Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/qaFXkCqCZMByLqZHEbeqSdXs6kw.roa
File: qaFXkCqCZMByLqZHEbeqSdXs6kw.roa (raw, json)
Hash identifier: B5tNgBlu9JeQ6edgpA1qbZv6TgjV9zZI3rbMKlctcPw=
Subject key identifier: A9:A1:57:90:2A:82:64:C0:72:2E:A6:47:11:B7:AA:49:D5:EC:EA:4C
Certificate issuer: /CN=cfa2b0160ba0d3407cdd0ed6e319f2f436af7f0e
Certificate serial: 01856FC28BE778D5E838D28179A3C4060FE7
Authority key identifier: CF:A2:B0:16:0B:A0:D3:40:7C:DD:0E:D6:E3:19:F2:F4:36:AF:7F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z6KwFgug00B83Q7W4xny9Davfw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/qaFXkCqCZMByLqZHEbeqSdXs6kw.roa
Signing time: Sun 01 Jan 2023 23:54:58 +0000
ROA not before: Sun 01 Jan 2023 23:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42560
IP address blocks: 188.127.96.0/19 maxlen: 19
77.238.192.0/19 maxlen: 19
37.205.24.0/21 maxlen: 21
185.13.240.0/22 maxlen: 22
217.197.136.0/21 maxlen: 21
80.80.32.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:8b:e7:78:d5:e8:38:d2:81:79:a3:c4:06:0f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfa2b0160ba0d3407cdd0ed6e319f2f436af7f0e
Validity
Not Before: Jan 1 23:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9a157902a8264c0722ea64711b7aa49d5ecea4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d4:46:99:ed:c7:98:9e:d4:1c:5d:59:79:9e:
12:ab:c5:2b:b6:34:84:08:f7:70:ee:da:ef:3e:79:
c2:02:19:ba:72:67:b9:0e:df:f6:63:e9:0a:c3:8e:
01:1b:7d:f1:37:7e:35:9c:a7:15:83:20:a8:14:e9:
46:70:34:3e:7f:95:19:a3:e4:40:6f:6c:56:e6:4e:
f4:22:92:5f:89:69:cb:e2:09:26:10:53:93:43:12:
ac:71:db:84:26:99:03:6e:62:44:45:88:f7:f2:47:
10:97:aa:71:8e:28:05:1a:f5:44:e2:cb:55:da:cc:
f4:5c:bb:e2:15:9e:4f:c0:cb:d8:33:81:80:cc:8e:
0f:f8:23:4e:e9:4d:db:43:0f:58:15:15:79:90:7e:
bf:5d:ff:35:17:63:68:a5:7a:ab:9d:0c:0d:80:96:
ba:9b:82:02:3a:0f:fe:d7:06:7a:40:cc:ba:6c:10:
a7:0f:0d:0d:3e:a7:e9:19:de:8b:2b:4d:c3:47:f2:
52:97:99:01:a6:5f:6b:45:ca:e9:43:76:14:27:58:
bf:2e:4c:f5:f1:f2:49:21:76:1a:64:b9:9b:4b:40:
32:25:cc:63:e4:db:94:d6:78:dd:e5:7c:64:66:46:
e5:d5:a0:e0:8a:d1:88:10:66:18:29:66:f1:9c:0f:
38:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A1:57:90:2A:82:64:C0:72:2E:A6:47:11:B7:AA:49:D5:EC:EA:4C
X509v3 Authority Key Identifier:
keyid:CF:A2:B0:16:0B:A0:D3:40:7C:DD:0E:D6:E3:19:F2:F4:36:AF:7F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6KwFgug00B83Q7W4xny9Davfw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/qaFXkCqCZMByLqZHEbeqSdXs6kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/192711-fe5e-4a9d-8227-834021adede5/1/z6KwFgug00B83Q7W4xny9Davfw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.24.0/21
77.238.192.0/19
