Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/QRl8TCb3y-flgXHJywcf8EFchvk.roa
File: QRl8TCb3y-flgXHJywcf8EFchvk.roa (raw, json)
Hash identifier: 1w6nn5DizxuDpgXSlaAmSSeDjSHFcneGuoDzb6JBAwQ=
Subject key identifier: 41:19:7C:4C:26:F7:CB:E7:E5:81:71:C9:CB:07:1F:F0:41:5C:86:F9
Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Certificate serial: 01891C19A726F024BE37AD5809AEF3C65417
Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/QRl8TCb3y-flgXHJywcf8EFchvk.roa
Signing time: Mon 03 Jul 2023 14:13:10 +0000
ROA not before: Mon 03 Jul 2023 14:13:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57809
IP address blocks: 192.214.192.0/19 maxlen: 19
185.87.100.0/22 maxlen: 22
23.90.192.0/18 maxlen: 18
185.20.16.0/22 maxlen: 22
185.134.156.0/22 maxlen: 22
45.133.68.0/22 maxlen: 22
185.133.80.0/22 maxlen: 22
79.99.160.0/21 maxlen: 21
92.119.232.0/22 maxlen: 22
185.197.108.0/22 maxlen: 22
5.183.248.0/22 maxlen: 22
45.89.76.0/22 maxlen: 22
45.92.180.0/22 maxlen: 22
185.48.252.0/22 maxlen: 22
45.129.218.0/24 maxlen: 24
185.163.136.0/22 maxlen: 22
45.129.216.0/24 maxlen: 24
45.129.217.0/24 maxlen: 24
185.241.140.0/22 maxlen: 22
94.154.4.0/24 maxlen: 24
88.218.12.0/22 maxlen: 22
185.191.36.0/22 maxlen: 22
185.163.212.0/22 maxlen: 22
185.86.88.0/22 maxlen: 22
45.86.96.0/22 maxlen: 22
185.163.220.0/22 maxlen: 22
31.204.80.0/21 maxlen: 21
185.163.228.0/22 maxlen: 22
94.187.128.0/19 maxlen: 19
2.59.144.0/22 maxlen: 22
185.186.88.0/22 maxlen: 22
185.169.156.0/22 maxlen: 22
185.132.64.0/22 maxlen: 22
185.135.176.0/22 maxlen: 22
45.142.108.0/22 maxlen: 22
195.216.140.0/22 maxlen: 22
168.220.128.0/19 maxlen: 19
46.18.120.0/22 maxlen: 22
46.18.124.0/24 maxlen: 24
46.18.125.0/24 maxlen: 24
46.18.126.0/23 maxlen: 23
185.254.8.0/22 maxlen: 22
185.138.116.0/22 maxlen: 22
5.10.128.0/21 maxlen: 21
45.80.252.0/22 maxlen: 22
185.98.116.0/22 maxlen: 22
45.152.16.0/22 maxlen: 22
62.192.156.0/22 maxlen: 22
2a00:41e0::/29 maxlen: 32
2a05:b780::/29 maxlen: 29
2a01:648::/29 maxlen: 32
2a00:6780::/29 maxlen: 32
2a05:c100::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 10 Jul 2023 15:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:19:a7:26:f0:24:be:37:ad:58:09:ae:f3:c6:54:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39
Validity
Not Before: Jul 3 14:13:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41197c4c26f7cbe7e58171c9cb071ff0415c86f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7c:d6:8b:15:9c:b5:ff:5b:56:a8:04:85:2a:
2a:9c:80:d1:2c:d8:1c:03:70:1d:e5:1c:59:40:b9:
dc:17:4c:03:5e:5d:40:39:7f:0d:cb:96:37:d9:ea:
50:12:8a:4c:83:bc:4a:92:0c:79:76:05:87:45:61:
97:52:e9:f6:92:65:73:46:18:4e:c5:52:c5:98:9e:
00:13:2d:6d:16:35:e4:a8:78:05:ba:d7:58:f5:4b:
63:51:01:ba:32:40:15:23:3f:46:a9:e1:44:be:cd:
8b:9c:94:91:ef:39:40:f2:a7:48:c5:fe:d7:be:09:
85:16:18:00:1f:da:82:2d:81:0e:d7:37:c9:77:71:
b4:f7:c8:4d:0c:a1:46:78:92:d6:66:79:10:20:fc:
f3:6a:e9:92:36:95:51:09:d8:5b:68:70:be:54:50:
f6:3c:67:d0:2e:6f:ae:b9:38:ba:24:d8:73:53:db:
e0:19:1f:80:b3:40:c3:08:0e:e7:9a:93:14:ac:42:
cd:22:6e:1c:02:03:5f:ae:b0:0b:c7:8a:be:4d:ce:
3c:30:6d:6d:61:5c:9a:e2:43:4e:40:e3:fe:99:11:
f5:e3:54:05:d3:7a:03:0d:e4:08:c5:89:f4:8d:41:
2c:cf:88:d5:d3:87:89:28:fb:ae:3c:04:b5:c9:2d:
dc:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:19:7C:4C:26:F7:CB:E7:E5:81:71:C9:CB:07:1F:F0:41:5C:86:F9
X509v3 Authority Key Identifier:
keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/QRl8TCb3y-flgXHJywcf8EFchvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.144.0/22
