Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QXqENDP-_7K1MoVBU1kQ3H15M9g.roa
File: QXqENDP-_7K1MoVBU1kQ3H15M9g.roa (raw, json)
Hash identifier: PWNBVvH1fiX35nWNm7vMrjPTpfHqZKJOVRlTXDkbfT4=
Subject key identifier: 41:7A:84:34:33:FE:FF:B2:B5:32:85:41:53:59:10:DC:7D:79:33:D8
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CE889B6401A1463729D20CBD3923FFA9E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QXqENDP-_7K1MoVBU1kQ3H15M9g.roa
Signing time: Mon 08 Jan 2024 10:06:28 +0000
ROA not before: Mon 08 Jan 2024 10:06:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.220.251.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 09 Jan 2024 16:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:89:b6:40:1a:14:63:72:9d:20:cb:d3:92:3f:fa:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 8 10:06:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=417a843433feffb2b5328541535910dc7d7933d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5c:ca:23:69:c8:28:5e:d6:68:3b:e2:92:67:
c5:b6:50:ac:0b:8f:3d:ca:5f:28:d1:ac:49:c2:dd:
f1:28:0f:d4:cc:bd:f7:8a:3a:99:9c:67:a4:b8:26:
8e:e2:f9:db:b2:de:45:e6:37:bc:57:5e:f0:6e:a8:
f7:b1:c3:31:68:0c:d6:25:e3:80:09:a3:b9:5a:a2:
3f:fb:68:01:7b:a1:d2:fb:d7:c0:4c:d6:28:17:e9:
82:d9:08:b4:20:d7:fd:4f:6c:6e:36:18:ab:15:d6:
db:41:03:75:7d:ca:57:5c:37:85:51:bc:71:d2:58:
25:91:92:7f:54:88:0e:93:b3:86:97:79:f1:7a:31:
9d:62:6c:e4:95:8d:ec:83:ee:54:c2:77:50:1b:ff:
fd:f2:43:0c:c1:9e:26:76:68:00:2a:59:53:96:4e:
ce:8a:16:c1:72:d9:fc:00:ad:9b:a7:14:41:32:23:
e3:7b:67:7c:26:98:de:a4:ce:4f:bd:b7:7b:34:20:
1e:cb:18:76:a4:b4:12:c1:dc:3a:a2:a1:d5:d8:7c:
e9:7f:8d:34:3c:4e:0e:58:56:57:0e:8c:d2:fa:7b:
30:1d:27:48:a2:1e:c8:e5:66:71:1a:d6:95:22:34:
de:8c:fd:3a:77:64:62:99:1e:72:d6:45:ca:9d:8b:
40:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7A:84:34:33:FE:FF:B2:B5:32:85:41:53:59:10:DC:7D:79:33:D8
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/QXqENDP-_7K1MoVBU1kQ3H15M9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
91:2c:bb:46:8c:bc:3b:81:b3:ff:de:e9:6e:ae:9c:7c:28:f9:
93:14:00:fc:d9:b4:e5:56:03:8f:c9:7d:17:ce:bf:7d:d3:5f:
1e:d3:ad:4f:d5:78:ea:6b:a8:d4:54:4b:86:2e:7f:4b:be:d4:
2c:82:9c:74:37:63:26:c0:1c:e9:ab:b9:94:01:a8:86:78:6c:
c8:51:52:c8:2d:6e:ce:bb:16:45:78:07:1b:e4:74:7b:6f:00:
f4:5c:fb:0e:62:e3:3d:95:eb:ab:7e:30:2c:e1:45:46:ea:5e:
97:31:de:cf:71:ef:ce:ef:65:9c:d0:19:f6:ac:2d:ef:09:e6:
11:b9:4b:24:48:e7:24:15:23:58:db:fa:be:45:6a:a4:4a:4b:
10:90:27:3e:11:2a:80:89:cd:f0:a3:e1:1a:92:b7:5d:7f:e6:
c2:ca:db:6b:00:46:7d:b0:ed:1c:64:27:60:31:4b:a4:36:fe:
0d:95:b8:cf:12:43:24:45:da:eb:51:90:97:d5:8e:bd:b3:08:
b6:ce:be:64:32:35:d8:d1:11:0e:d3:e8:48:4f:44:7d:87:5e:
c6:91:5c:7f:b8:61:5f:41:5b:cc:f8:a5:bd:cd:0a:78:78:82:
3a:46:1a:3d:ae:10:4d:b1:1b:72:9e:e1:0f:1a:b7:a3:e6:9c:
c5:4e:db:ec
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzoibZAGhRjcp0gy9OSP/qeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTA4MTAwNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTdhODQzNDMzZmVmZmIyYjUzMjg1NDE1MzU5MTBkYzdkNzkzM2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1zKI2nIKF7WaDvikmfFtlCsC489
yl8o0axJwt3xKA/UzL33ijqZnGekuCaO4vnbst5F5je8V17wbqj3scMxaAzWJeOA
CaO5WqI/+2gBe6HS+9fATNYoF+mC2Qi0INf9T2xuNhirFdbbQQN1fcpXXDeFUbxx
0lglkZJ/VIgOk7OGl3nxejGdYmzklY3sg+5UwndQG//98kMMwZ4mdmgAKllTlk7O
ihbBctn8AK2bpxRBMiPje2d8JpjepM5Pvbd7NCAeyxh2pLQSwdw6oqHV2Hzpf400
PE4OWFZXDozS+nswHSdIoh7I5WZxGtaVIjTejP06d2RimR5y1kXKnYtAZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEF6hDQz/v+ytTKFQVNZENx9eTPYMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUVhxRU5EUC1fN0sxTW9WQlUxa1EzSDE1TTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQBueOSAwQAufvlAwQBwTqSMA0GCSqGSIb3DQEBCwUA
A4IBAQCRLLtGjLw7gbP/3ulurpx8KPmTFAD82bTlVgOPyX0Xzr99018e061P1Xjq
a6jUVEuGLn9LvtQsgpx0N2MmwBzpq7mUAaiGeGzIUVLILW7OuxZFeAcb5HR7bwD0
XPsOYuM9leurfjAs4UVG6l6XMd7Pce/O72Wc0Bn2rC3vCeYRuUskSOckFSNY2/q+
RWqkSksQkCc+ESqAic3wo+Eakrddf+bCyttrAEZ9sO0cZCdgMUukNv4NlbjPEkMk
RdrrUZCX1Y69swi2zr5kMjXY0REO0+hIT0R9h17GkVx/uGFfQVvM+KW9zQp4eII6
Rho9rhBNsRtynuEPGrej5pzFTtvs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:22 2024 by rpki-client on console-ams.rpki-client.org