Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/Qc_3-ttVwtyS8KUjFO-CuZBWlvM.roa
File: Qc_3-ttVwtyS8KUjFO-CuZBWlvM.roa (raw, json)
Hash identifier: T9hX4v70kR3aABzdksBbmmGJZ4B3WWzLNMp49QN0g8s=
Subject key identifier: 41:CF:F7:FA:DB:55:C2:DC:92:F0:A5:23:14:EF:82:B9:90:56:96:F3
Certificate issuer: /CN=4a7a917ddcfc26e8c87b30858b6f07f29a3db43e
Certificate serial: 01856B40DCA7836EDA5D824A5005FF325BB4
Authority key identifier: 4A:7A:91:7D:DC:FC:26:E8:C8:7B:30:85:8B:6F:07:F2:9A:3D:B4:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/Qc_3-ttVwtyS8KUjFO-CuZBWlvM.roa
Signing time: Sun 01 Jan 2023 02:54:50 +0000
ROA not before: Sun 01 Jan 2023 02:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8585
IP address blocks: 213.149.96.0/19 maxlen: 19
85.94.96.0/19 maxlen: 19
46.33.192.0/22 maxlen: 22
46.33.192.0/19 maxlen: 19
109.228.64.0/18 maxlen: 18
95.155.0.0/18 maxlen: 18
46.33.198.0/24 maxlen: 24
46.33.199.0/24 maxlen: 24
46.33.196.0/24 maxlen: 24
46.33.197.0/24 maxlen: 24
195.66.166.0/24 maxlen: 24
195.66.164.0/24 maxlen: 24
195.66.160.0/19 maxlen: 19
195.66.167.0/24 maxlen: 24
31.204.192.0/18 maxlen: 18
195.66.180.0/24 maxlen: 24
78.155.32.0/19 maxlen: 19
46.161.64.0/18 maxlen: 18
46.161.76.0/22 maxlen: 22
37.122.160.0/19 maxlen: 19
77.222.0.0/19 maxlen: 19
2a00:fe80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 10 Jan 2023 14:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:dc:a7:83:6e:da:5d:82:4a:50:05:ff:32:5b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7a917ddcfc26e8c87b30858b6f07f29a3db43e
Validity
Not Before: Jan 1 02:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41cff7fadb55c2dc92f0a52314ef82b9905696f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c0:fc:05:1a:84:b0:f4:06:70:60:cb:ea:fb:
1d:29:9b:23:b5:d1:f8:8d:2e:e0:5c:1f:11:cd:d9:
8f:03:20:f4:dd:93:8d:81:81:7c:2d:ff:d6:58:28:
38:29:24:0b:9d:9e:eb:80:fe:f4:00:18:5e:85:68:
c5:dc:c0:4e:ba:f8:2b:73:71:58:59:bd:61:bb:66:
b3:26:3e:d0:33:dc:7e:13:3a:04:94:5c:eb:d9:9c:
bd:a4:1a:57:09:57:cd:e0:15:31:fb:66:19:97:96:
1a:30:d0:56:fd:3d:0e:a8:98:8e:00:2b:01:64:f0:
69:5d:cd:05:d8:9a:a1:62:b6:58:b4:c9:8f:f5:c5:
d0:53:de:a4:03:43:ff:01:ce:37:1a:3b:54:da:8c:
70:df:bc:a0:38:f5:c6:1e:29:bb:d6:19:be:fe:bd:
d9:84:a8:08:7c:bf:e8:cb:1f:73:15:fa:ba:32:95:
38:6b:eb:15:b8:82:f9:a7:96:98:88:80:36:9c:28:
34:7e:ab:9c:23:a1:16:80:6d:0f:c0:6b:0a:32:46:
1b:f9:0a:47:e3:bf:6f:bc:b1:06:ea:67:72:27:18:
bd:da:f4:fd:4c:d7:a8:57:44:7d:2b:57:e0:64:62:
a3:b6:be:a0:08:02:0a:95:ec:81:f2:33:92:df:9d:
d3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CF:F7:FA:DB:55:C2:DC:92:F0:A5:23:14:EF:82:B9:90:56:96:F3
X509v3 Authority Key Identifier:
keyid:4A:7A:91:7D:DC:FC:26:E8:C8:7B:30:85:8B:6F:07:F2:9A:3D:B4:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/Qc_3-ttVwtyS8KUjFO-CuZBWlvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/SnqRfdz8JujIezCFi28H8po9tD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.192.0/18
