Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/1QU54Cgf7CTo54PajtaSGSS5BK4.roa
File: 1QU54Cgf7CTo54PajtaSGSS5BK4.roa (raw, json)
Hash identifier: n/CzfsEznL5zLW4aFXoaSkYkghwF5+DIo1zQNFOIkcQ=
Subject key identifier: D5:05:39:E0:28:1F:EC:24:E8:E7:83:DA:8E:D6:92:19:24:B9:04:AE
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 01856FC290E67FB4EF64DBE9F618195C211D
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/1QU54Cgf7CTo54PajtaSGSS5BK4.roa
Signing time: Sun 01 Jan 2023 23:55:00 +0000
ROA not before: Sun 01 Jan 2023 23:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 213.157.189.0/24 maxlen: 24
213.154.100.0/24 maxlen: 24
188.26.128.0/18 maxlen: 24
212.93.128.0/19 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
212.93.143.0/24 maxlen: 24
213.157.160.0/19 maxlen: 24
188.26.224.0/19 maxlen: 24
5.12.0.0/14 maxlen: 24
82.76.0.0/14 maxlen: 24
93.113.40.0/22 maxlen: 24
86.120.0.0/13 maxlen: 24
82.137.16.0/20 maxlen: 24
82.137.32.0/19 maxlen: 24
188.26.0.0/17 maxlen: 24
62.231.120.0/24 maxlen: 24
5.2.128.0/17 maxlen: 24
79.117.0.0/16 maxlen: 24
62.231.64.0/18 maxlen: 24
82.137.0.0/21 maxlen: 24
82.137.0.0/18 maxlen: 24
89.46.12.0/22 maxlen: 24
79.112.0.0/13 maxlen: 24
185.129.36.0/22 maxlen: 22
31.14.104.0/21 maxlen: 24
79.112.0.0/14 maxlen: 24
82.79.10.0/24 maxlen: 24
194.102.80.0/23 maxlen: 24
194.102.81.0/24 maxlen: 24
31.14.192.0/21 maxlen: 24
81.18.64.0/19 maxlen: 24
31.14.224.0/22 maxlen: 24
84.232.128.0/17 maxlen: 24
188.27.0.0/16 maxlen: 24
79.118.0.0/15 maxlen: 24
84.232.149.0/24 maxlen: 24
81.196.0.0/16 maxlen: 24
79.118.155.0/24 maxlen: 24
193.111.232.0/24 maxlen: 24
188.24.0.0/15 maxlen: 24
212.54.96.0/19 maxlen: 24
188.27.120.0/24 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.54.120.0/24 maxlen: 24
86.121.222.0/24 maxlen: 24
2a02:2f00::/28 maxlen: 48
2a02:2f09:3100::/48 maxlen: 48
2a03:9c20:1000::/48 maxlen: 48
2a03:9c20:f000::/48 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
2a02:2f01:100::/48 maxlen: 48
2a03:9c20::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:90:e6:7f:b4:ef:64:db:e9:f6:18:19:5c:21:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Jan 1 23:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d50539e0281fec24e8e783da8ed6921924b904ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:49:7d:cd:99:09:57:6f:dc:2a:1c:8f:c5:67:
d1:46:f2:b7:b8:b4:97:32:f1:ba:fd:fc:ea:ed:84:
8e:4b:86:9c:a8:cf:00:e4:a5:00:e8:05:19:b6:81:
cb:2a:b5:0a:cd:e6:c0:f0:06:df:f0:3b:f2:ef:cb:
e0:70:27:da:03:b0:1a:50:a0:d6:0c:56:58:a4:8c:
90:35:13:e6:64:59:15:90:b7:37:fe:43:e6:50:c8:
00:ef:fe:a8:dc:88:57:e9:52:2b:2c:60:67:d5:86:
db:64:af:79:6a:b9:36:b6:68:fc:2f:7e:e0:8f:9f:
9d:2f:0c:3b:39:f1:63:f2:64:00:93:37:68:00:ee:
83:f9:d5:2b:75:c7:80:d7:0a:aa:1a:d7:e0:38:78:
7e:d7:34:7d:82:07:3a:a1:1c:8c:21:7d:22:a0:c7:
d5:e3:9c:c0:66:5d:a0:f4:8d:a5:10:f5:4b:23:f5:
b6:a0:7f:ee:60:2a:89:cf:5b:05:da:01:2c:13:a4:
4a:a9:4c:63:c8:7e:63:41:07:5d:09:6e:3a:69:45:
0f:02:2f:c5:7a:ae:cc:6e:6e:a3:c0:c7:06:54:ea:
68:13:8a:1a:72:54:21:81:31:41:e1:c2:9b:12:24:
