Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/QG1WL1iIZWCWy2fqVqpCRQsghds.roa
File: QG1WL1iIZWCWy2fqVqpCRQsghds.roa (raw, json)
Hash identifier: iq8akEAptY5++Yn+Nh+qkSgCCM5hbrvKZbqHp81ghKM=
Subject key identifier: 40:6D:56:2F:58:88:65:60:96:CB:67:EA:56:AA:42:45:0B:20:85:DB
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 018CF86384BE638B6F8754881B0D09290A6B
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/QG1WL1iIZWCWy2fqVqpCRQsghds.roa
Signing time: Thu 11 Jan 2024 11:58:40 +0000
ROA not before: Thu 11 Jan 2024 11:58:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.52.118.0/24 maxlen: 24
93.187.36.0/24 maxlen: 24
93.187.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 10:11:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:63:84:be:63:8b:6f:87:54:88:1b:0d:09:29:0a:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Jan 11 11:58:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=406d562f5888656096cb67ea56aa42450b2085db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:dd:e3:01:32:8e:1c:dd:17:dd:12:6c:40:08:
43:5c:77:2f:70:93:e5:a5:42:4a:b3:25:f7:b3:90:
7d:08:a6:6f:97:81:01:86:5c:2b:d7:d9:43:4e:8b:
42:3a:d9:0d:44:4c:93:8a:27:bb:c0:a0:bc:f7:51:
a7:7d:e4:de:09:d2:2e:ae:c1:64:be:69:3e:dd:1e:
78:ef:72:2f:41:0e:2f:96:7a:79:e3:3a:e8:71:06:
7d:22:dd:1f:9b:55:df:3b:a9:89:87:1f:31:90:ec:
2e:d1:12:2d:62:66:a6:c0:74:c3:9a:ce:5e:32:4e:
27:45:c1:93:81:ff:cf:f3:ba:aa:ea:fc:07:c9:5a:
28:c2:b8:3e:fb:e8:98:9a:e4:9f:ff:e9:90:1a:7f:
59:65:c6:35:af:35:72:06:30:47:a5:74:e3:c8:a9:
51:90:11:5f:53:02:68:34:c7:7c:ed:13:7f:f6:cf:
2c:1e:c4:ed:44:94:81:24:af:51:98:1c:dd:ed:26:
89:eb:cd:72:a7:53:93:68:15:6a:dc:9b:0c:0f:96:
21:18:57:ec:1a:85:87:ba:63:f5:f9:b0:e0:9f:c2:
f7:07:ff:34:8c:ff:82:a2:2b:04:4d:c6:11:76:70:
43:b3:97:46:93:4f:4a:24:08:57:5d:7f:7c:20:ec:
33:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6D:56:2F:58:88:65:60:96:CB:67:EA:56:AA:42:45:0B:20:85:DB
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/QG1WL1iIZWCWy2fqVqpCRQsghds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.32.0/24
93.187.36.0/24
185.52.118.0/24
Signature Algorithm: sha256WithRSAEncryption
27:6f:35:e4:0c:20:38:80:59:a4:7b:35:15:45:73:e9:45:05:
81:0c:a4:af:0f:6c:d1:05:42:81:c1:5a:a2:f8:f4:19:70:9c:
60:23:37:43:31:7c:be:35:39:93:ed:f6:ef:4c:5d:99:d4:ec:
e2:ab:4a:c7:4a:e0:a8:9f:1a:76:2a:51:75:cf:c3:13:f3:e3:
43:59:35:dd:f6:39:9e:76:ec:0a:83:a2:ae:bf:60:6a:05:3d:
cc:b3:26:b1:c7:d6:8e:4b:80:5f:f6:b2:f9:ef:71:71:d5:7d:
4d:ac:97:e3:a4:3f:50:54:ed:45:be:b1:3b:59:66:01:00:5f:
de:d9:5f:58:ed:64:cc:9b:fb:7f:13:fc:4d:36:f6:12:fa:36:
6d:b4:b8:77:4b:9a:17:b8:d9:a0:e0:96:c4:de:a9:29:b5:01:
f3:92:2e:56:13:90:9a:3b:a1:1c:09:e1:4a:69:19:09:bd:4a:
f5:5c:30:79:7e:ec:ec:46:55:83:f5:51:cb:fe:0a:5f:f9:82:
be:78:0a:2a:fd:dd:e4:de:e1:24:48:2f:6c:85:34:5d:a3:ea:
c2:e3:04:46:2a:28:0c:d0:8c:bd:bd:49:b6:a0:9f:42:a0:0b:
99:77:c0:ab:e5:c7:23:cf:ee:c8:07:81:e6:96:6c:87:d1:2c:
e1:85:78:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYz4Y4S+Y4tvh1SIGw0JKQprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjQwMTExMTE1ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDZkNTYyZjU4ODg2NTYwOTZjYjY3ZWE1NmFhNDI0NTBiMjA4NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2d3jATKOHN0X3RJsQAhDXHcvcJPl
pUJKsyX3s5B9CKZvl4EBhlwr19lDTotCOtkNREyTiie7wKC891GnfeTeCdIursFk
vmk+3R5473IvQQ4vlnp54zrocQZ9It0fm1XfO6mJhx8xkOwu0RItYmamwHTDms5e
Mk4nRcGTgf/P87qq6vwHyVoowrg+++iYmuSf/+mQGn9ZZcY1rzVyBjBHpXTjyKlR
kBFfUwJoNMd87RN/9s8sHsTtRJSBJK9RmBzd7SaJ681yp1OTaBVq3JsMD5YhGFfs
GoWHumP1+bDgn8L3B/80jP+CoisETcYRdnBDs5dGk09KJAhXXX98IOwzLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEBtVi9YiGVglstn6laqQkULIIXbMB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvUUcxV0wxaUlaV0NXeTJmcVZxcENSUXNnaGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXbsgAwQA
XbskAwQAuTR2MA0GCSqGSIb3DQEBCwUAA4IBAQAnbzXkDCA4gFmkezUVRXPpRQWB
DKSvD2zRBUKBwVqi+PQZcJxgIzdDMXy+NTmT7fbvTF2Z1Oziq0rHSuConxp2KlF1
z8MT8+NDWTXd9jmeduwKg6Kuv2BqBT3Msyaxx9aOS4Bf9rL573Fx1X1NrJfjpD9Q
VO1FvrE7WWYBAF/e2V9Y7WTMm/t/E/xNNvYS+jZttLh3S5oXuNmg4JbE3qkptQHz
ki5WE5CaO6EcCeFKaRkJvUr1XDB5fuzsRlWD9VHL/gpf+YK+eAoq/d3k3uEkSC9s
hTRdo+rC4wRGKigM0Iy9vUm2oJ9CoAuZd8Cr5ccjz+7IB4HmlmyH0SzhhXgT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:36 2024 by rpki-client on console-fra.rpki-client.org