Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QkHg1_lU6hf0pOp6RU4tbVFB6lE.roa
File: QkHg1_lU6hf0pOp6RU4tbVFB6lE.roa (raw, json)
Hash identifier: OZhojqWrV4ApxG2ZVth+dMnyBPyQQv1hh+KYAVHIMKQ=
Subject key identifier: 42:41:E0:D7:F9:54:EA:17:F4:A4:EA:7A:45:4E:2D:6D:51:41:EA:51
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0187FCB7B098740D5DB9B34103B35C48277C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QkHg1_lU6hf0pOp6RU4tbVFB6lE.roa
Signing time: Mon 08 May 2023 18:55:09 +0000
ROA not before: Mon 08 May 2023 18:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fc:b7:b0:98:74:0d:5d:b9:b3:41:03:b3:5c:48:27:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: May 8 18:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4241e0d7f954ea17f4a4ea7a454e2d6d5141ea51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:63:e1:bf:cd:66:1d:57:b6:80:4d:ca:0d:49:
f1:9c:2f:1c:32:dd:02:41:c2:63:87:da:81:0a:df:
b1:4b:3a:24:86:0a:ad:20:b3:6d:cc:1d:bd:ca:2c:
c6:ca:09:71:84:9f:3d:95:08:c6:81:54:2a:08:9d:
0a:85:2f:45:1d:70:3b:1e:ce:ce:7f:9b:62:31:70:
e3:43:fe:5d:93:54:b9:4d:79:ce:87:24:74:a8:b3:
a8:79:c2:b4:57:cc:f8:1f:61:3d:dd:dc:d7:ae:32:
eb:09:3e:e6:5a:fc:f0:5b:3e:68:be:54:4d:80:0c:
bd:c1:de:76:1c:40:db:c3:47:03:5a:09:97:f1:3f:
6a:1d:86:c4:a7:72:c8:6d:9a:83:54:c4:9e:5e:04:
64:09:ec:e6:42:65:ee:ad:3f:84:26:e7:a0:4f:99:
80:62:55:67:f8:f7:45:fa:e7:94:10:b1:c2:62:68:
6c:5e:8d:fd:6d:ff:99:3b:ec:45:d6:0e:0a:41:13:
da:b7:3c:d0:2a:04:50:e6:2e:bf:e9:61:6b:3c:39:
5c:c0:21:b0:c8:de:f5:f7:c8:37:a8:b9:ed:42:e2:
23:c4:ee:2d:ef:ed:e9:bd:22:03:e4:f5:54:ab:ba:
67:96:1b:b4:a8:a4:63:5d:9b:f5:62:34:e0:d9:3d:
69:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:41:E0:D7:F9:54:EA:17:F4:A4:EA:7A:45:4E:2D:6D:51:41:EA:51
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/QkHg1_lU6hf0pOp6RU4tbVFB6lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
89.33.163.0/24
89.34.8.0/21
89.39.252.0/24
89.43.40.0/24
89.43.42.0/24
89.43.44.0/24
89.43.46.0/24
89.43.73.0/24
93.113.158.0/24
93.114.55.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
42:ea:2b:8b:87:63:04:0d:13:0d:c7:a2:f2:9a:7a:35:21:53:
39:2f:fb:a7:a9:08:b2:b8:db:5d:4f:26:a5:e8:5c:ba:d0:45:
1d:5e:e5:5a:8c:3d:30:d0:f1:2e:b2:e3:11:19:50:3d:f2:c3:
0e:ed:8b:e3:ef:e1:75:41:3f:d2:e7:3f:ec:e8:5d:5c:84:9c:
f4:ca:75:82:1b:36:95:f3:c0:17:4f:e7:7f:fb:e0:64:8c:6e:
d5:57:f4:fd:22:de:aa:bb:1d:0b:8d:05:5d:71:04:a9:19:46:
7b:80:27:b2:2c:9a:dc:ad:c8:ec:7e:2a:0c:cd:f7:9c:c3:5f:
3d:8b:ba:71:43:01:13:52:9d:b3:69:3f:d7:8c:43:be:e9:2c:
17:da:4f:cf:d2:d7:53:bd:72:42:8e:76:f8:47:88:14:1a:f1:
d9:48:9a:19:ff:0b:e2:38:7a:85:59:5d:aa:5f:ea:69:f8:f8:
b6:4d:e7:3a:3e:5c:b3:d8:17:e7:0b:40:56:d3:87:00:5e:b9:
8d:9e:31:ae:8c:94:24:54:31:fd:cc:23:cd:4a:04:46:9b:64:
ce:b8:f3:c0:a5:67:f0:e0:24:c5:01:7c:e0:99:ec:26:bc:c4:
25:f3:9a:7f:df:65:2d:44:19:aa:bd:68:dc:09:26:68:46:c3:
e1:bd:ac:df
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYf8t7CYdA1dubNBA7NcSCd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwNTA4MTg1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQxZTBkN2Y5NTRlYTE3ZjRhNGVhN2E0NTRlMmQ2ZDUxNDFlYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWPhv81mHVe2gE3KDUnxnC8cMt0C
QcJjh9qBCt+xSzokhgqtILNtzB29yizGyglxhJ89lQjGgVQqCJ0KhS9FHXA7Hs7O
f5tiMXDjQ/5dk1S5TXnOhyR0qLOoecK0V8z4H2E93dzXrjLrCT7mWvzwWz5ovlRN
gAy9wd52HEDbw0cDWgmX8T9qHYbEp3LIbZqDVMSeXgRkCezmQmXurT+EJuegT5mA
YlVn+PdF+ueUELHCYmhsXo39bf+ZO+xF1g4KQRPatzzQKgRQ5i6/6WFrPDlcwCGw
yN7198g3qLntQuIjxO4t7+3pvSID5PVUq7pnlhu0qKRjXZv1YjTg2T1pvwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFEJB4Nf5VOoX9KTqekVOLW1RQepRMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvUWtIZzFfbFU2aGYwcE9wNlJVNHRiVkZCNmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MGwEAgABMGYDBABVzH0D
BABVzH8DBABWalADBABZIaMDBANZIggDBABZJ/wDBABZKygDBABZKyoDBABZKywD
BABZKy4DBABZK0kDBABdcZ4DBABdcjcDBABdcrsDBAC81RIDBAG810gDBAC88A4w
DwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEAQuori4djBA0TDcei
8pp6NSFTOS/7p6kIsrjbXU8mpehcutBFHV7lWow9MNDxLrLjERlQPfLDDu2L4+/h
dUE/0uc/7OhdXISc9Mp1ghs2lfPAF0/nf/vgZIxu1Vf0/SLeqrsdC40FXXEEqRlG
e4Ansiya3K3I7H4qDM33nMNfPYu6cUMBE1Kds2k/14xDvuksF9pPz9LXU71yQo52
+EeIFBrx2UiaGf8L4jh6hVldql/qafj4tk3nOj5cs9gX5wtAVtOHAF65jZ4xroyU
JFQx/cwjzUoERptkzrjzwKVn8OAkxQF84JnsJrzEJfOaf99lLUQZqr1o3AkmaEbD
4b2s3w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-fra.rpki-client.org