Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/qKDltaDYghJ0ta3ihMQsNeJzhZk.roa
File: qKDltaDYghJ0ta3ihMQsNeJzhZk.roa (raw, json)
Hash identifier: kKNJyEdsBuDuIoju8bL0dTSR+MKx1aMk7NKGHi5OdF0=
Subject key identifier: A8:A0:E5:B5:A0:D8:82:12:74:B5:AD:E2:84:C4:2C:35:E2:73:85:99
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 0190C5001270D343532FBFA781D8D4BFEFC8
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/qKDltaDYghJ0ta3ihMQsNeJzhZk.roa
Signing time: Thu 18 Jul 2024 08:40:34 +0000
ROA not before: Thu 18 Jul 2024 08:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47787
IP address blocks: 146.19.95.0/24 maxlen: 24
146.19.249.0/24 maxlen: 24
185.112.251.0/24 maxlen: 24
185.166.144.0/24 maxlen: 24
188.93.192.0/21 maxlen: 24
188.93.198.0/24 maxlen: 24
188.93.199.0/24 maxlen: 24
193.107.13.0/24 maxlen: 24
193.109.184.0/21 maxlen: 24
193.163.151.0/24 maxlen: 24
212.52.23.0/24 maxlen: 24
2001:b18::/32 maxlen: 48
2001:b18:a::/48 maxlen: 48
2001:b18:b::/48 maxlen: 48
2001:b18:10::/48 maxlen: 48
2001:b18:1000::/48 maxlen: 48
2001:b18:1001::/48 maxlen: 48
2001:b18:1002::/48 maxlen: 48
2001:b18:1005::/48 maxlen: 48
2001:b18:1008::/48 maxlen: 48
2001:b18:1009::/48 maxlen: 48
2001:b18:1012::/48 maxlen: 48
2001:b18:1014::/48 maxlen: 48
2001:b18:1016::/48 maxlen: 48
2001:b18:1018::/48 maxlen: 48
2001:b18:1019::/48 maxlen: 48
2001:b18:1020::/48 maxlen: 48
2001:b18:bbbb::/48 maxlen: 48
2a0b:e740::/29 maxlen: 29
2a0d:82c0::/29 maxlen: 48
2a0d:82c7:9::/48 maxlen: 48
2a0e:5f00::/29 maxlen: 48
2a0f:7700::/29 maxlen: 29
2a0f:8900::/29 maxlen: 29
2a0f:d300::/29 maxlen: 48
2a10:ee40::/29 maxlen: 29
2a11:c00::/29 maxlen: 48
Validation: Failed, certificate revoked on Sat 10 Aug 2024 11:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:00:12:70:d3:43:53:2f:bf:a7:81:d8:d4:bf:ef:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Jul 18 08:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8a0e5b5a0d8821274b5ade284c42c35e2738599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1f:10:6e:9c:50:50:6f:5b:c6:39:d2:66:82:
1a:34:a9:d0:4c:75:f4:63:3d:ce:c5:86:c5:59:79:
50:40:3e:27:23:b1:90:6b:f5:24:d6:e3:89:d2:ab:
e8:53:33:64:fc:71:ef:0f:f6:e2:b3:b5:52:74:9b:
65:0c:af:70:7e:be:8f:73:cd:05:40:46:71:a1:b8:
d7:97:e9:57:4d:d5:13:10:20:a4:9e:04:99:29:48:
53:d0:6c:ec:cd:95:d5:2e:6f:68:6d:df:17:39:12:
09:8b:0b:24:37:90:6b:65:b2:45:9d:04:65:fb:cb:
89:b4:d5:77:d5:31:80:74:51:6a:ee:54:49:0f:3b:
2e:42:54:97:35:fa:75:ea:ab:7d:20:27:a3:c7:93:
2e:52:91:77:c3:df:ef:ee:1c:7c:c5:fd:b6:a0:63:
06:8c:4f:d4:8e:c6:24:28:b4:16:d4:25:85:2d:80:
ba:3c:77:fe:4e:65:e4:09:08:ba:07:cd:fc:a8:9c:
d8:fb:0b:af:6b:56:30:c8:83:8f:5b:56:04:cc:e5:
09:9d:12:a9:33:9b:fa:1a:bb:55:cf:ce:0a:c8:ea:
47:b8:e4:08:f8:e8:cf:1f:b4:74:14:7e:6d:fb:cb:
26:90:33:a9:97:ee:3b:82:5a:27:67:e1:14:12:27:
d4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A0:E5:B5:A0:D8:82:12:74:B5:AD:E2:84:C4:2C:35:E2:73:85:99
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/qKDltaDYghJ0ta3ihMQsNeJzhZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.95.0/24
146.19.249.0/24
185.112.251.0/24
185.166.144.0/24
188.93.192.0/21
193.107.13.0/24
193.109.184.0/21
193.163.151.0/24
212.52.23.0/24
IPv6:
2001:b18::/32
2a0b:e740::/29
2a0d:82c0::/29
2a0e:5f00::/29
2a0f:7700::/29
2a0f:8900::/29
2a0f:d300::/29
2a10:ee40::/29
2a11:c00::/29
Signature Algorithm: sha256WithRSAEncryption
43:84:52:3c:3c:cd:81:f7:a9:03:78:5d:00:5d:cb:ef:1e:c4:
41:45:b3:47:4a:59:9e:71:7f:9b:88:28:32:73:4b:16:03:e6:
04:03:6e:70:49:55:ab:80:b7:43:b1:b8:92:53:f6:66:4f:0b:
08:3d:b1:e5:53:76:d4:e0:84:fb:30:6b:3b:6a:cb:05:2e:55:
f7:c8:8b:0e:a2:2b:31:42:6c:e9:29:f8:d8:02:3c:59:9b:21:
7e:6b:5e:f7:73:0b:79:2b:c2:8e:6f:1b:54:f5:8f:0a:d1:cb:
b7:fe:80:8c:e2:33:c3:8e:c8:1e:01:37:d8:8e:c1:2a:27:0a:
56:02:89:1a:0c:c6:7e:5b:a5:29:05:d0:62:2e:74:cf:17:c6:
72:85:e6:a1:48:d7:ec:cc:b6:9f:8d:2e:db:bb:ad:22:2d:24:
f1:a6:83:f9:aa:03:e9:60:51:67:fc:17:c0:6f:df:ae:82:ee:
ad:90:83:83:75:c5:93:fa:00:bd:6a:8f:4e:78:e0:04:be:70:
9e:8f:f9:f9:ef:41:6b:4f:d3:fb:c8:2a:d4:64:45:d0:90:c2:
f1:ca:24:2f:06:90:4a:37:38:9c:54:f8:03:fa:15:3a:c7:92:
a3:f9:e4:30:ab:25:eb:58:3d:9b:20:01:05:3e:99:17:c4:06:
6a:db:67:24
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZDFABJw00NTL7+ngdjUv+/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjQwNzE4MDg0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGEwZTViNWEwZDg4MjEyNzRiNWFkZTI4NGM0MmMzNWUyNzM4NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2R8QbpxQUG9bxjnSZoIaNKnQTHX0
Yz3OxYbFWXlQQD4nI7GQa/Uk1uOJ0qvoUzNk/HHvD/bis7VSdJtlDK9wfr6Pc80F
QEZxobjXl+lXTdUTECCkngSZKUhT0GzszZXVLm9obd8XORIJiwskN5BrZbJFnQRl
+8uJtNV31TGAdFFq7lRJDzsuQlSXNfp16qt9ICejx5MuUpF3w9/v7hx8xf22oGMG
jE/UjsYkKLQW1CWFLYC6PHf+TmXkCQi6B838qJzY+wuva1YwyIOPW1YEzOUJnRKp
M5v6GrtVz84KyOpHuOQI+OjPH7R0FH5t+8smkDOpl+47glonZ+EUEifUUQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFKig5bWg2IISdLWt4oTELDXic4WZMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvcUtEbHRhRFlnaEowdGEzaWhNUXNOZUp6aFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTA8BAIAATA2AwQAkhNf
AwQAkhP5AwQAuXD7AwQAuaaQAwQDvF3AAwQAwWsNAwQDwW24AwQAwaOXAwQA1DQX
MEUEAgACMD8DBQAgAQsYAwUDKgvnQAMFAyoNgsADBQMqDl8AAwUDKg93AAMFAyoP
iQADBQMqD9MAAwUDKhDuQAMFAyoRDAAwDQYJKoZIhvcNAQELBQADggEBAEOEUjw8
zYH3qQN4XQBdy+8exEFFs0dKWZ5xf5uIKDJzSxYD5gQDbnBJVauAt0OxuJJT9mZP
Cwg9seVTdtTghPswaztqywUuVffIiw6iKzFCbOkp+NgCPFmbIX5rXvdzC3krwo5v
G1T1jwrRy7f+gIziM8OOyB4BN9iOwSonClYCiRoMxn5bpSkF0GIudM8XxnKF5qFI
1+zMtp+NLtu7rSItJPGmg/mqA+lgUWf8F8Bv366C7q2Qg4N1xZP6AL1qj0544AS+
cJ6P+fnvQWtP0/vIKtRkRdCQwvHKJC8GkEo3OJxU+AP6FTrHkqP55DCrJetYPZsg
AQU+mRfEBmrbZyQ=
-----END CERTIFICATE-----
Generated at Sat Aug 10 12:53:46 2024 by rpki-client on console-fra.rpki-client.org