Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Kqj7IYfbhSrpZdp_l0pt8walY3s.roa
File: Kqj7IYfbhSrpZdp_l0pt8walY3s.roa (raw, json)
Hash identifier: +Z3QMQ8ytB+1FCHl6rUOMxqjpxWLz3r1+E6TotDmo9k=
Subject key identifier: 2A:A8:FB:21:87:DB:85:2A:E9:65:DA:7F:97:4A:6D:F3:06:A5:63:7B
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01865EA54FC15B56CAA6CB0594CA95F0BAEA
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Kqj7IYfbhSrpZdp_l0pt8walY3s.roa
Signing time: Fri 17 Feb 2023 09:12:17 +0000
ROA not before: Fri 17 Feb 2023 09:12:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Mar 2023 12:54:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5e:a5:4f:c1:5b:56:ca:a6:cb:05:94:ca:95:f0:ba:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Feb 17 09:12:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2aa8fb2187db852ae965da7f974a6df306a5637b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c3:5d:ac:d8:9b:3b:0c:09:f1:73:5a:ed:f8:
9d:1d:d4:29:b0:10:17:95:fc:c3:70:44:69:b4:1e:
c5:33:bc:2e:a6:d6:6e:c1:98:df:f1:2b:55:45:3b:
c4:5d:50:c7:19:8b:a3:32:f2:4d:df:45:94:9a:44:
39:9e:96:69:80:fd:42:74:6c:f6:86:3e:37:94:ac:
91:96:5b:b2:1d:4a:fb:3d:d0:b1:da:a6:a6:6f:ef:
80:d7:b4:4a:80:4b:23:93:e6:c8:de:3d:e1:d1:c8:
61:f2:59:b6:ad:44:0b:a9:01:17:22:d2:83:f4:53:
05:5c:6d:47:fc:ae:c1:f0:3e:16:1e:68:de:44:7f:
00:cf:4e:15:8b:bc:62:d1:9e:62:bc:f3:6f:94:68:
54:b5:6f:7c:5f:11:2b:a9:3b:99:e5:e5:b2:81:7a:
f9:ef:af:73:d5:f4:2c:49:04:a7:d3:30:42:dc:1f:
5b:e3:0a:76:c6:e8:34:3a:1d:db:5e:51:a7:54:5f:
23:5f:96:79:cf:10:d7:5d:33:01:54:82:37:2e:be:
81:74:cc:78:ef:83:db:a3:e1:1a:79:fa:d2:b6:5a:
66:75:63:3d:ac:45:f8:96:53:0f:de:cf:3b:0b:4d:
11:03:7a:08:93:b2:35:47:b9:94:0c:92:68:16:48:
ad:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A8:FB:21:87:DB:85:2A:E9:65:DA:7F:97:4A:6D:F3:06:A5:63:7B
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Kqj7IYfbhSrpZdp_l0pt8walY3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0-89.43.42.255
89.43.44.0/24
89.43.73.0/24
93.113.158.0/24
93.114.55.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
29:0e:ba:fb:21:9e:9c:7b:95:30:6a:ef:f0:e1:c7:7b:c9:cc:
1d:b6:ab:7f:b8:60:9a:34:15:1f:24:54:35:88:dd:5e:e1:58:
a0:63:87:d4:0a:c0:17:f5:ed:bc:85:a0:24:f6:cd:33:9b:75:
0a:9c:b4:72:01:15:ce:75:56:c2:7f:41:d6:77:4b:a4:6b:df:
6d:4e:5c:d4:6e:f5:27:17:9c:60:c8:16:34:cd:69:f0:2a:95:
ce:a2:5e:71:7f:b1:72:f0:56:43:ad:a7:dd:48:d7:c7:3c:e0:
96:e5:8c:00:ee:8c:ff:7d:92:3a:97:c7:e0:dc:20:08:7d:15:
1b:ec:97:5b:97:b7:d7:17:49:5d:69:2f:e5:91:f6:c1:b5:d6:
0e:29:29:7f:d3:b1:00:db:57:56:a2:27:4a:02:2b:91:56:b3:
11:4d:7b:ea:55:2e:dd:0e:60:4d:33:db:c2:85:cc:2b:b2:1a:
33:2f:f2:47:f8:3f:a4:90:5c:2b:1c:a0:a8:ac:eb:8d:01:5d:
32:fd:2b:04:c6:5b:11:f5:a2:8f:aa:62:5b:43:ab:2b:0d:a9:
76:73:a3:46:a6:b7:d8:e3:d6:4d:12:c6:c8:8a:be:da:e6:1e:
f0:3a:c2:72:99:f9:1d:c4:c1:bb:58:6f:40:ee:01:18:1d:6a:
99:9b:d8:2f
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYZepU/BW1bKpssFlMqV8LrqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMjE3MDkxMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWE4ZmIyMTg3ZGI4NTJhZTk2NWRhN2Y5NzRhNmRmMzA2YTU2MzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsNdrNibOwwJ8XNa7fidHdQpsBAX
lfzDcERptB7FM7wuptZuwZjf8StVRTvEXVDHGYujMvJN30WUmkQ5npZpgP1CdGz2
hj43lKyRlluyHUr7PdCx2qamb++A17RKgEsjk+bI3j3h0chh8lm2rUQLqQEXItKD
9FMFXG1H/K7B8D4WHmjeRH8Az04Vi7xi0Z5ivPNvlGhUtW98XxErqTuZ5eWygXr5
769z1fQsSQSn0zBC3B9b4wp2xug0Oh3bXlGnVF8jX5Z5zxDXXTMBVII3Lr6BdMx4
74Pbo+EaefrStlpmdWM9rEX4llMP3s87C00RA3oIk7I1R7mUDJJoFkit7QIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCqo+yGH24Uq6WXaf5dKbfMGpWN7MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvS3FqN0lZZmJoU3JwWmRwX2wwcHQ4d2FsWTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBuBAIAATBoAwQAVcx9
AwQAVcx/AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8MAwDBANZKygDBABZ
KyoDBABZKywDBABZK0kDBABdcZ4DBABdcjcDBABdcrsDBAC81RIDBAG810gDBAC8
8A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEAKQ66+yGenHuV
MGrv8OHHe8nMHbarf7hgmjQVHyRUNYjdXuFYoGOH1ArAF/XtvIWgJPbNM5t1Cpy0
cgEVznVWwn9B1ndLpGvfbU5c1G71JxecYMgWNM1p8CqVzqJecX+xcvBWQ62n3UjX
xzzgluWMAO6M/32SOpfH4NwgCH0VG+yXW5e31xdJXWkv5ZH2wbXWDikpf9OxANtX
VqInSgIrkVazEU176lUu3Q5gTTPbwoXMK7IaMy/yR/g/pJBcKxygqKzrjQFdMv0r
BMZbEfWij6piW0OrKw2pdnOjRqa32OPWTRLGyIq+2uYe8DrCcpn5HcTBu1hvQO4B
GB1qmZvYLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org