Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/QHCBk8ZZZ75mMbQgUoVejTT8GSQ.roa
File: QHCBk8ZZZ75mMbQgUoVejTT8GSQ.roa (raw, json)
Hash identifier: YqKXto9r4I25XHrl4EBJXmbLWs+n+DMR6e7KW9ws2oo=
Subject key identifier: 40:70:81:93:C6:59:67:BE:66:31:B4:20:52:85:5E:8D:34:FC:19:24
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 0185708C8FB358CE5C3B79AB22CB94C01B24
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/QHCBk8ZZZ75mMbQgUoVejTT8GSQ.roa
Signing time: Mon 02 Jan 2023 03:35:37 +0000
ROA not before: Mon 02 Jan 2023 03:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35280
IP address blocks: 185.94.142.0/23 maxlen: 24
185.94.141.0/24 maxlen: 24
185.94.140.0/22 maxlen: 22
185.94.140.0/23 maxlen: 24
185.94.140.0/24 maxlen: 24
84.54.60.0/22 maxlen: 24
185.160.10.0/23 maxlen: 24
185.160.9.0/24 maxlen: 24
185.160.8.0/23 maxlen: 24
193.16.221.0/24 maxlen: 24
5.182.212.0/22 maxlen: 24
193.16.236.0/24 maxlen: 24
185.56.152.0/24 maxlen: 24
185.56.154.0/23 maxlen: 24
193.16.213.0/24 maxlen: 24
2a05:f440::/29 maxlen: 48
2a07:b7c0::/29 maxlen: 29
2a02:53a0::/32 maxlen: 32
2a09:4b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:8f:b3:58:ce:5c:3b:79:ab:22:cb:94:c0:1b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Jan 2 03:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40708193c65967be6631b42052855e8d34fc1924
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ea:14:66:2e:3e:6f:40:4d:6b:42:fa:56:91:
d5:a6:7d:13:b9:4e:8a:58:82:8e:7f:c1:a6:22:5e:
29:25:ed:d4:81:13:ba:4b:c5:22:ba:b4:01:64:c9:
02:85:e4:30:82:32:47:0d:9b:d1:0a:91:2b:8f:fb:
98:6e:9c:2c:aa:12:b2:35:cd:db:90:03:6d:ad:59:
2c:0e:4b:3f:61:51:4c:e8:35:83:32:59:60:1c:26:
94:bf:43:80:fd:1d:d2:4b:02:ae:1a:23:f7:4c:20:
87:d9:61:40:34:c0:2c:48:9a:f6:b9:a9:4f:e1:29:
6a:6a:10:26:d3:88:8a:4f:cb:77:2d:fb:79:04:c7:
be:90:e8:f1:ab:ad:a8:57:59:42:a1:7c:97:ef:74:
36:88:d5:d7:7c:cb:bf:fb:29:f8:07:3b:c8:c7:69:
a1:6f:1e:ad:0a:3f:f8:10:f7:2b:c1:9d:84:e4:cb:
bb:09:8c:85:06:ad:01:63:d5:3c:e3:cc:0b:f6:b1:
7c:ec:f6:39:fe:d9:0d:23:41:3f:bb:0a:ca:73:3c:
57:31:c5:72:39:68:0b:8e:2e:46:88:d0:61:19:98:
ad:be:c7:a3:03:61:98:3c:ac:fe:fe:48:92:15:34:
d3:f4:d0:19:82:ec:0d:c4:f2:b1:ef:a7:01:e5:05:
9f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:70:81:93:C6:59:67:BE:66:31:B4:20:52:85:5E:8D:34:FC:19:24
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/QHCBk8ZZZ75mMbQgUoVejTT8GSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.212.0/22
84.54.60.0/22
185.56.152.0/24
