Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/qeToXTz20ZZw8mSXku2nQpnB660.roa
File: qeToXTz20ZZw8mSXku2nQpnB660.roa (raw, json)
Hash identifier: fIekh7srjBfLSVmzglKGRL1GPYOlIvpfvneXum7BLRI=
Subject key identifier: A9:E4:E8:5D:3C:F6:D1:96:70:F2:64:97:92:ED:A7:42:99:C1:EB:AD
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0192F94F5F83E39B355DD6F027E139FDA3BC
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/qeToXTz20ZZw8mSXku2nQpnB660.roa
Signing time: Mon 04 Nov 2024 22:33:01 +0000
ROA not before: Mon 04 Nov 2024 22:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44050
IP address blocks: 5.101.89.0/24 maxlen: 24
45.156.212.0/22 maxlen: 22
45.159.200.0/22 maxlen: 22
46.161.16.0/22 maxlen: 22
95.215.0.0/22 maxlen: 24
188.143.128.0/17 maxlen: 24
195.2.240.0/23 maxlen: 24
2a00:1d78::/32 maxlen: 48
2a00:1d78:666::/64 maxlen: 64
2a01:8380::/32 maxlen: 32
2a0c:8700::/29 maxlen: 29
2a0d:8fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 05 Nov 2024 01:29:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f9:4f:5f:83:e3:9b:35:5d:d6:f0:27:e1:39:fd:a3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Nov 4 22:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9e4e85d3cf6d19670f2649792eda74299c1ebad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:44:d3:cd:8b:9f:fe:a2:c5:7c:6a:49:87:cd:
dc:a3:6b:05:bf:40:0e:b8:ae:fc:18:27:91:0e:53:
aa:38:94:6f:bb:b2:5a:0f:c5:a7:af:30:43:92:ef:
12:a8:eb:0c:ab:08:6e:c9:a4:ef:e2:35:0e:bf:7d:
1c:46:5d:9e:10:69:29:db:1a:d8:65:56:b7:77:47:
a9:b7:47:a0:26:85:63:7e:31:76:1f:47:d0:dd:ab:
b6:6a:06:6a:a2:94:d9:6c:0d:c0:9e:52:be:c4:86:
8c:0e:9b:b1:3d:e4:8c:3b:bc:0a:0f:0e:ef:5d:b0:
80:6d:d1:08:df:15:f5:25:64:6e:e3:01:4c:14:25:
66:73:c9:94:86:a8:86:93:4f:38:7c:06:1d:7b:0b:
60:fc:5c:08:26:23:be:b5:ac:09:a7:67:29:55:a8:
ad:24:0f:9d:b7:e1:e9:ca:2c:24:94:8d:3d:e7:45:
be:24:53:28:00:e3:6a:91:05:d8:20:41:2a:7c:df:
48:84:83:ea:1e:46:02:b8:c5:61:18:e9:d0:66:a5:
46:2b:33:dd:ce:22:23:f6:4d:c3:1f:68:e0:22:6a:
9b:84:58:28:23:ed:5b:bd:9a:b7:20:08:9b:be:68:
81:8b:36:53:f6:8d:5b:c4:aa:5d:ff:ba:a3:bb:d7:
d5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E4:E8:5D:3C:F6:D1:96:70:F2:64:97:92:ED:A7:42:99:C1:EB:AD
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/qeToXTz20ZZw8mSXku2nQpnB660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.89.0/24
45.156.212.0/22
45.159.200.0/22
46.161.16.0/22
95.215.0.0/22
