0c:bb:90:
f5:94:3f:9c:0a:4f:11:7c:7f:ce:a2:93:a8:c6:bf:
5a:6e:47:73:3e:7e:9a:bc:a9:93:8c:07:e7:82:56:
36:90:90:81:b9:94:4a:e0:b3:00:51:02:fd:bf:58:
c2:9e:1d:1f:ad:54:21:cd:4d:a0:8a:65:f6:2f:82:
7b:93:a2:3f:de:c2:21:71:1f:30:a6:e9:0c:0b:81:
d6:0a:ea:7e:d8:30:25:63:49:f7:7e:70:50:56:46:
78:43:5a:c8:06:b8:ab:b5:60:8c:97:f8:a3:8a:96:
30:77:e7:c0:3c:8e:8e:e3:1c:96:e4:42:c9:40:6e:
96:8d:6f:5a:02:0e:7e:19:d2:8d:66:cb:08:b3:af:
e1:11:44:ea:80:7e:25:4b:4b:bd:7e:43:86:cd:28:
d6:77:22:15:5e:52:d6:30:9a:0e:d6:09:7c:5f:ee:
fd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:11:0F:25:39:FF:40:CE:DC:D3:D7:C6:DD:2E:25:0F:6A:28:2F:60
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QREPJTn_QM7c09fG3S4lD2ooL2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
45.142.228.0/22
45.147.116.0/22
45.159.76.0/22
185.216.30.0/23
185.226.8.0/24
194.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
24:34:5a:88:6f:09:03:fa:76:ef:2f:9d:2a:9b:f4:8a:16:c7:
80:f2:03:5c:76:b0:b9:4b:74:05:b4:fd:f9:83:46:84:a6:49:
7c:8d:aa:1e:95:01:81:3d:d0:69:fe:f2:da:80:cd:e8:54:37:
63:dd:28:b3:83:8d:6d:01:f4:bb:22:45:fe:b4:3c:06:00:18:
27:ab:58:70:d0:69:81:7c:a5:78:71:bb:4c:d7:ea:42:0b:7a:
c3:b2:75:68:59:fb:dc:25:09:0d:5c:83:1d:1a:bc:0d:63:36:
80:53:3e:d5:6f:d6:e8:2c:58:7f:ec:e9:e6:f2:4c:25:8e:9c:
b4:11:6c:ba:e6:c0:af:84:8f:33:77:80:a5:12:51:c1:23:8b:
c3:2e:63:52:ef:20:d1:27:4d:5c:51:72:6d:23:f3:13:d0:01:
c3:bf:51:dc:c9:a1:de:e5:f4:b3:57:1b:24:72:d4:ff:64:90:
a3:26:72:38:c8:ec:9d:26:b8:2e:62:15:a4:77:13:e9:0d:58:
75:47:b5:e6:09:bb:fe:ad:79:f3:83:36:e0:0d:b4:a1:2d:a9:
27:26:12:eb:43:be:3b:86:86:bd:c5:ee:d0:cf:83:77:de:85:
bd:1d:d4:a1:91:cd:96:b0:75:78:16:b9:29:29:4e:f4:fa:d9:
0b:79:8f:87
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIApJpnXr4Eka0MCzdaGDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTExMGYyNTM5ZmY0MGNlZGNkM2Q3YzZkZDJlMjUwZjZhMjgyZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+HrUrc+BKQqbvdtTrJAn90OajTd
2XmwwJclYshHYVsMLBMfdLtNvlf9onU3p/GwXJMgLUHH39NrB3oKk28KKlL92R3R
c5G094TqePX71RcyIzKJBN8Mu5D1lD+cCk8RfH/OopOoxr9abkdzPn6avKmTjAfn
glY2kJCBuZRK4LMAUQL9v1jCnh0frVQhzU2gimX2L4J7k6I/3sIhcR8wpukMC4HW
Cup+2DAlY0n3fnBQVkZ4Q1rIBrirtWCMl/ijipYwd+fAPI6O4xyW5ELJQG6WjW9a
Ag5+GdKNZssIs6/hEUTqgH4lS0u9fkOGzSjWdyIVXlLWMJoO1gl8X+79twIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEERDyU5/0DO3NPXxt0uJQ9qKC9gMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUVJFUEpUbl9RTTdjMDlmRzNTNGxEMm9vTDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLYZUAwQC
LY7kAwQCLZN0AwQCLZ9MAwQBudgeAwQAueIIAwQAwiMoMA0GCSqGSIb3DQEBCwUA
A4IBAQAkNFqIbwkD+nbvL50qm/SKFseA8gNcdrC5S3QFtP35g0aEpkl8jaoelQGB
PdBp/vLagM3oVDdj3Sizg41tAfS7IkX+tDwGABgnq1hw0GmBfKV4cbtM1+pCC3rD
snVoWfvcJQkNXIMdGrwNYzaAUz7Vb9boLFh/7Onm8kwljpy0EWy65sCvhI8zd4Cl
ElHBI4vDLmNS7yDRJ01cUXJtI/MT0AHDv1HcyaHe5fSzVxskctT/ZJCjJnI4yOyd
JrguYhWkdxPpDVh1R7XmCbv+rXnzgzbgDbShLaknJhLrQ747hoa9xe7Qz4N33oW9
HdShkc2WsHV4FrkpKU70+tkLeY+H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org