Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/qs7Mf0d1txlExQAm_TvwSR9qdsk.roa
File: qs7Mf0d1txlExQAm_TvwSR9qdsk.roa (raw, json)
Hash identifier: 8aZAR5rUphVL3/jsDtV+9x9r8hM2jyf3bMsRmBPcVW4=
Subject key identifier: AA:CE:CC:7F:47:75:B7:19:44:C5:00:26:FD:3B:F0:49:1F:6A:76:C9
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018692B2EF12DE8B6FFDFDAF9E111FC7B0D2
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/qs7Mf0d1txlExQAm_TvwSR9qdsk.roa
Signing time: Mon 27 Feb 2023 11:47:25 +0000
ROA not before: Mon 27 Feb 2023 11:47:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42473
IP address blocks: 185.228.148.0/22 maxlen: 22
37.235.4.0/24 maxlen: 24
37.235.3.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
185.2.176.0/22 maxlen: 32
144.208.192.0/18 maxlen: 32
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.207.0/24 maxlen: 24
178.255.152.0/21 maxlen: 32
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
176.123.54.0/23 maxlen: 23
213.227.160.0/19 maxlen: 32
194.1.206.0/24 maxlen: 32
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
217.146.0.0/19 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.247.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
188.172.192.0/18 maxlen: 32
185.81.209.0/24 maxlen: 24
188.172.208.0/24 maxlen: 24
188.65.72.0/21 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
144.208.216.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0::/32 maxlen: 128
2a01:aea0:dd1::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a01:aea0::/40 maxlen: 40
2a01:aea0::/32 maxlen: 32
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Mar 2023 09:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:b2:ef:12:de:8b:6f:fd:fd:af:9e:11:1f:c7:b0:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Feb 27 11:47:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aacecc7f4775b71944c50026fd3bf0491f6a76c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:05:cf:84:41:7e:d2:65:15:94:bc:19:b3:f3:
07:30:d3:0f:ae:d8:87:b7:09:2b:cf:fb:10:8e:fd:
4b:6b:ce:7b:2c:0c:84:c5:af:5d:6b:86:4b:f2:c2:
b4:49:97:d1:f2:8e:24:a4:72:41:71:ed:1d:32:7e:
0f:5f:c9:a3:1f:29:52:ac:8b:1b:a3:26:0d:83:d5:
09:63:bd:76:61:09:24:79:2f:02:48:c8:96:0d:b1:
d5:fd:24:fd:1e:4d:7f:f0:8a:99:f3:a5:a0:44:05:
df:69:d4:f5:42:80:e7:c1:4a:a8:18:4d:06:d3:dd:
59:85:5b:cd:a8:ce:ac:2e:bf:9e:24:f0:da:ad:02:
2a:bf:7c:28:51:56:26:3e:77:de:4a:62:37:be:22:
c9:f8:f5:a8:d6:cb:41:d7:80:3b:7f:db:d3:ef:94:
21:3c:b3:67:d7:50:31:09:83:d0:76:e5:b9:d2:55:
fa:9d:8c:65:ce:00:ef:0d:e1:b8:08:7c:1b:bd:11:
58:de:70:8d:a7:c7:15:e4:df:4f:42:dc:1b:f8:12:
f8:6b:f9:5f:59:d2:01:f5:b2:7d:3d:ce:ae:21:0b:
ee:a6:52:04:8e:45:6f:6b:23:70:0b:0a:bb:21:e4:
a2:21:ea:ed:b8:4b:dc:ee:53:c4:2c:0a:f8:91:cf:
21:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CE:CC:7F:47:75:B7:19:44:C5:00:26:FD:3B:F0:49:1F:6A:76:C9
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/qs7Mf0d1txlExQAm_TvwSR9qdsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.252.224.0/19
45.132.61.0-45.132.63.255
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
Signature Algorithm: sha256WithRSAEncryption
21:32:5b:42:d4:ae:2a:bb:3e:af:94:9d:23:89:4f:2e:d4:5c:
3d:91:a8:f5:1f:5c:c3:50:52:17:40:a5:b3:e9:6e:5d:36:3d:
15:f9:99:48:98:c1:35:1e:a6:ed:77:cb:10:67:1a:07:32:05:
6b:67:a1:02:43:0f:29:c1:92:6f:dd:30:31:d6:7b:41:f9:2f:
ba:e8:68:7d:d7:fa:94:2d:22:d5:5e:98:a0:cd:84:3d:ea:f4:
f8:2b:78:eb:de:b2:d6:01:e6:ed:c3:11:2f:9c:f8:d6:e8:af:
25:8d:17:0e:61:46:32:61:37:5f:83:dc:c0:a9:7e:23:e6:d4:
24:b9:22:01:9f:f0:79:26:17:61:04:5e:56:93:4e:f9:1d:c1:
bb:94:15:ff:70:48:cc:87:17:7e:bf:e6:21:30:af:f1:1a:01:
03:ff:95:c9:87:93:ef:e5:ff:23:84:30:14:21:bd:de:12:18:
cb:ee:91:01:01:e0:24:35:0c:06:ab:83:52:f0:29:0d:fa:93:
97:73:15:44:50:d5:41:e1:50:fd:c2:2a:9a:b8:b4:6c:59:57:
ed:16:56:9a:b7:8f:7b:74:f6:fa:00:79:ff:cc:b8:bc:76:49:
3e:b9:d7:8c:bc:f9:64:da:1e:74:37:19:97:c7:5d:ad:35:b5:
08:d1:b1:8a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAYaSsu8S3otv/f2vnhEfx7DSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwMjI3MTE0NzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNlY2M3ZjQ3NzViNzE5NDRjNTAwMjZmZDNiZjA0OTFmNmE3NmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQXPhEF+0mUVlLwZs/MHMNMPrtiH
twkrz/sQjv1La857LAyExa9da4ZL8sK0SZfR8o4kpHJBce0dMn4PX8mjHylSrIsb
oyYNg9UJY712YQkkeS8CSMiWDbHV/ST9Hk1/8IqZ86WgRAXfadT1QoDnwUqoGE0G
091ZhVvNqM6sLr+eJPDarQIqv3woUVYmPnfeSmI3viLJ+PWo1stB14A7f9vT75Qh
PLNn11AxCYPQduW50lX6nYxlzgDvDeG4CHwbvRFY3nCNp8cV5N9PQtwb+BL4a/lf
WdIB9bJ9Pc6uIQvuplIEjkVvayNwCwq7IeSiIertuEvc7lPELAr4kc8hOQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFKrOzH9HdbcZRMUAJv078EkfanbJMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvcXM3TWYwZDF0eGxFeFFBbV9UdndTUjlxZHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBkQQCAAEwgYowDAME
ACXrAwMEASXrBAMEBSX84DAMAwQALYQ9AwQGLYQAMAwDBABeEH0DBABeEH4DBAaQ
0MADBAGwezYDBAOy/5gDBAK5ArADBAG5MugDBAC5MusDBAC5UdEDBAK5dGADBAK5
5JQDBAO8QUgDBAa8rMADBAHBIXIDBADCAc4DBAXV46ADBAXZkgAwFAQCAAIwDgMF
ACoAEcADBQAqAa6gMA0GCSqGSIb3DQEBCwUAA4IBAQAhMltC1K4quz6vlJ0jiU8u
1Fw9kaj1H1zDUFIXQKWz6W5dNj0V+ZlImME1Hqbtd8sQZxoHMgVrZ6ECQw8pwZJv
3TAx1ntB+S+66Gh91/qULSLVXpigzYQ96vT4K3jr3rLWAebtwxEvnPjW6K8ljRcO
YUYyYTdfg9zAqX4j5tQkuSIBn/B5JhdhBF5Wk075HcG7lBX/cEjMhxd+v+YhMK/x
GgED/5XJh5Pv5f8jhDAUIb3eEhjL7pEBAeAkNQwGq4NS8CkN+pOXcxVEUNVB4VD9
wiqauLRsWVftFlaat497dPb6AHn/zLi8dkk+udeMvPlk2h50NxmXx12tNbUI0bGK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:51 2024 by rpki-client on console-ams.rpki-client.org