Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/RQlcaqheeg5_5Q3H6hKQUSlx7Ok.roa
File: RQlcaqheeg5_5Q3H6hKQUSlx7Ok.roa (raw, json)
Hash identifier: nv4QKfPHh7gwK17VEbaxV9zH+CpjGCYgjjqvHwdEbYA=
Subject key identifier: 45:09:5C:6A:A8:5E:7A:0E:7F:E5:0D:C7:EA:12:90:51:29:71:EC:E9
Certificate issuer: /CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Certificate serial: 018CCA2A749CDED5FB2BD5093638A0A7705A
Authority key identifier: D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/RQlcaqheeg5_5Q3H6hKQUSlx7Ok.roa
Signing time: Tue 02 Jan 2024 12:33:49 +0000
ROA not before: Tue 02 Jan 2024 12:33:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20661
IP address blocks: 103.220.0.0/22 maxlen: 22
95.85.96.0/19 maxlen: 19
95.85.96.0/24 maxlen: 24
95.85.98.0/24 maxlen: 24
95.85.99.0/24 maxlen: 24
95.85.101.0/24 maxlen: 24
95.85.100.0/22 maxlen: 22
95.85.100.0/24 maxlen: 24
95.85.104.0/22 maxlen: 22
95.85.104.0/24 maxlen: 24
177.93.143.0/24 maxlen: 24
185.69.184.0/24 maxlen: 24
216.250.8.0/21 maxlen: 21
119.235.112.0/20 maxlen: 20
217.174.224.0/20 maxlen: 20
2a05:2180::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 26 Jan 2024 06:59:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:74:9c:de:d5:fb:2b:d5:09:36:38:a0:a7:70:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Validity
Not Before: Jan 2 12:33:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45095c6aa85e7a0e7fe50dc7ea1290512971ece9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d7:7e:84:f7:ab:5b:e9:f6:7d:9b:eb:dd:f9:
1e:01:f7:8d:b6:d2:1c:84:99:55:33:b0:d3:7c:4b:
83:29:8b:91:14:ca:a7:a6:53:6a:0f:50:fa:43:f9:
96:ee:9d:fe:4a:90:5d:8f:fa:d5:75:3e:10:82:d6:
74:1e:59:bf:ba:a2:b1:fb:bf:d2:d9:27:26:65:33:
ca:3d:91:a5:6b:f9:c2:fa:16:53:15:19:8c:50:f4:
de:63:e9:5e:c2:8c:90:b7:ba:39:8b:c4:55:66:83:
a6:ca:7b:2e:9a:cf:a7:65:5e:f5:44:bd:10:80:65:
c4:2c:d0:0d:41:ec:b4:fa:9f:94:3e:f3:46:51:18:
a1:6d:fa:b4:2f:b4:a3:fd:8c:62:82:f8:f3:48:06:
41:d2:07:a3:dc:f3:d3:38:9e:27:43:77:fa:59:44:
96:14:09:63:c0:14:6e:26:8f:7d:39:7e:41:7f:2e:
83:59:f6:c0:fd:b4:d2:f2:23:01:1b:4a:6a:c6:fe:
c9:ac:3a:bb:a4:95:d4:da:b4:24:72:4d:66:cd:39:
d2:00:cf:d9:a2:c8:93:11:d9:86:0b:06:74:00:ea:
90:a7:d2:7f:7b:b8:2f:93:6c:73:24:be:44:32:82:
14:b7:4e:70:2d:07:97:22:3d:b5:35:02:fa:67:9b:
eb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:09:5C:6A:A8:5E:7A:0E:7F:E5:0D:C7:EA:12:90:51:29:71:EC:E9
X509v3 Authority Key Identifier:
keyid:D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/RQlcaqheeg5_5Q3H6hKQUSlx7Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.96.0/19