80.80.32.0/20
185.13.240.0/22
188.127.96.0/19
217.197.136.0/21
Signature Algorithm: sha256WithRSAEncryption
b9:65:53:74:1e:c6:62:f9:b0:64:06:67:dc:79:01:bf:38:ee:
4c:36:15:1a:87:00:99:1e:58:7d:29:92:98:35:99:d8:a3:e5:
fa:67:3d:7e:42:4e:fe:a0:8f:05:44:98:c1:3a:30:41:fa:e5:
2a:84:ed:8b:d8:e9:5c:c9:c0:e6:c1:aa:67:83:72:1c:14:fb:
29:bb:76:64:d8:ee:95:16:5a:2f:0d:14:8e:bd:91:b8:6c:9c:
59:38:16:6c:54:c4:a9:ab:4e:ad:6a:a0:0d:f1:a9:21:78:d4:
0b:86:21:f2:52:d7:3e:51:df:db:0b:2a:32:bc:9b:87:95:3c:
85:ac:30:59:8c:e0:c7:fa:85:46:36:b9:3a:6d:42:53:d1:0c:
6f:25:a1:99:40:95:f2:30:d3:b6:85:c9:62:ab:9f:e9:85:b7:
f9:b9:ed:51:fd:f4:f4:b8:0d:bc:bb:79:93:dd:0e:8f:c5:b9:
c9:a5:7e:29:c4:27:f9:ee:22:6a:aa:11:b0:84:2f:4a:28:cc:
87:bb:02:8e:c6:d2:4b:d5:2f:43:e4:1f:e8:ad:c3:14:23:a5:
be:85:8f:7a:38:fa:e7:1f:61:9f:96:0f:49:00:eb:9d:09:11:
ad:27:fb:26:88:0f:ce:31:87:a7:20:75:d1:b9:5d:b5:41:b9:
ed:53:41:f5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvwovneNXoONKBeaPEBg/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYTJiMDE2MGJhMGQzNDA3Y2RkMGVkNmUzMTlmMmY0MzZh
ZjdmMGUwHhcNMjMwMTAxMjM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWExNTc5MDJhODI2NGMwNzIyZWE2NDcxMWI3YWE0OWQ1ZWNlYTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9RGme3HmJ7UHF1ZeZ4Sq8UrtjSE
CPdw7trvPnnCAhm6cme5Dt/2Y+kKw44BG33xN341nKcVgyCoFOlGcDQ+f5UZo+RA
b2xW5k70IpJfiWnL4gkmEFOTQxKscduEJpkDbmJERYj38kcQl6pxjigFGvVE4stV
2sz0XLviFZ5PwMvYM4GAzI4P+CNO6U3bQw9YFRV5kH6/Xf81F2NopXqrnQwNgJa6
m4ICOg/+1wZ6QMy6bBCnDw0NPqfpGd6LK03DR/JSl5kBpl9rRcrpQ3YUJ1i/Lkz1
8fJJIXYaZLmbS0AyJcxj5NuU1njd5XxkZkbl1aDgitGIEGYYKWbxnA84uwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKmhV5AqgmTAci6mRxG3qknV7OpMMB8GA1UdIwQY
MBaAFM+isBYLoNNAfN0O1uMZ8vQ2r38OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejZLd0ZndWcwMEI4M1E3VzR4bnk5RGF2Znc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8xOTI3MTEtZmU1ZS00YTlkLTgyMjct
ODM0MDIxYWRlZGU1LzEvcWFGWGtDcUNaTUJ5THFaSEViZXFTZFhzNmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8xOTI3MTEtZmU1ZS00YTlkLTgyMjctODM0MDIxYWRlZGU1
LzEvejZLd0ZndWcwMEI4M1E3VzR4bnk5RGF2Znc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDJc0YAwQF
Te7AAwQEUFAgAwQCuQ3wAwQFvH9gAwQD2cWIMA0GCSqGSIb3DQEBCwUAA4IBAQC5
ZVN0HsZi+bBkBmfceQG/OO5MNhUahwCZHlh9KZKYNZnYo+X6Zz1+Qk7+oI8FRJjB
OjBB+uUqhO2L2OlcycDmwapng3IcFPspu3Zk2O6VFlovDRSOvZG4bJxZOBZsVMSp
q06taqAN8akheNQLhiHyUtc+Ud/bCyoyvJuHlTyFrDBZjODH+oVGNrk6bUJT0Qxv
JaGZQJXyMNO2hcliq5/phbf5ue1R/fT0uA28u3mT3Q6PxbnJpX4pxCf57iJqqhGw
hC9KKMyHuwKOxtJL1S9D5B/orcMUI6W+hY96OPrnH2Gflg9JAOudCRGtJ/smiA/O
MYenIHXRuV21QbntU0H1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:37 2024 by rpki-client on console-ams.rpki-client.org