Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/QKbXp8VGY9sn8aAIiulRBJ8qpeY.roa
File: QKbXp8VGY9sn8aAIiulRBJ8qpeY.roa (raw, json)
Hash identifier: dc10QwOdD7vb9hLRVySTPUwCkxFcrcMoKwBJWek1Fro=
Subject key identifier: 40:A6:D7:A7:C5:46:63:DB:27:F1:A0:08:8A:E9:51:04:9F:2A:A5:E6
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018890A01C6672EFEA85C5E475F35CC205F7
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/QKbXp8VGY9sn8aAIiulRBJ8qpeY.roa
Signing time: Tue 06 Jun 2023 12:13:12 +0000
ROA not before: Tue 06 Jun 2023 12:13:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b86::/40 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 21 Jul 2023 09:46:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:90:a0:1c:66:72:ef:ea:85:c5:e4:75:f3:5c:c2:05:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jun 6 12:13:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40a6d7a7c54663db27f1a0088ae951049f2aa5e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3f:43:e2:d0:8d:e1:0b:95:56:c5:64:94:46:
bd:fd:69:a8:95:2c:57:1f:d5:9c:b2:5d:54:78:99:
73:da:7a:b1:22:85:26:50:94:fe:8d:94:5d:f9:91:
f0:09:01:34:cd:6f:30:1a:c8:a5:3e:cb:bd:bf:ac:
01:31:ca:75:ed:32:5e:39:cb:6a:d9:a9:af:f7:e8:
4f:b4:19:30:86:49:42:19:4d:70:b1:6d:de:79:d8:
51:87:12:40:a9:23:b0:45:74:16:24:72:c8:ad:6f:
1a:14:4e:bf:8b:09:26:2c:fd:30:78:d4:a0:cd:49:
f7:08:83:f4:07:78:4e:a9:21:1f:1b:ef:27:d6:b4:
fb:38:16:56:c4:9a:73:64:de:42:6a:96:e6:66:16:
c4:ae:8a:81:cf:15:2a:07:74:90:0b:0a:44:a4:74:
ca:6b:6d:fe:a7:fd:c2:d0:1a:b0:4f:94:71:7e:fc:
95:c3:80:fc:63:b0:69:b3:7e:d2:00:37:96:46:31:
00:96:bc:fa:f9:45:43:0a:b4:2d:ff:16:e7:17:2b:
59:17:16:60:50:7c:32:63:07:6c:ab:06:46:9f:be:
eb:a7:e2:7f:1e:32:c8:ba:33:e5:0a:ba:1b:6f:86:
0c:4c:d0:59:d0:23:a9:b9:80:76:16:c0:7f:85:fc:
2e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A6:D7:A7:C5:46:63:DB:27:F1:A0:08:8A:E9:51:04:9F:2A:A5:E6
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/QKbXp8VGY9sn8aAIiulRBJ8qpeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
20:81:e8:43:4f:82:6c:c9:d2:79:f3:65:29:c8:15:59:21:46:
72:4d:b8:df:59:77:02:c7:b4:2a:72:ff:91:60:fa:b4:12:81:
46:e6:32:2d:6e:ca:70:a3:95:88:8d:c0:54:f2:45:48:3c:12:
94:80:c0:36:38:af:12:d9:4f:f1:53:7b:35:6d:ba:05:f1:2d:
12:4e:84:0d:d7:fb:83:0e:7c:f7:9e:5f:c8:6e:51:01:cb:47:
93:a6:ae:cf:6e:50:5a:a7:cc:7a:7e:26:22:17:e9:7f:b0:68:
c2:07:c2:db:72:0f:49:88:9e:1f:74:bb:5e:c9:dd:17:e0:45:
62:17:c1:76:a4:8a:39:85:83:4c:cc:91:33:7c:4b:00:a4:20:
c7:08:c6:33:23:49:ad:f6:89:2f:fd:7e:60:05:04:88:4b:00:
d0:14:b5:7a:9f:7b:8c:c7:bd:c5:15:fd:ac:81:b0:48:33:1d:
10:fb:27:34:04:e2:17:3b:3c:f2:a7:97:3a:74:19:92:62:f2:
d9:e3:7a:12:6a:b3:4f:83:e2:47:41:25:8d:fd:0e:0c:8a:9b:
1b:92:7d:31:cf:63:64:89:2d:de:17:a3:b4:6f:48:13:5e:eb:
5a:9d:d6:8f:4f:bd:17:fc:e3:3d:de:18:48:bc:0b:8a:99:80:
e0:9f:9b:1c
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAYiQoBxmcu/qhcXkdfNcwgX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNjA2MTIxMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE2ZDdhN2M1NDY2M2RiMjdmMWEwMDg4YWU5NTEwNDlmMmFhNWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz9D4tCN4QuVVsVklEa9/WmolSxX
H9Wcsl1UeJlz2nqxIoUmUJT+jZRd+ZHwCQE0zW8wGsilPsu9v6wBMcp17TJeOctq
2amv9+hPtBkwhklCGU1wsW3eedhRhxJAqSOwRXQWJHLIrW8aFE6/iwkmLP0weNSg
zUn3CIP0B3hOqSEfG+8n1rT7OBZWxJpzZN5CapbmZhbEroqBzxUqB3SQCwpEpHTK
a23+p/3C0BqwT5RxfvyVw4D8Y7Bps37SADeWRjEAlrz6+UVDCrQt/xbnFytZFxZg
UHwyYwdsqwZGn77rp+J/HjLIujPlCrobb4YMTNBZ0COpuYB2FsB/hfwuKQIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFECm16fFRmPbJ/GgCIrpUQSfKqXmMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUUtiWHA4VkdZOXNuOGFBSWl1bFJCSjhxcGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDCBlwQCAAEwgZAD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBALB3cADBALCH4wDBALCMhADBALCOOADBALUawww
aAQCAAIwYgMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsL
h/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CA
AAADBQAqDXfHMA0GCSqGSIb3DQEBCwUAA4IBAQAggehDT4JsydJ582UpyBVZIUZy
TbjfWXcCx7Qqcv+RYPq0EoFG5jItbspwo5WIjcBU8kVIPBKUgMA2OK8S2U/xU3s1
bboF8S0SToQN1/uDDnz3nl/IblEBy0eTpq7PblBap8x6fiYiF+l/sGjCB8Lbcg9J
iJ4fdLteyd0X4EViF8F2pIo5hYNMzJEzfEsApCDHCMYzI0mt9okv/X5gBQSISwDQ
FLV6n3uMx73FFf2sgbBIMx0Q+yc0BOIXOzzyp5c6dBmSYvLZ43oSarNPg+JHQSWN
/Q4Mipsbkn0xz2NkiS3eF6O0b0gTXutandaPT70X/OM93hhIvAuKmYDgn5sc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org