Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Q4PYoIPa79yEwQegVG4EzYHrsFo.roa
File: Q4PYoIPa79yEwQegVG4EzYHrsFo.roa (raw, json)
Hash identifier: rt+vKqsNeHQoRjqqTKwjuiw8Du+l/lzkQ8+Y5AbBkM4=
Subject key identifier: 43:83:D8:A0:83:DA:EF:DC:84:C1:07:A0:54:6E:04:CD:81:EB:B0:5A
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 018AF68C4A91B844539FE3C81D42E1486D5B
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Q4PYoIPa79yEwQegVG4EzYHrsFo.roa
Signing time: Tue 03 Oct 2023 17:18:23 +0000
ROA not before: Tue 03 Oct 2023 17:18:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16633
IP address blocks: 185.201.17.0/24 maxlen: 24
185.201.18.0/24 maxlen: 24
193.200.214.0/24 maxlen: 24
45.147.95.0/24 maxlen: 24
46.229.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:8c:4a:91:b8:44:53:9f:e3:c8:1d:42:e1:48:6d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Oct 3 17:18:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4383d8a083daefdc84c107a0546e04cd81ebb05a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:77:ed:89:81:b7:8b:ac:41:53:9d:7d:db:51:
71:c2:1b:d4:f4:48:7e:c0:a5:9b:9b:6e:a2:65:91:
6c:de:33:d1:43:53:60:54:1f:62:b1:ae:e9:a2:f6:
f9:5d:f5:12:b0:55:66:6b:55:ec:bc:10:ef:c7:f6:
55:4d:4a:c7:22:f1:aa:4e:4e:43:0c:79:57:09:f6:
8a:eb:01:12:91:b8:b9:d6:d8:89:8e:4f:9b:b2:7d:
07:13:1d:d7:97:c1:e5:7e:71:c4:12:4d:e1:6f:cc:
8b:70:8f:a5:75:23:97:e9:f6:02:b1:5f:12:3b:7c:
3b:5c:04:6e:e6:d1:bb:3d:9e:9a:bb:3b:9a:32:20:
fd:80:36:54:f0:02:7b:34:54:fe:7f:7a:fa:a5:bf:
58:34:49:44:31:6f:8d:2e:78:73:11:69:c6:81:9d:
07:c9:6a:5b:eb:73:b3:5f:4f:fa:2d:91:29:2e:10:
5f:85:af:44:ed:b8:c6:3e:60:4e:13:0f:d0:50:97:
a5:5f:60:01:1d:48:8d:32:4b:81:a1:1b:1b:53:9d:
4c:4c:0f:35:ec:84:0d:cf:b3:0d:06:5c:49:df:fe:
ce:6e:c5:7e:2f:e6:1b:d3:6a:fd:fd:d8:a6:de:30:
b5:ac:51:b6:eb:79:0e:c7:7e:1b:b9:a1:cb:9e:60:
44:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:83:D8:A0:83:DA:EF:DC:84:C1:07:A0:54:6E:04:CD:81:EB:B0:5A
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/Q4PYoIPa79yEwQegVG4EzYHrsFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.95.0/24
46.229.240.0/24
185.201.17.0-185.201.18.255
193.200.214.0/24
Signature Algorithm: sha256WithRSAEncryption
85:2e:26:d1:ec:66:01:61:cf:90:d8:1e:79:45:81:18:e8:27:
45:d1:b7:0a:d0:e7:e1:43:41:36:9e:30:44:26:92:10:98:1d:
5c:f5:47:af:e5:dd:23:c2:ec:3f:c8:99:e6:38:61:60:f9:4e:
05:b1:ab:7a:d0:90:67:8b:5a:58:e6:3c:05:3b:56:6b:23:5f:
59:b3:13:d3:ef:1e:54:1f:df:d7:04:34:ab:cb:f7:ef:02:6a:
e6:6e:92:72:bc:f9:ca:2e:98:ac:f0:bb:2e:53:a9:79:2c:b3:
54:b7:e9:57:6b:3d:d3:2a:ba:de:53:af:e8:9f:cb:8d:5e:30:
01:06:b4:45:d2:25:70:fe:70:ba:6d:27:6e:39:c2:bf:bd:bf:
29:26:aa:0f:4c:c0:17:5a:59:05:b4:90:bb:c4:f6:50:ba:34:
db:90:3a:77:a3:35:6c:a3:eb:bf:10:a9:34:2d:6e:59:e7:e6:
0a:d4:26:2c:7f:db:d4:c4:22:db:e0:7d:6c:11:90:4a:1e:f4:
ac:dd:04:2c:2c:c9:71:d9:eb:83:d5:19:e7:f3:54:42:1f:e9:
6b:b7:c1:da:3a:89:30:36:83:3e:8f:c0:67:d9:ab:db:dc:13:
18:40:b7:a5:e9:5d:fb:10:88:fd:a4:45:f2:7d:73:bc:07:b9:
f9:5c:62:1d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYr2jEqRuERTn+PIHULhSG1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjMxMDAzMTcxODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzgzZDhhMDgzZGFlZmRjODRjMTA3YTA1NDZlMDRjZDgxZWJiMDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHftiYG3i6xBU51921FxwhvU9Eh+
wKWbm26iZZFs3jPRQ1NgVB9isa7povb5XfUSsFVma1XsvBDvx/ZVTUrHIvGqTk5D
DHlXCfaK6wESkbi51tiJjk+bsn0HEx3Xl8HlfnHEEk3hb8yLcI+ldSOX6fYCsV8S
O3w7XARu5tG7PZ6auzuaMiD9gDZU8AJ7NFT+f3r6pb9YNElEMW+NLnhzEWnGgZ0H
yWpb63OzX0/6LZEpLhBfha9E7bjGPmBOEw/QUJelX2ABHUiNMkuBoRsbU51MTA81
7IQNz7MNBlxJ3/7ObsV+L+Yb02r9/dim3jC1rFG263kOx34buaHLnmBE5QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFEOD2KCD2u/chMEHoFRuBM2B67BaMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvUTRQWW9JUGE3OXlFd1FlZ1ZHNEV6WUhyc0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALZNfAwQA
LuXwMAwDBAC5yREDBAC5yRIDBADByNYwDQYJKoZIhvcNAQELBQADggEBAIUuJtHs
ZgFhz5DYHnlFgRjoJ0XRtwrQ5+FDQTaeMEQmkhCYHVz1R6/l3SPC7D/ImeY4YWD5
TgWxq3rQkGeLWljmPAU7VmsjX1mzE9PvHlQf39cENKvL9+8CauZuknK8+coumKzw
uy5TqXkss1S36VdrPdMqut5Tr+ify41eMAEGtEXSJXD+cLptJ245wr+9vykmqg9M
wBdaWQW0kLvE9lC6NNuQOnejNWyj678QqTQtblnn5grUJix/29TEItvgfWwRkEoe
9KzdBCwsyXHZ64PVGefzVEIf6Wu3wdo6iTA2gz6PwGfZq9vcExhAt6XpXfsQiP2k
RfJ9c7wHuflcYh0=
-----END CERTIFICATE-----
Generated at Thu Dec 7 17:53:03 2023 by rpki-client on console-ams.rpki-client.org