Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/bQasQhHJUWvlSSKvd6sDfbL-F80.roa
File: bQasQhHJUWvlSSKvd6sDfbL-F80.roa (raw, json)
Hash identifier: +xUliKW74VxhV96vhNnM28ZsX8/SfoziJ/l+Z0cV1vk=
Subject key identifier: 6D:06:AC:42:11:C9:51:6B:E5:49:22:AF:77:AB:03:7D:B2:FE:17:CD
Certificate issuer: /CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Certificate serial: 018BF29CC31EF14244E53F8A3980ED81B258
Authority key identifier: A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/bQasQhHJUWvlSSKvd6sDfbL-F80.roa
Signing time: Tue 21 Nov 2023 16:00:41 +0000
ROA not before: Tue 21 Nov 2023 16:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6461
IP address blocks: 185.83.150.0/23 maxlen: 24
185.83.148.0/23 maxlen: 24
94.26.93.0/24 maxlen: 24
94.26.97.0/24 maxlen: 24
94.26.95.0/24 maxlen: 24
94.26.98.0/23 maxlen: 24
94.26.101.0/24 maxlen: 24
94.26.103.0/24 maxlen: 24
94.26.109.0/24 maxlen: 24
104.255.128.0/21 maxlen: 24
185.75.80.0/22 maxlen: 24
185.49.216.0/22 maxlen: 24
153.94.56.0/21 maxlen: 24
185.94.78.0/23 maxlen: 24
185.94.76.0/23 maxlen: 24
94.190.196.0/24 maxlen: 24
94.190.196.0/22 maxlen: 24
94.190.199.0/24 maxlen: 24
94.190.198.0/24 maxlen: 24
94.190.197.0/24 maxlen: 24
45.94.8.0/22 maxlen: 24
185.9.212.0/22 maxlen: 24
45.94.10.0/24 maxlen: 24
45.89.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 16:10:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:9c:c3:1e:f1:42:44:e5:3f:8a:39:80:ed:81:b2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd
Validity
Not Before: Nov 21 16:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d06ac4211c9516be54922af77ab037db2fe17cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c5:fd:3b:7f:94:19:44:4e:6b:ef:32:18:31:
21:28:b9:2a:e9:fa:ac:9b:75:d6:9b:53:37:0f:41:
0d:21:07:7a:51:59:d8:47:e0:61:b6:a4:c1:f6:b4:
6b:03:ff:81:53:e0:e1:d9:bd:d1:be:f4:ae:47:dc:
bf:76:e7:db:db:d7:62:7b:c4:65:14:c4:1f:8a:02:
4d:03:e9:1a:7b:18:3d:15:af:40:1d:c8:06:07:d4:
f8:94:01:94:d8:7c:3b:89:93:e1:2e:0f:ba:18:c1:
57:9e:95:5e:16:da:73:07:b0:65:69:1c:bb:fc:4b:
de:32:2b:a8:b6:13:3f:d5:ca:02:ef:c5:56:24:e6:
9a:21:2c:45:2f:9b:c3:06:ee:b8:78:aa:0f:a3:0b:
bd:29:75:ce:67:7b:50:34:51:ad:b4:ef:d2:42:c1:
0e:37:43:ff:69:dc:da:2d:ae:83:8b:fc:2a:5e:8e:
d6:82:7c:bf:a0:fa:fb:7f:f4:aa:a1:5d:b8:81:2e:
63:87:07:0d:b8:0d:c9:4e:91:36:b7:60:6e:8b:c2:
20:69:ba:5d:7d:53:73:fa:3a:e0:bb:fc:22:4d:8c:
77:1e:49:32:55:a7:f0:20:97:f5:9d:99:b0:ea:a8:
86:a5:a4:9c:e1:29:d9:2e:eb:d2:74:10:6f:97:58:
6a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:06:AC:42:11:C9:51:6B:E5:49:22:AF:77:AB:03:7D:B2:FE:17:CD
X509v3 Authority Key Identifier:
keyid:A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/bQasQhHJUWvlSSKvd6sDfbL-F80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.212.0/22
