Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/QoAlrtJMGJJv_QAj6pq7kKXbYpI.roa
File: QoAlrtJMGJJv_QAj6pq7kKXbYpI.roa (raw, json)
Hash identifier: 8xBiSkxnZFK2aor6D4ZgGUGGLP22oE3MSaZzvTaO5+A=
Subject key identifier: 42:80:25:AE:D2:4C:18:92:6F:FD:00:23:EA:9A:BB:90:A5:DB:62:92
Certificate issuer: /CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Certificate serial: 018EA4FA3700A0B6C5218645B1BD7688B7FD
Authority key identifier: 72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/QoAlrtJMGJJv_QAj6pq7kKXbYpI.roa
Signing time: Wed 03 Apr 2024 17:20:45 +0000
ROA not before: Wed 03 Apr 2024 17:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49872
IP address blocks: 109.122.192.0/24 maxlen: 24
109.122.193.0/24 maxlen: 24
109.122.195.0/24 maxlen: 24
109.122.196.0/24 maxlen: 24
109.122.197.0/24 maxlen: 24
109.122.201.0/24 maxlen: 24
109.122.203.0/24 maxlen: 24
109.122.205.0/24 maxlen: 24
109.122.207.0/24 maxlen: 24
109.122.210.0/24 maxlen: 24
109.122.211.0/24 maxlen: 24
109.122.212.0/24 maxlen: 24
109.122.213.0/24 maxlen: 24
109.122.215.0/24 maxlen: 24
109.122.216.0/24 maxlen: 24
109.122.217.0/24 maxlen: 24
109.122.218.0/24 maxlen: 24
109.122.219.0/24 maxlen: 24
109.122.220.0/24 maxlen: 24
109.122.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 19:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:fa:37:00:a0:b6:c5:21:86:45:b1:bd:76:88:b7:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7222c5ab7db3dd3966192faafe07f3115b0c8ee5
Validity
Not Before: Apr 3 17:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=428025aed24c18926ffd0023ea9abb90a5db6292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:36:f3:64:43:92:aa:c1:b1:79:a6:7a:13:ff:
08:5e:b9:0e:6b:6f:d7:83:44:84:dc:c6:13:58:86:
8e:3b:0e:2e:4e:c4:a5:fd:ba:55:8a:3d:d6:9d:b1:
b6:b6:3d:16:90:4b:aa:32:41:3d:f0:63:b7:de:11:
ac:99:8f:ab:7c:01:f4:b9:91:96:dc:1d:09:99:0c:
53:a0:a8:7c:47:29:27:bb:2b:22:0d:02:1a:06:a9:
1e:4f:46:e9:e7:9e:8b:00:ef:40:ff:14:49:a1:90:
b8:91:85:15:1d:60:67:e0:ae:03:8b:2b:67:ae:ab:
9d:b2:d9:e6:51:36:9e:d6:75:bb:57:08:c1:d9:75:
7c:30:25:80:23:8f:44:1a:ec:8c:f9:16:bf:b9:a0:
2a:7d:bb:48:aa:9d:42:79:1f:00:b3:98:a5:38:3f:
d9:5e:2a:01:54:ac:48:67:26:46:a7:af:dd:15:83:
2d:a0:bf:0a:72:f1:21:4a:b8:c1:6b:0f:5c:bc:5e:
de:9f:5a:55:77:36:82:7e:29:78:1e:61:59:c8:17:
52:26:bb:47:13:86:88:6e:2d:62:9d:ad:77:f3:f6:
df:ee:e2:e4:a9:24:97:c7:e2:58:87:07:3b:86:42:
f0:ef:21:80:aa:a6:e2:0d:09:f6:94:1b:be:ee:0e:
bd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:80:25:AE:D2:4C:18:92:6F:FD:00:23:EA:9A:BB:90:A5:DB:62:92
X509v3 Authority Key Identifier:
keyid:72:22:C5:AB:7D:B3:DD:39:66:19:2F:AA:FE:07:F3:11:5B:0C:8E:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciLFq32z3TlmGS-q_gfzEVsMjuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/QoAlrtJMGJJv_QAj6pq7kKXbYpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/1c60ac-ba3f-440b-868b-ea12ef9422ec/1/ciLFq32z3TlmGS-q_gfzEVsMjuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.192.0/23
