Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/qnGzfs4AC5Fwwvh-EdqfGQCMpaU.roa
File: qnGzfs4AC5Fwwvh-EdqfGQCMpaU.roa (raw, json)
Hash identifier: EKr+LoHNpknKPJB/w73jFXTytgVd84BA0/9cl2340cQ=
Subject key identifier: AA:71:B3:7E:CE:00:0B:91:70:C2:F8:7E:11:DA:9F:19:00:8C:A5:A5
Certificate issuer: /CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Certificate serial: 018C8227A8921E8E3D7D7B3D0D5D5EEA4AE0
Authority key identifier: 6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/qnGzfs4AC5Fwwvh-EdqfGQCMpaU.roa
Signing time: Tue 19 Dec 2023 12:58:06 +0000
ROA not before: Tue 19 Dec 2023 12:58:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56730
IP address blocks: 185.42.196.0/22 maxlen: 22
188.114.112.0/24 maxlen: 24
185.53.92.0/22 maxlen: 22
188.114.112.0/21 maxlen: 21
95.131.80.0/21 maxlen: 24
185.164.44.0/22 maxlen: 22
134.0.16.0/21 maxlen: 21
91.227.26.0/24 maxlen: 24
185.27.32.0/22 maxlen: 22
2a03:b980:200::/40 maxlen: 40
2a03:b980::/32 maxlen: 32
2a02:ef8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:27:a8:92:1e:8e:3d:7d:7b:3d:0d:5d:5e:ea:4a:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Validity
Not Before: Dec 19 12:58:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa71b37ece000b9170c2f87e11da9f19008ca5a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:44:ee:bc:e1:4b:10:b4:fc:4a:50:19:5e:f8:
33:dc:60:97:f1:3f:a7:dc:e3:4a:62:18:1e:2d:97:
a3:f6:91:25:56:ad:63:ff:a4:03:19:e2:5b:1e:c8:
82:55:f5:1f:b0:13:51:70:6c:da:7b:6e:cf:00:d5:
8f:de:76:4d:3d:4f:9b:dc:0a:73:c2:92:9f:40:06:
89:7f:d7:27:6e:11:4e:9f:5c:9d:34:cd:54:53:ec:
19:1b:2e:cc:a7:2d:c0:20:9e:07:a2:32:bd:f2:66:
61:c8:fb:ca:30:7e:5f:13:52:88:1b:be:11:bf:13:
08:67:f6:7d:5e:8f:96:f5:29:a1:a4:dc:a1:49:7a:
b5:0f:cb:0f:8c:a4:56:67:56:35:ef:a9:d9:0e:cd:
3e:92:2f:0f:57:e0:50:f9:27:33:39:fd:39:d2:e9:
71:25:1d:07:22:6d:63:b8:f8:01:07:08:ed:1e:66:
97:ec:b9:8c:43:4b:ac:d3:c7:2e:03:13:e1:68:e6:
79:43:c3:5b:67:7b:fd:45:b4:1a:f6:05:ec:de:ac:
de:ad:12:66:ec:ea:e1:c4:00:5f:fe:46:10:f3:da:
3e:ab:bd:95:de:9e:62:a7:3d:14:7f:3e:e5:a5:b5:
17:8e:5f:28:e1:ed:3b:63:46:12:be:7b:dc:08:3b:
55:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:71:B3:7E:CE:00:0B:91:70:C2:F8:7E:11:DA:9F:19:00:8C:A5:A5
X509v3 Authority Key Identifier:
keyid:6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/qnGzfs4AC5Fwwvh-EdqfGQCMpaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/bkBn13v-qZ3yXOXgipIT0RKAFM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.26.0/24
95.131.80.0/21
134.0.16.0/21
185.27.32.0/22
185.42.196.0/22
185.53.92.0/22
