Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/QaWzRRpxDy0bsJyivyNkPe2AEaU.roa
File: QaWzRRpxDy0bsJyivyNkPe2AEaU.roa (raw, json)
Hash identifier: LCejlWvsziabzd9pDGgpr482n9n43GB5sNwMlE3LQ5E=
Subject key identifier: 41:A5:B3:45:1A:71:0F:2D:1B:B0:9C:A2:BF:23:64:3D:ED:80:11:A5
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0185CDBE6177F8D9F06E76970CC6447A1852
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/QaWzRRpxDy0bsJyivyNkPe2AEaU.roa
Signing time: Fri 20 Jan 2023 05:54:44 +0000
ROA not before: Fri 20 Jan 2023 05:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 85.8.162.0/23 maxlen: 23
85.8.160.0/23 maxlen: 23
92.249.62.0/23 maxlen: 23
92.249.60.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
84.54.0.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
176.53.158.0/23 maxlen: 23
176.53.156.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 16 Feb 2023 16:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cd:be:61:77:f8:d9:f0:6e:76:97:0c:c6:44:7a:18:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 20 05:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41a5b3451a710f2d1bb09ca2bf23643ded8011a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3a:30:36:f8:72:8e:c3:5d:92:70:d9:e1:87:
a0:35:41:83:0c:0f:a8:00:93:15:75:06:c2:c1:2d:
aa:17:74:c3:15:dd:4f:89:95:03:01:8b:93:38:24:
2b:cc:5a:76:7e:cb:cc:31:1c:f1:19:8c:9b:fe:0f:
ec:f6:88:1a:c2:64:dc:1b:38:cd:9c:cb:e0:64:0b:
ec:7c:a2:a7:20:05:ee:e9:3a:45:9e:4b:31:da:08:
d9:74:d8:29:86:7a:c6:4c:9f:30:04:c2:4f:6d:02:
f9:53:69:12:76:1b:09:26:02:bd:16:83:cb:e8:c5:
65:40:57:e7:ca:74:14:93:3d:b5:88:96:b9:1b:47:
6e:2e:ad:39:5a:b1:e3:5b:fb:f0:5b:53:a7:37:f1:
b8:b1:60:30:09:8b:68:e5:ed:10:19:35:92:0f:c3:
b1:e5:47:5c:bc:2d:e0:b2:af:2c:1d:c8:4f:1c:e2:
2c:b7:fd:b1:e1:51:b2:9f:37:de:ec:31:30:b6:3a:
b0:15:23:1d:0f:b1:aa:0b:cf:87:8e:fa:ea:30:03:
52:98:e3:ec:dc:e7:f5:69:bd:5e:70:72:eb:10:1a:
5c:58:d7:ee:4f:cc:fe:66:c5:1c:5e:45:4d:e6:cf:
e6:7d:8d:d9:0a:bc:25:6f:24:66:d3:fd:cc:5d:43:
be:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A5:B3:45:1A:71:0F:2D:1B:B0:9C:A2:BF:23:64:3D:ED:80:11:A5
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/QaWzRRpxDy0bsJyivyNkPe2AEaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.0.0/22
85.8.144.0/22
85.8.160.0/22
92.249.60.0/22
176.53.156.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:b0:c2:74:ae:3d:43:1a:ee:88:24:34:8c:97:98:ac:cb:03:
e3:89:ec:fb:bf:24:fe:8e:6b:44:10:89:e9:fd:06:1d:6d:8d:
98:95:35:50:26:e2:e0:80:46:8d:ce:b2:9b:b4:cd:82:1b:d4:
89:39:ef:6c:d9:44:98:b4:36:df:03:f2:9c:58:fc:36:de:f8:
85:26:de:ae:36:98:13:91:6e:9f:b7:23:08:d3:a1:99:60:b8:
72:32:b8:b2:b9:82:95:ee:43:8d:96:c3:fa:0e:14:7c:cd:98:
ec:22:d6:9b:a5:55:72:4b:e3:3c:f8:df:c0:a7:35:2e:a2:19:
26:06:c3:d9:34:dd:8a:7f:fb:86:81:60:db:ee:31:47:50:c1:
61:59:30:75:50:35:b3:53:95:c9:9f:f3:06:b8:54:18:72:cc:
00:fb:a6:5c:cc:d2:67:07:c4:27:4a:0c:23:bb:33:33:22:e1:
fd:20:4b:d1:31:d5:ef:ce:09:78:a5:dd:c7:16:4e:56:2c:51:
57:7e:b2:8c:32:5c:64:7f:10:bc:3a:da:dc:51:3a:a9:cf:ba:
f0:69:73:70:35:ea:60:4a:38:c7:cb:11:e8:67:5e:00:cb:e8:
4b:12:af:69:c1:e5:44:6a:34:35:05:6b:15:5f:df:3f:d4:e7:
e3:8a:96:dd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYXNvmF3+NnwbnaXDMZEehhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMTIwMDU1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE1YjM0NTFhNzEwZjJkMWJiMDljYTJiZjIzNjQzZGVkODAxMWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDowNvhyjsNdknDZ4YegNUGDDA+o
AJMVdQbCwS2qF3TDFd1PiZUDAYuTOCQrzFp2fsvMMRzxGYyb/g/s9ogawmTcGzjN
nMvgZAvsfKKnIAXu6TpFnksx2gjZdNgphnrGTJ8wBMJPbQL5U2kSdhsJJgK9FoPL
6MVlQFfnynQUkz21iJa5G0duLq05WrHjW/vwW1OnN/G4sWAwCYto5e0QGTWSD8Ox
5UdcvC3gsq8sHchPHOIst/2x4VGynzfe7DEwtjqwFSMdD7GqC8+HjvrqMANSmOPs
3Of1ab1ecHLrEBpcWNfuT8z+ZsUcXkVN5s/mfY3ZCrwlbyRm0/3MXUO++wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEGls0UacQ8tG7Ccor8jZD3tgBGlMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvUWFXelJScHhEeTBic0p5aXZ5TmtQZTJBRWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVDYAAwQC
VQiQAwQCVQigAwQCXPk8AwQCsDWcMA0GCSqGSIb3DQEBCwUAA4IBAQA8sMJ0rj1D
Gu6IJDSMl5isywPjiez7vyT+jmtEEInp/QYdbY2YlTVQJuLggEaNzrKbtM2CG9SJ
Oe9s2USYtDbfA/KcWPw23viFJt6uNpgTkW6ftyMI06GZYLhyMriyuYKV7kONlsP6
DhR8zZjsItabpVVyS+M8+N/ApzUuohkmBsPZNN2Kf/uGgWDb7jFHUMFhWTB1UDWz
U5XJn/MGuFQYcswA+6ZczNJnB8QnSgwjuzMzIuH9IEvRMdXvzgl4pd3HFk5WLFFX
frKMMlxkfxC8OtrcUTqpz7rwaXNwNepgSjjHyxHoZ14Ay+hLEq9pweVEajQ1BWsV
X98/1Ofjipbd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org