109.122.195.0-109.122.197.255
109.122.201.0/24
109.122.203.0/24
109.122.205.0/24
109.122.207.0/24
109.122.210.0-109.122.213.255
109.122.215.0-109.122.221.255
Signature Algorithm: sha256WithRSAEncryption
44:da:98:61:87:09:54:e8:1b:8d:7a:04:e9:4e:f0:fb:d8:64:
62:ec:38:f8:db:bd:61:5d:b5:01:56:c0:aa:82:6b:ab:31:ae:
d6:d6:e4:45:73:ec:8b:33:d3:ee:ac:8d:82:f4:f0:e4:f8:f8:
e7:e2:dd:7a:14:59:e5:d0:05:d7:91:3c:84:25:13:56:4a:b1:
16:45:14:e1:98:0e:88:78:94:d1:b3:64:17:cc:f1:62:d2:62:
0b:89:31:68:6b:f0:6d:b3:11:4e:20:25:04:4b:7a:e4:6c:fa:
3c:20:82:d0:48:69:ca:73:a4:0c:36:25:12:ec:17:91:09:15:
62:49:f3:f8:95:cc:3c:cb:cb:ff:b3:66:e3:80:b3:7f:41:4e:
fd:65:88:fc:5b:23:7e:5a:5b:13:3e:a3:01:90:0a:4d:27:ca:
4d:16:f7:e4:be:20:ea:f2:cd:e6:d9:39:7e:f5:c8:8f:b2:06:
0f:6b:99:a8:be:42:80:e8:cd:1e:f2:f6:1c:eb:e3:43:92:e0:
a7:4b:9b:43:53:83:eb:84:52:36:3c:01:b7:73:f7:89:22:2a:
36:df:42:aa:79:c0:f6:cb:98:86:2f:b9:e1:67:81:fd:89:f0:
a4:c8:cc:60:0a:d0:97:e2:72:11:65:b0:15:8f:c9:27:f3:b9:
48:4d:20:f3
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY6k+jcAoLbFIYZFsb12iLf9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjJjNWFiN2RiM2RkMzk2NjE5MmZhYWZlMDdmMzExNWIw
YzhlZTUwHhcNMjQwNDAzMTcyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjgwMjVhZWQyNGMxODkyNmZmZDAwMjNlYTlhYmI5MGE1ZGI2MjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszbzZEOSqsGxeaZ6E/8IXrkOa2/X
g0SE3MYTWIaOOw4uTsSl/bpVij3WnbG2tj0WkEuqMkE98GO33hGsmY+rfAH0uZGW
3B0JmQxToKh8RyknuysiDQIaBqkeT0bp556LAO9A/xRJoZC4kYUVHWBn4K4Diytn
rqudstnmUTae1nW7VwjB2XV8MCWAI49EGuyM+Ra/uaAqfbtIqp1CeR8As5ilOD/Z
XioBVKxIZyZGp6/dFYMtoL8KcvEhSrjBaw9cvF7en1pVdzaCfil4HmFZyBdSJrtH
E4aIbi1ina138/bf7uLkqSSXx+JYhwc7hkLw7yGAqqbiDQn2lBu+7g69WwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEKAJa7STBiSb/0AI+qau5Cl22KSMB8GA1UdIwQY
MBaAFHIixat9s905Zhkvqv4H8xFbDI7lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGIt
ZWExMmVmOTQyMmVjLzEvUW9BbHJ0Sk1HSkp2X1FBajZwcTdrS1hiWXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xYzYwYWMtYmEzZi00NDBiLTg2OGItZWExMmVmOTQyMmVj
LzEvY2lMRnEzMnozVGxtR1MtcV9nZnpFVnNNanVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBbXrAMAwD
BABtesMDBAFtesQDBABteskDBABtessDBABtes0DBABtes8wDAMEAW160gMEAW16
1DAMAwQAbXrXAwQBbXrcMA0GCSqGSIb3DQEBCwUAA4IBAQBE2phhhwlU6BuNegTp
TvD72GRi7Dj4271hXbUBVsCqgmurMa7W1uRFc+yLM9PurI2C9PDk+Pjn4t16FFnl
0AXXkTyEJRNWSrEWRRThmA6IeJTRs2QXzPFi0mILiTFoa/BtsxFOICUES3rkbPo8
IILQSGnKc6QMNiUS7BeRCRViSfP4lcw8y8v/s2bjgLN/QU79ZYj8WyN+WlsTPqMB
kApNJ8pNFvfkviDq8s3m2Tl+9ciPsgYPa5movkKA6M0e8vYc6+NDkuCnS5tDU4Pr
hFI2PAG3c/eJIio230KqecD2y5iGL7nhZ4H9ifCkyMxgCtCX4nIRZbAVj8kn87lI
TSDz
-----END CERTIFICATE-----
Generated at Tue Apr 16 21:40:06 2024 by rpki-client on console-fra.rpki-client.org