37.122.160.0/19
46.33.192.0/19
46.161.64.0/18
77.222.0.0/19
78.155.32.0/19
85.94.96.0/19
95.155.0.0/18
109.228.64.0/18
195.66.160.0/19
213.149.96.0/19
IPv6:
2a00:fe80::/32
Signature Algorithm: sha256WithRSAEncryption
b7:26:dc:ed:23:49:cf:d0:1a:58:5a:4a:2b:4a:68:7e:63:11:
9e:b9:da:b8:0c:b3:45:c9:67:55:c4:b3:18:d9:6b:66:ee:a7:
6f:d7:61:06:de:8e:67:3a:4e:bb:8a:11:2a:03:62:5a:74:81:
a5:1b:3e:c8:f2:c1:05:e2:d7:c9:f8:e7:c2:00:da:3f:75:93:
f8:d4:ec:c6:21:43:bf:4b:c2:d0:3a:f2:00:eb:78:ad:51:7f:
43:06:f5:d4:47:7c:1d:45:7d:36:6a:46:05:6c:65:8b:18:1c:
7a:2c:bc:a7:a6:8f:be:6a:64:0d:7b:92:7c:09:d6:af:81:23:
17:98:9a:df:66:51:67:3c:75:0e:52:1f:e3:ee:39:72:0d:1d:
73:34:5f:d7:b8:79:1b:f3:8f:82:37:e9:52:9e:7e:ba:d0:82:
13:98:60:4a:b4:2b:b4:b2:73:64:f3:42:af:16:6e:5c:6f:d5:
fa:1c:e5:49:ae:34:f9:e3:1a:ca:6c:0c:df:3a:95:77:db:a7:
b7:73:94:11:1c:38:88:42:64:18:fb:58:27:02:3e:2f:bf:18:
de:d4:10:c2:b0:f5:a7:11:6f:47:71:26:fa:08:ab:cf:0a:d3:
e8:eb:79:56:e2:85:b8:e0:5b:a5:ea:af:40:78:d7:ba:97:48:
51:54:46:a9
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVrQNyng27aXYJKUAX/Mlu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2E5MTdkZGNmYzI2ZThjODdiMzA4NThiNmYwN2YyOWEz
ZGI0M2UwHhcNMjMwMTAxMDI1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWNmZjdmYWRiNTVjMmRjOTJmMGE1MjMxNGVmODJiOTkwNTY5NmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicD8BRqEsPQGcGDL6vsdKZsjtdH4
jS7gXB8RzdmPAyD03ZONgYF8Lf/WWCg4KSQLnZ7rgP70ABhehWjF3MBOuvgrc3FY
Wb1hu2azJj7QM9x+EzoElFzr2Zy9pBpXCVfN4BUx+2YZl5YaMNBW/T0OqJiOACsB
ZPBpXc0F2JqhYrZYtMmP9cXQU96kA0P/Ac43GjtU2oxw37ygOPXGHim71hm+/r3Z
hKgIfL/oyx9zFfq6MpU4a+sVuIL5p5aYiIA2nCg0fqucI6EWgG0PwGsKMkYb+QpH
479vvLEG6mdyJxi92vT9TNeoV0R9K1fgZGKjtr6gCAIKleyB8jOS353TeQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFEHP9/rbVcLckvClIxTvgrmQVpbzMB8GA1UdIwQY
MBaAFEp6kX3c/CboyHswhYtvB/KaPbQ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU25xUmZkejhKdWpJZXpDRmkyOEg4cG85dEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNGMyYmItNzllYS00ZjM5LWFjODIt
ODIwMTZkZTQyMjEyLzEvUWNfMy10dFZ3dHlTOEtVakZPLUN1WkJXbHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNGMyYmItNzllYS00ZjM5LWFjODItODIwMTZkZTQyMjEy
LzEvU25xUmZkejhKdWpJZXpDRmkyOEg4cG85dEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQGH8zAAwQF
JXqgAwQFLiHAAwQGLqFAAwQFTd4AAwQFTpsgAwQFVV5gAwQGX5sAAwQGbeRAAwQF
w0KgAwQF1ZVgMA0EAgACMAcDBQAqAP6AMA0GCSqGSIb3DQEBCwUAA4IBAQC3Jtzt
I0nP0BpYWkorSmh+YxGeudq4DLNFyWdVxLMY2Wtm7qdv12EG3o5nOk67ihEqA2Ja
dIGlGz7I8sEF4tfJ+OfCANo/dZP41OzGIUO/S8LQOvIA63itUX9DBvXUR3wdRX02
akYFbGWLGBx6LLynpo++amQNe5J8CdavgSMXmJrfZlFnPHUOUh/j7jlyDR1zNF/X
uHkb84+CN+lSnn660IITmGBKtCu0snNk80KvFm5cb9X6HOVJrjT54xrKbAzfOpV3
26e3c5QRHDiIQmQY+1gnAj4vvxje1BDCsPWnEW9HcSb6CKvPCtPo63lW4oW44Ful
6q9AeNe6l0hRVEap
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:01 2024 by rpki-client on console-ams.rpki-client.org