185.164.44.0/22
188.114.112.0/21
IPv6:
2a02:ef8::/32
2a03:b980::/32
Signature Algorithm: sha256WithRSAEncryption
43:aa:2d:88:fe:c3:56:13:57:73:ec:53:2b:c2:5e:7b:b7:4c:
9b:37:21:51:44:ee:2e:f4:d1:dc:f7:b0:5e:7e:0f:96:da:01:
f8:47:1b:e3:e9:48:00:0b:40:ef:aa:af:bf:c3:94:b9:90:0e:
27:68:ec:e9:00:a4:53:7d:15:de:5f:58:5f:a7:29:6b:99:07:
59:b3:08:b2:28:a1:b7:2c:65:6b:1c:e6:99:64:0b:42:4f:e3:
d8:44:a5:e3:d4:03:e0:75:2f:85:ea:37:9e:21:9e:5d:23:56:
f8:c8:08:75:52:ae:67:be:3f:ef:5e:5b:42:d6:5f:1c:32:90:
7c:bf:c9:01:33:85:94:71:05:6b:b6:e9:8a:b3:83:67:06:52:
fb:34:28:b6:a6:28:60:17:c5:2c:17:c1:03:3e:c6:e4:39:f0:
6c:ed:48:b9:0d:eb:f4:ad:9c:ae:8f:c0:b0:28:8c:0e:12:10:
03:66:63:2b:96:a4:32:f2:76:26:51:60:31:28:a0:91:09:ed:
7a:c8:e3:23:ff:9f:a5:44:39:e4:59:29:85:1a:ec:8e:37:2a:
ab:ce:1f:2e:81:88:f6:b9:de:25:7e:2a:0a:4f:77:a1:69:6a:
84:df:82:25:1e:29:db:e4:a0:91:c0:2c:fd:3e:8c:09:20:f5:
9b:1a:0c:f3
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYyCJ6iSHo49fXs9DV1e6krgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDA2N2Q3N2JmZWE5OWRmMjVjZTVlMDhhOTIxM2QxMTI4
MDE0Y2YwHhcNMjMxMjE5MTI1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTcxYjM3ZWNlMDAwYjkxNzBjMmY4N2UxMWRhOWYxOTAwOGNhNWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkETuvOFLELT8SlAZXvgz3GCX8T+n
3ONKYhgeLZej9pElVq1j/6QDGeJbHsiCVfUfsBNRcGzae27PANWP3nZNPU+b3Apz
wpKfQAaJf9cnbhFOn1ydNM1UU+wZGy7Mpy3AIJ4HojK98mZhyPvKMH5fE1KIG74R
vxMIZ/Z9Xo+W9SmhpNyhSXq1D8sPjKRWZ1Y176nZDs0+ki8PV+BQ+SczOf050ulx
JR0HIm1juPgBBwjtHmaX7LmMQ0us08cuAxPhaOZ5Q8NbZ3v9RbQa9gXs3qzerRJm
7OrhxABf/kYQ89o+q72V3p5ipz0Ufz7lpbUXjl8o4e07Y0YSvnvcCDtVjQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKpxs37OAAuRcML4fhHanxkAjKWlMB8GA1UdIwQY
MBaAFG5AZ9d7/qmd8lzl4IqSE9ESgBTPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmIt
MzMwM2Y3MTYyMmY5LzEvcW5HemZzNEFDNUZ3d3ZoLUVkcWZHUUNNcGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmItMzMwM2Y3MTYyMmY5
LzEvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQAW+MaAwQD
X4NQAwQDhgAQAwQCuRsgAwQCuSrEAwQCuTVcAwQCuaQsAwQDvHJwMBQEAgACMA4D
BQAqAg74AwUAKgO5gDANBgkqhkiG9w0BAQsFAAOCAQEAQ6otiP7DVhNXc+xTK8Je
e7dMmzchUUTuLvTR3PewXn4PltoB+Ecb4+lIAAtA76qvv8OUuZAOJ2js6QCkU30V
3l9YX6cpa5kHWbMIsiihtyxlaxzmmWQLQk/j2ESl49QD4HUvheo3niGeXSNW+MgI
dVKuZ74/715bQtZfHDKQfL/JATOFlHEFa7bpirODZwZS+zQotqYoYBfFLBfBAz7G
5DnwbO1IuQ3r9K2cro/AsCiMDhIQA2ZjK5akMvJ2JlFgMSigkQntesjjI/+fpUQ5
5FkphRrsjjcqq84fLoGI9rneJX4qCk93oWlqhN+CJR4p2+SgkcAs/T6MCSD1mxoM
8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:45 2024 by rpki-client on console-fra.rpki-client.org