Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Q_x2opMPl9pwMjdfpYbQIyqWAfM.roa
File: Q_x2opMPl9pwMjdfpYbQIyqWAfM.roa (raw, json)
Hash identifier: cgsKytEiPNUN+oijidiibVhcii0FIoaYpKZttGrMQIw=
Subject key identifier: 43:FC:76:A2:93:0F:97:DA:70:32:37:5F:A5:86:D0:23:2A:96:01:F3
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01875188D4865E3138A530A2D2629AD37DAE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Q_x2opMPl9pwMjdfpYbQIyqWAfM.roa
Signing time: Wed 05 Apr 2023 13:08:54 +0000
ROA not before: Wed 05 Apr 2023 13:08:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.218.20.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 08 Apr 2023 14:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:88:d4:86:5e:31:38:a5:30:a2:d2:62:9a:d3:7d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 5 13:08:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43fc76a2930f97da7032375fa586d0232a9601f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:bf:96:88:a1:fb:68:95:5d:b5:c6:93:ea:8e:
75:5a:b0:59:84:23:39:f9:f2:aa:eb:2b:33:f7:93:
de:3a:fe:56:91:54:27:56:24:d4:bd:53:06:b6:e4:
60:8f:3e:6a:94:51:47:7f:15:c5:24:9d:8d:b4:e6:
2d:0a:9d:4f:61:ab:fc:ad:fb:ee:4b:3f:4b:1b:23:
53:8a:f6:5d:51:59:d0:24:ac:32:96:37:b0:a9:68:
a3:da:f2:e7:90:a4:02:a2:18:8e:f6:b7:e3:66:d9:
d1:ae:5e:d9:a8:86:ed:41:73:81:7b:d0:a8:3b:26:
fd:fe:9a:e3:a7:4c:91:04:59:50:90:17:e8:d2:a8:
3f:f0:31:3d:e1:34:ef:41:bd:67:2d:89:8f:54:a3:
23:e1:c1:f6:9b:b0:24:35:24:a5:63:5f:34:78:b5:
b9:84:25:ad:61:37:f8:52:40:2e:7d:00:45:67:fc:
0a:ca:fd:00:b9:f3:f4:10:4f:72:ff:fa:e5:53:98:
da:a1:35:ce:bd:bc:0d:cb:79:85:40:65:b8:26:28:
13:86:01:d0:b9:36:3f:e4:ca:bd:49:ec:44:65:3d:
05:9d:ec:b4:c7:c2:c6:5e:25:5e:bd:f7:80:3d:f8:
bd:07:3d:ea:ef:48:5d:99:21:c9:06:3e:d6:6d:cd:
68:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FC:76:A2:93:0F:97:DA:70:32:37:5F:A5:86:D0:23:2A:96:01:F3
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Q_x2opMPl9pwMjdfpYbQIyqWAfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
185.218.20.0/24
185.225.0.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:a6:f1:b3:26:db:c2:ca:4a:58:ad:bd:c3:27:4c:a0:d2:24:
9a:8a:15:b7:45:f0:05:5c:8f:04:b1:3d:41:90:48:50:f3:61:
f0:cf:a2:45:06:20:b0:21:84:42:07:a1:40:05:89:08:92:69:
c7:7a:67:4f:7c:cb:f4:0c:de:e6:02:63:1f:2f:86:52:ac:5e:
10:27:23:fd:e4:94:4b:12:25:5a:31:fd:9a:22:c1:a5:06:96:
22:77:03:7c:8c:34:8c:2e:3f:3f:18:17:79:67:c4:3e:70:8c:
f0:8a:35:56:ba:8a:5b:85:e4:ab:6a:bc:37:f1:7b:a0:12:f5:
46:5a:be:13:3e:24:72:0f:9b:98:ba:32:a1:7f:da:51:47:ab:
57:46:11:f8:3c:a0:0f:78:94:01:b8:13:ea:0e:1b:d3:99:9b:
b7:00:59:7d:aa:01:c7:b8:0e:71:7f:9e:63:a0:6b:62:39:ad:
1f:29:72:5e:45:30:56:eb:3f:46:eb:48:10:e6:42:da:77:a7:
d1:03:c5:cf:0d:d7:ea:02:d0:81:6f:3b:29:f7:b2:db:90:92:
dd:6c:46:cf:b4:e8:45:af:3d:2b:6d:d9:93:49:70:84:79:c9:
1e:a9:59:36:dc:48:5c:4c:77:ba:04:8f:4a:50:be:d8:57:34:
26:c0:ba:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdRiNSGXjE4pTCi0mKa032uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDA1MTMwODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ZjNzZhMjkzMGY5N2RhNzAzMjM3NWZhNTg2ZDAyMzJhOTYwMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL+WiKH7aJVdtcaT6o51WrBZhCM5
+fKq6ysz95PeOv5WkVQnViTUvVMGtuRgjz5qlFFHfxXFJJ2NtOYtCp1PYav8rfvu
Sz9LGyNTivZdUVnQJKwyljewqWij2vLnkKQCohiO9rfjZtnRrl7ZqIbtQXOBe9Co
Oyb9/prjp0yRBFlQkBfo0qg/8DE94TTvQb1nLYmPVKMj4cH2m7AkNSSlY180eLW5
hCWtYTf4UkAufQBFZ/wKyv0AufP0EE9y//rlU5jaoTXOvbwNy3mFQGW4JigThgHQ
uTY/5Mq9SexEZT0Fney0x8LGXiVevfeAPfi9Bz3q70hdmSHJBj7Wbc1oAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEP8dqKTD5facDI3X6WG0CMqlgHzMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUV94Mm9wTVBsOXB3TWpkZnBZYlFJeXFXQWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZPgAwQA
udoUAwQBueEAMA0GCSqGSIb3DQEBCwUAA4IBAQCspvGzJtvCykpYrb3DJ0yg0iSa
ihW3RfAFXI8EsT1BkEhQ82Hwz6JFBiCwIYRCB6FABYkIkmnHemdPfMv0DN7mAmMf
L4ZSrF4QJyP95JRLEiVaMf2aIsGlBpYidwN8jDSMLj8/GBd5Z8Q+cIzwijVWuopb
heSrarw38XugEvVGWr4TPiRyD5uYujKhf9pRR6tXRhH4PKAPeJQBuBPqDhvTmZu3
AFl9qgHHuA5xf55joGtiOa0fKXJeRTBW6z9G60gQ5kLad6fRA8XPDdfqAtCBbzsp
97LbkJLdbEbPtOhFrz0rbdmTSXCEeckeqVk23EhcTHe6BI9KUL7YVzQmwLoH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org