Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/QJwca6TKzvBfHMeEQpCyPsiLCV0.roa
File: QJwca6TKzvBfHMeEQpCyPsiLCV0.roa (raw, json)
Hash identifier: TGfNmqJIJ/8NHVl7Qn3USh0SN7TkYoTd3WuNLAO/cj0=
Subject key identifier: 40:9C:1C:6B:A4:CA:CE:F0:5F:1C:C7:84:42:90:B2:3E:C8:8B:09:5D
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0185EDD79791804698E0060C8411489CC6BE
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/QJwca6TKzvBfHMeEQpCyPsiLCV0.roa
Signing time: Thu 26 Jan 2023 11:30:07 +0000
ROA not before: Thu 26 Jan 2023 11:30:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204384
IP address blocks: 193.46.210.0/24 maxlen: 24
5.180.176.0/24 maxlen: 24
5.105.125.0/24 maxlen: 24
5.105.123.0/24 maxlen: 24
5.105.122.0/24 maxlen: 24
5.105.131.0/24 maxlen: 24
5.105.127.0/24 maxlen: 24
5.105.139.0/24 maxlen: 24
5.105.138.0/24 maxlen: 24
5.105.134.0/24 maxlen: 24
5.105.143.0/24 maxlen: 24
5.105.142.0/24 maxlen: 24
5.105.156.0/24 maxlen: 24
5.105.166.0/24 maxlen: 24
5.105.165.0/24 maxlen: 24
5.105.162.0/24 maxlen: 24
5.105.168.0/24 maxlen: 24
5.105.172.0/24 maxlen: 24
5.105.69.0/24 maxlen: 24
5.105.68.0/24 maxlen: 24
5.105.65.0/24 maxlen: 24
5.105.74.0/24 maxlen: 24
5.105.82.0/24 maxlen: 24
5.105.81.0/24 maxlen: 24
5.105.80.0/24 maxlen: 24
5.105.79.0/24 maxlen: 24
5.105.95.0/24 maxlen: 24
5.105.103.0/24 maxlen: 24
5.105.112.0/24 maxlen: 24
5.105.108.0/24 maxlen: 24
5.105.115.0/24 maxlen: 24
5.105.114.0/24 maxlen: 24
5.105.113.0/24 maxlen: 24
5.105.229.0/24 maxlen: 24
5.105.240.0/24 maxlen: 24
5.105.239.0/24 maxlen: 24
5.105.244.0/24 maxlen: 24
5.105.245.0/24 maxlen: 24
5.105.249.0/24 maxlen: 24
5.105.248.0/24 maxlen: 24
5.105.247.0/24 maxlen: 24
5.105.186.0/24 maxlen: 24
5.105.187.0/24 maxlen: 24
5.105.195.0/24 maxlen: 24
5.105.199.0/24 maxlen: 24
5.105.198.0/24 maxlen: 24
5.105.197.0/24 maxlen: 24
5.105.202.0/24 maxlen: 24
5.105.206.0/24 maxlen: 24
5.105.204.0/24 maxlen: 24
5.105.203.0/24 maxlen: 24
5.105.207.0/24 maxlen: 24
5.105.216.0/24 maxlen: 24
5.105.214.0/24 maxlen: 24
5.105.12.0/24 maxlen: 24
5.105.40.0/24 maxlen: 24
5.105.43.0/24 maxlen: 24
5.105.10.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:d7:97:91:80:46:98:e0:06:0c:84:11:48:9c:c6:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 26 11:30:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=409c1c6ba4cacef05f1cc7844290b23ec88b095d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b0:a8:43:53:db:3b:9d:ac:7c:18:c4:50:c1:
79:10:41:9f:a6:3f:d5:90:b5:4e:9b:f0:ea:5e:ee:
2e:a8:f5:f4:1a:02:0b:59:42:ce:42:4d:17:25:10:
ff:70:e6:41:02:c3:ee:9e:7c:9c:3b:78:15:84:3d:
23:29:cf:23:ea:74:a9:68:8d:ac:55:52:75:24:44:
30:c3:e6:72:42:03:47:f9:79:09:e7:46:45:5e:97:
50:f3:0f:f2:c2:77:17:c8:59:03:a0:f6:75:d3:24:
45:98:d6:d2:a9:2e:ce:d6:fc:74:9c:39:b4:dd:7e:
7d:cb:83:92:cc:00:24:d7:ed:80:18:9f:6e:aa:90:
44:a2:b3:ac:29:34:52:a6:68:3a:a7:ce:97:c0:db:
a3:0f:ea:5c:a7:67:7a:7a:0e:e2:d8:16:f5:29:a5:
77:78:7e:a5:f6:41:e8:7d:b5:f8:a2:72:6c:2a:12:
af:0c:c3:04:c6:9f:fa:6f:2c:50:cb:4f:63:2a:c0:
e2:5a:71:b0:af:3d:1f:37:1e:de:ad:cc:24:86:4a:
b4:ad:7f:df:c5:33:88:78:23:0f:63:84:58:23:27:
f6:e0:60:21:68:d9:ae:ee:25:28:51:61:7d:9b:80:
55:1c:38:da:33:29:75:67:1e:06:39:e5:59:59:c9:
40:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9C:1C:6B:A4:CA:CE:F0:5F:1C:C7:84:42:90:B2:3E:C8:8B:09:5D
