Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/cQ-DKDDACM33YEc5wxvXwHLCJuk.roa
File: cQ-DKDDACM33YEc5wxvXwHLCJuk.roa (raw, json)
Hash identifier: qfMHf0FhB6KYmcmqsQRsoL3h5u/DorYzT1jnM6CZ5cA=
Subject key identifier: 71:0F:83:28:30:C0:08:CD:F7:60:47:39:C3:1B:D7:C0:72:C2:26:E9
Certificate issuer: /CN=d130117ae1cdc2df1c58816e00e5451f87efb370
Certificate serial: 018F0C6889794C60A4D0D1683CF064CBFF91
Authority key identifier: D1:30:11:7A:E1:CD:C2:DF:1C:58:81:6E:00:E5:45:1F:87:EF:B3:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0TAReuHNwt8cWIFuAOVFH4fvs3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/cQ-DKDDACM33YEc5wxvXwHLCJuk.roa
Signing time: Tue 23 Apr 2024 19:22:08 +0000
ROA not before: Tue 23 Apr 2024 19:22:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8351
IP address blocks: 194.59.16.0/23 maxlen: 23
195.98.192.0/19 maxlen: 19
195.98.196.0/24 maxlen: 24
195.98.205.0/24 maxlen: 24
195.98.206.0/24 maxlen: 24
195.98.213.0/24 maxlen: 24
195.98.217.0/24 maxlen: 24
213.254.32.0/19 maxlen: 19
213.254.33.0/24 maxlen: 24
213.254.56.0/23 maxlen: 24
213.254.57.0/24 maxlen: 24
213.254.58.0/24 maxlen: 24
213.254.63.0/24 maxlen: 24
2a02:320::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 Apr 2024 20:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:68:89:79:4c:60:a4:d0:d1:68:3c:f0:64:cb:ff:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d130117ae1cdc2df1c58816e00e5451f87efb370
Validity
Not Before: Apr 23 19:22:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=710f832830c008cdf7604739c31bd7c072c226e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:11:7a:4d:2d:12:7d:cd:f6:bf:66:b0:dc:21:
77:ae:78:77:db:47:13:e2:28:ae:67:8f:b8:0d:87:
be:39:05:88:4f:f0:0c:70:65:95:08:b1:06:4f:1e:
e4:7d:3f:7f:dd:da:b4:66:1a:5d:c9:98:1f:fd:d9:
10:1a:eb:fd:76:00:cc:c0:53:07:ba:4e:8c:bc:a6:
d5:53:17:b0:04:41:11:a8:d0:d9:0f:12:89:d8:5d:
5b:02:59:c7:03:bc:d4:8a:cc:10:16:72:e5:5f:9d:
73:d1:93:39:ce:fd:76:44:bd:c5:6d:28:e0:7d:2f:
e0:e9:c6:3a:7b:fc:7a:ba:e9:5f:29:29:1b:40:d0:
17:67:47:0e:4a:a6:aa:6d:d8:56:39:e5:d6:24:56:
ea:8f:2e:30:39:ee:1b:4e:1c:31:ad:25:28:f8:cf:
9d:21:83:24:68:a9:e4:2d:37:a6:3f:6a:13:af:dc:
69:26:b4:d5:13:3d:ae:46:f2:f9:13:55:1e:c6:76:
cf:01:17:a5:89:82:29:c5:82:4b:2b:bc:ab:cb:e1:
6c:69:06:f4:0c:93:b3:66:ad:85:36:b1:a9:5b:5a:
d3:fb:33:cb:79:db:f4:0e:a7:8a:31:c1:8b:ae:3e:
52:e9:d2:94:c7:4e:c6:c1:d2:2a:e7:1a:66:d7:48:
35:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0F:83:28:30:C0:08:CD:F7:60:47:39:C3:1B:D7:C0:72:C2:26:E9
X509v3 Authority Key Identifier:
keyid:D1:30:11:7A:E1:CD:C2:DF:1C:58:81:6E:00:E5:45:1F:87:EF:B3:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0TAReuHNwt8cWIFuAOVFH4fvs3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/cQ-DKDDACM33YEc5wxvXwHLCJuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/0TAReuHNwt8cWIFuAOVFH4fvs3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.16.0/23
