Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/QsHVWx2OhiNMhPQjJ-ceakX6Q9A.roa
File: QsHVWx2OhiNMhPQjJ-ceakX6Q9A.roa (raw, json)
Hash identifier: 4540ovHVioOl1u3VoE/X98SRhnTj8zug6t5gs2i/lQk=
Subject key identifier: 42:C1:D5:5B:1D:8E:86:23:4C:84:F4:23:27:E7:1E:6A:45:FA:43:D0
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0254D38BCEA7191AC6F9F04436569C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/QsHVWx2OhiNMhPQjJ-ceakX6Q9A.roa
Signing time: Sun 01 Jan 2023 20:25:01 +0000
ROA not before: Sun 01 Jan 2023 20:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.138.0/23 maxlen: 23
85.254.134.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
85.254.84.0/23 maxlen: 23
85.254.104.0/22 maxlen: 22
85.254.112.0/22 maxlen: 22
85.254.108.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.122.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
85.254.126.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.40.0/24 maxlen: 24
85.254.51.0/24 maxlen: 24
85.254.62.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.2.0/24 maxlen: 24
85.254.8.0/21 maxlen: 21
85.254.7.0/24 maxlen: 24
159.148.109.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.248.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:54:d3:8b:ce:a7:19:1a:c6:f9:f0:44:36:56:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42c1d55b1d8e86234c84f42327e71e6a45fa43d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:47:1d:01:b0:85:33:6a:1d:4a:8a:c0:07:09:
a8:f2:7d:17:37:7b:4e:63:0d:76:c6:3a:6a:fe:c6:
0a:73:c7:ee:d6:8b:48:67:00:53:3f:00:43:6b:63:
9f:f4:29:59:c7:4a:ab:0a:c3:91:65:73:8c:69:d6:
33:c2:bd:ab:d7:a1:94:b7:bf:b1:44:58:2b:eb:fa:
f2:27:13:1a:34:68:04:3a:c8:a1:2f:a3:30:7e:34:
60:7a:d6:13:e4:74:c0:ec:b2:96:8f:0e:52:ab:c8:
28:bb:d5:c8:8d:5f:d6:8f:d9:6e:37:60:9d:fd:0a:
10:7a:ab:a2:65:3b:9d:d1:d1:72:d8:f4:db:93:f3:
8b:63:58:47:da:80:3a:9f:4f:42:73:fc:fc:c1:de:
3b:b7:ff:a5:36:0b:88:27:bb:59:29:fe:3b:19:49:
8c:e5:50:6f:37:27:5d:97:b5:a9:a1:b8:34:1b:6e:
44:0f:91:8b:1b:ef:cc:08:0a:50:11:24:fe:40:0a:
51:ef:02:1b:f0:e5:f3:27:e3:e3:ea:11:65:f4:ba:
50:e9:ce:b3:9f:75:95:21:b2:94:a0:48:44:a0:de:
67:b8:28:68:34:a8:d4:35:51:19:0c:01:11:93:02:
60:af:4a:64:ff:af:ee:25:bd:34:18:2d:86:b9:e3:
26:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:C1:D5:5B:1D:8E:86:23:4C:84:F4:23:27:E7:1E:6A:45:FA:43:D0
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/QsHVWx2OhiNMhPQjJ-ceakX6Q9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.7.0-85.254.15.255
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.62.0-85.254.65.255
85.254.76.0/22
85.254.84.0/23
85.254.104.0-85.254.119.255
85.254.122.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.138.0-85.254.140.255
85.254.174.0/23
85.254.178.0-85.254.181.255