5.10.128.0/21
5.183.248.0/22
23.90.192.0/18
31.204.80.0/21
45.80.252.0/22
45.86.96.0/22
45.89.76.0/22
45.92.180.0/22
45.129.216.0-45.129.218.255
45.133.68.0/22
45.142.108.0/22
45.152.16.0/22
46.18.120.0/21
62.192.156.0/22
79.99.160.0/21
88.218.12.0/22
92.119.232.0/22
94.154.4.0/24
94.187.128.0/19
168.220.128.0/19
185.20.16.0/22
185.48.252.0/22
185.86.88.0/22
185.87.100.0/22
185.98.116.0/22
185.132.64.0/22
185.133.80.0/22
185.134.156.0/22
185.135.176.0/22
185.138.116.0/22
185.163.136.0/22
185.163.212.0/22
185.163.220.0/22
185.163.228.0/22
185.169.156.0/22
185.186.88.0/22
185.191.36.0/22
185.197.108.0/22
185.241.140.0/22
185.254.8.0/22
192.214.192.0/19
195.216.140.0/22
IPv6:
2a00:41e0::/29
2a00:6780::/29
2a01:648::/29
2a05:b780::/29
2a05:c100::/29
Signature Algorithm: sha256WithRSAEncryption
7e:92:4e:5f:4f:99:e1:58:fc:b9:eb:df:e0:47:a2:7c:73:28:
5b:d7:90:f9:9b:cc:16:ba:2c:2e:30:40:60:2b:50:e4:39:70:
a7:ec:7c:88:43:f3:1d:82:4f:a8:2f:7e:02:93:c5:6d:04:e3:
f0:56:fe:73:c5:a4:8d:90:2a:65:1f:e1:99:16:aa:64:f5:78:
65:9c:23:3a:9c:12:dd:99:2a:bc:21:14:69:fa:40:ea:bc:05:
2f:ec:03:02:c6:06:bd:83:b7:d5:22:4b:a4:aa:af:ab:4b:28:
3a:39:8f:ac:3b:fc:6d:95:b3:a3:80:83:ae:3c:3a:bc:eb:99:
06:a0:eb:c5:23:3c:a3:27:f7:7d:12:ec:fb:a5:0e:ac:4d:d9:
73:2a:80:61:e7:6e:30:03:f1:33:19:40:b6:ec:d3:9f:9b:97:
c7:74:19:7b:8f:5d:5c:99:28:80:7f:9c:19:b7:08:0f:b4:ca:
65:87:7a:28:0c:e6:2a:f6:4e:6e:d9:df:d4:36:cf:12:af:0a:
c8:06:ce:43:e7:c4:61:e6:71:9d:7c:12:4c:8f:85:58:d5:17:
65:0f:1f:71:43:ed:3c:1d:4c:34:8e:fe:a8:f5:a4:ca:9f:84:
87:b0:0b:86:8c:d1:42:71:0e:c7:69:c4:e1:cd:86:d4:87:15:
42:8e:6b:28
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAYkcGacm8CS+N61YCa7zxlQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh
YjJkMzkwHhcNMjMwNzAzMTQxMzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTE5N2M0YzI2ZjdjYmU3ZTU4MTcxYzljYjA3MWZmMDQxNWM4NmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13zWixWctf9bVqgEhSoqnIDRLNgc
A3Ad5RxZQLncF0wDXl1AOX8Ny5Y32epQEopMg7xKkgx5dgWHRWGXUun2kmVzRhhO
xVLFmJ4AEy1tFjXkqHgFutdY9UtjUQG6MkAVIz9GqeFEvs2LnJSR7zlA8qdIxf7X
vgmFFhgAH9qCLYEO1zfJd3G098hNDKFGeJLWZnkQIPzzaumSNpVRCdhbaHC+VFD2
PGfQLm+uuTi6JNhzU9vgGR+As0DDCA7nmpMUrELNIm4cAgNfrrALx4q+Tc48MG1t
YVya4kNOQOP+mRH141QF03oDDeQIxYn0jUEsz4jV04eJKPuuPAS1yS3cAQIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFEEZfEwm98vn5YFxycsHH/BBXIb5MB8GA1UdIwQY
MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt
YjhlOGIzNGRiMjkwLzEvUVJsOFRDYjN5LWZsZ1hISnl3Y2Y4RUZjaHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw
LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCARIEAgABMIIB
CgMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z
TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC
PsCcAwQDT2OgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQCuRQQAwQC
uTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQCuYewAwQC
uYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQCub8kAwQC
ucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHgAwUDKgBn
gAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEAfpJOX0+Z
4Vj8uevf4EeifHMoW9eQ+ZvMFrosLjBAYCtQ5Dlwp+x8iEPzHYJPqC9+ApPFbQTj
8Fb+c8WkjZAqZR/hmRaqZPV4ZZwjOpwS3ZkqvCEUafpA6rwFL+wDAsYGvYO31SJL
pKqvq0soOjmPrDv8bZWzo4CDrjw6vOuZBqDrxSM8oyf3fRLs+6UOrE3ZcyqAYedu
MAPxMxlAtuzTn5uXx3QZe49dXJkogH+cGbcID7TKZYd6KAzmKvZObtnf1DbPEq8K
yAbOQ+fEYeZxnXwSTI+FWNUXZQ8fcUPtPB1MNI7+qPWkyp+Eh7ALhozRQnEOx2nE
4c2G1IcVQo5rKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:11 2024 by rpki-client on console-fra.rpki-client.org