Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/QA7GuwdWk8YBlAnYuVLA6mE02Ns.roa
File: QA7GuwdWk8YBlAnYuVLA6mE02Ns.roa (raw, json)
Hash identifier: Hy5+wKnKSFyR2KvctNwP+BQQSi6xMuvrIgKkODG1Xa8=
Subject key identifier: 40:0E:C6:BB:07:56:93:C6:01:94:09:D8:B9:52:C0:EA:61:34:D8:DB
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0185700273F823370234C984442C46CDDBDF
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/QA7GuwdWk8YBlAnYuVLA6mE02Ns.roa
Signing time: Mon 02 Jan 2023 01:04:47 +0000
ROA not before: Mon 02 Jan 2023 01:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8359
IP address blocks: 212.188.0.0/17 maxlen: 17
213.87.0.0/16 maxlen: 16
178.141.0.0/16 maxlen: 16
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
213.87.128.0/19 maxlen: 19
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
195.34.0.0/19 maxlen: 19
213.87.240.0/22 maxlen: 22
195.34.15.0/24 maxlen: 24
213.87.244.0/23 maxlen: 23
213.87.248.0/22 maxlen: 22
213.87.160.0/22 maxlen: 22
82.96.192.0/18 maxlen: 18
195.34.38.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a02:28:1::/48 maxlen: 48
2a00:1fa2::/33 maxlen: 33
2a02:28::/29 maxlen: 29
2a00:1fa3::/33 maxlen: 33
2a00:1fa0::/29 maxlen: 29
2a02:28::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:73:f8:23:37:02:34:c9:84:44:2c:46:cd:db:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 01:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=400ec6bb075693c6019409d8b952c0ea6134d8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:55:ab:95:81:03:51:06:a9:7a:6b:a0:aa:cd:
44:1b:3b:c3:67:a9:4a:82:4e:c4:59:23:02:15:bf:
23:66:1a:90:a2:11:91:53:04:d4:e8:0f:9a:02:5f:
c6:94:08:64:6f:96:8a:52:b3:17:cc:89:aa:45:77:
fa:92:00:a4:59:6a:8b:fe:1f:79:c4:bd:c4:3f:6c:
10:bc:e7:88:c7:09:c2:84:d6:ca:7f:2e:67:bd:5e:
51:20:57:e6:96:28:21:2e:82:98:f3:8d:32:ad:ca:
7b:26:3f:29:9a:78:93:0c:47:44:cb:18:8a:2d:1e:
eb:fb:18:39:26:56:32:d4:59:6e:e1:48:90:4f:9d:
e2:fd:9c:8f:96:4f:82:de:96:b0:d9:fa:ab:c7:f0:
0e:20:00:73:ba:c4:5a:23:7e:91:b8:77:8f:cb:d9:
d3:61:b4:f4:78:4a:84:87:94:87:0d:ff:61:b5:35:
33:14:bc:9b:1a:b9:43:44:78:e9:5f:dc:4f:bf:01:
60:1a:13:89:0a:d9:cb:ac:e8:ed:9a:56:a9:5d:89:
37:05:db:36:6e:37:d6:36:1d:00:a0:c3:19:63:90:
f2:3a:9a:9b:bd:3a:c9:18:04:4c:bd:cd:9f:1c:00:
95:e4:87:82:ea:5a:4d:2a:3c:0b:b3:8d:dd:d0:03:
22:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:0E:C6:BB:07:56:93:C6:01:94:09:D8:B9:52:C0:EA:61:34:D8:DB