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.138.0/24
159.148.150.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.169.0/24
159.148.177.0/24
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.248.0/24
185.27.92.0/22
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
43:79:3b:e2:92:9b:15:cf:f9:52:86:03:aa:df:fd:e8:38:93:
af:18:f2:7d:5c:7a:ea:ea:93:8b:d9:3b:82:78:a0:a2:0b:3e:
7c:17:b2:b7:99:31:f6:2b:15:05:35:76:71:53:8a:72:f8:85:
86:08:91:2c:34:1e:b7:86:18:67:4f:e7:5f:aa:a8:a1:0f:3a:
0e:11:92:f9:21:2b:f6:b8:41:b5:38:75:c0:83:76:af:7e:86:
6f:4d:b3:2b:8b:89:94:5e:66:07:ba:30:97:3c:f5:ac:a5:96:
8b:f9:54:d6:4d:a6:2f:c3:f6:53:5e:5f:6d:f7:ea:28:d9:60:
a7:f1:6c:23:6d:23:7b:1c:63:07:14:28:09:58:11:9b:8f:ae:
55:5d:d8:2d:7a:7d:5c:2e:52:27:27:58:af:6d:ed:be:d8:03:
95:79:26:4c:77:5f:24:a3:53:a3:53:64:ad:df:f1:29:f6:bb:
35:33:f5:df:b1:91:39:b7:ac:0a:73:da:20:7a:fe:fe:9e:c7:
11:a6:f9:27:a1:14:a8:75:af:82:a6:8a:0f:07:cf:d9:b1:f7:
0f:68:f3:e0:73:37:2d:5f:0d:37:4b:3e:fb:f1:79:78:cf:0b:
2d:86:26:09:f3:88:d9:e3:e6:7a:1c:d1:f0:b3:1a:3a:3e:7b:
cc:bb:6d:b7
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYVvAlTTi86nGRrG+fBENlacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmMxZDU1YjFkOGU4NjIzNGM4NGY0MjMyN2U3MWU2YTQ1ZmE0M2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0cdAbCFM2odSorABwmo8n0XN3tO
Yw12xjpq/sYKc8fu1otIZwBTPwBDa2Of9ClZx0qrCsORZXOMadYzwr2r16GUt7+x
RFgr6/ryJxMaNGgEOsihL6MwfjRgetYT5HTA7LKWjw5Sq8gou9XIjV/Wj9luN2Cd
/QoQequiZTud0dFy2PTbk/OLY1hH2oA6n09Cc/z8wd47t/+lNguIJ7tZKf47GUmM
5VBvNyddl7Wpobg0G25ED5GLG+/MCApQEST+QApR7wIb8OXzJ+Pj6hFl9LpQ6c6z
n3WVIbKUoEhEoN5nuChoNKjUNVEZDAERkwJgr0pk/6/uJb00GC2GueMmeQIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFELB1VsdjoYjTIT0IyfnHmpF+kPQMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvUXNIVld4Mk9oaU5NaFBRakotY2Vha1g2UTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjCCAUYEAgABMIIB
PgMEAFX+AjAMAwQAVf4HAwQEVf4AAwQAVf4oAwQBVf4qAwQAVf4zMAwDBAFV/j4D
BAFV/kADBAJV/kwDBAFV/lQwDAMEA1X+aAMEA1X+cDAMAwQBVf56AwQAVf5+AwQC
Vf6AAwQAVf6GMAwDBAFV/ooDBABV/owDBAFV/q4wDAMEAVX+sgMEAVX+tAMEAJ+U
NgMEAJ+UPgMEAJ+UQgMEAJ+UbQMEAJ+UfgMEAJ+UgAMEAJ+UggMEAJ+UigMEAJ+U
ljAMAwQAn5SdAwQAn5SeAwQAn5SjAwQBn5SmAwQAn5SpAwQAn5SxMAwDBACflLMD
BACflLQDBACflMwDBACflNgDBACflNoDBACflOoDBACflOwDBACflO8DBACflPED
BACflPgDBAK5G1wDBADZRXkwDAMEANlFfQMEB9lFADANBgkqhkiG9w0BAQsFAAOC
AQEAQ3k74pKbFc/5UoYDqt/96DiTrxjyfVx66uqTi9k7gnigogs+fBeyt5kx9isV
BTV2cVOKcviFhgiRLDQet4YYZ0/nX6qooQ86DhGS+SEr9rhBtTh1wIN2r36Gb02z
K4uJlF5mB7owlzz1rKWWi/lU1k2mL8P2U15fbffqKNlgp/FsI20jexxjBxQoCVgR
m4+uVV3YLXp9XC5SJydYr23tvtgDlXkmTHdfJKNTo1Nkrd/xKfa7NTP137GRObes
CnPaIHr+/p7HEab5J6EUqHWvgqaKDwfP2bH3D2jz4HM3LV8NN0s++/F5eM8LLYYm
CfOI2ePmehzR8LMaOj57zLtttw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org