185.56.154.0/23
185.94.140.0/22
185.160.8.0/22
193.16.213.0/24
193.16.221.0/24
193.16.236.0/24
IPv6:
2a02:53a0::/32
2a05:f440::/29
2a07:b7c0::/29
2a09:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
15:5f:70:9a:8a:97:86:55:75:4c:b8:bf:12:c1:fb:47:d5:b3:
58:1d:59:ad:57:d6:eb:36:a0:f1:ce:26:25:60:05:17:5d:a8:
50:e9:fc:a3:a5:40:5d:46:d0:ad:c6:4e:6b:b1:74:ee:21:06:
db:99:2e:dd:0f:61:4a:5a:87:88:06:66:10:f5:34:96:d7:56:
06:62:e7:c5:39:2d:64:69:23:c2:fc:b9:2b:36:40:1b:a0:f6:
3b:dc:54:c6:33:69:1b:ab:d2:fe:3e:48:0a:c1:f6:ca:71:03:
e8:9f:f2:72:40:e9:b0:26:22:5b:85:d0:61:3e:55:c8:4a:41:
24:86:be:21:6a:1a:d7:a4:3f:94:c6:a2:75:52:53:e7:66:13:
1d:9e:f3:8e:3c:db:e6:bc:35:c1:dc:5e:c6:8e:15:ad:92:11:
14:2f:31:58:1e:da:4b:71:eb:83:9f:e1:03:18:7c:ac:b2:c7:
74:8b:ee:4d:18:e5:98:ff:ad:42:20:ae:fb:d0:79:03:2e:3d:
9e:87:78:ae:0e:9c:b2:15:6b:06:ae:7c:23:31:c5:28:2f:31:
42:92:c1:74:77:04:76:8c:52:7b:e1:88:00:42:98:e0:4f:52:
a4:73:63:ab:8e:5d:ad:c3:8e:fd:af:d7:f5:5e:bf:49:02:55:
94:20:e4:66
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYVwjI+zWM5cO3mrIsuUwBskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjMwMTAyMDMzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDcwODE5M2M2NTk2N2JlNjYzMWI0MjA1Mjg1NWU4ZDM0ZmMxOTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleoUZi4+b0BNa0L6VpHVpn0TuU6K
WIKOf8GmIl4pJe3UgRO6S8UiurQBZMkCheQwgjJHDZvRCpErj/uYbpwsqhKyNc3b
kANtrVksDks/YVFM6DWDMllgHCaUv0OA/R3SSwKuGiP3TCCH2WFANMAsSJr2ualP
4SlqahAm04iKT8t3Lft5BMe+kOjxq62oV1lCoXyX73Q2iNXXfMu/+yn4BzvIx2mh
bx6tCj/4EPcrwZ2E5Mu7CYyFBq0BY9U848wL9rF87PY5/tkNI0E/uwrKczxXMcVy
OWgLji5GiNBhGZitvsejA2GYPKz+/kiSFTTT9NAZguwNxPKx76cB5QWf8wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEBwgZPGWWe+ZjG0IFKFXo00/BkkMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvUUhDQms4WlpaNzVtTWJRZ1VvVmVqVFQ4R1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQCBbbUAwQC
VDY8AwQAuTiYAwQBuTiaAwQCuV6MAwQCuaAIAwQAwRDVAwQAwRDdAwQAwRDsMCIE
AgACMBwDBQAqAlOgAwUDKgX0QAMFAyoHt8ADBQAqCUsAMA0GCSqGSIb3DQEBCwUA
A4IBAQAVX3CaipeGVXVMuL8SwftH1bNYHVmtV9brNqDxziYlYAUXXahQ6fyjpUBd
RtCtxk5rsXTuIQbbmS7dD2FKWoeIBmYQ9TSW11YGYufFOS1kaSPC/LkrNkAboPY7
3FTGM2kbq9L+PkgKwfbKcQPon/JyQOmwJiJbhdBhPlXISkEkhr4hahrXpD+UxqJ1
UlPnZhMdnvOOPNvmvDXB3F7GjhWtkhEULzFYHtpLceuDn+EDGHysssd0i+5NGOWY
/61CIK770HkDLj2eh3iuDpyyFWsGrnwjMcUoLzFCksF0dwR2jFJ74YgAQpjgT1Kk
c2Orjl2tw479r9f1Xr9JAlWUIORm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:10 2024 by rpki-client on console-fra.rpki-client.org