103.220.0.0/22
119.235.112.0/20
177.93.143.0/24
185.69.184.0/24
216.250.8.0/21
217.174.224.0/20
IPv6:
2a05:2180::/29
Signature Algorithm: sha256WithRSAEncryption
d2:7b:1e:ce:94:76:09:d1:00:3f:0e:c1:5f:91:59:04:34:c3:
fd:99:6b:d5:7d:46:e3:f2:2b:25:ab:58:cd:2c:0e:a0:89:2c:
71:26:36:39:63:d8:a5:d2:09:e3:16:8b:6f:46:dd:5a:c9:a4:
25:8f:4a:e4:21:6e:1a:82:01:1f:95:23:b9:4e:c0:fc:c3:87:
4c:f4:07:54:df:4a:71:1d:1f:f3:6e:7f:84:f2:69:9b:e6:67:
58:3b:39:20:a4:e0:ef:cf:1f:68:44:af:5e:fc:58:ca:e7:0c:
36:af:1b:d1:b7:fd:bb:94:b3:32:21:b7:c6:95:a8:b8:32:be:
e8:86:42:29:dc:99:a1:6f:65:8b:bc:01:78:0d:25:f6:10:27:
1b:ec:79:3e:de:f4:53:d0:3c:9e:31:6c:2a:04:0c:52:04:62:
42:c0:64:5c:a8:1b:19:63:c0:08:43:8b:7c:55:6a:90:af:a5:
66:4d:a7:2f:3f:d4:09:d7:0e:a0:16:03:d7:93:02:68:2e:04:
0f:c4:f4:30:a0:5b:d4:09:3f:d0:87:e9:72:4b:c3:02:0d:93:
a1:19:21:af:9a:87:8b:d2:85:cc:f0:df:da:69:08:8c:7b:eb:
72:a3:17:b4:a7:af:66:9f:3d:42:4d:20:5f:f1:b4:bf:ea:33:
ed:80:14:50
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzKKnSc3tX7K9UJNjigp3BaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjlmYTdiOTQ0ZjdlN2M2MGQ3M2VmMTBiNzc2ZmMyNzk5
NWE0ZWQwHhcNMjQwMTAyMTIzMzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTA5NWM2YWE4NWU3YTBlN2ZlNTBkYzdlYTEyOTA1MTI5NzFlY2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNd+hPerW+n2fZvr3fkeAfeNttIc
hJlVM7DTfEuDKYuRFMqnplNqD1D6Q/mW7p3+SpBdj/rVdT4QgtZ0Hlm/uqKx+7/S
2ScmZTPKPZGla/nC+hZTFRmMUPTeY+lewoyQt7o5i8RVZoOmynsums+nZV71RL0Q
gGXELNANQey0+p+UPvNGURihbfq0L7Sj/YxigvjzSAZB0gej3PPTOJ4nQ3f6WUSW
FAljwBRuJo99OX5Bfy6DWfbA/bTS8iMBG0pqxv7JrDq7pJXU2rQkck1mzTnSAM/Z
osiTEdmGCwZ0AOqQp9J/e7gvk2xzJL5EMoIUt05wLQeXIj21NQL6Z5vr6QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEUJXGqoXnoOf+UNx+oSkFEpcezpMB8GA1UdIwQY
MBaAFNn5+nuUT358YNc+8Qt3b8J5laTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUt
MDhiZjIyZjY0MDk3LzEvUlFsY2FxaGVlZzVfNVEzSDZoS1FVU2x4N09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUtMDhiZjIyZjY0MDk3
LzEvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFX1VgAwQC
Z9wAAwQEd+twAwQAsV2PAwQAuUW4AwQD2PoIAwQE2a7gMA0EAgACMAcDBQMqBSGA
MA0GCSqGSIb3DQEBCwUAA4IBAQDSex7OlHYJ0QA/DsFfkVkENMP9mWvVfUbj8isl
q1jNLA6giSxxJjY5Y9il0gnjFotvRt1ayaQlj0rkIW4aggEflSO5TsD8w4dM9AdU
30pxHR/zbn+E8mmb5mdYOzkgpODvzx9oRK9e/FjK5ww2rxvRt/27lLMyIbfGlai4
Mr7ohkIp3Jmhb2WLvAF4DSX2ECcb7Hk+3vRT0DyeMWwqBAxSBGJCwGRcqBsZY8AI
Q4t8VWqQr6VmTacvP9QJ1w6gFgPXkwJoLgQPxPQwoFvUCT/Qh+lyS8MCDZOhGSGv
moeL0oXM8N/aaQiMe+tyoxe0p69mnz1CTSBf8bS/6jPtgBRQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:00 2024 by rpki-client on console-fra.rpki-client.org