Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Q0td2AIDH9JvZXcJcVwNhDKguR0.roa
File: Q0td2AIDH9JvZXcJcVwNhDKguR0.roa (raw, json)
Hash identifier: SxLaJpeu3bsWlmKFBsyyu9tBjmJRz6t/qeDx41QF0mA=
Subject key identifier: 43:4B:5D:D8:02:03:1F:D2:6F:65:77:09:71:5C:0D:84:32:A0:B9:1D
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0189A388077D5A4B6908A0A2C240479483E0
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Q0td2AIDH9JvZXcJcVwNhDKguR0.roa
Signing time: Sat 29 Jul 2023 21:22:28 +0000
ROA not before: Sat 29 Jul 2023 21:22:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 62.182.32.0/22 maxlen: 22
193.38.44.0/22 maxlen: 22
139.28.240.0/22 maxlen: 22
85.235.72.0/22 maxlen: 22
193.32.204.0/22 maxlen: 22
77.241.72.0/22 maxlen: 22
84.54.0.0/22 maxlen: 22
176.53.156.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
139.28.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 01 Aug 2023 20:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a3:88:07:7d:5a:4b:69:08:a0:a2:c2:40:47:94:83:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jul 29 21:22:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=434b5dd802031fd26f657709715c0d8432a0b91d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:42:5f:bc:0e:09:e9:d8:63:21:99:d5:84:21:
9c:7a:37:7c:23:f9:53:0b:71:f0:5c:ed:ed:08:ea:
ef:97:57:64:76:4f:64:5d:b1:46:4b:26:31:be:4a:
c9:2c:ab:22:bd:2a:6a:11:71:3b:62:01:fc:ae:f6:
b3:af:86:fb:af:b0:d7:e0:2e:4a:69:67:dd:44:4a:
9a:e6:6b:dc:b9:8f:b3:6c:b4:97:b2:fa:25:64:3d:
0e:d7:0e:76:9c:69:11:34:6d:e1:e8:03:d9:f0:f2:
8b:98:1f:6c:ea:ce:13:0a:71:6b:f6:da:c9:46:1c:
12:ee:26:ff:ee:b6:71:68:54:13:8c:80:27:81:6c:
73:38:46:4c:43:25:1d:fe:99:b3:71:8b:e6:4c:db:
68:a7:05:2b:5f:c8:4e:55:92:f8:95:2a:b0:89:a5:
a9:70:46:4b:06:02:b6:80:78:ad:1b:d2:8a:62:9a:
41:31:f4:a9:7c:35:58:ed:20:75:27:b6:12:19:32:
9c:b7:c5:3e:9a:31:8b:f7:1f:13:8d:37:58:52:ed:
26:d8:3a:83:0d:2e:43:57:1e:34:56:c3:77:eb:92:
3a:dc:ad:b6:6d:5f:c0:35:5f:42:39:f5:6f:93:d6:
e7:eb:60:e6:db:05:fb:74:d9:1d:8f:9e:63:41:30:
bc:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:4B:5D:D8:02:03:1F:D2:6F:65:77:09:71:5C:0D:84:32:A0:B9:1D
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Q0td2AIDH9JvZXcJcVwNhDKguR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.32.0/22
77.241.72.0/22
84.54.0.0/22
85.235.72.0/22
139.28.212.0/22
139.28.240.0/22
176.53.156.0/22
193.32.204.0/22
193.38.44.0/22
212.87.196.0/22
Signature Algorithm: sha256WithRSAEncryption
c4:0c:98:31:04:12:38:c5:0e:18:82:c1:cb:56:91:1f:39:e1:
c2:f0:93:da:1f:94:b6:c3:4e:50:5f:50:18:fe:1d:7c:a3:4e:
79:0c:b9:a7:87:87:1b:5c:51:c2:6c:e6:b3:50:8f:e8:7b:4f:
68:26:8c:07:54:2c:6f:f2:39:d3:eb:60:5c:39:2d:68:a4:d2:
50:43:8a:78:2c:b1:65:a2:88:c8:99:4e:40:e5:8e:ab:86:11:
0c:c6:3e:b2:67:35:58:c6:79:95:fe:02:fa:24:02:7f:ed:eb:
29:b1:27:d9:e2:af:34:17:0e:4f:8e:21:be:bb:bb:c2:c6:95:
cc:42:b5:91:96:a0:7f:4f:0b:be:fa:50:a3:e8:cc:8e:46:01:
99:4b:ee:2e:5e:fd:ca:a0:bc:c5:d2:83:b9:61:12:b0:3b:c4:
f3:34:cc:f9:31:3a:7e:57:0d:34:f0:11:a1:2a:b2:de:65:9b:
f6:13:8c:ec:7e:59:9e:7e:99:b5:f5:da:df:11:04:e1:1c:59:
e0:c5:7b:99:44:b9:de:28:b7:23:f1:7f:30:45:87:1a:c9:b5:
bf:96:5b:38:5f:c0:a0:b4:f9:eb:5c:52:c3:ea:5a:34:46:6f:
8b:1c:ad:ed:70:82:ce:d9:dd:c0:69:7d:39:b9:ef:96:d4:74:
34:6f:82:0c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYmjiAd9WktpCKCiwkBHlIPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwNzI5MjEyMjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzRiNWRkODAyMDMxZmQyNmY2NTc3MDk3MTVjMGQ4NDMyYTBiOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUJfvA4J6dhjIZnVhCGcejd8I/lT
C3HwXO3tCOrvl1dkdk9kXbFGSyYxvkrJLKsivSpqEXE7YgH8rvazr4b7r7DX4C5K
aWfdREqa5mvcuY+zbLSXsvolZD0O1w52nGkRNG3h6APZ8PKLmB9s6s4TCnFr9trJ
RhwS7ib/7rZxaFQTjIAngWxzOEZMQyUd/pmzcYvmTNtopwUrX8hOVZL4lSqwiaWp
cEZLBgK2gHitG9KKYppBMfSpfDVY7SB1J7YSGTKct8U+mjGL9x8TjTdYUu0m2DqD
DS5DVx40VsN365I63K22bV/ANV9COfVvk9bn62Dm2wX7dNkdj55jQTC8IQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFENLXdgCAx/Sb2V3CXFcDYQyoLkdMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvUTB0ZDJBSURIOUp2WlhjSmNWd05oREtndVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCPrYgAwQC
TfFIAwQCVDYAAwQCVetIAwQCixzUAwQCixzwAwQCsDWcAwQCwSDMAwQCwSYsAwQC
1FfEMA0GCSqGSIb3DQEBCwUAA4IBAQDEDJgxBBI4xQ4YgsHLVpEfOeHC8JPaH5S2
w05QX1AY/h18o055DLmnh4cbXFHCbOazUI/oe09oJowHVCxv8jnT62BcOS1opNJQ
Q4p4LLFloojImU5A5Y6rhhEMxj6yZzVYxnmV/gL6JAJ/7espsSfZ4q80Fw5PjiG+
u7vCxpXMQrWRlqB/Twu++lCj6MyORgGZS+4uXv3KoLzF0oO5YRKwO8TzNMz5MTp+
Vw008BGhKrLeZZv2E4zsflmefpm19drfEQThHFngxXuZRLneKLcj8X8wRYcaybW/
lls4X8CgtPnrXFLD6lo0Rm+LHK3tcILO2d3AaX05ue+W1HQ0b4IM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org