Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/qwChi7gd00b4MnDIlDv3L7WE7ms.roa
File: qwChi7gd00b4MnDIlDv3L7WE7ms.roa (raw, json)
Hash identifier: PoxNCKOibudWlBRJBL3H3KPkHTGDG/GONpY55/RpIBk=
Subject key identifier: AB:00:A1:8B:B8:1D:D3:46:F8:32:70:C8:94:3B:F7:2F:B5:84:EE:6B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0191CD04B22F293A8D097BA8425D56E8BD95
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/qwChi7gd00b4MnDIlDv3L7WE7ms.roa
Signing time: Sat 07 Sep 2024 15:05:22 +0000
ROA not before: Sat 07 Sep 2024 15:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/21 maxlen: 21
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.72.0/23 maxlen: 23
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 22
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cd:04:b2:2f:29:3a:8d:09:7b:a8:42:5d:56:e8:bd:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 7 15:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab00a18bb81dd346f83270c8943bf72fb584ee6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:15:44:43:a0:23:7f:34:64:94:ec:de:51:3f:
51:3f:9e:bb:01:dc:38:99:50:2f:5a:a1:c4:a6:3c:
0f:f8:33:e3:23:07:80:e7:19:cf:ac:21:44:5d:61:
86:0f:78:12:66:ae:6f:27:a8:dc:f1:a3:c0:b1:3a:
75:38:bb:87:17:ac:48:93:6a:e2:9f:fb:e1:bc:db:
7b:9a:a0:a8:2f:c2:42:22:65:e9:9d:d5:3d:75:b9:
14:aa:f2:f9:8d:2b:6a:2a:14:73:87:7b:3f:1c:86:
02:ba:2a:91:ce:bd:0e:08:6f:19:b4:b3:49:3f:37:
ca:f7:eb:22:2c:e1:76:9a:36:1f:e3:13:9f:34:41:
10:27:c2:bb:f5:b6:8e:ec:49:b8:6f:f0:3c:b7:16:
b5:b5:39:c1:e1:eb:1b:84:e0:3a:bc:5e:f9:61:52:
7b:33:93:2b:fb:10:59:6b:5b:bc:40:ea:d3:9f:e5:
a0:48:9e:13:3f:41:d5:e3:ed:28:42:f7:87:34:e1:
c5:4c:22:11:f9:a8:10:12:44:db:b8:22:e4:6e:97:
f9:94:7c:0e:78:30:3e:c1:ce:c6:14:c7:8f:f4:42:
de:4d:99:db:f4:09:db:3c:e3:7d:3d:a0:e8:16:63:
fd:c7:fa:fc:17:c5:d9:4e:33:42:8e:91:1d:82:c4:
e9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:00:A1:8B:B8:1D:D3:46:F8:32:70:C8:94:3B:F7:2F:B5:84:EE:6B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/qwChi7gd00b4MnDIlDv3L7WE7ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
5.182.28.0/22
45.67.117.0/24
45.86.16.0/21
85.159.117.0/24
89.39.242.0/24
91.239.59.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.124.255
91.242.126.0/24
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
185.212.11.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
20:89:1c:ba:eb:a4:11:74:df:3d:b8:ed:f8:92:e5:5a:eb:f2:
43:f0:9b:0b:be:c8:43:ab:b4:46:f2:3c:13:82:fe:7f:8c:c6:
18:1e:49:4b:d0:c2:91:c4:33:3c:fc:18:74:ae:fc:7a:0c:cf:
01:28:40:26:66:46:56:a0:ce:a6:9c:2d:56:f6:cd:47:44:6a:
a9:d2:3b:28:27:bc:f7:89:18:b7:c5:2f:3a:57:fc:4d:bd:1a:
c0:dc:97:8f:73:ea:4e:92:76:4a:f9:9b:8c:a8:03:02:2a:c4:
f5:2c:7c:53:e1:1d:c5:2f:49:78:40:d9:fc:d4:37:a8:52:b3:
16:a1:8d:85:50:62:8e:d2:4c:d8:28:8c:18:84:31:cb:56:f3:
64:c8:e7:d9:99:d7:3c:50:4f:89:08:5f:7d:fe:6a:30:d5:ac:
64:97:eb:da:35:db:56:52:cc:b3:96:27:cf:da:52:71:6f:8a:
4a:a1:e1:b9:56:ba:bf:83:eb:11:2b:1d:e4:06:ac:49:b1:70:
d3:6f:d8:51:f4:36:5f:67:f0:8e:7f:96:9b:5e:06:28:96:31:
4e:68:81:c2:75:d2:23:ee:7c:17:88:81:c9:80:c1:bc:1d:9d:
b3:c9:b4:8a:48:f9:9b:a7:4b:6f:bb:a0:f2:d0:f1:7a:51:2b:
fb:ce:7a:32
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZHNBLIvKTqNCXuoQl1W6L2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwOTA3MTUwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjAwYTE4YmI4MWRkMzQ2ZjgzMjcwYzg5NDNiZjcyZmI1ODRlZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhVEQ6AjfzRklOzeUT9RP567Adw4
mVAvWqHEpjwP+DPjIweA5xnPrCFEXWGGD3gSZq5vJ6jc8aPAsTp1OLuHF6xIk2ri
n/vhvNt7mqCoL8JCImXpndU9dbkUqvL5jStqKhRzh3s/HIYCuiqRzr0OCG8ZtLNJ
PzfK9+siLOF2mjYf4xOfNEEQJ8K79baO7Em4b/A8txa1tTnB4esbhOA6vF75YVJ7
M5Mr+xBZa1u8QOrTn+WgSJ4TP0HV4+0oQveHNOHFTCIR+agQEkTbuCLkbpf5lHwO
eDA+wc7GFMeP9ELeTZnb9AnbPON9PaDoFmP9x/r8F8XZTjNCjpEdgsTpkwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFKsAoYu4HdNG+DJwyJQ79y+1hO5rMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvcXdDaGk3Z2QwMGI0TW5ESWxEdjNMN1dFN21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBAIF
tAQDBAIFthwDBAAtQ3UDBAMtVhADBABVn3UDBABZJ/IDBABb7zsDBAJb8kgDBAFb
8l4DBABb8mcDBABb8mkwDAMEAFvyewMEAFvyfAMEAFvyfgMEAF7nxgMEALB+3wME
ArKvsAMEALkoaQMEALmt9AMEALmt9wMEALm0kQMEALnUCwMEAcIyyAMEAcIyzjAM
AwQAw4pnAwQAw4psMAwDBADDim8DBADDinADBADDinIDBADDinQDBADDinYDBADD
ingwDAMEAcOKegMEB8OKAAMEAsPYnDANBgkqhkiG9w0BAQsFAAOCAQEAIIkcuuuk
EXTfPbjt+JLlWuvyQ/CbC77IQ6u0RvI8E4L+f4zGGB5JS9DCkcQzPPwYdK78egzP
AShAJmZGVqDOppwtVvbNR0RqqdI7KCe894kYt8UvOlf8Tb0awNyXj3PqTpJ2Svmb
jKgDAirE9Sx8U+EdxS9JeEDZ/NQ3qFKzFqGNhVBijtJM2CiMGIQxy1bzZMjn2ZnX
PFBPiQhfff5qMNWsZJfr2jXbVlLMs5Ynz9pScW+KSqHhuVa6v4PrESsd5AasSbFw
02/YUfQ2X2fwjn+Wm14GKJYxTmiBwnXSI+58F4iByYDBvB2ds8m0ikj5m6dLb7ug
8tDxelEr+856Mg==
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:55 2024 by rpki-client on console-ams.rpki-client.org