Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/0762da-d66f-4dcb-9c7f-802bb51a1bed/1/QDJA7zh36eihKdH1pPMtk2NyDh4.roa
File: QDJA7zh36eihKdH1pPMtk2NyDh4.roa (raw, json)
Hash identifier: H1W1/ady7jAquZOdX5D9eZTeFIdrh9bnZQygppp4ZRA=
Subject key identifier: 40:32:40:EF:38:77:E9:E8:A1:29:D1:F5:A4:F3:2D:93:63:72:0E:1E
Certificate issuer: /CN=a6c09cfd1578814a8cd1d81dc86c890fd5fa8661
Certificate serial: 0187FA715AB097EC3432E61FAF2B09AAD4E0
Authority key identifier: A6:C0:9C:FD:15:78:81:4A:8C:D1:D8:1D:C8:6C:89:0F:D5:FA:86:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/psCc_RV4gUqM0dgdyGyJD9X6hmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/0762da-d66f-4dcb-9c7f-802bb51a1bed/1/QDJA7zh36eihKdH1pPMtk2NyDh4.roa
Signing time: Mon 08 May 2023 08:19:05 +0000
ROA not before: Mon 08 May 2023 08:19:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50710
IP address blocks: 149.255.204.0/24 maxlen: 24
149.255.206.0/24 maxlen: 24
149.255.200.0/23 maxlen: 23
149.255.203.0/24 maxlen: 24
149.255.205.0/24 maxlen: 24
149.255.202.0/24 maxlen: 24
149.255.212.0/24 maxlen: 24
149.255.208.0/24 maxlen: 24
149.255.213.0/24 maxlen: 24
149.255.209.0/24 maxlen: 24
149.255.210.0/23 maxlen: 23
149.255.214.0/24 maxlen: 24
149.255.216.0/24 maxlen: 24
149.255.218.0/24 maxlen: 24
149.255.215.0/24 maxlen: 24
149.255.217.0/24 maxlen: 24
149.255.219.0/24 maxlen: 24
149.255.226.0/24 maxlen: 24
149.255.220.0/24 maxlen: 24
149.255.222.0/24 maxlen: 24
149.255.224.0/24 maxlen: 24
149.255.224.0/19 maxlen: 19
149.255.225.0/24 maxlen: 24
149.255.221.0/24 maxlen: 24
149.255.223.0/24 maxlen: 24
149.255.228.0/24 maxlen: 24
149.255.230.0/24 maxlen: 24
149.255.232.0/24 maxlen: 24
149.255.227.0/24 maxlen: 24
149.255.229.0/24 maxlen: 24
149.255.231.0/24 maxlen: 24
149.255.233.0/24 maxlen: 24
149.255.238.0/24 maxlen: 24
149.255.240.0/24 maxlen: 24
149.255.234.0/24 maxlen: 24
149.255.236.0/24 maxlen: 24
149.255.239.0/24 maxlen: 24
149.255.235.0/24 maxlen: 24
149.255.237.0/24 maxlen: 24
149.255.242.0/24 maxlen: 24
149.255.244.0/24 maxlen: 24
149.255.246.0/24 maxlen: 24
149.255.241.0/24 maxlen: 24
149.255.243.0/24 maxlen: 24
149.255.245.0/24 maxlen: 24
149.255.248.0/24 maxlen: 24
149.255.250.0/24 maxlen: 24
149.255.253.0/24 maxlen: 24
149.255.247.0/24 maxlen: 24
149.255.249.0/24 maxlen: 24
149.255.251.0/24 maxlen: 24
149.255.192.0/19 maxlen: 19
149.255.192.0/24 maxlen: 24
149.255.197.0/24 maxlen: 24
149.255.199.0/24 maxlen: 24
149.255.195.0/24 maxlen: 24
149.255.192.0/18 maxlen: 18
149.255.198.0/24 maxlen: 24
149.255.194.0/24 maxlen: 24
149.255.196.0/24 maxlen: 24
185.239.16.0/22 maxlen: 22
65.20.128.0/17 maxlen: 17
65.20.128.0/20 maxlen: 20
65.20.144.0/20 maxlen: 20
149.255.254.0/24 maxlen: 24
149.255.255.0/24 maxlen: 24
