Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/QkX61TvsHQoZT9Vj2EUdJF6asvc.roa
File: QkX61TvsHQoZT9Vj2EUdJF6asvc.roa (raw, json)
Hash identifier: mdXq0bnfrbXnO1pV4ZFowmqtydD+FKvnMnXT9YqMadI=
Subject key identifier: 42:45:FA:D5:3B:EC:1D:0A:19:4F:D5:63:D8:45:1D:24:5E:9A:B2:F7
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 01891865460704F8AA12926DC81D9C14C6D2
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/QkX61TvsHQoZT9Vj2EUdJF6asvc.roa
Signing time: Sun 02 Jul 2023 20:57:17 +0000
ROA not before: Sun 02 Jul 2023 20:57:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 160.61.208.0/24 maxlen: 24
86.117.18.0/23 maxlen: 23
86.117.18.0/24 maxlen: 24
86.117.19.0/24 maxlen: 24
86.117.47.0/24 maxlen: 24
160.61.170.0/23 maxlen: 23
160.61.171.0/24 maxlen: 24
160.61.168.0/23 maxlen: 23
160.61.168.0/24 maxlen: 24
160.61.169.0/24 maxlen: 24
160.61.170.0/24 maxlen: 24
86.117.140.0/24 maxlen: 24
86.117.141.0/24 maxlen: 24
86.117.140.0/23 maxlen: 23
160.62.1.0/24 maxlen: 24
160.62.2.0/24 maxlen: 24
160.62.3.0/24 maxlen: 24
160.62.4.0/24 maxlen: 24
160.62.0.0/24 maxlen: 24
160.62.0.0/23 maxlen: 23
160.62.5.0/24 maxlen: 24
160.62.6.0/24 maxlen: 24
160.62.7.0/24 maxlen: 24
160.62.9.0/24 maxlen: 24
160.62.12.0/24 maxlen: 24
160.62.13.0/24 maxlen: 24
160.62.14.0/24 maxlen: 24
160.62.15.0/24 maxlen: 24
160.62.21.0/24 maxlen: 24
160.62.22.0/24 maxlen: 24
160.62.141.0/24 maxlen: 24
160.62.140.0/24 maxlen: 24
160.62.140.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:18:65:46:07:04:f8:aa:12:92:6d:c8:1d:9c:14:c6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jul 2 20:57:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4245fad53bec1d0a194fd563d8451d245e9ab2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:43:97:ad:b8:9c:40:3f:00:20:fc:f9:c1:65:
16:e5:ae:85:36:d7:00:17:2a:97:6d:70:ed:3b:e9:
51:af:9f:e5:74:f3:a1:ff:61:c1:89:41:45:ae:55:
cb:77:c8:46:bb:5c:4a:b9:b2:6f:a0:00:11:17:f4:
9e:a0:0b:bf:e6:be:ce:2c:f2:e3:cb:01:6e:ec:f0:
24:81:e8:f7:18:b0:40:6e:a4:d8:c7:e5:88:38:6f:
d5:91:98:52:f8:a6:cc:a8:98:98:0c:2e:4c:d3:60:
0c:9d:02:ce:2a:7c:54:12:0a:82:7c:3c:ab:27:4c:
93:61:ed:7e:64:8b:d9:38:10:b9:62:e7:b9:6c:90:
94:93:ae:81:3e:bd:60:7b:bd:1a:9f:e6:db:ed:f4:
81:bb:b6:69:f0:a4:ca:24:06:dc:95:5e:4e:a9:38:
ea:2b:90:45:11:85:fd:5e:02:c1:05:79:54:b9:b6:
b9:39:bf:41:c7:7d:6e:48:1c:24:21:b5:1a:80:70:
fd:f2:6c:65:bf:06:62:e8:66:d9:42:75:fa:5d:94:
99:c6:56:41:db:2a:89:90:22:35:31:3b:0d:e4:02:
9e:2c:2e:b2:cc:f8:97:76:d8:fd:ac:58:0a:25:9a:
03:17:32:55:84:f2:e7:c1:5c:28:67:69:5a:35:22:
65:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:45:FA:D5:3B:EC:1D:0A:19:4F:D5:63:D8:45:1D:24:5E:9A:B2:F7