45.94.8.0/22
94.26.93.0/24
94.26.95.0/24
94.26.97.0-94.26.99.255
94.26.101.0/24
94.26.103.0/24
94.26.109.0/24
94.190.196.0/22
104.255.128.0/21
153.94.56.0/21
185.9.212.0/22
185.49.216.0/22
185.75.80.0/22
185.83.148.0/22
185.94.76.0/22
Signature Algorithm: sha256WithRSAEncryption
12:5e:01:50:61:30:34:01:48:ad:f5:89:78:1a:de:ff:25:3c:
8c:2c:74:6a:82:27:4d:64:ed:b8:8d:6f:40:9b:dd:0f:10:db:
8c:d6:f3:f2:3f:75:6a:b2:cb:79:dc:4b:cc:4d:31:f3:82:ea:
a9:0c:7a:7e:ee:ed:53:2f:2c:c9:63:99:12:d9:db:44:a3:13:
c7:23:39:9a:9e:b1:73:77:dd:9c:c5:d3:f3:20:c8:53:36:b5:
01:cf:4c:8a:b0:85:52:06:f5:fe:28:64:36:87:8e:4c:db:52:
b6:43:83:49:ae:ba:27:4a:f5:c7:4a:85:0c:63:00:5e:80:e1:
1f:91:ac:0b:d6:45:13:fc:17:c8:0a:43:2f:8b:22:89:d3:f7:
40:a0:87:e0:69:bb:e1:69:53:47:56:67:2b:cf:8f:60:9a:fd:
c3:ca:28:59:6c:a8:74:fb:6d:8c:92:f1:63:0b:f5:e4:ed:cd:
c9:b0:3b:7f:b9:66:b1:0f:88:bc:0f:fb:1d:1d:c1:8a:50:f4:
a8:cc:7b:f7:51:0f:d2:19:fe:53:d6:1e:a4:8f:d2:94:bd:b5:
93:f5:65:fe:2b:ed:81:44:47:ce:4d:72:0b:48:c3:aa:8d:e7:
21:21:e8:a3:b7:da:de:14:65:e2:15:31:d1:7c:21:15:f7:19:
0f:54:38:9a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYvynMMe8UJE5T+KOYDtgbJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OWM0ZTBjZjVjOGRiYmI2YTY3Y2YxZGEyZjMxZjQxNjI3
NDlmZGQwHhcNMjMxMTIxMTYwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA2YWM0MjExYzk1MTZiZTU0OTIyYWY3N2FiMDM3ZGIyZmUxN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8X9O3+UGUROa+8yGDEhKLkq6fqs
m3XWm1M3D0ENIQd6UVnYR+BhtqTB9rRrA/+BU+Dh2b3RvvSuR9y/dufb29die8Rl
FMQfigJNA+kaexg9Fa9AHcgGB9T4lAGU2Hw7iZPhLg+6GMFXnpVeFtpzB7BlaRy7
/EveMiuothM/1coC78VWJOaaISxFL5vDBu64eKoPowu9KXXOZ3tQNFGttO/SQsEO
N0P/adzaLa6Di/wqXo7Wgny/oPr7f/SqoV24gS5jhwcNuA3JTpE2t2Bui8Igabpd
fVNz+jrgu/wiTYx3HkkyVafwIJf1nZmw6qiGpaSc4SnZLuvSdBBvl1hq2QIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFG0GrEIRyVFr5Ukir3erA32y/hfNMB8GA1UdIwQY
MBaAFKScTgz1yNu7amfPHaLzH0FidJ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMt
ODhlZDhkNzcxN2E0LzEvYlFhc1FoSEpVV3ZsU1NLdmQ2c0RmYkwtRjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMtODhlZDhkNzcxN2E0
LzEvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAi1Z1AME
Ai1eCAMEAF4aXQMEAF4aXzAMAwQAXhphAwQCXhpgAwQAXhplAwQAXhpnAwQAXhpt
AwQCXr7EAwQDaP+AAwQDmV44AwQCuQnUAwQCuTHYAwQCuUtQAwQCuVOUAwQCuV5M
MA0GCSqGSIb3DQEBCwUAA4IBAQASXgFQYTA0AUit9Yl4Gt7/JTyMLHRqgidNZO24
jW9Am90PENuM1vPyP3Vqsst53EvMTTHzguqpDHp+7u1TLyzJY5kS2dtEoxPHIzma
nrFzd92cxdPzIMhTNrUBz0yKsIVSBvX+KGQ2h45M21K2Q4NJrronSvXHSoUMYwBe
gOEfkawL1kUT/BfICkMviyKJ0/dAoIfgabvhaVNHVmcrz49gmv3DyihZbKh0+22M
kvFjC/Xk7c3JsDt/uWaxD4i8D/sdHcGKUPSozHv3UQ/SGf5T1h6kj9KUvbWT9WX+
K+2BREfOTXILSMOqjechIeijt9reFGXiFTHRfCEV9xkPVDia
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:00 2024 by rpki-client on console-fra.rpki-client.org