Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/QZVP8rnhFPrXlOX0uUEkSvSng_k.roa
File: QZVP8rnhFPrXlOX0uUEkSvSng_k.roa (raw, json)
Hash identifier: VaCr6IcGtqyIAWz7e/jZYK6l95e0MJ9J73sEzAX/DyQ=
Subject key identifier: 41:95:4F:F2:B9:E1:14:FA:D7:94:E5:F4:B9:41:24:4A:F4:A7:83:F9
Certificate issuer: /CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Certificate serial: 01856C4A40B5BF072C364DA46A2CE06D69D8
Authority key identifier: AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/QZVP8rnhFPrXlOX0uUEkSvSng_k.roa
Signing time: Sun 01 Jan 2023 07:44:43 +0000
ROA not before: Sun 01 Jan 2023 07:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34960
IP address blocks: 194.126.145.0/24 maxlen: 24
194.126.144.0/23 maxlen: 23
194.126.144.0/24 maxlen: 24
185.122.48.0/22 maxlen: 22
185.122.48.0/24 maxlen: 24
5.149.3.0/24 maxlen: 24
5.149.2.0/24 maxlen: 24
5.149.1.0/24 maxlen: 24
5.149.0.0/24 maxlen: 24
5.149.0.0/21 maxlen: 21
5.149.4.0/24 maxlen: 24
5.149.7.0/24 maxlen: 24
5.149.6.0/24 maxlen: 24
5.149.5.0/24 maxlen: 24
2a01:48c0::/32 maxlen: 32
2a01:48c0:200::/40 maxlen: 40
2a01:48c0:100::/40 maxlen: 40
2a01:48c0::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 15 Mar 2023 10:37:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:40:b5:bf:07:2c:36:4d:a4:6a:2c:e0:6d:69:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Validity
Not Before: Jan 1 07:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41954ff2b9e114fad794e5f4b941244af4a783f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:45:09:4a:82:c3:63:f2:76:c3:e2:fb:dd:e6:
8c:f1:a4:56:fb:cd:1d:fb:1c:21:db:3d:e1:dc:d7:
ce:15:06:ba:ac:bc:22:da:4e:47:de:61:a9:de:68:
6d:77:e6:bc:e3:95:e4:46:89:62:00:d5:b9:e0:87:
49:65:5b:b6:3c:b2:c5:65:f9:ab:61:7e:3a:e2:87:
ec:de:8d:ce:c3:51:97:ac:ae:81:61:15:78:14:34:
a3:43:e2:3c:8c:f2:f5:9c:b0:45:fd:39:6a:b3:75:
c9:cd:95:5c:eb:44:3c:6b:58:af:37:fe:ab:7c:07:
b3:a6:fb:6a:f2:8f:23:bd:15:ea:19:8b:d2:0a:f3:
33:e0:07:a9:1b:05:86:eb:84:db:ac:c8:b8:19:60:
e6:75:47:1b:70:95:92:93:83:f8:5d:40:e0:fd:25:
c5:89:8a:01:61:f7:dc:6e:5f:16:48:03:8e:23:7f:
f3:55:58:b4:25:cf:8e:b1:f9:0d:74:e3:b3:c7:84:
13:5c:86:b5:d4:fa:19:03:0f:48:1d:af:c3:1d:07:
26:26:fa:71:c1:37:6b:d5:0d:76:27:51:d2:4c:41:
8d:4d:3f:ea:57:ee:bd:93:89:11:49:bb:9b:80:c8:
fc:fd:b0:e5:8f:65:71:b2:d6:a3:ab:15:26:24:4e:
6b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:95:4F:F2:B9:E1:14:FA:D7:94:E5:F4:B9:41:24:4A:F4:A7:83:F9
X509v3 Authority Key Identifier:
keyid:AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/QZVP8rnhFPrXlOX0uUEkSvSng_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.0.0/21