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/QkX61TvsHQoZT9Vj2EUdJF6asvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.117.18.0/23
86.117.47.0/24
86.117.140.0/23
160.61.168.0/22
160.61.208.0/24
160.62.0.0/21
160.62.9.0/24
160.62.12.0/22
160.62.21.0-160.62.22.255
160.62.140.0/23
Signature Algorithm: sha256WithRSAEncryption
80:a8:47:2b:71:3c:d3:07:5d:b0:0b:09:24:ff:f4:a3:bd:2b:
bd:82:02:e8:b4:cb:7f:f2:5a:aa:5d:d5:c5:46:1f:4d:aa:40:
55:d2:8e:55:a5:48:fa:94:ad:4f:7c:9f:a0:bc:eb:4f:1f:ee:
7f:76:af:0d:f3:b5:09:1f:4c:58:83:98:75:db:6c:d0:0c:85:
ce:96:ed:64:8d:ec:7f:29:30:ad:b5:35:4e:fa:3f:92:57:76:
41:11:48:20:00:c4:1c:c4:99:17:59:13:ab:fc:9b:b3:61:80:
27:a0:55:06:0e:d5:78:75:c0:56:68:e5:31:3a:0d:fa:0e:1e:
52:79:1b:5f:03:83:21:10:1a:cb:93:6b:a5:65:8d:8a:38:3f:
2a:3a:6c:7d:bf:9e:b0:b9:56:de:b6:87:4f:85:6b:eb:ae:a6:
aa:b8:a0:aa:ba:cf:10:0f:ce:cf:bb:8d:10:0a:d8:aa:d8:d2:
bf:c6:f8:6d:25:de:42:b7:68:9c:a8:89:70:64:70:0f:a3:ea:
de:d1:5e:20:6d:7f:dd:e1:bf:d0:5c:9e:62:9c:d7:35:7b:e0:
37:1a:e9:ac:12:6c:1c:af:6a:d7:2d:e8:7f:e1:2a:62:f0:65:
95:c8:dd:27:03:85:5a:bb:ba:da:f5:5a:0d:54:9e:21:ec:e7:
1d:58:ef:1a
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYkYZUYHBPiqEpJtyB2cFMbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjMwNzAyMjA1NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ1ZmFkNTNiZWMxZDBhMTk0ZmQ1NjNkODQ1MWQyNDVlOWFiMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUOXrbicQD8AIPz5wWUW5a6FNtcA
FyqXbXDtO+lRr5/ldPOh/2HBiUFFrlXLd8hGu1xKubJvoAARF/SeoAu/5r7OLPLj
ywFu7PAkgej3GLBAbqTYx+WIOG/VkZhS+KbMqJiYDC5M02AMnQLOKnxUEgqCfDyr
J0yTYe1+ZIvZOBC5Yue5bJCUk66BPr1ge70an+bb7fSBu7Zp8KTKJAbclV5OqTjq
K5BFEYX9XgLBBXlUuba5Ob9Bx31uSBwkIbUagHD98mxlvwZi6GbZQnX6XZSZxlZB
2yqJkCI1MTsN5AKeLC6yzPiXdtj9rFgKJZoDFzJVhPLnwVwoZ2laNSJlvQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFEJF+tU77B0KGU/VY9hFHSRemrL3MB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvUWtYNjFUdnNIUW9aVDlWajJFVWRKRjZhc3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBVnUSAwQA
VnUvAwQBVnWMAwQCoD2oAwQAoD3QAwQDoD4AAwQAoD4JAwQCoD4MMAwDBACgPhUD
BACgPhYDBAGgPowwDQYJKoZIhvcNAQELBQADggEBAICoRytxPNMHXbALCST/9KO9
K72CAui0y3/yWqpd1cVGH02qQFXSjlWlSPqUrU98n6C8608f7n92rw3ztQkfTFiD
mHXbbNAMhc6W7WSN7H8pMK21NU76P5JXdkERSCAAxBzEmRdZE6v8m7NhgCegVQYO
1Xh1wFZo5TE6DfoOHlJ5G18DgyEQGsuTa6VljYo4Pyo6bH2/nrC5Vt62h0+Fa+uu
pqq4oKq6zxAPzs+7jRAK2KrY0r/G+G0l3kK3aJyoiXBkcA+j6t7RXiBtf93hv9Bc
nmKc1zV74Dca6awSbByvatct6H/hKmLwZZXI3ScDhVq7utr1Wg1UniHs5x1Y7xo=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:14 2024 by rpki-client on console-fra.rpki-client.org