Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/qa03NGtr8fEYAt3kGjekUsh61MM.roa
File: qa03NGtr8fEYAt3kGjekUsh61MM.roa (raw, json)
Hash identifier: mF1lbFOjakhqmLq19eYKAtl+zXZc+acAJYTuCE3g42o=
Subject key identifier: A9:AD:37:34:6B:6B:F1:F1:18:02:DD:E4:1A:37:A4:52:C8:7A:D4:C3
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018BC99A238CE950FE4EBE6E883161E67CE0
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/qa03NGtr8fEYAt3kGjekUsh61MM.roa
Signing time: Mon 13 Nov 2023 16:53:23 +0000
ROA not before: Mon 13 Nov 2023 16:53:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1680
IP address blocks: 212.29.192.0/18 maxlen: 24
176.13.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
89.138.0.0/16 maxlen: 16
207.232.0.0/18 maxlen: 18
62.90.135.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
147.234.26.0/24 maxlen: 24
147.234.28.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
82.166.201.128/25 maxlen: 25
147.234.43.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
176.12.128.0/17 maxlen: 24
194.90.1.0/24 maxlen: 24
62.90.0.0/16 maxlen: 24
194.90.0.0/16 maxlen: 24
46.117.0.0/16 maxlen: 16
212.143.194.0/24 maxlen: 24
46.210.0.0/16 maxlen: 24
93.173.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
82.166.0.0/16 maxlen: 24
199.203.21.0/24 maxlen: 24
85.65.0.0/16 maxlen: 16
46.116.0.0/16 maxlen: 16
212.143.0.0/16 maxlen: 24
147.234.17.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
95.35.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
192.118.30.0/23 maxlen: 23
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
93.172.0.0/16 maxlen: 16
62.0.88.0/22 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.92.0/23 maxlen: 24
109.253.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
85.64.0.0/16 maxlen: 16
217.132.0.0/16 maxlen: 16
109.186.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
62.0.116.0/22 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
2001:4df0::/32 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2001:4df0::/29 maxlen: 32
2001:4df1::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:9a:23:8c:e9:50:fe:4e:be:6e:88:31:61:e6:7c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Nov 13 16:53:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9ad37346b6bf1f11802dde41a37a452c87ad4c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:06:60:89:30:42:f3:73:01:fc:f0:5b:19:17:
ab:73:56:b5:b2:cf:ba:9f:1a:df:e7:a8:d2:a8:24:
ba:7a:5e:1e:9f:6f:a7:38:f5:9e:1d:f5:e6:88:50:
f5:e3:ec:3e:28:3b:26:2e:09:aa:93:c8:78:f6:04:
92:4c:c9:dd:71:e5:12:29:88:c5:ac:f8:c5:c6:24:
96:6b:b9:07:71:e3:30:31:e4:4c:5a:20:51:2d:c3:
40:f9:ef:3b:f4:66:71:56:29:fc:b9:9b:0d:ee:3c:
ca:09:da:6b:a1:5c:74:4d:17:12:22:e3:e6:68:70:
ba:fb:ad:8f:cf:31:5e:56:55:2a:2c:7d:e2:76:19:
9a:85:b4:0c:aa:6a:a0:88:02:67:bd:2e:46:81:51:
2d:22:ea:6c:94:fa:e1:f1:4d:1d:61:54:39:65:cf:
38:46:4e:0e:be:1b:3d:14:29:70:da:79:4f:97:5a:
f5:65:72:aa:be:ca:07:8b:f2:10:67:89:54:01:95:
13:06:7c:3a:f6:ad:de:0f:28:12:b5:a5:e6:7a:2c:
54:66:ac:77:9d:76:0f:86:a0:7c:9a:32:e3:c7:bb:
f5:0c:7a:25:e1:c4:23:c1:fa:bd:ce:ea:30:c3:9c:
fc:f7:c7:86:72:95:db:6e:7f:a1:b8:00:0c:97:83:
b5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AD:37:34:6B:6B:F1:F1:18:02:DD:E4:1A:37:A4:52:C8:7A:D4:C3
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/qa03NGtr8fEYAt3kGjekUsh61MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
147.234.17.0/24
147.234.22.0/24
147.234.26.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.118.28.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
Signature Algorithm: sha256WithRSAEncryption
39:64:6c:20:d9:da:d8:bd:2c:d7:2d:96:44:48:fc:a4:a8:5b:
8b:cc:b9:c6:10:06:2b:f2:cd:97:e7:65:26:7f:80:c1:84:74:
ce:2a:bd:e1:59:8e:a2:32:8c:be:ad:5b:3c:ca:12:c0:a7:3a:
e7:e4:79:bc:15:65:c9:c1:15:ae:4b:b8:63:04:78:37:7a:9b:
5b:2b:39:cc:ad:86:16:38:9c:d2:e3:0f:86:9f:bf:3e:c6:56:
ba:44:b4:7b:ed:12:9f:28:6c:d7:f4:aa:e5:62:8d:cd:f7:2b:
75:ea:f3:85:99:7a:f1:9c:66:4a:c6:90:46:34:29:15:0b:b1:
80:d8:73:b0:69:a6:ff:c9:e5:d2:7e:e0:38:73:62:24:40:91:
22:00:09:1d:ef:7d:9a:7c:18:2b:c6:ac:bb:2c:c2:ac:1d:96:
df:80:9c:5f:12:30:03:62:1f:dd:06:0f:15:06:26:d4:22:a6:
76:ce:0f:db:46:93:3b:ab:22:e9:4c:28:c5:2d:3a:23:5b:8e:
b8:e7:d0:63:20:72:e0:88:b4:03:e4:b1:f7:33:dd:ff:ac:93:
10:07:5b:e7:28:9a:5f:f8:d3:d9:0f:45:8e:8c:99:10:20:53:
e4:6a:3c:80:7b:66:50:87:93:1d:40:d6:bd:e8:53:e8:7c:f8:
b0:2c:7c:9e
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYvJmiOM6VD+Tr5uiDFh5nzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMxMTEzMTY1MzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFkMzczNDZiNmJmMWYxMTgwMmRkZTQxYTM3YTQ1MmM4N2FkNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwZgiTBC83MB/PBbGRerc1a1ss+6
nxrf56jSqCS6el4en2+nOPWeHfXmiFD14+w+KDsmLgmqk8h49gSSTMndceUSKYjF
rPjFxiSWa7kHceMwMeRMWiBRLcNA+e879GZxVin8uZsN7jzKCdproVx0TRcSIuPm
aHC6+62PzzFeVlUqLH3idhmahbQMqmqgiAJnvS5GgVEtIupslPrh8U0dYVQ5Zc84
Rk4Ovhs9FClw2nlPl1r1ZXKqvsoHi/IQZ4lUAZUTBnw69q3eDygStaXmeixUZqx3
nXYPhqB8mjLjx7v1DHol4cQjwfq9zuoww5z898eGcpXbbn+huAAMl4O1PwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFKmtNzRra/HxGALd5Bo3pFLIetTDMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvcWEwM05HdHI4ZkVZQXQza0dqZWtVc2g2MU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBuwQCAAEwgbQDAwEu
dAMDAC7SAwMAPgADAwA+WgMEBFD6kAMDAFKmAwMBVUADAwBV+gMDAVmKAwMBXawD
AwBfIwMDAG26AwMAbf0DBACT6hEDBACT6hYwDAMEAZPqGgMEAJPqHAMEAJPqKzAM
AwQAk+pTAwQAk+pUAwQAk+pWMAsDBAewDIADAwGwDAMEAsB2HAMDAMJaAwMAx8sD
BAbP6AADBAbUHcADAwDUjwMDANSWAwQH1OsAAwMA2YQwFAQCAAIwDgMFAyABTfAD
BQMqAgFIMA0GCSqGSIb3DQEBCwUAA4IBAQA5ZGwg2drYvSzXLZZESPykqFuLzLnG
EAYr8s2X52Umf4DBhHTOKr3hWY6iMoy+rVs8yhLApzrn5Hm8FWXJwRWuS7hjBHg3
eptbKznMrYYWOJzS4w+Gn78+xla6RLR77RKfKGzX9KrlYo3N9yt16vOFmXrxnGZK
xpBGNCkVC7GA2HOwaab/yeXSfuA4c2IkQJEiAAkd732afBgrxqy7LMKsHZbfgJxf
EjADYh/dBg8VBibUIqZ2zg/bRpM7qyLpTCjFLTojW46459BjIHLgiLQD5LH3M93/
rJMQB1vnKJpf+NPZD0WOjJkQIFPkajyAe2ZQh5MdQNa96FPofPiwLHye
-----END CERTIFICATE-----
Generated at Mon Nov 13 17:58:49 2023 by rpki-client on console-ams.rpki-client.org