Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/qnxgUQlwAM459rNUsOr-H3-O8vs.roa
File: qnxgUQlwAM459rNUsOr-H3-O8vs.roa (raw, json)
Hash identifier: jLYHSaL+iwaQWFUvIaA+K6rX+njKA96oovyY9R2YU/I=
Subject key identifier: AA:7C:60:51:09:70:00:CE:39:F6:B3:54:B0:EA:FE:1F:7F:8E:F2:FB
Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Certificate serial: 0185CF55B099321AA5A0D96303116368813A
Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/qnxgUQlwAM459rNUsOr-H3-O8vs.roa
Signing time: Fri 20 Jan 2023 13:19:37 +0000
ROA not before: Fri 20 Jan 2023 13:19:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56410
IP address blocks: 93.119.24.0/22 maxlen: 22
159.253.224.0/22 maxlen: 22
185.122.132.0/22 maxlen: 22
185.156.196.0/22 maxlen: 22
185.57.102.0/24 maxlen: 24
185.57.100.0/22 maxlen: 22
144.2.240.0/21 maxlen: 21
81.173.12.0/22 maxlen: 22
45.137.184.0/22 maxlen: 22
91.216.236.0/24 maxlen: 24
91.216.241.0/24 maxlen: 24
185.32.152.0/22 maxlen: 22
5.149.168.0/21 maxlen: 21
2a04:b00::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:55:b0:99:32:1a:a5:a0:d9:63:03:11:63:68:81:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Validity
Not Before: Jan 20 13:19:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa7c6051097000ce39f6b354b0eafe1f7f8ef2fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:66:49:90:52:36:8f:b5:f2:6f:36:5d:d4:2f:
aa:9a:a3:34:71:e4:83:36:85:bb:c3:e0:44:f2:9c:
fb:be:1b:d4:7e:a2:ab:ac:44:41:53:66:1b:31:b9:
96:f7:40:2b:92:17:4a:4f:92:0b:df:27:4c:1b:5d:
de:7a:35:37:1e:36:bc:3c:d3:43:77:66:70:4f:a9:
94:42:84:90:f6:be:6b:2d:cb:4b:7d:40:3f:f0:7d:
c2:05:4f:01:9d:7d:1f:f1:9b:11:c8:d5:e3:87:d0:
c6:b3:50:bd:55:34:6c:20:8d:27:7c:7f:fd:f7:99:
04:16:5c:f1:63:d9:29:e4:05:3b:88:9e:49:cf:46:
d8:9a:02:f7:96:0c:ff:16:b4:5e:ab:39:21:95:5b:
31:ac:d4:67:00:20:2a:02:f7:52:f7:5e:a7:f5:52:
d5:18:cb:05:bd:76:f6:3d:21:c9:3d:3d:5c:7d:de:
fa:26:89:11:bc:39:70:d9:3b:ad:17:8b:41:75:8d:
6f:08:65:8e:d3:34:e3:dd:c3:80:db:64:66:49:39:
9e:df:84:12:b1:8c:c2:f8:fd:29:73:de:14:6e:c1:
ff:e2:68:df:1c:2a:ae:f6:5e:cc:ea:31:ce:70:90:
ce:ab:b4:27:1b:7f:fa:55:40:8b:45:d4:84:dd:0a:
9d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7C:60:51:09:70:00:CE:39:F6:B3:54:B0:EA:FE:1F:7F:8E:F2:FB
X509v3 Authority Key Identifier:
keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/qnxgUQlwAM459rNUsOr-H3-O8vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.168.0/21
45.137.184.0/22
81.173.12.0/22
91.216.236.0/24
91.216.241.0/24
93.119.24.0/22
144.2.240.0/21
159.253.224.0/22
185.32.152.0/22
185.57.100.0/22
