Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/QqCGeQOL8lLOPJOKffFIW712ekY.roa
File: QqCGeQOL8lLOPJOKffFIW712ekY.roa (raw, json)
Hash identifier: 8Gf23oMyDgcP/xj7ovo8vvkvcnBVOq7Iw/WnlWcCEEY=
Subject key identifier: 42:A0:86:79:03:8B:F2:52:CE:3C:93:8A:7D:F1:48:5B:BD:76:7A:46
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018A84E1929E07FAA967025FA9821426EEBF
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/QqCGeQOL8lLOPJOKffFIW712ekY.roa
Signing time: Mon 11 Sep 2023 15:34:50 +0000
ROA not before: Mon 11 Sep 2023 15:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34177
IP address blocks: 83.142.144.0/21 maxlen: 21
91.90.96.0/21 maxlen: 21
62.193.32.0/19 maxlen: 19
82.210.0.0/19 maxlen: 19
78.31.40.0/21 maxlen: 21
83.118.192.0/19 maxlen: 19
178.16.160.0/20 maxlen: 20
176.57.32.0/21 maxlen: 21
95.141.96.0/20 maxlen: 20
82.210.32.0/19 maxlen: 19
94.228.176.0/20 maxlen: 20
62.244.112.0/22 maxlen: 22
5.133.68.0/22 maxlen: 22
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
212.106.96.0/19 maxlen: 19
195.15.128.0/18 maxlen: 18
185.5.108.0/22 maxlen: 22
185.81.52.0/22 maxlen: 22
62.244.84.0/22 maxlen: 22
62.244.88.0/23 maxlen: 23
62.244.86.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
185.19.48.0/22 maxlen: 22
159.180.224.0/19 maxlen: 19
78.109.240.0/20 maxlen: 20
185.41.4.0/22 maxlen: 22
2001:ab8::/29 maxlen: 32
2a01:4e00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:e1:92:9e:07:fa:a9:67:02:5f:a9:82:14:26:ee:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Sep 11 15:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42a08679038bf252ce3c938a7df1485bbd767a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e4:b5:ee:1d:b2:a5:32:10:5b:3f:1b:77:b6:
c5:c3:6d:1f:69:1a:af:3e:41:08:3b:cd:6c:d2:48:
74:06:6d:d0:bb:e0:b2:a0:8d:b9:d5:8d:a4:e4:96:
de:b7:b7:10:5a:cd:88:17:99:d6:3d:6c:cf:74:96:
f9:01:42:16:bd:1a:74:e4:0c:35:b5:0b:e3:8d:a4:
81:7d:23:3d:9d:da:09:12:f5:f3:43:cf:b3:6f:1a:
e7:d1:06:c1:47:db:e2:a6:f1:1a:7b:69:f0:22:54:
47:32:6c:b1:5b:e7:08:94:9f:e6:82:6a:bc:b2:9b:
80:4d:d3:02:59:8d:37:64:85:5d:f0:c8:1f:a7:58:
62:10:d2:8f:6e:7f:89:f5:1e:d4:4d:c7:df:c3:58:
bb:e7:14:f6:fe:31:8b:cf:31:93:31:5c:fe:08:2a:
33:e9:4b:2e:1f:5a:48:c2:8d:58:c0:bd:c5:2b:32:
aa:85:b1:a8:0f:68:a2:f5:32:f8:4e:fb:f0:6d:ab:
6c:18:fc:7c:d4:f9:a8:dc:8c:35:2c:dc:a7:89:cb:
80:da:dc:87:11:9a:49:5e:24:66:ea:cf:23:57:3f:
aa:77:12:36:27:aa:d9:17:3a:b1:44:57:dd:9f:77:
eb:21:a6:3e:e7:ba:25:22:86:14:d5:09:88:a8:df:
32:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A0:86:79:03:8B:F2:52:CE:3C:93:8A:7D:F1:48:5B:BD:76:7A:46
