Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/Qv_yoUHk80k3CFJLXBoXAaltSLc.roa
File: Qv_yoUHk80k3CFJLXBoXAaltSLc.roa (raw, json)
Hash identifier: cAYIvk1bw+XR92qyLmRf1DqNGPd9NsUgItll4UQ1dXY=
Subject key identifier: 42:FF:F2:A1:41:E4:F3:49:37:08:52:4B:5C:1A:17:01:A9:6D:48:B7
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 0191DCC33FC63AC1F5157D034D9E9F002C3A
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/Qv_yoUHk80k3CFJLXBoXAaltSLc.roa
Signing time: Tue 10 Sep 2024 16:27:48 +0000
ROA not before: Tue 10 Sep 2024 16:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 24
89.248.97.0/24 maxlen: 24
93.174.0.0/21 maxlen: 24
93.174.0.0/24 maxlen: 24
93.174.1.0/24 maxlen: 24
93.174.2.0/24 maxlen: 24
93.174.3.0/24 maxlen: 24
93.174.4.0/24 maxlen: 24
93.174.5.0/24 maxlen: 24
93.174.6.0/24 maxlen: 24
93.174.7.0/24 maxlen: 24
185.15.76.0/22 maxlen: 22
185.80.4.0/22 maxlen: 22
2a05:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 11 Sep 2024 07:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dc:c3:3f:c6:3a:c1:f5:15:7d:03:4d:9e:9f:00:2c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Sep 10 16:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42fff2a141e4f3493708524b5c1a1701a96d48b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:be:8e:8c:7e:6f:35:e5:8c:10:6f:c8:81:fe:
1e:9d:bc:94:1e:dd:99:65:bd:e6:bf:ef:1d:0a:2e:
7f:a4:0e:b7:ee:0e:98:66:d7:40:a6:4f:31:02:8a:
c0:78:45:e4:6f:5d:ed:f3:64:f7:ee:10:04:3b:39:
f9:76:2d:54:e9:42:55:fc:45:b0:9c:42:ef:69:4b:
e5:8e:c4:06:a5:cd:fd:ba:00:f0:5b:ea:44:f7:e7:
a5:b8:0b:df:44:e0:84:2f:49:85:c6:ca:fd:7d:ef:
93:4b:f5:97:50:c2:55:44:1f:e9:b2:64:35:b2:0f:
45:b2:9a:fc:57:af:98:40:96:59:07:75:39:4a:67:
a9:b0:1a:e3:47:c2:79:db:93:b7:34:ed:ff:17:f8:
5d:f9:d8:87:89:95:65:0b:6a:17:c7:20:2a:51:3f:
95:7c:9c:6e:d1:09:54:88:cc:6c:4f:af:a5:7c:a8:
c0:e9:79:68:db:69:a2:2d:98:76:72:83:72:d0:8b:
1d:f7:0e:80:fc:49:e2:a3:26:30:a3:d4:0c:51:c5:
d7:a8:32:89:7d:55:6a:da:ac:71:26:5b:74:80:bb:
ef:d1:78:20:43:80:c6:6b:d6:61:19:0d:c3:12:b4:
ff:23:33:68:78:6d:40:fb:c1:10:11:11:10:f4:bb:
1c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FF:F2:A1:41:E4:F3:49:37:08:52:4B:5C:1A:17:01:A9:6D:48:B7
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/Qv_yoUHk80k3CFJLXBoXAaltSLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
3f:db:70:c8:10:28:a9:d0:f6:36:44:7f:b9:69:b5:d4:4c:cd:
43:2f:fe:43:ea:a4:0d:0a:65:c9:fb:a3:4e:fb:0d:f9:83:f1:
60:89:5b:18:95:bf:c8:d6:60:5c:db:e6:cc:b4:35:4e:06:46:
77:bb:64:76:3d:54:c1:5b:06:d1:ab:6e:8a:7c:4a:6e:6c:f9:
e7:cf:02:a5:67:f5:1a:46:f3:6a:f8:b1:6d:0b:ea:9d:b3:61:
89:fb:39:77:81:d7:1d:80:40:c4:a9:7f:2d:9d:d5:4e:cf:c8:
b5:f1:d2:0c:44:92:76:9b:bb:0d:bc:ab:e6:e3:5c:40:dd:46:
61:79:25:08:30:a9:80:d8:65:ba:14:9d:cc:e1:15:79:e2:56:
5c:b9:0a:78:1b:0b:2c:eb:99:bd:5a:3f:d3:01:b1:6e:06:8f:
96:b0:b2:6c:ea:40:89:c7:30:80:94:9c:9f:12:0a:dc:78:b7:
7b:af:5f:0b:86:d7:e6:6f:1d:e5:3b:17:e4:d0:61:b6:90:47:
6e:9f:f4:6f:88:66:45:fd:ad:43:a9:8d:ad:e7:0f:8d:15:a1:
e8:bc:ba:a3:36:27:46:4c:7c:b6:b9:62:6c:0e:9c:03:de:6c:
5b:10:32:1f:ad:dd:00:0c:f6:9c:b5:41:b9:e7:96:c2:ea:9b:
55:03:34:c3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZHcwz/GOsH1FX0DTZ6fACw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjQwOTEwMTYyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZmZjJhMTQxZTRmMzQ5MzcwODUyNGI1YzFhMTcwMWE5NmQ0OGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq76OjH5vNeWMEG/Igf4enbyUHt2Z
Zb3mv+8dCi5/pA637g6YZtdApk8xAorAeEXkb13t82T37hAEOzn5di1U6UJV/EWw
nELvaUvljsQGpc39ugDwW+pE9+eluAvfROCEL0mFxsr9fe+TS/WXUMJVRB/psmQ1
sg9Fspr8V6+YQJZZB3U5SmepsBrjR8J525O3NO3/F/hd+diHiZVlC2oXxyAqUT+V
fJxu0QlUiMxsT6+lfKjA6Xlo22miLZh2coNy0Isd9w6A/EnioyYwo9QMUcXXqDKJ
fVVq2qxxJlt0gLvv0XggQ4DGa9ZhGQ3DErT/IzNoeG1A+8EQEREQ9LscnQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEL/8qFB5PNJNwhSS1waFwGpbUi3MB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvUXZfeW9VSGs4MGszQ0ZKTFhCb1hBYWx0U0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEMA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEBCwUAA4IB
AQA/23DIECip0PY2RH+5abXUTM1DL/5D6qQNCmXJ+6NO+w35g/FgiVsYlb/I1mBc
2+bMtDVOBkZ3u2R2PVTBWwbRq26KfEpubPnnzwKlZ/UaRvNq+LFtC+qds2GJ+zl3
gdcdgEDEqX8tndVOz8i18dIMRJJ2m7sNvKvm41xA3UZheSUIMKmA2GW6FJ3M4RV5
4lZcuQp4Gwss65m9Wj/TAbFuBo+WsLJs6kCJxzCAlJyfEgrceLd7r18Lhtfmbx3l
Oxfk0GG2kEdun/RviGZF/a1DqY2t5w+NFaHovLqjNidGTHy2uWJsDpwD3mxbEDIf
rd0ADPactUG555bC6ptVAzTD
-----END CERTIFICATE-----
Generated at Wed Sep 11 08:42:23 2024 by rpki-client on console-ams.rpki-client.org