Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/1-QY-z63D-Qe63qm1Y81xBiGZwoU.roa
File: 1-QY-z63D-Qe63qm1Y81xBiGZwoU.roa (raw, json)
Hash identifier: MdZmBmmVsdEiF5TmT/elrmuAG9tS2Wr+FEL6aLIB5Yk=
Subject key identifier: F9:06:3E:CF:AD:C3:F9:07:BA:DE:A9:B5:63:CD:71:06:21:99:C2:85
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 0191C109ADA2A604C1CB885E5B2252629037
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/1-QY-z63D-Qe63qm1Y81xBiGZwoU.roa
Signing time: Thu 05 Sep 2024 07:15:22 +0000
ROA not before: Thu 05 Sep 2024 07:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34244
IP address blocks: 5.180.0.0/22 maxlen: 22
31.170.24.0/21 maxlen: 21
31.170.26.0/23 maxlen: 23
31.170.28.0/22 maxlen: 22
37.221.104.0/22 maxlen: 22
45.8.152.0/22 maxlen: 22
45.14.4.0/22 maxlen: 22
45.93.232.0/22 maxlen: 22
45.131.188.0/22 maxlen: 22
45.152.172.0/22 maxlen: 22
81.92.196.0/22 maxlen: 22
81.92.220.0/22 maxlen: 22
85.30.128.0/18 maxlen: 18
92.39.32.0/20 maxlen: 20
94.46.136.0/22 maxlen: 22
94.46.240.0/22 maxlen: 22
128.127.184.0/21 maxlen: 21
141.98.236.0/22 maxlen: 22
155.137.24.0/21 maxlen: 21
178.236.64.0/20 maxlen: 24
178.255.112.0/22 maxlen: 22
185.4.8.0/22 maxlen: 22
185.27.96.0/22 maxlen: 22
185.121.44.0/22 maxlen: 22
185.176.28.0/22 maxlen: 22
185.186.32.0/22 maxlen: 22
185.197.224.0/22 maxlen: 22
185.216.152.0/22 maxlen: 22
185.223.236.0/22 maxlen: 22
185.240.208.0/22 maxlen: 22
185.247.236.0/22 maxlen: 22
188.66.48.0/22 maxlen: 22
193.34.202.0/24 maxlen: 24
193.221.93.0/24 maxlen: 24
193.221.120.0/24 maxlen: 24
193.221.123.0/24 maxlen: 24
193.221.219.0/24 maxlen: 24
195.210.52.0/23 maxlen: 23
2a02:80::/29 maxlen: 29
2a02:80::/32 maxlen: 32
2a02:1610::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 09 Sep 2024 08:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:09:ad:a2:a6:04:c1:cb:88:5e:5b:22:52:62:90:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Sep 5 07:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9063ecfadc3f907badea9b563cd71062199c285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4b:23:6d:80:f2:a7:45:25:7d:8f:c8:78:33:
07:c9:ed:71:f9:f4:23:55:7e:d0:24:ed:46:74:af:
4d:56:83:b8:13:80:22:ea:fb:56:89:4a:b1:96:a1:
a8:2b:17:cc:03:17:ca:39:53:7c:99:75:fa:2e:40:
87:bd:87:33:40:ff:ed:10:62:d9:a5:0a:ae:63:20:
be:0c:51:cf:7a:59:13:cd:37:34:8a:91:a5:27:3a:
7a:d1:8b:94:51:15:e5:ba:59:80:d6:12:40:0a:54:
b6:46:7b:dd:56:1c:fc:15:17:9e:fa:00:c1:98:0d:
30:55:2e:99:85:71:02:1f:57:2a:2b:c1:b8:f1:59:
32:35:85:d0:fd:82:00:11:9d:d2:e1:d6:d5:0c:c1:
ac:8b:e1:b1:fa:95:3d:3f:d0:ca:67:20:0e:89:ed:
02:76:ca:85:d7:d2:0f:ca:4a:08:a7:67:b7:c4:52:
1b:c0:1d:e3:47:7b:c3:37:1d:83:d0:b7:82:80:06:
5b:e7:91:12:4a:10:a4:b0:06:4c:e7:ea:b3:55:52:
44:b6:b9:59:ce:2d:81:ec:8e:66:a4:5b:d3:18:ef:
7c:f9:78:f2:3a:ec:4f:6c:79:1e:7a:6f:c7:17:55:
93:79:38:5a:59:a5:18:49:db:a8:ab:3b:6d:af:54:
c5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:06:3E:CF:AD:C3:F9:07:BA:DE:A9:B5:63:CD:71:06:21:99:C2:85
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/1-QY-z63D-Qe63qm1Y81xBiGZwoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.0.0/22
31.170.24.0/21
37.221.104.0/22
45.8.152.0/22
45.14.4.0/22
45.93.232.0/22
45.131.188.0/22
