Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/qG-ae0LLeRXqicbBdoNceteQPtg.roa
File: qG-ae0LLeRXqicbBdoNceteQPtg.roa (raw, json)
Hash identifier: z1c4EtsfCp5pZjoZxNRIkAcMGdgrKp7UQ5XkRXeerBA=
Subject key identifier: A8:6F:9A:7B:42:CB:79:15:EA:89:C6:C1:76:83:5C:7A:D7:90:3E:D8
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 018C3FB327379D65FA47A77588087BAEBB57
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/qG-ae0LLeRXqicbBdoNceteQPtg.roa
Signing time: Wed 06 Dec 2023 15:15:54 +0000
ROA not before: Wed 06 Dec 2023 15:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24852
IP address blocks: 213.164.112.0/22 maxlen: 22
88.223.96.0/22 maxlen: 22
213.164.116.0/23 maxlen: 23
213.164.118.0/24 maxlen: 24
88.223.104.0/21 maxlen: 21
84.55.0.0/18 maxlen: 18
88.223.112.0/20 maxlen: 20
88.223.128.0/22 maxlen: 22
84.55.33.0/24 maxlen: 24
84.55.34.0/23 maxlen: 23
84.55.36.0/23 maxlen: 23
88.223.144.0/21 maxlen: 21
213.164.96.0/20 maxlen: 20
79.132.160.0/19 maxlen: 19
88.223.152.0/24 maxlen: 24
84.55.48.0/21 maxlen: 21
88.223.153.0/24 maxlen: 24
88.223.160.0/20 maxlen: 20
84.55.56.0/23 maxlen: 23
84.55.58.0/23 maxlen: 23
84.55.60.0/23 maxlen: 23
84.55.62.0/23 maxlen: 23
95.173.32.0/19 maxlen: 19
88.223.192.0/19 maxlen: 19
88.222.0.0/15 maxlen: 15
185.104.176.0/22 maxlen: 22
217.147.41.0/24 maxlen: 24
217.147.44.0/23 maxlen: 23
217.147.40.0/24 maxlen: 24
217.147.46.0/24 maxlen: 24
217.147.47.0/24 maxlen: 24
88.223.0.0/18 maxlen: 18
217.147.34.0/24 maxlen: 24
217.147.35.0/24 maxlen: 24
217.147.36.0/23 maxlen: 23
217.147.38.0/24 maxlen: 24
217.147.32.0/20 maxlen: 20
2a01:7c80::/32 maxlen: 32
2a01:7c80::/33 maxlen: 33
Validation: Failed, certificate revoked on Thu 07 Dec 2023 01:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:b3:27:37:9d:65:fa:47:a7:75:88:08:7b:ae:bb:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Dec 6 15:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a86f9a7b42cb7915ea89c6c176835c7ad7903ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:11:2d:1c:b9:82:85:87:c0:ac:d8:76:00:
5a:79:8d:14:01:43:02:8e:ba:1a:24:1c:c5:4c:bf:
be:bd:12:a4:9e:a3:3d:80:8a:32:d6:82:5c:67:02:
5d:5a:8f:2e:c0:53:b0:ed:37:dc:8b:85:a7:e4:76:
91:6a:34:62:81:b1:56:1c:4a:68:2e:84:e9:f5:ae:
11:1b:c2:d3:92:9c:dc:1b:16:4c:82:f4:bd:76:bd:
f6:f0:e7:eb:31:73:1c:66:57:5d:da:fe:2d:d0:d3:
c9:8f:a8:e7:27:5b:e8:86:c7:79:bb:d1:83:27:92:
b6:84:4e:13:64:b1:1c:3d:ed:7b:aa:66:34:bb:48:
98:0e:28:9d:50:86:4b:da:fe:81:c4:08:0c:64:e4:
2c:de:48:ed:c8:a4:80:a9:2a:d6:19:2e:cf:82:b9:
1f:4c:99:0a:ca:e1:d9:1c:a4:b5:ee:a9:ac:b8:84:
9d:6f:1a:fc:63:d4:f4:be:0f:c5:40:97:d0:f2:2e:
8a:d2:6e:26:0a:2e:a1:c1:4b:96:23:25:ec:9a:08:
9c:c2:84:7c:a7:bc:22:70:1f:ed:c8:4e:72:7f:7b:
b8:1e:45:b3:b9:11:94:9f:ea:c8:0e:8f:df:fb:3f:
36:2b:84:7a:56:49:9c:d2:3f:87:91:2a:d8:71:3a:
12:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6F:9A:7B:42:CB:79:15:EA:89:C6:C1:76:83:5C:7A:D7:90:3E:D8
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/qG-ae0LLeRXqicbBdoNceteQPtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.160.0/19
84.55.0.0/18
88.222.0.0/15
95.173.32.0/19
185.104.176.0/22
213.164.96.0-213.164.118.255
217.147.32.0/20
IPv6:
2a01:7c80::/32
Signature Algorithm: sha256WithRSAEncryption
49:ae:75:6a:4f:d1:a7:c2:ce:07:4c:e3:56:9d:8e:4c:11:59:
d4:5d:6f:cb:e7:a6:9c:aa:7a:c8:f5:96:8f:a2:ce:3a:a4:33:
7c:7e:33:0d:4e:78:37:2c:c2:fa:f4:f6:61:c6:0b:5c:95:7e:
5d:08:3f:67:c0:f9:08:1c:01:81:96:cc:06:bb:71:37:99:7a:
98:ad:6b:ed:15:9d:fb:fd:9b:f5:24:f9:46:b2:8f:05:bc:e7:
ba:df:9d:25:ab:f7:b3:a9:81:dd:78:a2:8e:08:42:8e:be:9f:
6b:ba:08:cc:64:9e:cb:2f:05:60:a6:47:47:30:d5:ec:52:41:
18:f7:cc:ab:b5:cc:c5:47:05:f5:18:41:00:b8:7b:9d:91:e7:
5f:e6:50:2e:54:aa:55:6a:f2:06:91:c3:89:5b:9d:0c:aa:d0:
ec:38:ba:7c:26:5f:52:88:24:a3:3e:d5:22:12:6f:c5:d0:15:
2e:2a:2d:1b:07:d7:13:23:11:81:95:4b:93:10:7e:08:da:ab:
f1:e8:4b:16:e1:9c:14:11:c7:1d:59:26:f8:85:10:d3:b3:28:
b7:03:da:1d:51:2c:a7:96:09:ae:b5:95:c9:50:fd:df:44:c2:
64:fd:f6:02:63:fa:94:1a:2e:cb:08:66:05:cd:96:2a:0e:9a:
83:77:ef:96
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYw/syc3nWX6R6d1iAh7rrtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjMxMjA2MTUxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODZmOWE3YjQyY2I3OTE1ZWE4OWM2YzE3NjgzNWM3YWQ3OTAzZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTcRLRy5goWHwKzYdgBaeY0UAUMC
jroaJBzFTL++vRKknqM9gIoy1oJcZwJdWo8uwFOw7Tfci4Wn5HaRajRigbFWHEpo
LoTp9a4RG8LTkpzcGxZMgvS9dr328OfrMXMcZldd2v4t0NPJj6jnJ1vohsd5u9GD
J5K2hE4TZLEcPe17qmY0u0iYDiidUIZL2v6BxAgMZOQs3kjtyKSAqSrWGS7Pgrkf
TJkKyuHZHKS17qmsuISdbxr8Y9T0vg/FQJfQ8i6K0m4mCi6hwUuWIyXsmgicwoR8
p7wicB/tyE5yf3u4HkWzuRGUn+rIDo/f+z82K4R6Vkmc0j+HkSrYcToS1QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKhvmntCy3kV6onGwXaDXHrXkD7YMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvcUctYWUwTExlUlhxaWNiQmRvTmNldGVRUHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxAwQFT4SgAwQG
VDcAAwMBWN4DBAVfrSADBAK5aLAwDAMEBdWkYAMEANWkdgMEBNmTIDANBAIAAjAH
AwUAKgF8gDANBgkqhkiG9w0BAQsFAAOCAQEASa51ak/Rp8LOB0zjVp2OTBFZ1F1v
y+emnKp6yPWWj6LOOqQzfH4zDU54NyzC+vT2YcYLXJV+XQg/Z8D5CBwBgZbMBrtx
N5l6mK1r7RWd+/2b9ST5RrKPBbznut+dJav3s6mB3XiijghCjr6fa7oIzGSeyy8F
YKZHRzDV7FJBGPfMq7XMxUcF9RhBALh7nZHnX+ZQLlSqVWryBpHDiVudDKrQ7Di6
fCZfUogkoz7VIhJvxdAVLiotGwfXEyMRgZVLkxB+CNqr8ehLFuGcFBHHHVkm+IUQ
07MotwPaHVEsp5YJrrWVyVD930TCZP32AmP6lBouywhmBc2WKg6ag3fvlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:15 2024 by rpki-client on console-fra.rpki-client.org