195.98.192.0/19
213.254.32.0/19
IPv6:
2a02:320::/29
Signature Algorithm: sha256WithRSAEncryption
71:48:b8:1b:19:71:e8:20:47:eb:9b:c2:9b:b0:38:0e:7f:bd:
d0:09:ce:fe:5f:22:8e:4c:8e:68:b3:ba:67:7d:a7:ab:6c:b1:
fd:4e:0f:13:48:65:0d:50:bd:d9:cd:f9:3a:53:c5:de:85:ce:
9d:96:a6:24:72:6c:1d:17:64:3f:7e:0d:9a:9a:a1:3d:a2:2d:
1a:87:b4:de:e4:2f:1a:02:df:7e:38:5d:a0:55:de:5c:b6:52:
70:21:12:25:32:08:e0:74:c9:b4:bd:22:be:3d:61:92:b1:1d:
11:7a:b2:97:71:79:95:7d:31:11:a7:74:7c:be:d4:48:50:3e:
83:bb:09:64:59:5f:96:78:e8:67:97:a3:a5:b0:0e:e8:e6:55:
bc:4a:7c:14:7f:a4:ad:51:21:3f:a0:bd:72:6a:56:b8:16:75:
44:bd:ff:e8:a3:d2:4b:14:8e:7b:0b:0e:d3:93:91:87:4f:82:
c4:c1:81:89:68:e0:08:a0:16:18:06:02:af:9d:2a:df:e6:c2:
9f:07:ee:ca:b9:7b:6b:18:22:86:a1:34:2b:66:f1:97:ae:14:
0f:7d:1d:71:7e:0a:26:14:ac:d5:6d:58:35:9f:14:b2:fc:c2:
af:b3:aa:67:82:00:34:2e:2f:1f:d1:44:7d:42:13:69:eb:8c:
61:dc:0a:19
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8MaIl5TGCk0NFoPPBky/+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMzAxMTdhZTFjZGMyZGYxYzU4ODE2ZTAwZTU0NTFmODdl
ZmIzNzAwHhcNMjQwNDIzMTkyMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTBmODMyODMwYzAwOGNkZjc2MDQ3MzljMzFiZDdjMDcyYzIyNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRF6TS0Sfc32v2aw3CF3rnh320cT
4iiuZ4+4DYe+OQWIT/AMcGWVCLEGTx7kfT9/3dq0ZhpdyZgf/dkQGuv9dgDMwFMH
uk6MvKbVUxewBEERqNDZDxKJ2F1bAlnHA7zUiswQFnLlX51z0ZM5zv12RL3FbSjg
fS/g6cY6e/x6uulfKSkbQNAXZ0cOSqaqbdhWOeXWJFbqjy4wOe4bThwxrSUo+M+d
IYMkaKnkLTemP2oTr9xpJrTVEz2uRvL5E1UexnbPAReliYIpxYJLK7yry+FsaQb0
DJOzZq2FNrGpW1rT+zPLedv0DqeKMcGLrj5S6dKUx07GwdIq5xpm10g1LQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHEPgygwwAjN92BHOcMb18BywibpMB8GA1UdIwQY
MBaAFNEwEXrhzcLfHFiBbgDlRR+H77NwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFRBUmV1SE53dDhjV0lGdUFPVkZINGZ2czNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xMGNlNzMtM2Q0Zi00M2VmLWI2ODUt
MjUwYTRkNzc3YmE2LzEvY1EtREtEREFDTTMzWUVjNXd4dlh3SExDSnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xMGNlNzMtM2Q0Zi00M2VmLWI2ODUtMjUwYTRkNzc3YmE2
LzEvMFRBUmV1SE53dDhjV0lGdUFPVkZINGZ2czNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwjsQAwQF
w2LAAwQF1f4gMA0EAgACMAcDBQMqAgMgMA0GCSqGSIb3DQEBCwUAA4IBAQBxSLgb
GXHoIEfrm8KbsDgOf73QCc7+XyKOTI5os7pnfaerbLH9Tg8TSGUNUL3Zzfk6U8Xe
hc6dlqYkcmwdF2Q/fg2amqE9oi0ah7Te5C8aAt9+OF2gVd5ctlJwIRIlMgjgdMm0
vSK+PWGSsR0RerKXcXmVfTERp3R8vtRIUD6DuwlkWV+WeOhnl6OlsA7o5lW8SnwU
f6StUSE/oL1yala4FnVEvf/oo9JLFI57Cw7Tk5GHT4LEwYGJaOAIoBYYBgKvnSrf
5sKfB+7KuXtrGCKGoTQrZvGXrhQPfR1xfgomFKzVbVg1nxSy/MKvs6pnggA0Li8f
0UR9QhNp64xh3AoZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:28 2024 by rpki-client on console-fra.rpki-client.org