185.122.132.0/22
185.156.196.0/22
IPv6:
2a04:b00::/29
Signature Algorithm: sha256WithRSAEncryption
0e:a5:b2:92:6e:7f:a7:b4:b1:67:cf:dc:c9:22:22:bd:a4:2e:
3f:aa:90:c8:8f:8d:20:39:4b:cb:c3:8a:29:db:08:47:04:e2:
5c:d8:4c:84:65:a4:e3:39:eb:b3:6a:fc:79:64:d1:6c:e9:e4:
65:3a:d1:51:ba:62:f2:55:e8:05:64:99:09:fd:0f:32:88:a4:
44:81:a9:6b:04:92:75:05:41:93:89:11:df:3c:e4:85:04:7c:
40:05:e1:6d:a9:c9:02:17:e5:4a:02:69:a2:12:f2:80:f1:dc:
7e:4d:53:25:ce:b5:fd:81:a7:c1:57:f7:1c:b1:39:04:33:9e:
9d:45:8c:c7:83:ff:e5:71:6d:88:cf:c9:bd:50:e0:e8:7d:f8:
9b:16:1e:7b:d8:00:54:35:57:56:48:66:42:ec:a8:22:40:63:
5a:41:c6:e7:eb:ae:29:ec:1d:0b:16:56:22:7a:b6:a7:10:13:
d8:f6:ce:f8:08:92:fa:84:4d:18:4b:d0:eb:75:24:96:31:0b:
de:3b:4b:dc:0f:48:2e:48:57:3c:c5:7e:f7:8a:55:fd:4d:42:
cc:2c:8e:46:c0:6f:2e:bf:b2:2f:00:75:85:35:4f:27:df:c2:
75:20:de:ca:1e:e9:c5:21:4e:3d:cc:6d:51:75:c4:ca:81:08:
df:47:3e:b3
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYXPVbCZMhqloNljAxFjaIE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjI5ODE5Nzg4ODU2OTZjZTFjMmJiZjRhZjk5ZGFkYzJj
NjE4ZWIwHhcNMjMwMTIwMTMxOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTdjNjA1MTA5NzAwMGNlMzlmNmIzNTRiMGVhZmUxZjdmOGVmMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGZJkFI2j7XybzZd1C+qmqM0ceSD
NoW7w+BE8pz7vhvUfqKrrERBU2YbMbmW90ArkhdKT5IL3ydMG13eejU3Hja8PNND
d2ZwT6mUQoSQ9r5rLctLfUA/8H3CBU8BnX0f8ZsRyNXjh9DGs1C9VTRsII0nfH/9
95kEFlzxY9kp5AU7iJ5Jz0bYmgL3lgz/FrReqzkhlVsxrNRnACAqAvdS916n9VLV
GMsFvXb2PSHJPT1cfd76JokRvDlw2TutF4tBdY1vCGWO0zTj3cOA22RmSTme34QS
sYzC+P0pc94UbsH/4mjfHCqu9l7M6jHOcJDOq7QnG3/6VUCLRdSE3QqdEwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFKp8YFEJcADOOfazVLDq/h9/jvL7MB8GA1UdIwQY
MBaAFJOymBl4iFaWzhwrv0r5na3CxhjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzkt
MzFjOTVlMmExZDZmLzEvcW54Z1VRbHdBTTQ1OXJOVXNPci1IMy1POHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzktMzFjOTVlMmExZDZm
LzEvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBZWoAwQC
LYm4AwQCUa0MAwQAW9jsAwQAW9jxAwQCXXcYAwQDkALwAwQCn/3gAwQCuSCYAwQC
uTlkAwQCuXqEAwQCuZzEMA0EAgACMAcDBQMqBAsAMA0GCSqGSIb3DQEBCwUAA4IB
AQAOpbKSbn+ntLFnz9zJIiK9pC4/qpDIj40gOUvLw4op2whHBOJc2EyEZaTjOeuz
avx5ZNFs6eRlOtFRumLyVegFZJkJ/Q8yiKREgalrBJJ1BUGTiRHfPOSFBHxABeFt
qckCF+VKAmmiEvKA8dx+TVMlzrX9gafBV/ccsTkEM56dRYzHg//lcW2Iz8m9UODo
ffibFh572ABUNVdWSGZC7KgiQGNaQcbn664p7B0LFlYieranEBPY9s74CJL6hE0Y
S9DrdSSWMQveO0vcD0guSFc8xX73ilX9TULMLI5GwG8uv7IvAHWFNU8n38J1IN7K
HunFIU49zG1RdcTKgQjfRz6z
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:35:50 2024 by rpki-client on console-fra.rpki-client.org