Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/CQxKlkpkcPBR7h2bxi7X35A2XZk.roa
File: CQxKlkpkcPBR7h2bxi7X35A2XZk.roa (raw, json)
Hash identifier: ySdbyVj17RF4BoN9LM9zNpg5ve3bA5zMKz1QfUUZSc0=
Subject key identifier: 09:0C:4A:96:4A:64:70:F0:51:EE:1D:9B:C6:2E:D7:DF:90:36:5D:99
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 01872CFF6A8E9C90CA902930FD1278AE6E84
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/CQxKlkpkcPBR7h2bxi7X35A2XZk.roa
Signing time: Wed 29 Mar 2023 10:52:29 +0000
ROA not before: Wed 29 Mar 2023 10:52:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 188.241.249.0/24 maxlen: 32
185.66.136.0/22 maxlen: 32
92.255.52.0/24 maxlen: 32
92.255.64.0/24 maxlen: 32
119.12.192.0/21 maxlen: 32
92.255.80.0/24 maxlen: 32
92.255.83.0/24 maxlen: 32
92.255.82.0/24 maxlen: 32
92.255.81.0/24 maxlen: 32
92.114.81.0/24 maxlen: 32
180.235.160.0/20 maxlen: 32
89.40.81.0/24 maxlen: 32
110.238.192.0/19 maxlen: 32
92.114.60.0/22 maxlen: 32
94.177.14.0/23 maxlen: 32
91.92.216.0/23 maxlen: 32
91.92.218.0/24 maxlen: 32
188.241.15.0/24 maxlen: 32
5.62.152.0/21 maxlen: 32
93.113.52.0/23 maxlen: 32
188.241.56.0/23 maxlen: 32
91.92.178.0/23 maxlen: 32
94.139.224.0/20 maxlen: 32
89.38.234.0/24 maxlen: 32
92.255.0.0/24 maxlen: 32
193.56.24.0/23 maxlen: 32
193.56.26.0/23 maxlen: 32
188.211.24.0/23 maxlen: 32
86.106.176.0/23 maxlen: 32
176.223.104.0/22 maxlen: 32
94.139.60.0/23 maxlen: 32
91.92.22.0/23 maxlen: 32
94.176.0.0/23 maxlen: 32
180.149.16.0/20 maxlen: 32
193.142.103.0/24 maxlen: 32
188.240.48.0/23 maxlen: 32
91.92.138.0/24 maxlen: 32
193.200.104.0/23 maxlen: 32
94.176.132.0/23 maxlen: 32
176.223.182.0/23 maxlen: 32
188.212.136.0/21 maxlen: 32
188.94.84.0/22 maxlen: 32
89.104.122.0/23 maxlen: 32
31.14.26.0/24 maxlen: 32
110.239.212.0/22 maxlen: 32
110.239.208.0/22 maxlen: 32
110.239.216.0/21 maxlen: 32
89.223.22.0/23 maxlen: 32
180.149.0.0/20 maxlen: 32
91.192.212.0/22 maxlen: 32
93.115.4.0/23 maxlen: 32
77.81.92.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Apr 2023 06:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:ff:6a:8e:9c:90:ca:90:29:30:fd:12:78:ae:6e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Mar 29 10:52:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=090c4a964a6470f051ee1d9bc62ed7df90365d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5c:4f:7f:e1:d6:92:49:34:98:08:54:87:d7:
e7:23:f2:b7:66:d5:62:a0:94:8b:6b:5e:10:8e:b7:
6b:50:77:c8:34:e6:ab:bc:c7:7a:74:b8:de:4d:a9:
28:90:e9:15:ce:f3:1a:a5:92:3f:d6:1d:2b:c6:bc:
a6:05:6d:5d:4e:54:10:bf:2e:3b:a7:25:44:c5:59:
2b:96:91:5b:ba:9c:00:df:fa:e1:00:03:74:e6:20:
8d:85:66:36:13:09:9c:de:da:4c:15:07:b8:18:88:
c7:85:d9:a1:ae:72:28:13:35:ae:75:4c:0f:98:77:
1f:a6:ea:4a:f1:4f:03:10:e9:ea:b9:30:82:d9:bf:
40:a0:aa:e0:45:8c:52:06:7d:c6:0a:44:43:89:c3:
2a:b4:22:9b:10:d1:37:9f:f6:65:45:14:95:e5:a9:
d0:db:98:83:ab:bc:5d:dc:2f:a2:22:dd:3f:f2:84:
67:c9:dc:36:dd:8c:3a:c4:c1:f2:09:0e:1d:79:8f:
f1:47:59:32:b1:b4:9c:40:81:a6:bb:f3:0d:2c:0f:
68:c8:0b:f2:43:01:fe:a0:f2:cf:d2:9e:cd:41:99:
e7:85:3a:4c:bc:16:c0:f5:fb:32:77:26:5c:9c:48:
df:85:44:8e:df:7e:5a:f7:33:07:1d:80:cf:f0:24:
5b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0C:4A:96:4A:64:70:F0:51:EE:1D:9B:C6:2E:D7:DF:90:36:5D:99
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/CQxKlkpkcPBR7h2bxi7X35A2XZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.152.0/21