65.20.217.0/24 maxlen: 24
65.20.219.0/24 maxlen: 24
65.20.214.0/23 maxlen: 23
65.20.218.0/24 maxlen: 24
65.20.216.0/24 maxlen: 24
65.20.221.0/24 maxlen: 24
65.20.223.0/24 maxlen: 24
65.20.225.0/24 maxlen: 24
65.20.220.0/24 maxlen: 24
65.20.222.0/24 maxlen: 24
65.20.224.0/24 maxlen: 24
65.20.226.0/24 maxlen: 24
65.20.231.0/24 maxlen: 24
65.20.233.0/24 maxlen: 24
65.20.227.0/24 maxlen: 24
65.20.229.0/24 maxlen: 24
65.20.228.0/24 maxlen: 24
65.20.230.0/24 maxlen: 24
65.20.235.0/24 maxlen: 24
65.20.237.0/24 maxlen: 24
65.20.240.0/24 maxlen: 24
65.20.241.0/24 maxlen: 24
65.20.243.0/24 maxlen: 24
65.20.242.0/24 maxlen: 24
65.20.244.0/24 maxlen: 24
65.20.250.0/23 maxlen: 23
65.20.252.0/23 maxlen: 23
65.20.247.0/24 maxlen: 24
65.20.249.0/24 maxlen: 24
65.20.160.0/21 maxlen: 21
65.20.168.0/21 maxlen: 21
65.20.176.0/21 maxlen: 21
65.20.184.0/22 maxlen: 22
65.20.192.0/22 maxlen: 22
65.20.188.0/22 maxlen: 22
65.20.196.0/22 maxlen: 22
65.20.204.0/23 maxlen: 23
65.20.206.0/23 maxlen: 23
65.20.200.0/22 maxlen: 22
65.20.208.0/23 maxlen: 23
65.20.210.0/23 maxlen: 23
65.20.212.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 12 Jun 2023 08:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fa:71:5a:b0:97:ec:34:32:e6:1f:af:2b:09:aa:d4:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6c09cfd1578814a8cd1d81dc86c890fd5fa8661
Validity
Not Before: May 8 08:19:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=403240ef3877e9e8a129d1f5a4f32d9363720e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:45:a7:c5:61:c7:1b:7b:80:41:a1:c3:69:8f:
7c:84:cf:2e:f6:df:8f:63:93:ee:cf:2f:98:1c:76:
03:78:30:e0:f1:c6:fb:7d:26:bc:a1:65:d5:f9:49:
af:e2:cb:08:32:91:bf:96:1c:ab:f9:8c:93:8f:63:
a3:7f:a2:ae:2b:8b:7b:99:80:93:49:fd:1c:0e:d7:
db:84:29:eb:25:37:ed:36:e0:76:ad:79:da:aa:ae:
ff:c2:09:f5:ef:4d:2e:45:50:0d:c6:24:cf:57:a0:
e3:2d:d2:29:f4:93:26:7b:05:f4:f9:a9:b5:68:8c:
3e:02:cf:af:bc:7a:40:b2:75:3f:0f:d1:91:b1:d9:
d3:0f:8d:2c:23:58:0a:ee:ca:8c:b5:52:76:97:92:
d1:d7:ae:e8:89:c4:d5:52:ad:85:98:1f:3e:90:b6:
e2:5c:13:5b:e1:05:94:f1:cc:77:6b:4e:14:7e:40:
31:ec:f7:11:70:fb:67:4d:f9:ec:83:08:d9:6e:6a:
47:57:36:f0:72:0e:2a:58:47:81:84:1a:ae:0f:47:
8d:eb:e5:5e:9f:fe:26:5e:c1:cf:42:5d:c2:c3:cd:
2d:46:a8:c5:2c:24:be:f9:f9:e2:d8:b1:0d:e7:11:
b7:ba:7b:42:ba:4d:e8:7b:e9:02:6f:55:c4:23:0f:
d4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:32:40:EF:38:77:E9:E8:A1:29:D1:F5:A4:F3:2D:93:63:72:0E:1E
X509v3 Authority Key Identifier:
keyid:A6:C0:9C:FD:15:78:81:4A:8C:D1:D8:1D:C8:6C:89:0F:D5:FA:86:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/psCc_RV4gUqM0dgdyGyJD9X6hmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0762da-d66f-4dcb-9c7f-802bb51a1bed/1/QDJA7zh36eihKdH1pPMtk2NyDh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/0762da-d66f-4dcb-9c7f-802bb51a1bed/1/psCc_RV4gUqM0dgdyGyJD9X6hmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.20.128.0/17