45.152.172.0/22
81.92.196.0/22
81.92.220.0/22
85.30.128.0/18
92.39.32.0/20
94.46.136.0/22
94.46.240.0/22
128.127.184.0/21
141.98.236.0/22
155.137.24.0/21
178.236.64.0/20
178.255.112.0/22
185.4.8.0/22
185.27.96.0/22
185.121.44.0/22
185.176.28.0/22
185.186.32.0/22
185.197.224.0/22
185.216.152.0/22
185.223.236.0/22
185.240.208.0/22
185.247.236.0/22
188.66.48.0/22
193.34.202.0/24
193.221.93.0/24
193.221.120.0/24
193.221.123.0/24
193.221.219.0/24
195.210.52.0/23
IPv6:
2a02:80::/29
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
45:26:a3:b8:8a:18:1c:86:1b:48:ca:18:09:a6:73:23:d5:c9:
5e:7f:ed:c0:5e:85:b5:f5:74:c1:d2:5b:79:e9:ca:ea:b6:1b:
b1:5e:bf:e9:a3:ec:bb:ee:ed:b3:8f:96:16:f6:93:6d:12:59:
17:83:c6:99:cc:76:5f:f7:bd:f0:dd:fa:88:af:c4:d6:80:02:
b9:b2:9b:98:cc:f4:fa:71:49:b3:1b:82:93:b5:d8:98:e2:0a:
af:e2:ca:e8:96:0b:e0:ae:33:10:8e:da:37:0a:a8:8e:e5:0a:
4f:d3:fd:7c:a0:1f:6a:9c:47:7a:0b:83:e7:0f:93:e8:3f:9c:
50:d2:8c:1b:ab:9f:55:4d:d2:7f:d5:dc:03:c3:1a:da:b1:7e:
02:84:fd:f1:0d:62:8c:54:86:f1:d7:cb:00:47:61:3f:73:be:
f1:e7:76:d9:b0:d4:c5:b0:c5:35:0d:f3:ea:cc:52:a4:e9:58:
ef:d6:00:99:ba:06:42:1a:08:d4:d5:50:95:09:a7:81:4f:dd:
f0:91:95:01:a2:9b:f5:ea:86:ac:2e:cb:8f:1b:93:4c:c5:72:
b4:92:02:ab:43:a4:36:a3:06:24:eb:66:ac:6c:dc:72:57:0d:
55:bb:4e:4f:45:a2:bb:61:87:4a:97:d8:ef:bf:25:f8:58:73:
a5:9d:59:2c
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZHBCa2ipgTBy4heWyJSYpA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjQwOTA1MDcxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA2M2VjZmFkYzNmOTA3YmFkZWE5YjU2M2NkNzEwNjIxOTljMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0sjbYDyp0UlfY/IeDMHye1x+fQj
VX7QJO1GdK9NVoO4E4Ai6vtWiUqxlqGoKxfMAxfKOVN8mXX6LkCHvYczQP/tEGLZ
pQquYyC+DFHPelkTzTc0ipGlJzp60YuUURXlulmA1hJAClS2RnvdVhz8FRee+gDB
mA0wVS6ZhXECH1cqK8G48VkyNYXQ/YIAEZ3S4dbVDMGsi+Gx+pU9P9DKZyAOie0C
dsqF19IPykoIp2e3xFIbwB3jR3vDNx2D0LeCgAZb55ESShCksAZM5+qzVVJEtrlZ
zi2B7I5mpFvTGO98+XjyOuxPbHkeem/HF1WTeThaWaUYSduoqzttr1TFiwIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFPkGPs+tw/kHut6ptWPNcQYhmcKFMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvMS1RWS16NjNELVFlNjNxbTFZODF4QmlHWndvVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGEvODQ3ZDE3LWJhN2MtNGVhZS05ZDU1LTI1ODQ2ZDU5ZmQ2
MC8xL1h4LWdiVjI2MmtQZVJQVGtzZHlVa3Jzb2ZKMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAQsGCCsGAQUFBwEHAQH/BIH7MIH4MIHfBAIAATCB2AME
AgW0AAMEAx+qGAMEAiXdaAMEAi0ImAMEAi0OBAMEAi1d6AMEAi2DvAMEAi2YrAME
AlFcxAMEAlFc3AMEBlUegAMEBFwnIAMEAl4uiAMEAl4u8AMEA4B/uAMEAo1i7AME
A5uJGAMEBLLsQAMEArL/cAMEArkECAMEArkbYAMEArl5LAMEArmwHAMEArm6IAME
ArnF4AMEArnYmAMEArnf7AMEArnw0AMEArn37AMEArxCMAMEAMEiygMEAMHdXQME
AMHdeAMEAMHdewMEAMHd2wMEAcPSNDAUBAIAAjAOAwUDKgIAgAMFACoCFhAwDQYJ
KoZIhvcNAQELBQADggEBAEUmo7iKGByGG0jKGAmmcyPVyV5/7cBehbX1dMHSW3np
yuq2G7Fev+mj7Lvu7bOPlhb2k20SWReDxpnMdl/3vfDd+oivxNaAArmym5jM9Ppx
SbMbgpO12JjiCq/iyuiWC+CuMxCO2jcKqI7lCk/T/XygH2qcR3oLg+cPk+g/nFDS
jBurn1VN0n/V3APDGtqxfgKE/fENYoxUhvHXywBHYT9zvvHndtmw1MWwxTUN8+rM
UqTpWO/WAJm6BkIaCNTVUJUJp4FP3fCRlQGim/Xqhqwuy48bk0zFcrSSAqtDpDaj
BiTrZqxs3HJXDVW7Tk9Forthh0qX2O+/JfhYc6WdWSw=
-----END CERTIFICATE-----
Generated at Mon Sep 9 10:15:52 2024 by rpki-client on console-ams.rpki-client.org