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/QA7GuwdWk8YBlAnYuVLA6mE02Ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.96.192.0/18
178.141.0.0/16
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
35:a3:9b:cb:78:4a:38:77:09:36:e5:1d:23:0c:78:6c:9c:28:
07:92:46:f3:40:5c:e3:41:4c:31:5e:72:41:48:95:71:43:6f:
78:bf:83:ee:b9:f2:92:96:f0:49:b5:03:a1:5d:5b:be:33:82:
a0:ad:74:8e:66:2f:e0:6f:d8:8c:e7:ae:52:1f:21:fc:71:cc:
2d:22:0f:6e:07:5a:51:b0:15:95:05:44:84:a5:76:93:ca:10:
fb:5b:0a:2f:6b:19:f2:cd:84:fc:16:f4:76:a9:46:da:52:8a:
fc:b2:e0:bb:98:c8:67:0d:06:76:64:8f:df:7d:f3:5d:05:30:
31:65:f7:e3:38:c2:7b:95:a8:17:b9:3e:fd:b7:44:4c:1b:c2:
90:ea:92:b5:24:3b:c1:7d:4f:94:a5:ec:f5:02:cf:e4:ff:b5:
32:53:43:93:1d:1e:e9:0d:ca:14:88:c5:54:9a:10:60:e3:29:
f6:12:d5:42:d7:f0:1e:38:20:3c:3d:80:c0:77:e3:a3:d0:7f:
05:cd:06:47:b6:e6:29:58:b4:8a:5b:28:99:fb:3e:85:84:d3:
75:4d:b8:04:91:bd:cb:31:48:a7:f9:37:74:a3:16:3d:d3:f1:
53:2f:28:09:db:db:e2:65:0d:3d:f6:8f:54:7b:55:ee:ae:23:
92:7d:21:38
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVwAnP4IzcCNMmERCxGzdvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMwMTAyMDEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDBlYzZiYjA3NTY5M2M2MDE5NDA5ZDhiOTUyYzBlYTYxMzRkOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1WrlYEDUQapemugqs1EGzvDZ6lK
gk7EWSMCFb8jZhqQohGRUwTU6A+aAl/GlAhkb5aKUrMXzImqRXf6kgCkWWqL/h95
xL3EP2wQvOeIxwnChNbKfy5nvV5RIFfmlighLoKY840yrcp7Jj8pmniTDEdEyxiK
LR7r+xg5JlYy1Flu4UiQT53i/ZyPlk+C3paw2fqrx/AOIABzusRaI36RuHePy9nT
YbT0eEqEh5SHDf9htTUzFLybGrlDRHjpX9xPvwFgGhOJCtnLrOjtmlapXYk3Bds2
bjfWNh0AoMMZY5DyOpqbvTrJGARMvc2fHACV5IeC6lpNKjwLs43d0AMioQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEAOxrsHVpPGAZQJ2LlSwOphNNjbMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvUUE3R3V3ZFdrOFlCbEFuWXVWTEE2bUUwMk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAvBAIAATApAwQGUmDAAwMA
so0DBAbDIgADBAfUvAADAwDVVzALAwQC2Ur0AwMA2UowFAQCAAIwDgMFAyoAH6AD
BQMqAgAoMA0GCSqGSIb3DQEBCwUAA4IBAQA1o5vLeEo4dwk25R0jDHhsnCgHkkbz
QFzjQUwxXnJBSJVxQ294v4PuufKSlvBJtQOhXVu+M4KgrXSOZi/gb9iM565SHyH8
ccwtIg9uB1pRsBWVBUSEpXaTyhD7WwovaxnyzYT8FvR2qUbaUor8suC7mMhnDQZ2
ZI/fffNdBTAxZffjOMJ7lagXuT79t0RMG8KQ6pK1JDvBfU+Upez1As/k/7UyU0OT
HR7pDcoUiMVUmhBg4yn2EtVC1/AeOCA8PYDAd+Oj0H8FzQZHtuYpWLSKWyiZ+z6F
hNN1TbgEkb3LMUin+Td0oxY90/FTLygJ29viZQ099o9Ue1XuriOSfSE4
Generated at Thu Oct 12 15:22:02 2023 by rpki-client on console-fra.rpki-client.org