149.255.192.0/18
185.239.16.0/22
Signature Algorithm: sha256WithRSAEncryption
33:50:9a:54:97:b5:dd:a3:c9:4d:64:d6:a4:79:7a:36:e0:bf:
12:23:6f:7d:54:92:69:70:40:d3:61:41:7c:ea:1c:a0:e7:10:
48:08:29:a1:8e:5b:bc:e0:12:13:c7:45:35:ee:93:20:8f:fa:
b6:06:e4:c2:7a:62:4e:54:83:a5:c3:99:81:f9:6d:c5:30:b7:
2b:ff:99:fc:b5:91:f9:d5:7c:21:98:89:7a:bf:ef:d3:39:d7:
57:46:fc:d2:98:84:cf:0e:19:21:52:33:b2:f4:a4:6f:69:83:
ac:bb:cc:e0:60:fa:20:57:83:02:53:61:9f:4b:27:5e:a4:50:
2b:11:fd:1e:a1:d4:75:51:00:c4:4a:1a:55:54:72:1f:97:fe:
0d:16:78:8c:d4:8e:e7:16:94:b1:22:a8:98:f8:96:f4:4d:7e:
42:79:e5:ca:6f:6b:27:87:ae:1e:6b:21:e8:7a:32:8b:dd:03:
10:b2:fb:b7:5d:aa:6e:2b:86:ed:c8:93:59:a6:e4:a9:13:d3:
7a:5e:f2:7e:c1:c1:19:74:5b:13:d7:36:7d:a3:72:29:ec:79:
82:f8:05:b2:8e:11:fd:63:7f:e7:c4:25:c0:10:35:1e:a2:78:
cc:99:18:9d:b2:99:46:07:e5:85:c3:ba:08:d5:9b:04:63:fb:
89:ce:73:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYf6cVqwl+w0MuYfrysJqtTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YzA5Y2ZkMTU3ODgxNGE4Y2QxZDgxZGM4NmM4OTBmZDVm
YTg2NjEwHhcNMjMwNTA4MDgxOTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDMyNDBlZjM4NzdlOWU4YTEyOWQxZjVhNGYzMmQ5MzYzNzIwZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0WnxWHHG3uAQaHDaY98hM8u9t+P
Y5Puzy+YHHYDeDDg8cb7fSa8oWXV+Umv4ssIMpG/lhyr+YyTj2Ojf6KuK4t7mYCT
Sf0cDtfbhCnrJTftNuB2rXnaqq7/wgn1700uRVANxiTPV6DjLdIp9JMmewX0+am1
aIw+As+vvHpAsnU/D9GRsdnTD40sI1gK7sqMtVJ2l5LR167oicTVUq2FmB8+kLbi
XBNb4QWU8cx3a04UfkAx7PcRcPtnTfnsgwjZbmpHVzbwcg4qWEeBhBquD0eN6+Ve
n/4mXsHPQl3Cw80tRqjFLCS++fni2LEN5xG3untCuk3oe+kCb1XEIw/UDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEAyQO84d+nooSnR9aTzLZNjcg4eMB8GA1UdIwQY
MBaAFKbAnP0VeIFKjNHYHchsiQ/V+oZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHNDY19SVjRnVXFNMGRnZHlHeUpEOVg2aG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8wNzYyZGEtZDY2Zi00ZGNiLTljN2Yt
ODAyYmI1MWExYmVkLzEvUURKQTd6aDM2ZWloS2RIMXBQTXRrMk55RGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8wNzYyZGEtZDY2Zi00ZGNiLTljN2YtODAyYmI1MWExYmVk
LzEvcHNDY19SVjRnVXFNMGRnZHlHeUpEOVg2aG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQHQRSAAwQG
lf/AAwQCue8QMA0GCSqGSIb3DQEBCwUAA4IBAQAzUJpUl7Xdo8lNZNakeXo24L8S
I299VJJpcEDTYUF86hyg5xBICCmhjlu84BITx0U17pMgj/q2BuTCemJOVIOlw5mB
+W3FMLcr/5n8tZH51XwhmIl6v+/TOddXRvzSmITPDhkhUjOy9KRvaYOsu8zgYPog
V4MCU2GfSydepFArEf0eodR1UQDEShpVVHIfl/4NFniM1I7nFpSxIqiY+Jb0TX5C
eeXKb2snh64eayHoejKL3QMQsvu3XapuK4btyJNZpuSpE9N6XvJ+wcEZdFsT1zZ9
o3Ip7HmC+AWyjhH9Y3/nxCXAEDUeonjMmRidsplGB+WFw7oI1ZsEY/uJznN0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:42 2024 by rpki-client on console-ams.rpki-client.org