Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Qu3s5pCM-4ggcFdT1TRmLhP5Rhw.roa
File: Qu3s5pCM-4ggcFdT1TRmLhP5Rhw.roa (raw, json)
Hash identifier: VioOtTi5jLjpIrunuM7lgNk6dcuewtkaGe56uEt36cU=
Subject key identifier: 42:ED:EC:E6:90:8C:FB:88:20:70:57:53:D5:34:66:2E:13:F9:46:1C
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018B282724F8E768D016612A0BEC539591FD
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Qu3s5pCM-4ggcFdT1TRmLhP5Rhw.roa
Signing time: Fri 13 Oct 2023 08:28:55 +0000
ROA not before: Fri 13 Oct 2023 08:28:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8860
IP address blocks: 185.133.72.0/24 maxlen: 32
45.67.19.0/24 maxlen: 32
185.166.238.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:28:27:24:f8:e7:68:d0:16:61:2a:0b:ec:53:95:91:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Oct 13 08:28:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42edece6908cfb8820705753d534662e13f9461c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a7:07:7b:47:ad:be:0a:61:d6:6b:34:24:02:
71:54:cc:92:91:82:36:89:ee:2e:f9:38:cf:fd:71:
99:69:3b:ce:a5:ad:a5:30:13:48:7f:a2:09:a4:e5:
82:f3:ab:8f:87:f0:2d:a8:f6:c1:8a:91:70:26:39:
28:84:c2:0d:b2:07:1f:42:99:69:b8:39:39:90:ce:
fb:d8:89:ea:91:e3:d8:f1:44:1e:04:15:80:92:74:
39:08:0e:a8:2e:14:30:d5:3e:c3:56:ff:5f:d9:81:
10:ca:96:95:a4:fe:fc:65:8b:21:ed:32:ce:0b:70:
09:39:c2:5e:97:25:c4:d6:7e:46:78:be:9c:a2:e4:
25:8e:be:77:cd:39:7c:bb:a1:45:31:2e:6d:be:03:
08:01:69:0b:5a:0e:77:cd:9a:96:e5:89:f2:da:52:
70:fc:89:fb:97:7c:08:8f:9c:df:5e:4b:52:48:54:
9c:09:7d:d9:4d:14:6a:4a:ce:56:32:dc:58:07:fa:
6c:06:3a:2c:16:af:87:ae:a3:a2:1a:7a:5a:bc:77:
e5:82:16:62:ec:d3:9d:fa:62:c6:2b:6f:cc:ed:45:
88:76:e4:a1:23:8f:a9:66:b8:2a:f2:cc:1c:64:9f:
37:eb:aa:5f:24:2a:8d:0d:4b:77:11:68:0c:00:bb:
0c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:ED:EC:E6:90:8C:FB:88:20:70:57:53:D5:34:66:2E:13:F9:46:1C
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Qu3s5pCM-4ggcFdT1TRmLhP5Rhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.19.0/24
185.133.72.0/24
185.166.238.0/24
Signature Algorithm: sha256WithRSAEncryption
59:0c:2f:33:2c:3e:e7:a4:cf:fe:d9:eb:9b:87:ef:ac:52:b6:
74:74:15:93:c4:0a:66:7d:3e:99:1e:a8:6a:0a:d5:ee:d0:75:
a7:fb:89:2f:e0:1e:9e:69:e7:21:51:04:c3:f8:11:5c:b9:d6:
e2:e3:87:5f:bb:51:60:bd:d8:93:4d:5f:68:5d:12:ed:c2:97:
46:e3:3e:7e:d9:b7:04:43:7b:30:88:c3:80:16:99:0b:1b:f3:
27:70:9d:c9:c3:1e:3b:3c:db:b9:03:d3:9a:4a:97:52:13:69:
40:c7:a8:6a:ea:b1:e7:c4:9a:9a:1c:9b:95:88:36:b7:79:9e:
54:3a:6c:7b:24:d2:dc:24:2b:60:0f:8d:5b:3d:72:40:18:0f:
54:a5:c4:d6:59:f3:83:5a:35:5a:3b:22:09:f0:34:9a:ef:e7:
9f:d1:d5:7b:ed:2c:ce:f8:dd:bd:7a:ce:7d:a4:9e:2d:dc:c7:
01:2e:41:69:64:ab:f5:63:a4:96:c4:94:3f:b6:df:26:2b:af:
49:1e:ab:db:af:62:3d:f3:de:a8:c3:7b:62:07:b5:77:b7:42:
d0:57:28:43:65:25:58:f7:18:b9:ac:6d:3d:94:35:d3:f1:8e:
23:e7:a5:18:f9:bb:4d:c0:36:2c:06:fa:f6:02:40:10:6b:03:
72:3d:7a:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsoJyT452jQFmEqC+xTlZH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMxMDEzMDgyODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmVkZWNlNjkwOGNmYjg4MjA3MDU3NTNkNTM0NjYyZTEzZjk0NjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6cHe0etvgph1ms0JAJxVMySkYI2
ie4u+TjP/XGZaTvOpa2lMBNIf6IJpOWC86uPh/AtqPbBipFwJjkohMINsgcfQplp
uDk5kM772InqkePY8UQeBBWAknQ5CA6oLhQw1T7DVv9f2YEQypaVpP78ZYsh7TLO
C3AJOcJelyXE1n5GeL6couQljr53zTl8u6FFMS5tvgMIAWkLWg53zZqW5Yny2lJw
/In7l3wIj5zfXktSSFScCX3ZTRRqSs5WMtxYB/psBjosFq+HrqOiGnpavHflghZi
7NOd+mLGK2/M7UWIduShI4+pZrgq8swcZJ8366pfJCqNDUt3EWgMALsM9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFELt7OaQjPuIIHBXU9U0Zi4T+UYcMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvUXUzczVwQ00tNGdnY0ZkVDFUUm1MaFA1Umh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALUMTAwQA
uYVIAwQAuabuMA0GCSqGSIb3DQEBCwUAA4IBAQBZDC8zLD7npM/+2eubh++sUrZ0
dBWTxApmfT6ZHqhqCtXu0HWn+4kv4B6eaechUQTD+BFcudbi44dfu1FgvdiTTV9o
XRLtwpdG4z5+2bcEQ3swiMOAFpkLG/MncJ3Jwx47PNu5A9OaSpdSE2lAx6hq6rHn
xJqaHJuViDa3eZ5UOmx7JNLcJCtgD41bPXJAGA9UpcTWWfODWjVaOyIJ8DSa7+ef
0dV77SzO+N29es59pJ4t3McBLkFpZKv1Y6SWxJQ/tt8mK69JHqvbr2I9896ow3ti
B7V3t0LQVyhDZSVY9xi5rG09lDXT8Y4j56UY+btNwDYsBvr2AkAQawNyPXoF
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org