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/QqCGeQOL8lLOPJOKffFIW712ekY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.5.108.0/22
185.19.48.0/22
185.41.4.0/22
185.81.52.0/22
195.15.128.0/18
212.106.96.0/19
IPv6:
2001:ab8::/29
2a01:4e00::/32
Signature Algorithm: sha256WithRSAEncryption
8f:59:2d:82:34:5e:8a:0d:4b:3d:d1:63:02:c5:28:56:ac:3c:
11:06:7e:38:5a:78:e5:d3:be:e9:62:1f:b1:02:03:2c:2f:ea:
14:37:ab:de:3d:00:0f:e6:a8:d7:ac:59:22:e8:2f:25:44:82:
31:be:2f:eb:34:ff:83:b8:3a:47:12:27:72:b1:1b:a0:c5:98:
6f:8a:e4:dd:1a:ae:43:5a:7c:4e:06:76:b8:0c:6b:8e:39:a1:
e4:d3:31:c1:e6:58:6b:8f:bf:cf:34:15:61:07:0b:18:ae:f8:
ec:e7:f8:e0:36:21:5e:70:23:85:02:11:2a:e5:7d:b5:54:f7:
67:3b:96:33:52:bf:8e:5f:46:1a:c5:b8:5a:dd:f8:94:10:f8:
54:37:7d:86:4d:38:d6:77:1f:1f:cb:2e:dc:a4:60:44:d2:37:
e9:b6:95:a7:7d:77:41:5d:44:4f:f3:0d:32:6b:95:d6:5b:16:
93:1b:5b:1a:18:41:94:c1:73:af:0d:79:c7:7e:51:41:f6:f8:
ea:8d:34:06:83:89:21:a2:56:14:4b:5d:be:b5:af:0d:f0:0c:
f8:97:36:5c:5d:d9:ef:83:db:cc:79:ca:f2:c1:aa:07:50:59:
bb:d3:ad:95:05:ac:7a:8c:cf:48:21:cf:c4:73:cc:69:e0:2e:
83:d6:90:82
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYqE4ZKeB/qpZwJfqYIUJu6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMwOTExMTUzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmEwODY3OTAzOGJmMjUyY2UzYzkzOGE3ZGYxNDg1YmJkNzY3YTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOS17h2ypTIQWz8bd7bFw20faRqv
PkEIO81s0kh0Bm3Qu+CyoI251Y2k5Jbet7cQWs2IF5nWPWzPdJb5AUIWvRp05Aw1
tQvjjaSBfSM9ndoJEvXzQ8+zbxrn0QbBR9vipvEae2nwIlRHMmyxW+cIlJ/mgmq8
spuATdMCWY03ZIVd8Mgfp1hiENKPbn+J9R7UTcffw1i75xT2/jGLzzGTMVz+CCoz
6UsuH1pIwo1YwL3FKzKqhbGoD2ii9TL4TvvwbatsGPx81Pmo3Iw1LNynicuA2tyH
EZpJXiRm6s8jVz+qdxI2J6rZFzqxRFfdn3frIaY+57olIoYU1QmIqN8yNwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFEKghnkDi/JSzjyTin3xSFu9dnpGMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvUXFDR2VRT0w4bExPUEpPS2ZmRklXNzEyZWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBnwQCAAEwgZgDBAIF
hUQDBAU+wSAwDAMEAj70VAMEAT70WAMEAj70YAMEAj70cAMEAD70dQMEAD70dwME
A04fKAMEBE5t8AMEBlLSAAMEBVN2wAMEA1OOkAMEA1taYAMEBF7ksAMEBF+NYAME
BZ+04AMEA7A5IAMEBLIQoAMEArkFbAMEArkTMAMEArkpBAMEArlRNAMEBsMPgAME
BdRqYDAUBAIAAjAOAwUDIAEKuAMFACoBTgAwDQYJKoZIhvcNAQELBQADggEBAI9Z
LYI0XooNSz3RYwLFKFasPBEGfjhaeOXTvuliH7ECAywv6hQ3q949AA/mqNesWSLo
LyVEgjG+L+s0/4O4OkcSJ3KxG6DFmG+K5N0arkNafE4GdrgMa445oeTTMcHmWGuP
v880FWEHCxiu+Ozn+OA2IV5wI4UCESrlfbVU92c7ljNSv45fRhrFuFrd+JQQ+FQ3
fYZNONZ3Hx/LLtykYETSN+m2lad9d0FdRE/zDTJrldZbFpMbWxoYQZTBc68Necd+
UUH2+OqNNAaDiSGiVhRLXb61rw3wDPiXNlxd2e+D28x5yvLBqgdQWbvTrZUFrHqM
z0ghz8RzzGngLoPWkII=
-----END CERTIFICATE-----
Generated at Tue Sep 12 16:49:17 2023 by rpki-client on console-fra.rpki-client.org