Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QFK6L8A5nLn6qKkbwH92MHIIrno.roa
File: QFK6L8A5nLn6qKkbwH92MHIIrno.roa (raw, json)
Hash identifier: sKNldLz1QkeE/J3i6qmb/j8PQYCiya3ExKgyh1YC59Q=
Subject key identifier: 40:52:BA:2F:C0:39:9C:B9:FA:A8:A9:1B:C0:7F:76:30:72:08:AE:7A
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0191468447EFB0652590B56579CEA13633EE
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QFK6L8A5nLn6qKkbwH92MHIIrno.roa
Signing time: Mon 12 Aug 2024 12:15:59 +0000
ROA not before: Mon 12 Aug 2024 12:15:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34450
IP address blocks: 85.204.125.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.39.252.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.113.203.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
188.215.95.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 12 Aug 2024 13:56:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:84:47:ef:b0:65:25:90:b5:65:79:ce:a1:36:33:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Aug 12 12:15:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4052ba2fc0399cb9faa8a91bc07f76307208ae7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:d7:79:77:54:27:46:60:31:31:28:9a:5b:
83:c1:41:aa:9b:f6:a4:31:09:28:77:0b:81:31:22:
7e:a0:08:ea:32:eb:38:5f:da:11:50:81:3b:f3:e8:
a9:b4:2a:27:53:93:a9:8f:c5:4a:c0:14:af:7c:66:
1a:84:c4:b6:94:3b:c1:e9:7e:be:16:03:c2:26:f8:
e1:37:1e:b4:4c:6c:d7:2d:1b:24:3b:c1:d9:29:97:
f7:1d:e3:be:e5:f7:e9:fc:d3:b9:6c:ea:b0:53:b4:
71:d6:2e:80:59:02:ba:2d:13:63:4a:13:bc:9e:dd:
44:4e:09:39:10:94:90:f9:13:6c:1b:6c:b8:a2:02:
c8:1d:e9:3e:c7:a0:f0:c2:5e:07:22:58:59:a4:dc:
28:f4:01:5b:b4:2a:23:da:d2:82:a7:33:cd:a7:21:
06:84:4b:a7:b9:ee:2f:04:e7:69:d1:b5:fb:e5:d4:
65:26:45:7e:b3:a9:6d:3a:ae:fc:1c:1e:e0:c3:4c:
97:52:c7:d6:55:9a:dc:ff:34:b2:7a:75:7e:af:12:
e8:2f:76:f3:ac:66:d3:e7:a7:6e:76:90:3d:61:f9:
d2:f1:05:da:c5:bf:c2:6d:27:32:d8:19:e5:2b:bc:
9b:b8:06:e0:3b:df:08:35:7d:47:e2:76:db:52:80:
68:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:52:BA:2F:C0:39:9C:B9:FA:A8:A9:1B:C0:7F:76:30:72:08:AE:7A
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QFK6L8A5nLn6qKkbwH92MHIIrno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
86.106.80.0/24
86.106.104.0/24
89.34.8.0/21
89.39.252.0/24
89.43.45.0-89.43.46.255
89.44.209.0/24
93.113.158.0/24
93.113.203.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
188.213.18.0/24
188.215.72.0/23
188.215.95.0/24
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
7d:4e:5c:4b:d2:a1:74:b9:72:d2:0c:66:82:ae:e2:53:43:5a:
4f:32:f6:69:5b:43:75:c4:dd:20:e1:24:32:11:72:b6:c1:98:
69:45:bb:63:9c:30:81:74:11:6a:81:48:11:73:66:b0:16:6d:
31:4c:40:16:4e:65:e8:aa:92:da:7f:d9:21:97:15:29:20:ef:
bd:cd:cc:da:b2:b2:22:b0:97:bb:80:9b:8b:01:3f:db:67:c6:
b5:2b:1d:8c:1e:ac:92:1b:fe:4c:14:a9:5d:d9:f3:22:3f:0e:
ee:65:57:d6:2b:51:64:fc:77:e5:dc:3f:75:4c:5a:2d:3b:95:
e0:a4:71:1b:72:7e:b6:50:36:68:c3:27:20:a0:08:38:7f:e2:
b8:58:d2:91:33:d5:6e:7b:2e:62:d6:73:c1:4d:b5:b1:f1:e8:
eb:d0:c8:b4:76:49:48:5c:18:06:b3:a6:24:25:0d:c7:5a:8a:
2d:33:ab:3a:5e:d7:14:47:00:fc:45:ed:ab:79:16:d1:c5:b6:
63:7e:24:b6:4c:b5:0e:89:19:f8:a2:97:b3:33:0d:ad:c4:63:
0f:21:fb:f0:30:91:64:dd:ab:9a:3f:9c:8d:5c:94:9c:ca:4c:
20:36:bb:07:9c:82:59:e8:5a:ea:3c:01:b1:d5:8c:b0:26:ea:
10:1f:f1:44
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZFGhEfvsGUlkLVlec6hNjPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwODEyMTIxNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDUyYmEyZmMwMzk5Y2I5ZmFhOGE5MWJjMDdmNzYzMDcyMDhhZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHfXeXdUJ0ZgMTEomluDwUGqm/ak
MQkodwuBMSJ+oAjqMus4X9oRUIE78+iptConU5Opj8VKwBSvfGYahMS2lDvB6X6+
FgPCJvjhNx60TGzXLRskO8HZKZf3HeO+5ffp/NO5bOqwU7Rx1i6AWQK6LRNjShO8
nt1ETgk5EJSQ+RNsG2y4ogLIHek+x6Dwwl4HIlhZpNwo9AFbtCoj2tKCpzPNpyEG
hEunue4vBOdp0bX75dRlJkV+s6ltOq78HB7gw0yXUsfWVZrc/zSyenV+rxLoL3bz
rGbT56dudpA9YfnS8QXaxb/CbScy2BnlK7ybuAbgO98INX1H4nbbUoBocwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFEBSui/AOZy5+qipG8B/djByCK56MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvUUZLNkw4QTVuTG42cUtrYndIOTJNSElJcm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBuBAIAATBoAwQAVcx9
AwQAVmpQAwQAVmpoAwQDWSIIAwQAWSf8MAwDBABZKy0DBABZKy4DBABZLNEDBABd
cZ4DBABdccsDBABdcjcDBABdcmMDBABdcqsDBAC81RIDBAG810gDBAC8118DBAC8
8A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEAfU5cS9KhdLly
0gxmgq7iU0NaTzL2aVtDdcTdIOEkMhFytsGYaUW7Y5wwgXQRaoFIEXNmsBZtMUxA
Fk5l6KqS2n/ZIZcVKSDvvc3M2rKyIrCXu4CbiwE/22fGtSsdjB6skhv+TBSpXdnz
Ij8O7mVX1itRZPx35dw/dUxaLTuV4KRxG3J+tlA2aMMnIKAIOH/iuFjSkTPVbnsu
YtZzwU21sfHo69DItHZJSFwYBrOmJCUNx1qKLTOrOl7XFEcA/EXtq3kW0cW2Y34k
tky1DokZ+KKXszMNrcRjDyH78DCRZN2rmj+cjVyUnMpMIDa7B5yCWeha6jwBsdWM
sCbqEB/xRA==
-----END CERTIFICATE-----
Generated at Mon Aug 12 17:33:28 2024 by rpki-client on console-ams.rpki-client.org