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/QJwca6TKzvBfHMeEQpCyPsiLCV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.10.0/24
5.105.12.0/24
5.105.40.0/24
5.105.43.0/24
5.105.65.0/24
5.105.68.0/23
5.105.74.0/24
5.105.79.0-5.105.82.255
5.105.95.0/24
5.105.103.0/24
5.105.108.0/24
5.105.112.0/22
5.105.122.0/23
5.105.125.0/24
5.105.127.0/24
5.105.131.0/24
5.105.134.0/24
5.105.138.0/23
5.105.142.0/23
5.105.156.0/24
5.105.162.0/24
5.105.165.0-5.105.166.255
5.105.168.0/24
5.105.172.0/24
5.105.186.0/23
5.105.195.0/24
5.105.197.0-5.105.199.255
5.105.202.0-5.105.204.255
5.105.206.0/23
5.105.214.0/24
5.105.216.0/24
5.105.229.0/24
5.105.239.0-5.105.240.255
5.105.244.0/23
5.105.247.0-5.105.249.255
5.180.176.0/24
193.46.210.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:9f:e4:78:d2:ec:c2:5f:9a:f0:ca:61:0f:3d:38:3e:9b:bc:
e5:d9:24:40:b4:65:14:1d:74:37:1d:54:24:39:26:a8:38:1f:
d6:52:84:6a:68:50:1b:6f:92:e9:12:12:7c:1d:2c:f7:e0:1f:
d5:a7:7c:e8:0c:cc:92:5f:24:52:92:9f:d1:82:68:41:39:bc:
14:c6:72:c5:5a:21:d7:91:b2:ab:64:3b:43:6f:2c:83:54:48:
1a:42:bd:9f:36:35:5b:fb:19:e4:ee:e5:69:77:a7:f9:e8:97:
20:9a:6a:ce:1d:b5:1f:18:fe:e0:ce:0f:06:5e:72:d1:52:f1:
64:39:67:28:33:fc:cc:7c:d8:dd:5a:b9:36:ac:65:0a:58:a4:
08:80:93:5e:c5:69:b7:f4:78:f4:69:48:02:1b:9b:5c:92:6f:
fa:5e:ee:c9:5e:ab:f2:af:04:63:ba:15:fe:51:19:0b:d5:99:
82:63:ca:ae:79:c8:cb:1d:90:39:03:3a:eb:5a:59:3c:4d:50:
b9:23:70:d4:2f:62:35:80:53:a6:00:e3:d4:93:e4:77:11:bd:
54:62:00:87:18:0d:75:1f:79:b1:ef:99:20:d6:4e:73:02:30:
66:8f:33:8b:f2:75:c3:28:d5:8d:10:9e:ef:1b:d9:24:a5:b0:
bc:cc:4a:9e
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAYXt15eRgEaY4AYMhBFInMa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMTI2MTEzMDA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDljMWM2YmE0Y2FjZWYwNWYxY2M3ODQ0MjkwYjIzZWM4OGIwOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7CoQ1PbO52sfBjEUMF5EEGfpj/V
kLVOm/DqXu4uqPX0GgILWULOQk0XJRD/cOZBAsPunnycO3gVhD0jKc8j6nSpaI2s
VVJ1JEQww+ZyQgNH+XkJ50ZFXpdQ8w/ywncXyFkDoPZ10yRFmNbSqS7O1vx0nDm0
3X59y4OSzAAk1+2AGJ9uqpBEorOsKTRSpmg6p86XwNujD+pcp2d6eg7i2Bb1KaV3
eH6l9kHofbX4onJsKhKvDMMExp/6byxQy09jKsDiWnGwrz0fNx7ercwkhkq0rX/f
xTOIeCMPY4RYIyf24GAhaNmu7iUoUWF9m4BVHDjaMyl1Zx4GOeVZWclAFQIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFECcHGukys7wXxzHhEKQsj7IiwldMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvUUp3Y2E2VEt6dkJmSE1lRVFwQ3lQc2lMQ1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DgMEAAVpCgMEAAVpDAMEAAVpKAMEAAVpKwMEAAVpQQMEAQVpRAMEAAVpSjAMAwQA
BWlPAwQABWlSAwQABWlfAwQABWlnAwQABWlsAwQCBWlwAwQBBWl6AwQABWl9AwQA
BWl/AwQABWmDAwQABWmGAwQBBWmKAwQBBWmOAwQABWmcAwQABWmiMAwDBAAFaaUD
BAAFaaYDBAAFaagDBAAFaawDBAEFaboDBAAFacMwDAMEAAVpxQMEAwVpwDAMAwQB
BWnKAwQABWnMAwQBBWnOAwQABWnWAwQABWnYAwQABWnlMAwDBAAFae8DBAAFafAD
BAEFafQwDAMEAAVp9wMEAQVp+AMEAAW0sAMEAMEu0jANBgkqhkiG9w0BAQsFAAOC
AQEATZ/keNLswl+a8MphDz04Ppu85dkkQLRlFB10Nx1UJDkmqDgf1lKEamhQG2+S
6RISfB0s9+Af1ad86AzMkl8kUpKf0YJoQTm8FMZyxVoh15Gyq2Q7Q28sg1RIGkK9
nzY1W/sZ5O7laXen+eiXIJpqzh21Hxj+4M4PBl5y0VLxZDlnKDP8zHzY3Vq5Nqxl
ClikCICTXsVpt/R49GlIAhubXJJv+l7uyV6r8q8EY7oV/lEZC9WZgmPKrnnIyx2Q
OQM661pZPE1QuSNw1C9iNYBTpgDj1JPkdxG9VGIAhxgNdR95se+ZINZOcwIwZo8z
i/J1wyjVjRCe7xvZJKWwvMxKng==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:17 2023 by rpki-client on console-fra.rpki-client.org