Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/5K-QwXW4UK3oopCLzTkD_qAliio.roa
File: 5K-QwXW4UK3oopCLzTkD_qAliio.roa (raw, json)
Hash identifier: OBnRIEp9qFVkFZO75VeIvMusS5X0pF0HyBUuifyujnY=
Subject key identifier: E4:AF:90:C1:75:B8:50:AD:E8:A2:90:8B:CD:39:03:FE:A0:25:8A:2A
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 01862AEBEB788525E9EA4CA16102C4892E11
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/5K-QwXW4UK3oopCLzTkD_qAliio.roa
Signing time: Tue 07 Feb 2023 08:09:09 +0000
ROA not before: Tue 07 Feb 2023 08:09:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201011
IP address blocks: 83.142.80.0/21 maxlen: 21
82.199.147.0/24 maxlen: 24
82.199.148.0/24 maxlen: 24
82.199.149.0/24 maxlen: 24
82.199.153.0/24 maxlen: 24
195.138.249.0/24 maxlen: 24
195.138.250.0/24 maxlen: 24
82.199.157.0/24 maxlen: 24
82.199.158.0/24 maxlen: 24
82.199.159.0/24 maxlen: 24
195.138.248.0/21 maxlen: 21
31.7.177.0/24 maxlen: 24
31.7.176.0/20 maxlen: 24
185.89.36.0/22 maxlen: 22
92.43.104.0/21 maxlen: 24
2.59.28.0/22 maxlen: 22
80.255.0.0/20 maxlen: 20
81.95.0.0/20 maxlen: 24
82.199.128.0/24 maxlen: 24
82.199.128.0/19 maxlen: 24
82.199.130.0/24 maxlen: 24
82.199.131.0/24 maxlen: 24
82.199.138.0/24 maxlen: 24
82.199.141.0/24 maxlen: 24
5.56.16.0/21 maxlen: 21
193.104.251.0/24 maxlen: 24
2a01:4a0:47::/48 maxlen: 48
2a01:4a0:42::/48 maxlen: 48
2a0b:76c0::/29 maxlen: 29
2a01:4a0:38::/48 maxlen: 48
2a09:ee40::/29 maxlen: 29
2a01:4a0:56::/48 maxlen: 48
2a01:4a0:30::/48 maxlen: 48
2a01:4a0:50::/48 maxlen: 48
2a01:4a0:e::/48 maxlen: 48
2a01:4a0::/29 maxlen: 48
2a01:4a0:17::/48 maxlen: 48
2a05:d4c0::/29 maxlen: 29
2a01:4a0:48::/48 maxlen: 48
2a01:4a0:b::/48 maxlen: 48
2a01:4a0:46::/48 maxlen: 48
2a01:4a0:45::/48 maxlen: 48
2a06:7ec0::/29 maxlen: 29
2a01:4a0:43::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2a:eb:eb:78:85:25:e9:ea:4c:a1:61:02:c4:89:2e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Feb 7 08:09:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4af90c175b850ade8a2908bcd3903fea0258a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fa:f0:7b:a3:97:2a:c7:b9:b8:3b:2e:bc:3d:
ef:fd:6d:90:51:c5:15:4f:37:9e:a1:b9:ed:f4:60:
35:06:73:8f:f9:b0:48:59:f2:2b:0b:82:ef:41:f2:
42:0d:e1:c6:b6:f1:25:88:28:31:23:31:15:1a:10:
36:8a:45:cb:0f:b0:40:b6:cb:09:7f:1a:7a:19:96:
88:0d:88:f2:6e:b5:c8:6d:ce:22:0b:3f:59:70:d4:
1c:f4:f6:7b:d8:d9:86:7d:3e:78:b2:ce:dd:6f:6d:
0c:17:27:a6:01:29:ba:a3:93:ec:4e:49:cb:29:49:
88:8e:c5:33:8a:de:1d:96:ca:aa:1b:8a:43:1e:42:
fa:8f:e1:12:b3:f3:e2:96:5d:47:3f:c3:a8:8f:5e:
60:88:66:f2:c6:72:c3:da:d3:7c:90:4d:80:63:f9:
47:bb:ff:85:f2:a0:e1:61:3c:2f:06:30:57:9e:83:
c5:90:1b:75:e0:f7:e9:54:cf:89:00:11:6c:dd:b3:
30:d6:b6:3c:00:ce:b5:df:77:3d:d1:63:d8:e9:17:
8d:db:21:91:14:11:1d:44:8e:01:7e:5d:93:45:50:
2d:5c:59:51:a8:94:eb:08:04:9b:84:a6:86:e2:a7:
