Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KQF6OJrpJwGc_tU6EiBP5X86epY.roa
File: KQF6OJrpJwGc_tU6EiBP5X86epY.roa (raw, json)
Hash identifier: yJ0GzfStN68IeAohkNlB8olAYdcMoJun9rVGLOv+czE=
Subject key identifier: 29:01:7A:38:9A:E9:27:01:9C:FE:D5:3A:12:20:4F:E5:7F:3A:7A:96
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018C7C293C898A386D08A360DCBCE1A9B705
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KQF6OJrpJwGc_tU6EiBP5X86epY.roa
Signing time: Mon 18 Dec 2023 09:02:06 +0000
ROA not before: Mon 18 Dec 2023 09:02:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.55.4.0/22 maxlen: 23
176.96.88.0/22 maxlen: 22
176.103.240.0/21 maxlen: 22
176.116.232.0/22 maxlen: 22
185.55.142.0/23 maxlen: 23
185.55.140.0/23 maxlen: 23
185.55.140.0/22 maxlen: 22
178.212.184.0/22 maxlen: 22
178.212.184.0/21 maxlen: 21
178.212.188.0/22 maxlen: 22
176.102.124.0/22 maxlen: 22
176.102.120.0/21 maxlen: 21
176.102.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 18 Dec 2023 11:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:29:3c:89:8a:38:6d:08:a3:60:dc:bc:e1:a9:b7:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Dec 18 09:02:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29017a389ae927019cfed53a12204fe57f3a7a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:bc:9a:45:17:63:b7:3a:85:11:41:cc:48:20:
43:23:38:b5:f9:5e:ae:9e:32:40:d8:f1:04:fd:9e:
67:03:77:e5:84:d6:bd:ac:c7:98:f3:13:f8:e0:e8:
88:41:a0:24:f2:26:a3:71:ea:3e:5b:fe:22:46:63:
df:27:2d:56:09:58:c6:68:5c:e9:7f:aa:af:5c:71:
76:31:3c:62:4e:05:c5:6a:01:1b:8f:a3:fe:2d:d9:
ac:71:51:7c:45:f0:fe:12:c8:61:6d:58:9c:9d:b4:
5a:42:65:f7:27:d3:ac:39:21:89:5d:28:e4:ed:1e:
c1:10:e1:af:35:e8:38:d0:b2:a6:c9:bd:08:f2:2a:
a4:bf:33:da:b5:3b:fe:07:89:0f:2d:97:2e:6a:07:
0d:37:49:34:c9:cd:23:6b:d3:ff:71:43:27:3e:ef:
e9:77:79:2e:3c:f9:5b:fb:26:e1:50:ca:64:5c:a9:
70:80:04:02:69:ef:f7:51:0f:f7:cf:93:eb:6a:9d:
b9:6a:d7:f4:ed:73:9e:b6:c9:9d:52:8b:af:6b:66:
b3:1c:f5:12:50:41:d1:55:e2:b1:c1:e0:87:87:b6:
ef:14:c7:d5:91:fa:3a:b1:9c:e4:90:9c:00:24:b8:
dd:4f:6c:06:05:45:f5:c3:98:3f:22:82:4c:0e:c8:
98:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:01:7A:38:9A:E9:27:01:9C:FE:D5:3A:12:20:4F:E5:7F:3A:7A:96
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/KQF6OJrpJwGc_tU6EiBP5X86epY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.88.0/22
176.102.120.0/21
176.103.240.0/21
176.116.232.0/22
178.212.184.0/21
185.55.4.0/22
185.55.140.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:3e:3e:ce:0c:09:3b:fc:ff:ac:07:18:0b:07:ea:ec:e6:f0:
71:30:23:97:91:3a:c7:22:be:f3:22:b3:09:a6:57:30:ec:75:
b2:0d:0f:fa:53:f6:88:0a:7d:cb:f1:f2:47:ec:f7:6b:85:19:
28:3a:e0:f0:57:19:9b:08:61:fd:24:a7:34:93:84:65:f7:ab:
fd:05:89:e5:bb:72:04:9d:f5:a7:82:04:2e:af:81:b4:06:52:
40:68:e4:b0:de:2e:15:2e:0d:1c:47:9b:ae:97:ae:a8:b7:b1:
07:e8:50:36:aa:03:bd:d5:c7:94:6b:70:4e:a6:7d:4c:50:1a:
d3:a8:18:17:d5:ce:f7:5c:58:64:f7:a9:19:24:20:6c:6d:f2:
c8:71:26:1f:f0:f1:56:59:4d:25:d6:1c:43:68:02:cc:94:00:
6d:a8:59:16:d3:b4:1a:5a:2c:75:70:36:7c:b4:72:17:30:7b:
07:a0:ad:19:81:91:29:01:5a:43:93:7e:26:c5:78:5c:2e:f8:
31:cf:14:60:8b:7a:ef:4e:e7:85:2d:1b:a0:5a:27:36:80:ec:
63:6c:74:52:75:31:dd:d2:ba:6f:ce:13:11:32:e3:b1:1e:ee:
d1:1b:63:46:cf:c0:1d:b2:ae:47:46:2e:fd:44:24:40:d9:75:
8f:1f:4a:cd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYx8KTyJijhtCKNg3LzhqbcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMjE4MDkwMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAxN2EzODlhZTkyNzAxOWNmZWQ1M2ExMjIwNGZlNTdmM2E3YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLyaRRdjtzqFEUHMSCBDIzi1+V6u
njJA2PEE/Z5nA3flhNa9rMeY8xP44OiIQaAk8iajceo+W/4iRmPfJy1WCVjGaFzp
f6qvXHF2MTxiTgXFagEbj6P+LdmscVF8RfD+EshhbVicnbRaQmX3J9OsOSGJXSjk
7R7BEOGvNeg40LKmyb0I8iqkvzPatTv+B4kPLZcuagcNN0k0yc0ja9P/cUMnPu/p
d3kuPPlb+ybhUMpkXKlwgAQCae/3UQ/3z5Prap25atf07XOetsmdUouva2azHPUS
UEHRVeKxweCHh7bvFMfVkfo6sZzkkJwAJLjdT2wGBUX1w5g/IoJMDsiYtQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCkBejia6ScBnP7VOhIgT+V/OnqWMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvS1FGNk9KcnBKd0djX3RVNkVpQlA1WDg2ZXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCsGBYAwQD
sGZ4AwQDsGfwAwQCsHToAwQDstS4AwQCuTcEAwQCuTeMMA0GCSqGSIb3DQEBCwUA
A4IBAQBePj7ODAk7/P+sBxgLB+rs5vBxMCOXkTrHIr7zIrMJplcw7HWyDQ/6U/aI
Cn3L8fJH7PdrhRkoOuDwVxmbCGH9JKc0k4Rl96v9BYnlu3IEnfWnggQur4G0BlJA
aOSw3i4VLg0cR5uul66ot7EH6FA2qgO91ceUa3BOpn1MUBrTqBgX1c73XFhk96kZ
JCBsbfLIcSYf8PFWWU0l1hxDaALMlABtqFkW07QaWix1cDZ8tHIXMHsHoK0ZgZEp
AVpDk34mxXhcLvgxzxRgi3rvTueFLRugWic2gOxjbHRSdTHd0rpvzhMRMuOxHu7R
G2NGz8Adsq5HRi79RCRA2XWPH0rN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org