05:22:30:20:e5:f7:07:c3:9b:42:15:31:de:b4:da:
f2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:05:39:E0:28:1F:EC:24:E8:E7:83:DA:8E:D6:92:19:24:B9:04:AE
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/1QU54Cgf7CTo54PajtaSGSS5BK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.104.0/21
31.14.192.0/21
31.14.224.0/22
62.231.64.0/18
79.112.0.0/13
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.46.12.0/22
93.113.40.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
193.111.232.0/24
194.102.80.0/23
212.54.96.0/19
212.93.128.0/19
213.154.100.0/24
213.157.160.0/19
IPv6:
2a02:2f00::/28
2a03:9c20::/32
Signature Algorithm: sha256WithRSAEncryption
12:dd:bc:64:d7:6c:65:d6:9b:20:a2:db:1a:3f:99:7b:5a:4b:
a5:24:45:55:9f:56:68:54:a2:35:18:90:9c:8e:0e:24:61:2b:
2a:f5:cf:bd:7e:6e:55:67:23:3d:52:14:26:b9:02:24:e6:59:
63:f6:86:6b:9e:70:52:1f:58:c6:36:2f:61:24:86:46:64:4f:
d8:1a:ee:a3:95:ae:d7:b5:6a:08:f9:ce:f5:b8:66:cd:32:f8:
8a:2a:5b:ee:bc:55:66:8a:4d:b6:a1:83:e2:58:81:09:cf:1f:
4c:e3:e7:46:ce:f4:a9:5c:1d:4d:28:6c:57:5c:b9:00:6d:de:
8b:1a:c4:73:a6:32:8f:3a:00:53:f5:06:b5:44:6b:e6:f4:18:
df:6e:af:dc:b0:70:ed:9a:2b:39:e2:df:3d:c5:1e:20:00:9b:
7f:27:c5:ab:08:90:d5:77:b3:7c:5e:db:bc:29:b5:a4:07:b5:
38:1b:e0:fd:2a:73:1e:5d:a1:35:8b:2b:bc:7e:41:5d:10:f1:
d4:47:4d:73:eb:59:f4:f0:aa:4a:93:1e:1c:d7:73:15:38:92:
4c:59:2c:ed:47:7f:87:1e:e0:ca:54:76:5e:b7:24:51:3d:6d:
29:60:dc:87:6e:6c:e5:e2:ce:fb:08:18:4b:33:85:71:50:47:
0c:12:66:e7
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYVvwpDmf7TvZNvp9hgZXCEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjMwMTAxMjM1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA1MzllMDI4MWZlYzI0ZThlNzgzZGE4ZWQ2OTIxOTI0YjkwNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkl9zZkJV2/cKhyPxWfRRvK3uLSX
MvG6/fzq7YSOS4acqM8A5KUA6AUZtoHLKrUKzebA8Abf8Dvy78vgcCfaA7AaUKDW
DFZYpIyQNRPmZFkVkLc3/kPmUMgA7/6o3IhX6VIrLGBn1YbbZK95ark2tmj8L37g
j5+dLww7OfFj8mQAkzdoAO6D+dUrdceA1wqqGtfgOHh+1zR9ggc6oRyMIX0ioMfV
45zAZl2g9I2lEPVLI/W2oH/uYCqJz1sF2gEsE6RKqUxjyH5jQQddCW46aUUPAi/F
eq7Mbm6jwMcGVOpoE4oaclQhgTFB4cKbEiQFIjAg5fcHw5tCFTHetNry5QIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFNUFOeAoH+wk6OeD2o7WkhkkuQSuMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvMVFVNTRDZ2Y3Q1RvNTRQYWp0YVNHU1M1Qks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBoAQCAAEwgZkDBAcF
AoADAwIFDAMEAx8OaAMEAx8OwAMEAh8O4AMEBj7nQAMDA09wAwQFURJAAwMAUcQD
AwJSTAMEBlKJAAMEB1TogAMDA1Z4AwQCWS4MAwQCXXEoAwQCuYEkMAsDAwO8GAME
BrwagDALAwQFvBrgAwMCvBgDBADBb+gDBAHCZlADBAXUNmADBAXUXYADBADVmmQD
BAXVnaAwFAQCAAIwDgMFBCoCLwADBQAqA5wgMA0GCSqGSIb3DQEBCwUAA4IBAQAS
3bxk12xl1psgotsaP5l7WkulJEVVn1ZoVKI1GJCcjg4kYSsq9c+9fm5VZyM9UhQm
uQIk5llj9oZrnnBSH1jGNi9hJIZGZE/YGu6jla7XtWoI+c71uGbNMviKKlvuvFVm
ik22oYPiWIEJzx9M4+dGzvSpXB1NKGxXXLkAbd6LGsRzpjKPOgBT9Qa1RGvm9Bjf
bq/csHDtmis54t89xR4gAJt/J8WrCJDVd7N8Xtu8KbWkB7U4G+D9KnMeXaE1iyu8
fkFdEPHUR01z61n08KpKkx4c13MVOJJMWSztR3+HHuDKVHZetyRRPW0pYNyHbmzl
4s77CBhLM4VxUEcMEmbn
-----END CERTIFICATE-----
Generated at Wed Nov 15 11:17:41 2023 by rpki-client on console-ams.rpki-client.org