Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/qxos42gDQNPCdwZcCWUlleToY3c.roa
File: qxos42gDQNPCdwZcCWUlleToY3c.roa (raw, json)
Hash identifier: 3usWxiGv7vlh/4E6h/gwdN1PcvW9W+0opD2F3EPwLwM=
Subject key identifier: AB:1A:2C:E3:68:03:40:D3:C2:77:06:5C:09:65:25:95:E4:E8:63:77
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018C39CE5EBC0C0441459BB69304ED854C09
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/qxos42gDQNPCdwZcCWUlleToY3c.roa
Signing time: Tue 05 Dec 2023 11:47:55 +0000
ROA not before: Tue 05 Dec 2023 11:47:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.142.0/24 maxlen: 24
89.252.144.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Dec 2023 12:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:ce:5e:bc:0c:04:41:45:9b:b6:93:04:ed:85:4c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Dec 5 11:47:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab1a2ce3680340d3c277065c09652595e4e86377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7c:49:a4:8b:04:5b:99:3c:ce:ef:70:8c:85:
ab:0f:75:0f:04:04:61:ee:35:5d:14:9a:52:bb:7b:
2e:ff:0b:ac:c4:5a:c1:e9:dd:21:a3:15:ce:51:9c:
ad:d5:da:eb:24:09:09:48:da:d2:01:43:a5:6c:0b:
75:10:ef:55:45:32:38:0e:04:c3:73:3c:35:64:b2:
e9:65:38:17:b5:01:da:98:3e:33:0e:e0:02:3d:bd:
3d:81:2a:2e:fb:81:af:79:b3:4d:23:32:16:49:8e:
97:5e:1c:de:a7:bf:e1:99:00:4e:93:5d:77:d6:91:
e3:8e:3d:04:93:bf:01:94:82:97:06:a1:dc:72:f7:
7e:e4:e7:a4:01:82:20:6d:e5:1b:4a:7a:2b:9f:96:
c7:fa:21:0b:0b:b1:f1:b8:94:a7:fb:c7:04:98:12:
45:12:79:a3:4e:67:1f:f0:f5:6c:9b:3b:cc:33:16:
f2:2f:0a:8f:44:b0:fa:47:74:1d:72:9b:9a:46:d7:
8f:29:6f:e4:f6:ef:d3:8e:9c:0c:dc:90:87:9c:1c:
16:ca:66:8a:27:e6:23:8d:42:14:c3:da:81:99:51:
b2:c8:fa:b8:f2:d6:6f:0a:75:e2:58:d6:dc:a4:c2:
b7:34:b8:05:53:05:58:7a:2c:60:c5:ef:91:4e:54:
56:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1A:2C:E3:68:03:40:D3:C2:77:06:5C:09:65:25:95:E4:E8:63:77
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/qxos42gDQNPCdwZcCWUlleToY3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.142.0/24
89.252.144.0/24
89.252.152.0/24
89.252.157.0/24
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
90:ba:10:e7:d7:af:e2:d5:e4:18:c0:6a:5d:0f:15:82:72:50:
50:05:89:ad:77:57:35:b5:44:9d:de:3b:23:ad:f8:3a:06:42:
ca:91:53:0f:f7:35:80:f5:36:2b:01:aa:35:c4:84:68:cf:58:
a2:1b:48:7c:1e:89:7e:53:93:30:13:19:91:b0:a8:91:f5:e8:
d4:6a:c9:3a:97:87:37:4c:63:2b:7d:db:f3:81:e9:e7:fe:16:
e0:d7:29:17:0e:8d:fc:9b:60:94:74:fd:25:f1:67:7e:f6:5e:
92:5e:40:77:81:01:c8:9a:4d:97:a0:4d:91:61:c2:7a:59:fb:
a7:33:6f:2f:42:33:4a:08:63:d8:51:68:a1:0b:c3:c6:2e:77:
42:4f:7b:73:a2:84:c3:f8:e9:1d:57:4d:43:12:79:7a:52:d3:
39:e6:ae:9c:83:db:54:1d:57:1c:24:c7:de:2e:ae:cf:39:58:
1d:07:7b:83:3e:ec:d2:2a:a6:52:26:71:af:26:f1:da:d5:77:
76:83:69:bc:e9:ad:59:47:89:9f:19:ee:7f:b5:31:ea:d4:04:
ca:8c:26:5e:60:cc:24:15:38:08:1d:27:72:9a:cf:fa:ad:25:
ea:17:4a:ef:45:90:13:42:22:bc:20:71:92:97:3b:e7:38:a1:
d2:df:0c:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYw5zl68DARBRZu2kwTthUwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMxMjA1MTE0NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjFhMmNlMzY4MDM0MGQzYzI3NzA2NWMwOTY1MjU5NWU0ZTg2Mzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnxJpIsEW5k8zu9wjIWrD3UPBARh
7jVdFJpSu3su/wusxFrB6d0hoxXOUZyt1drrJAkJSNrSAUOlbAt1EO9VRTI4DgTD
czw1ZLLpZTgXtQHamD4zDuACPb09gSou+4GvebNNIzIWSY6XXhzep7/hmQBOk113
1pHjjj0Ek78BlIKXBqHccvd+5OekAYIgbeUbSnorn5bH+iELC7HxuJSn+8cEmBJF
EnmjTmcf8PVsmzvMMxbyLwqPRLD6R3QdcpuaRtePKW/k9u/TjpwM3JCHnBwWymaK
J+YjjUIUw9qBmVGyyPq48tZvCnXiWNbcpMK3NLgFUwVYeixgxe+RTlRWuwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKsaLONoA0DTwncGXAllJZXk6GN3MB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvcXhvczQyZ0RRTlBDZHdaY0NXVWxsZVRvWTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWfyOAwQA
WfyQAwQAWfyYAwQAWfydAwQAXmYMMA0GCSqGSIb3DQEBCwUAA4IBAQCQuhDn16/i
1eQYwGpdDxWCclBQBYmtd1c1tUSd3jsjrfg6BkLKkVMP9zWA9TYrAao1xIRoz1ii
G0h8Hol+U5MwExmRsKiR9ejUask6l4c3TGMrfdvzgenn/hbg1ykXDo38m2CUdP0l
8Wd+9l6SXkB3gQHImk2XoE2RYcJ6WfunM28vQjNKCGPYUWihC8PGLndCT3tzooTD
+OkdV01DEnl6UtM55q6cg9tUHVccJMfeLq7POVgdB3uDPuzSKqZSJnGvJvHa1Xd2
g2m86a1ZR4mfGe5/tTHq1ATKjCZeYMwkFTgIHSdyms/6rSXqF0rvRZATQiK8IHGS
lzvnOKHS3wyU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org