Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Q8WF20k6JPzq1aXJV7TJT8b01qs.roa
File: Q8WF20k6JPzq1aXJV7TJT8b01qs.roa (raw, json)
Hash identifier: fcekoYG+YBiyeKK42k/qWYbv7MmKiOFPl0HKbztjK/o=
Subject key identifier: 43:C5:85:DB:49:3A:24:FC:EA:D5:A5:C9:57:B4:C9:4F:C6:F4:D6:AB
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018697A6F0CF68000C9EDBE7DDF85D5A9496
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Q8WF20k6JPzq1aXJV7TJT8b01qs.roa
Signing time: Tue 28 Feb 2023 10:52:25 +0000
ROA not before: Tue 28 Feb 2023 10:52:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29262
IP address blocks: 193.38.44.0/23 maxlen: 23
194.56.186.0/23 maxlen: 23
193.38.46.0/23 maxlen: 23
85.235.74.0/23 maxlen: 23
85.235.72.0/23 maxlen: 23
139.28.35.0/24 maxlen: 24
139.28.34.0/24 maxlen: 24
139.28.33.0/24 maxlen: 24
139.28.32.0/24 maxlen: 24
194.169.94.0/23 maxlen: 23
194.169.92.0/23 maxlen: 23
83.171.244.0/22 maxlen: 22
37.221.78.0/23 maxlen: 23
185.254.54.0/24 maxlen: 24
185.254.55.0/24 maxlen: 24
141.98.50.0/24 maxlen: 24
188.119.68.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 28 Feb 2023 12:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:a6:f0:cf:68:00:0c:9e:db:e7:dd:f8:5d:5a:94:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Feb 28 10:52:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43c585db493a24fcead5a5c957b4c94fc6f4d6ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:40:6c:6e:22:ee:47:7a:89:0c:3b:14:54:38:
15:da:8f:39:97:9f:97:97:e8:11:86:31:b1:da:3f:
c8:95:4f:03:89:2f:6b:f0:f6:74:fb:0b:de:c3:51:
3c:45:da:9b:92:f9:96:b2:3d:79:d4:11:05:95:ff:
24:c5:7f:4d:a1:79:77:54:71:64:77:88:c1:ba:7b:
da:95:cc:a8:77:ac:24:d6:3a:d5:ad:2a:7c:ac:e4:
d0:88:d9:4d:9c:e4:c1:a7:01:3d:b3:3b:dd:fe:b4:
24:81:35:8b:5f:8d:11:34:07:c3:fe:98:a7:eb:46:
dc:b8:2d:67:31:39:71:c5:5f:cf:81:0f:c3:22:2e:
cf:dd:cc:48:44:3a:2a:d5:f6:26:2d:a1:42:73:dd:
bb:53:4f:f6:42:79:cc:69:e9:e9:4f:03:f0:04:1f:
fa:94:8a:3f:5f:6c:3b:11:74:6d:3d:07:cb:f6:4e:
a5:26:4e:21:26:0f:9e:92:b4:98:91:b6:e3:29:81:
96:85:80:30:bb:76:cd:f4:58:c0:95:e0:67:f3:eb:
b2:d0:a2:b1:e1:50:7f:3b:d7:82:e1:9c:b5:24:44:
67:0a:ef:aa:f1:2f:6d:2f:45:a8:f9:2a:2a:7d:b6:
48:c5:06:d9:b1:1e:d2:14:d7:ea:a9:df:8b:4c:a6:
c3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C5:85:DB:49:3A:24:FC:EA:D5:A5:C9:57:B4:C9:4F:C6:F4:D6:AB
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/Q8WF20k6JPzq1aXJV7TJT8b01qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.78.0/23
