Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/qKnwHJNRKsRdOtjQbxPXxBJUM-0.roa
File: qKnwHJNRKsRdOtjQbxPXxBJUM-0.roa (raw, json)
Hash identifier: vTmyGsaUugCVFR21c0fqVnDBxPthZQ/Fpo3IuwpKa6A=
Subject key identifier: A8:A9:F0:1C:93:51:2A:C4:5D:3A:D8:D0:6F:13:D7:C4:12:54:33:ED
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018C74668AE431065B66E86E22050A482AB1
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/qKnwHJNRKsRdOtjQbxPXxBJUM-0.roa
Signing time: Sat 16 Dec 2023 20:52:06 +0000
ROA not before: Sat 16 Dec 2023 20:52:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 85.8.160.0/22 maxlen: 22
217.18.208.0/22 maxlen: 22
5.133.100.0/22 maxlen: 22
31.40.204.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
194.169.92.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
37.221.76.0/22 maxlen: 22
193.32.184.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
176.53.156.0/22 maxlen: 22
194.93.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:74:66:8a:e4:31:06:5b:66:e8:6e:22:05:0a:48:2a:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Dec 16 20:52:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8a9f01c93512ac45d3ad8d06f13d7c4125433ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:32:6b:f9:ef:57:ef:c8:b0:ee:f9:bb:5c:9d:
ad:6c:70:92:21:f6:c6:af:c8:d9:6e:5a:f2:48:13:
b2:53:7e:20:03:25:2c:9d:5f:33:83:76:78:cd:c2:
59:fb:0b:e9:db:39:9d:69:74:ce:a9:ad:17:8f:3b:
cc:53:19:cb:84:1c:9f:14:8e:6c:00:ad:48:c3:9e:
5a:ed:72:40:00:2d:bd:d1:fa:d2:b5:0d:a1:6e:52:
4b:e4:e7:da:05:5a:3e:a5:80:86:e2:dc:cb:6e:05:
4c:fc:4d:33:47:0a:2b:a7:44:4b:6a:86:ba:15:cf:
0c:79:ed:75:aa:1f:24:a3:ba:76:78:19:10:47:b9:
52:2b:c4:f1:e5:4d:dc:a4:82:22:90:22:02:21:d7:
65:cd:8f:35:9b:ef:9e:65:72:d6:e3:d3:c6:f1:fa:
7e:52:c7:14:bb:81:8b:14:6d:87:a8:ff:e7:c8:25:
ce:78:72:89:c3:9a:32:ec:f9:92:39:2a:03:ee:4b:
2b:a8:9d:77:e1:42:c4:5d:f1:3b:6f:06:c3:41:d6:
8a:49:f6:c7:6a:b8:c3:b6:2f:2f:fe:d0:d1:e9:6d:
e9:86:31:b9:61:88:0b:9e:da:b4:16:c4:fc:e3:06:
68:44:a1:66:f0:68:1a:5d:36:33:57:4e:bd:bd:d8:
ee:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A9:F0:1C:93:51:2A:C4:5D:3A:D8:D0:6F:13:D7:C4:12:54:33:ED
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/qKnwHJNRKsRdOtjQbxPXxBJUM-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/22
31.40.204.0/22
37.221.76.0/22
83.171.244.0/22
85.8.160.0/22
92.249.60.0/22
176.53.156.0/22
188.119.68.0/22
193.32.184.0/22
194.93.60.0/22
194.169.92.0/22
212.87.196.0/22
212.107.4.0/22
217.18.208.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:ab:fe:cf:04:30:fb:f0:60:e6:31:4b:63:c8:ae:2f:93:11:
e2:c4:ca:79:2a:28:c2:c7:f8:10:94:46:9c:38:79:f9:58:4a:
05:e0:1a:71:c7:8b:49:97:e8:1a:3b:d0:3e:f8:91:7d:d2:f1:
0d:32:a9:b2:ca:72:78:b4:f1:3f:81:52:3d:fa:85:40:b1:de:
5c:29:02:88:33:d5:5d:95:77:e8:06:61:8e:4b:fa:13:73:c9:
43:9e:70:73:cc:53:f4:de:14:ee:0c:1a:05:4b:27:2b:7b:41:
2d:c2:68:cb:c9:c2:00:11:e3:62:1e:b9:00:91:c2:12:54:37:
e6:1f:07:78:d6:bf:39:e4:60:36:39:97:ae:b0:82:b1:f9:b5:
fc:15:27:2e:e9:e4:c0:5a:0c:68:47:89:1a:be:2f:c2:e4:54:
70:31:d5:cf:dd:df:71:9d:c5:2d:64:bb:ae:15:be:a4:3e:a3:
4f:bb:b5:80:02:91:0c:cb:cb:c1:72:68:75:85:09:d6:c8:87:
dd:99:7a:5b:e4:d9:4b:8e:d0:f5:55:b8:1e:da:e7:4b:1a:c1:
1b:2a:93:a4:ac:61:c7:79:f0:62:ca:f0:d7:1e:13:2d:ef:a4:
02:89:af:75:f0:44:8d:d7:ac:d5:15:33:d6:2f:fa:7f:d9:97:
40:8a:ed:25
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYx0ZorkMQZbZuhuIgUKSCqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMxMjE2MjA1MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE5ZjAxYzkzNTEyYWM0NWQzYWQ4ZDA2ZjEzZDdjNDEyNTQzM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjJr+e9X78iw7vm7XJ2tbHCSIfbG
r8jZblrySBOyU34gAyUsnV8zg3Z4zcJZ+wvp2zmdaXTOqa0XjzvMUxnLhByfFI5s
AK1Iw55a7XJAAC290frStQ2hblJL5OfaBVo+pYCG4tzLbgVM/E0zRworp0RLaoa6
Fc8Mee11qh8ko7p2eBkQR7lSK8Tx5U3cpIIikCICIddlzY81m++eZXLW49PG8fp+
UscUu4GLFG2HqP/nyCXOeHKJw5oy7PmSOSoD7ksrqJ134ULEXfE7bwbDQdaKSfbH
arjDti8v/tDR6W3phjG5YYgLntq0FsT84wZoRKFm8GgaXTYzV069vdjuKQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKip8ByTUSrEXTrY0G8T18QSVDPtMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvcUtud0hKTlJLc1JkT3RqUWJ4UFh4QkpVTS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCBYVkAwQC
HyjMAwQCJd1MAwQCU6v0AwQCVQigAwQCXPk8AwQCsDWcAwQCvHdEAwQCwSC4AwQC
wl08AwQCwqlcAwQC1FfEAwQC1GsEAwQC2RLQMA0GCSqGSIb3DQEBCwUAA4IBAQDT
q/7PBDD78GDmMUtjyK4vkxHixMp5KijCx/gQlEacOHn5WEoF4Bpxx4tJl+gaO9A+
+JF90vENMqmyynJ4tPE/gVI9+oVAsd5cKQKIM9VdlXfoBmGOS/oTc8lDnnBzzFP0
3hTuDBoFSycre0EtwmjLycIAEeNiHrkAkcISVDfmHwd41r855GA2OZeusIKx+bX8
FScu6eTAWgxoR4kavi/C5FRwMdXP3d9xncUtZLuuFb6kPqNPu7WAApEMy8vBcmh1
hQnWyIfdmXpb5NlLjtD1Vbge2udLGsEbKpOkrGHHefBiyvDXHhMt76QCia918ESN
16zVFTPWL/p/2ZdAiu0l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org