185.122.48.0/22
194.126.144.0/23
IPv6:
2a01:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
40:b5:2b:b5:20:63:4f:e4:9c:ba:49:3a:d1:6e:27:a1:9b:a5:
7e:44:73:60:64:17:57:1f:cf:51:00:5b:f4:5f:c9:d3:9f:c5:
dd:0e:cc:cd:5d:70:66:ae:74:eb:81:79:3e:d8:d4:21:e6:d3:
89:fd:df:20:a8:0b:60:69:70:45:5e:2f:6d:91:f1:ac:34:c1:
6f:26:a9:47:bd:47:e6:82:e0:0e:ad:f6:59:90:e0:ee:0b:94:
b3:f6:3e:6a:6e:1f:e7:64:0d:1f:0d:9e:66:94:76:e2:01:59:
82:6a:6f:21:5d:61:de:5d:fa:94:33:ff:45:e2:e9:7a:cd:8f:
2f:9a:d8:5d:de:e0:f0:04:3c:f6:0d:3a:4c:e4:b0:98:ee:0a:
6a:1f:aa:fd:a0:ed:6d:7d:3f:50:82:b2:45:db:1a:69:34:a6:
a1:56:e3:24:bc:aa:dc:30:c2:eb:f9:32:e1:5e:fc:4a:24:f2:
e6:b5:4a:db:e1:9f:ed:1d:dd:e8:6d:2c:f4:b8:d6:7e:90:2c:
0b:dd:62:d3:b3:2a:7c:e8:1b:38:38:1f:27:f5:ad:59:4c:e2:
ce:03:45:22:02:4f:bc:ee:65:04:28:c5:1d:a9:5b:66:a7:7c:
e8:9c:95:fe:39:e4:72:cf:67:16:41:af:2d:20:ef:85:d6:6d:
6c:56:98:94
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsSkC1vwcsNk2kaizgbWnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMzA5MjFkMjhjNzhlZGU4MTg0MmY3MTJlNmNmNzJiZGU1
YTYwODAwHhcNMjMwMTAxMDc0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTk1NGZmMmI5ZTExNGZhZDc5NGU1ZjRiOTQxMjQ0YWY0YTc4M2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEUJSoLDY/J2w+L73eaM8aRW+80d
+xwh2z3h3NfOFQa6rLwi2k5H3mGp3mhtd+a845XkRoliANW54IdJZVu2PLLFZfmr
YX464ofs3o3Ow1GXrK6BYRV4FDSjQ+I8jPL1nLBF/Tlqs3XJzZVc60Q8a1ivN/6r
fAezpvtq8o8jvRXqGYvSCvMz4AepGwWG64TbrMi4GWDmdUcbcJWSk4P4XUDg/SXF
iYoBYffcbl8WSAOOI3/zVVi0Jc+OsfkNdOOzx4QTXIa11PoZAw9IHa/DHQcmJvpx
wTdr1Q12J1HSTEGNTT/qV+69k4kRSbubgMj8/bDlj2VxstajqxUmJE5rTQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEGVT/K54RT615Tl9LlBJEr0p4P5MB8GA1UdIwQY
MBaAFKswkh0ox47egYQvcS5s9yveWmCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2Et
MzU0Mzk5NzI0YjFlLzEvUVpWUDhybmhGUHJYbE9YMHVVRWtTdlNuZ19rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2EtMzU0Mzk5NzI0YjFl
LzEvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBZUAAwQC
uXowAwQBwn6QMA0EAgACMAcDBQAqAUjAMA0GCSqGSIb3DQEBCwUAA4IBAQBAtSu1
IGNP5Jy6STrRbiehm6V+RHNgZBdXH89RAFv0X8nTn8XdDszNXXBmrnTrgXk+2NQh
5tOJ/d8gqAtgaXBFXi9tkfGsNMFvJqlHvUfmguAOrfZZkODuC5Sz9j5qbh/nZA0f
DZ5mlHbiAVmCam8hXWHeXfqUM/9F4ul6zY8vmthd3uDwBDz2DTpM5LCY7gpqH6r9
oO1tfT9QgrJF2xppNKahVuMkvKrcMMLr+TLhXvxKJPLmtUrb4Z/tHd3obSz0uNZ+
kCwL3WLTsyp86Bs4OB8n9a1ZTOLOA0UiAk+87mUEKMUdqVtmp3zonJX+OeRyz2cW
Qa8tIO+F1m1sVpiU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:10 2024 by rpki-client on console-fra.rpki-client.org