83.171.244.0/22
85.235.72.0/22
139.28.32.0/22
141.98.50.0/24
185.254.54.0/23
188.119.68.0/22
193.38.44.0/22
193.187.140.0/22
194.56.186.0/23
194.169.92.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:1c:ad:cb:44:f7:34:d1:bc:98:05:d7:30:fc:ba:0a:d0:61:
1e:1b:57:b6:2a:f5:e5:24:84:38:fd:c2:e2:06:fe:20:1e:5c:
98:e3:15:b6:c2:ac:c8:8c:70:5d:25:82:d6:a7:6b:12:8c:c2:
6f:7b:fe:cf:02:5a:05:85:dd:05:62:36:52:dc:d4:41:51:dd:
03:3e:c5:e2:20:0a:25:38:99:e9:70:b2:02:02:6f:4d:90:00:
c3:b8:67:d2:fb:41:b6:78:97:a3:a4:de:ce:04:f8:ca:04:a3:
2a:d1:ae:e9:0b:de:eb:26:f0:f1:bf:50:05:91:5b:44:88:ad:
bc:d1:38:af:91:58:5d:10:33:77:32:ae:57:bb:09:82:d5:fd:
68:f7:21:52:17:b0:1a:4f:8b:7f:4c:97:d9:9b:bc:bb:6d:71:
f9:e7:66:fb:cc:10:58:ec:9d:f9:9e:39:39:1b:17:bf:1b:a9:
b2:f2:f7:88:a6:88:0c:ce:b4:d3:de:07:5d:84:06:f2:1f:fc:
b0:d3:b4:55:ea:d2:7a:77:00:de:3f:98:61:36:b9:fb:6e:64:
91:95:c6:59:84:23:9e:6a:32:53:17:65:c3:3a:44:7e:85:40:
2b:f0:81:84:8e:3a:93:4c:01:cd:34:31:b2:c3:3c:da:a5:7a:
22:68:80:a7
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYaXpvDPaAAMntvn3fhdWpSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMjI4MTA1MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2M1ODVkYjQ5M2EyNGZjZWFkNWE1Yzk1N2I0Yzk0ZmM2ZjRkNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kBsbiLuR3qJDDsUVDgV2o85l5+X
l+gRhjGx2j/IlU8DiS9r8PZ0+wvew1E8RdqbkvmWsj151BEFlf8kxX9NoXl3VHFk
d4jBunvalcyod6wk1jrVrSp8rOTQiNlNnOTBpwE9szvd/rQkgTWLX40RNAfD/pin
60bcuC1nMTlxxV/PgQ/DIi7P3cxIRDoq1fYmLaFCc927U0/2QnnMaenpTwPwBB/6
lIo/X2w7EXRtPQfL9k6lJk4hJg+ekrSYkbbjKYGWhYAwu3bN9FjAleBn8+uy0KKx
4VB/O9eC4Zy1JERnCu+q8S9tL0Wo+SoqfbZIxQbZsR7SFNfqqd+LTKbDsQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEPFhdtJOiT86tWlyVe0yU/G9NarMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvUThXRjIwazZKUHpxMWFYSlY3VEpUOGIwMXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBJd1OAwQC
U6v0AwQCVetIAwQCixwgAwQAjWIyAwQBuf42AwQCvHdEAwQCwSYsAwQCwbuMAwQB
wji6AwQCwqlcMA0GCSqGSIb3DQEBCwUAA4IBAQA8HK3LRPc00byYBdcw/LoK0GEe
G1e2KvXlJIQ4/cLiBv4gHlyY4xW2wqzIjHBdJYLWp2sSjMJve/7PAloFhd0FYjZS
3NRBUd0DPsXiIAolOJnpcLICAm9NkADDuGfS+0G2eJejpN7OBPjKBKMq0a7pC97r
JvDxv1AFkVtEiK280TivkVhdEDN3Mq5XuwmC1f1o9yFSF7AaT4t/TJfZm7y7bXH5
52b7zBBY7J35njk5Gxe/G6my8veIpogMzrTT3gddhAbyH/yw07RV6tJ6dwDeP5hh
Nrn7bmSRlcZZhCOeajJTF2XDOkR+hUAr8IGEjjqTTAHNNDGywzzapXoiaICn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org