92:eb:fa:7c:11:42:d1:9b:93:f2:63:14:3e:33:6d:
df:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AF:90:C1:75:B8:50:AD:E8:A2:90:8B:CD:39:03:FE:A0:25:8A:2A
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/5K-QwXW4UK3oopCLzTkD_qAliio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.28.0/22
5.56.16.0/21
31.7.176.0/20
80.255.0.0/20
81.95.0.0/20
82.199.128.0/19
83.142.80.0/21
92.43.104.0/21
185.89.36.0/22
193.104.251.0/24
195.138.248.0/21
IPv6:
2a01:4a0::/29
2a05:d4c0::/29
2a06:7ec0::/29
2a09:ee40::/29
2a0b:76c0::/29
Signature Algorithm: sha256WithRSAEncryption
72:d2:37:d7:b1:ca:da:38:46:d3:b6:8b:f0:b8:54:2a:4c:94:
bc:57:14:1d:b1:6a:2c:6a:0d:a7:49:e7:f5:14:55:dc:31:79:
84:e6:43:9d:df:d5:36:eb:32:44:85:4c:67:31:3e:e4:7d:7b:
b5:96:9a:1a:8c:53:9f:e1:08:16:fb:7c:b9:3e:8f:99:f0:3e:
36:a3:79:09:ee:b8:d5:58:9a:c2:66:c3:e6:ab:9e:12:2f:b6:
52:19:67:88:17:44:4b:80:16:4e:64:47:04:20:f2:68:ae:f0:
b1:99:4f:96:37:1c:78:46:ed:ee:1e:03:b1:bf:57:ac:a5:f8:
92:50:4f:23:54:e4:f6:14:15:9b:6f:eb:1a:4b:6b:ed:c9:da:
9f:86:00:19:16:23:ee:5a:5d:3c:dd:12:ac:c5:46:d5:1f:f8:
a1:ac:f5:76:e2:16:c1:f1:cd:d9:78:de:90:22:ea:d3:f6:6d:
9a:ba:ea:ed:31:56:43:a9:f4:df:3d:b3:9a:d5:ff:20:bf:b2:
76:c4:ff:71:c7:88:7d:07:02:3f:14:79:c7:fe:96:67:f9:cc:
ca:2c:67:c0:fd:4a:70:b5:bf:37:f4:4f:96:28:7f:47:35:e2:
32:22:3d:79:42:bd:ef:20:70:b1:e9:76:85:39:a3:5e:f1:87:
d1:8f:8b:8b
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYYq6+t4hSXp6kyhYQLEiS4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjMwMjA3MDgwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGFmOTBjMTc1Yjg1MGFkZThhMjkwOGJjZDM5MDNmZWEwMjU4YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifrwe6OXKse5uDsuvD3v/W2QUcUV
Tzeeobnt9GA1BnOP+bBIWfIrC4LvQfJCDeHGtvEliCgxIzEVGhA2ikXLD7BAtssJ
fxp6GZaIDYjybrXIbc4iCz9ZcNQc9PZ72NmGfT54ss7db20MFyemASm6o5PsTknL
KUmIjsUzit4dlsqqG4pDHkL6j+ESs/Pill1HP8Ooj15giGbyxnLD2tN8kE2AY/lH
u/+F8qDhYTwvBjBXnoPFkBt14PfpVM+JABFs3bMw1rY8AM6133c90WPY6ReN2yGR
FBEdRI4Bfl2TRVAtXFlRqJTrCASbhKaG4qeS6/p8EULRm5PyYxQ+M23fvwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFOSvkMF1uFCt6KKQi805A/6gJYoqMB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvNUstUXdYVzRVSzNvb3BDTHpUa0RfcUFsaWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwSAQCAAEwQgMEAgI7HAME
AwU4EAMEBB8HsAMEBFD/AAMEBFFfAAMEBVLHgAMEA1OOUAMEA1wraAMEArlZJAME
AMFo+wMEA8OK+DApBAIAAjAjAwUDKgEEoAMFAyoF1MADBQMqBn7AAwUDKgnuQAMF
AyoLdsAwDQYJKoZIhvcNAQELBQADggEBAHLSN9exyto4RtO2i/C4VCpMlLxXFB2x
aixqDadJ5/UUVdwxeYTmQ53f1TbrMkSFTGcxPuR9e7WWmhqMU5/hCBb7fLk+j5nw
PjajeQnuuNVYmsJmw+arnhIvtlIZZ4gXREuAFk5kRwQg8miu8LGZT5Y3HHhG7e4e
A7G/V6yl+JJQTyNU5PYUFZtv6xpLa+3J2p+GABkWI+5aXTzdEqzFRtUf+KGs9Xbi
FsHxzdl43pAi6tP2bZq66u0xVkOp9N89s5rV/yC/snbE/3HHiH0HAj8Uecf+lmf5
zMosZ8D9SnC1vzf0T5Yof0c14jIiPXlCve8gcLHpdoU5o17xh9GPi4s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:40 2024 by rpki-client on console-ams.rpki-client.org