31.14.26.0/24
77.81.92.0/22
86.106.176.0/23
89.38.234.0/24
89.40.81.0/24
89.104.122.0/23
89.223.22.0/23
91.92.22.0/23
91.92.138.0/24
91.92.178.0/23
91.92.216.0-91.92.218.255
91.192.212.0/22
92.114.60.0/22
92.114.81.0/24
92.255.0.0/24
92.255.52.0/24
92.255.64.0/24
92.255.80.0/22
93.113.52.0/23
93.115.4.0/23
94.139.60.0/23
94.139.224.0/20
94.176.0.0/23
94.176.132.0/23
94.177.14.0/23
110.238.192.0/19
110.239.208.0/20
119.12.192.0/21
176.223.104.0/22
176.223.182.0/23
180.149.0.0/19
180.235.160.0/20
185.66.136.0/22
188.94.84.0/22
188.211.24.0/23
188.212.136.0/21
188.240.48.0/23
188.241.15.0/24
188.241.56.0/23
188.241.249.0/24
193.56.24.0/22
193.142.103.0/24
193.200.104.0/23
Signature Algorithm: sha256WithRSAEncryption
65:57:15:db:f8:1e:4c:d4:73:26:b5:36:74:e0:1a:38:76:45:
c0:d8:78:31:97:2d:a5:01:e2:a4:3a:a5:40:8b:b7:b8:e5:a0:
ce:af:9c:8e:c5:25:c1:59:32:78:45:ef:e5:8e:2d:dd:b4:1a:
a1:a5:e8:c9:54:4b:ec:db:e1:59:4b:a7:0a:61:cd:ff:64:9f:
76:6e:cc:dd:2d:87:31:b7:94:f8:9d:b7:dd:4e:8b:68:b1:f1:
20:f7:d0:e5:22:54:cc:83:ba:5f:50:2d:aa:d6:e6:74:1d:5d:
b9:31:66:72:e0:14:ca:bb:c9:a6:90:f7:42:28:2f:7d:e1:83:
d2:da:0f:b0:ce:1d:ef:7c:a3:2d:e8:c5:e5:bd:5c:e8:c8:c8:
30:3b:6b:70:38:d6:04:7e:9c:c1:19:0a:af:be:f9:c9:9f:70:
a4:49:d8:e9:f0:0f:0a:b9:e1:fe:36:74:14:c1:7d:0a:35:6f:
79:3e:67:fa:b9:66:f6:a1:29:56:55:16:e4:7e:a8:0e:19:e0:
46:3b:7c:31:36:3b:54:0c:9d:a3:47:58:ea:af:3e:9e:6b:e3:
73:68:0f:3a:46:bd:2a:d5:01:8e:e5:e5:e2:99:91:a8:b2:68:
e0:68:d2:02:71:ff:2d:b7:34:e6:69:3c:83:21:b0:a8:13:a8:
3f:be:03:82
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAYcs/2qOnJDKkCkw/RJ4rm6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjMwMzI5MTA1MjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTBjNGE5NjRhNjQ3MGYwNTFlZTFkOWJjNjJlZDdkZjkwMzY1ZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklxPf+HWkkk0mAhUh9fnI/K3ZtVi
oJSLa14QjrdrUHfINOarvMd6dLjeTakokOkVzvMapZI/1h0rxrymBW1dTlQQvy47
pyVExVkrlpFbupwA3/rhAAN05iCNhWY2Ewmc3tpMFQe4GIjHhdmhrnIoEzWudUwP
mHcfpupK8U8DEOnquTCC2b9AoKrgRYxSBn3GCkRDicMqtCKbENE3n/ZlRRSV5anQ
25iDq7xd3C+iIt0/8oRnydw23Yw6xMHyCQ4deY/xR1kysbScQIGmu/MNLA9oyAvy
QwH+oPLP0p7NQZnnhTpMvBbA9fsydyZcnEjfhUSO335a9zMHHYDP8CRbuwIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFAkMSpZKZHDwUe4dm8Yu19+QNl2ZMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvQ1F4S2xrcGtjUEJSN2gyYnhpN1gzNUEyWFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAwU+mAMEAB8OGgMEAk1RXAMEAVZqsAMEAFkm6gMEAFkoUQMEAVloegMEAVnf
FgMEAVtcFgMEAFtcigMEAVtcsjAMAwQDW1zYAwQAW1zaAwQCW8DUAwQCXHI8AwQA
XHJRAwQAXP8AAwQAXP80AwQAXP9AAwQCXP9QAwQBXXE0AwQBXXMEAwQBXos8AwQE
XovgAwQBXrAAAwQBXrCEAwQBXrEOAwQFbu7AAwQEbu/QAwQDdwzAAwQCsN9oAwQB
sN+2AwQFtJUAAwQEtOugAwQCuUKIAwQCvF5UAwQBvNMYAwQDvNSIAwQBvPAwAwQA
vPEPAwQBvPE4AwQAvPH5AwQCwTgYAwQAwY5nAwQBwchoMA0GCSqGSIb3DQEBCwUA
A4IBAQBlVxXb+B5M1HMmtTZ04Bo4dkXA2Hgxly2lAeKkOqVAi7e45aDOr5yOxSXB
WTJ4Re/lji3dtBqhpejJVEvs2+FZS6cKYc3/ZJ92bszdLYcxt5T4nbfdTotosfEg
99DlIlTMg7pfUC2q1uZ0HV25MWZy4BTKu8mmkPdCKC994YPS2g+wzh3vfKMt6MXl
vVzoyMgwO2twONYEfpzBGQqvvvnJn3CkSdjp8A8KueH+NnQUwX0KNW95Pmf6uWb2
oSlWVRbkfqgOGeBGO3wxNjtUDJ2jR1jqrz6ea+NzaA86Rr0q1QGO5eXimZGosmjg
aNICcf8ttzTmaTyDIbCoE6g/vgOC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:46 2024 by rpki-client on console-fra.rpki-client.org