Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qXfPFn8edqjVN0R2G7nWnxjD4rw.roa
File: qXfPFn8edqjVN0R2G7nWnxjD4rw.roa (raw, json)
Hash identifier: vDToVHUb6ZRLuURg4yVetzj7tVTD0M87GLR7UsdgtCQ=
Subject key identifier: A9:77:CF:16:7F:1E:76:A8:D5:37:44:76:1B:B9:D6:9F:18:C3:E2:BC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CD04714C9712E6B26E279DF06524AA6EC
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qXfPFn8edqjVN0R2G7nWnxjD4rw.roa
Signing time: Wed 03 Jan 2024 17:02:48 +0000
ROA not before: Wed 03 Jan 2024 17:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 185.210.235.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 10:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d0:47:14:c9:71:2e:6b:26:e2:79:df:06:52:4a:a6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 3 17:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a977cf167f1e76a8d53744761bb9d69f18c3e2bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2b:1b:f9:b6:b2:90:2a:31:12:52:29:86:bc:
61:a4:7b:2b:df:5d:fe:b7:35:3d:f2:78:ab:b4:72:
f2:ef:86:d9:e8:f9:f9:60:64:a1:88:a6:04:4f:14:
e0:09:d9:52:72:93:b5:3b:87:0f:92:75:b7:bc:b9:
45:9d:ad:a1:1f:72:91:65:82:1a:b3:92:ed:0b:ef:
24:55:9d:ef:85:92:53:da:04:b0:c6:08:90:72:47:
45:f1:aa:eb:e0:03:a9:4d:bd:bc:79:ca:e8:ca:ac:
95:2f:14:68:51:5a:4c:9e:92:26:60:22:e4:55:a4:
8e:ba:7d:c2:12:a2:3c:04:0b:37:6b:21:35:5f:13:
c6:02:97:30:d9:50:2b:6b:d7:ae:94:f8:8d:cb:86:
17:9e:e1:20:60:19:f0:3a:56:46:86:86:c7:44:21:
50:a7:2f:68:0c:c4:cd:ba:cf:c6:bc:73:f5:68:ac:
d3:9c:82:e7:35:59:00:34:db:c3:f4:73:5b:3b:0d:
72:f7:78:cf:21:23:a9:84:86:d9:ff:5e:74:c4:36:
ab:1a:e2:6b:38:3d:b3:5c:ad:ab:01:e0:08:c0:62:
74:31:c7:34:ba:fc:d1:43:e0:62:17:52:3f:e5:20:
1d:1b:be:f1:f6:d4:18:fe:98:cb:0c:8d:3b:fc:1d:
37:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:77:CF:16:7F:1E:76:A8:D5:37:44:76:1B:B9:D6:9F:18:C3:E2:BC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/qXfPFn8edqjVN0R2G7nWnxjD4rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.235.0/24
185.223.80.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
96:6b:1c:2d:2c:71:d0:3f:3d:c2:8a:10:d4:18:2b:08:85:b6:
ed:c2:93:28:68:ae:4a:a7:fe:29:c4:d5:6f:e3:11:9e:04:5c:
1a:40:9e:cf:db:1c:bb:7a:b1:8b:45:64:47:26:b6:dd:7a:b1:
4d:83:f5:a0:7f:13:d4:05:b1:0e:b6:0f:6e:b6:0e:01:4b:b7:
d6:28:78:21:3e:7d:d9:06:72:22:ca:ae:ba:63:15:67:97:c3:
2b:6e:44:58:55:26:cd:d2:7f:81:d5:0d:a4:69:e7:f3:ed:d9:
27:58:62:6f:e7:97:cd:4d:9b:e2:c2:f7:f5:85:21:4c:20:1b:
23:29:e7:58:4e:b2:69:72:01:d8:a3:0f:eb:81:0e:69:4d:9a:
e5:6d:37:b2:e0:ff:d0:f1:c0:25:8b:ff:d8:3a:77:48:8a:91:
d4:b8:0a:dc:d4:24:8d:9c:78:22:0d:8a:a5:e6:ac:cb:c0:69:
85:8a:c2:8b:0b:0d:06:c4:5b:dd:c5:10:35:8c:0f:a3:8d:4b:
61:0d:bc:c4:4a:d3:9c:dc:b2:ef:17:9e:ba:e4:1a:67:38:c1:
21:92:5b:31:96:1b:50:e0:6b:89:34:4f:16:ae:9a:bf:f0:ce:
f0:21:47:39:f9:68:8d:12:67:f6:d9:16:90:06:17:be:1b:a0:
95:98:5b:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzQRxTJcS5rJuJ53wZSSqbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAzMTcwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTc3Y2YxNjdmMWU3NmE4ZDUzNzQ0NzYxYmI5ZDY5ZjE4YzNlMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxisb+baykCoxElIphrxhpHsr313+
tzU98nirtHLy74bZ6Pn5YGShiKYETxTgCdlScpO1O4cPknW3vLlFna2hH3KRZYIa
s5LtC+8kVZ3vhZJT2gSwxgiQckdF8arr4AOpTb28ecroyqyVLxRoUVpMnpImYCLk
VaSOun3CEqI8BAs3ayE1XxPGApcw2VAra9eulPiNy4YXnuEgYBnwOlZGhobHRCFQ
py9oDMTNus/GvHP1aKzTnILnNVkANNvD9HNbOw1y93jPISOphIbZ/150xDarGuJr
OD2zXK2rAeAIwGJ0Mcc0uvzRQ+BiF1I/5SAdG77x9tQY/pjLDI07/B03IQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKl3zxZ/Hnao1TdEdhu51p8Yw+K8MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcVhmUEZuOGVkcWpWTjBSMkc3bldueGpENHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsH34AwQA
udLrAwQAud9QAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQCWaxwtLHHQPz3CihDU
GCsIhbbtwpMoaK5Kp/4pxNVv4xGeBFwaQJ7P2xy7erGLRWRHJrbderFNg/WgfxPU
BbEOtg9utg4BS7fWKHghPn3ZBnIiyq66YxVnl8MrbkRYVSbN0n+B1Q2kaefz7dkn
WGJv55fNTZviwvf1hSFMIBsjKedYTrJpcgHYow/rgQ5pTZrlbTey4P/Q8cAli//Y
OndIipHUuArc1CSNnHgiDYql5qzLwGmFisKLCw0GxFvdxRA1jA+jjUthDbzEStOc
3LLvF5665BpnOMEhklsxlhtQ4GuJNE8Wrpq/8M7wIUc5+WiNEmf22RaQBhe+G6CV
mFsn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org