188.143.128.0/17
195.2.240.0/23
IPv6:
2a00:1d78::/32
2a01:8380::/32
2a0c:8700::/29
2a0d:8fc0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:76:8a:a5:fc:77:01:0e:2b:82:f1:e8:1a:82:f6:38:d2:a6:
b1:57:73:d4:82:d5:c1:5e:5a:ef:99:3a:50:ee:b8:d1:f5:7f:
36:8e:4c:7d:07:4f:d8:05:be:54:38:8a:b4:bb:ef:ee:eb:b7:
05:a9:9d:f6:9e:e6:b9:e8:3b:23:4a:94:a6:c5:43:33:52:59:
55:0e:48:b7:15:15:2a:e1:02:4a:3a:b6:c3:01:c7:4f:b2:08:
7c:86:be:e8:cf:8e:5f:ab:d2:9e:f7:4e:9e:0c:c0:62:4a:a4:
df:e6:d6:26:bd:9d:21:eb:24:fe:23:38:64:e9:77:4b:94:cf:
3e:e1:6a:07:67:f8:a5:b5:89:51:f6:f1:b3:c6:58:29:0b:6e:
97:0e:cf:b4:a1:1f:1d:22:63:80:50:ee:6f:71:aa:65:d1:39:
46:3a:05:da:18:ab:a2:55:dc:e6:ae:74:05:ce:62:56:8a:5d:
ef:c2:c8:e1:ef:c7:b5:02:49:57:eb:d4:85:64:25:2c:44:68:
76:72:91:41:3d:03:9a:e7:34:32:1d:ee:a7:9d:0e:87:c3:9d:
ec:f7:8c:6e:3b:02:77:36:b9:ac:fa:fa:89:35:f7:e9:19:f5:
3c:e2:41:50:f5:c4:a1:23:b1:29:88:50:6f:a6:87:13:61:40:
2f:c0:17:be
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZL5T1+D45s1XdbwJ+E5/aO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQxMTA0MjIzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWU0ZTg1ZDNjZjZkMTk2NzBmMjY0OTc5MmVkYTc0Mjk5YzFlYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtETTzYuf/qLFfGpJh83co2sFv0AO
uK78GCeRDlOqOJRvu7JaD8WnrzBDku8SqOsMqwhuyaTv4jUOv30cRl2eEGkp2xrY
ZVa3d0ept0egJoVjfjF2H0fQ3au2agZqopTZbA3AnlK+xIaMDpuxPeSMO7wKDw7v
XbCAbdEI3xX1JWRu4wFMFCVmc8mUhqiGk084fAYdewtg/FwIJiO+tawJp2cpVait
JA+dt+HpyiwklI0950W+JFMoAONqkQXYIEEqfN9IhIPqHkYCuMVhGOnQZqVGKzPd
ziIj9k3DH2jgImqbhFgoI+1bvZq3IAibvmiBizZT9o1bxKpd/7qju9fVowIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKnk6F089tGWcPJkl5Ltp0KZweutMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvcWVUb1hUejIwWlp3OG1TWGt1Mm5RcG5CNjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjAwBAIAATAqAwQABWVZAwQC
LZzUAwQCLZ/IAwQCLqEQAwQCX9cAAwQHvI+AAwQBwwLwMCIEAgACMBwDBQAqAB14
AwUAKgGDgAMFAyoMhwADBQMqDY/AMA0GCSqGSIb3DQEBCwUAA4IBAQCNdoql/HcB
DiuC8egagvY40qaxV3PUgtXBXlrvmTpQ7rjR9X82jkx9B0/YBb5UOIq0u+/u67cF
qZ32nua56DsjSpSmxUMzUllVDki3FRUq4QJKOrbDAcdPsgh8hr7oz45fq9Ke906e
DMBiSqTf5tYmvZ0h6yT+Izhk6XdLlM8+4WoHZ/iltYlR9vGzxlgpC26XDs+0oR8d
ImOAUO5vcapl0TlGOgXaGKuiVdzmrnQFzmJWil3vwsjh78e1AklX69SFZCUsRGh2
cpFBPQOa5zQyHe6nnQ6Hw53s94xuOwJ3Nrms+vqJNffpGfU84kFQ9cShI7EpiFBv
pocTYUAvwBe+
-----END CERTIFICATE-----
Generated at Tue Nov 5 06:48:41 2024 by rpki-client on console-fra.rpki-client.org