Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/qbp5hZGuDsDBMYdaTp0Z69uS75o.roa
File: qbp5hZGuDsDBMYdaTp0Z69uS75o.roa (raw, json)
Hash identifier: 3ARlO0adTILbPpK8pVBtzhj9fDvuEuXAtWzee3mKe2Q=
Subject key identifier: A9:BA:79:85:91:AE:0E:C0:C1:31:87:5A:4E:9D:19:EB:DB:92:EF:9A
Certificate issuer: /CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Certificate serial: 0189935018949B64EFFE0329B4FAD8B94C62
Authority key identifier: 62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/qbp5hZGuDsDBMYdaTp0Z69uS75o.roa
Signing time: Wed 26 Jul 2023 17:47:27 +0000
ROA not before: Wed 26 Jul 2023 17:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61333
IP address blocks: 94.228.108.0/24 maxlen: 24
94.228.107.0/24 maxlen: 24
94.228.110.0/24 maxlen: 24
94.228.96.0/24 maxlen: 24
94.228.96.0/20 maxlen: 24
94.228.98.0/24 maxlen: 24
94.228.100.0/24 maxlen: 24
94.228.104.0/24 maxlen: 24
94.228.105.0/24 maxlen: 24
149.126.64.0/24 maxlen: 24
149.126.64.0/21 maxlen: 24
149.126.65.0/24 maxlen: 24
149.126.67.0/24 maxlen: 24
149.126.66.0/24 maxlen: 24
149.126.70.0/24 maxlen: 24
194.169.198.0/24 maxlen: 24
185.251.52.0/24 maxlen: 24
185.251.54.0/24 maxlen: 24
185.251.53.0/24 maxlen: 24
193.200.249.0/24 maxlen: 24
2a00:e30:a00::/40 maxlen: 48
2a00:e30:ed00::/41 maxlen: 48
2a00:e30:6900::/41 maxlen: 41
2a00:e30:3000::/41 maxlen: 41
2a00:e30:2100::/41 maxlen: 41
2a00:e30:280::/41 maxlen: 41
2a00:e30::/41 maxlen: 41
Validation: Failed, certificate revoked on Sun 06 Aug 2023 14:25:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:93:50:18:94:9b:64:ef:fe:03:29:b4:fa:d8:b9:4c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Validity
Not Before: Jul 26 17:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9ba798591ae0ec0c131875a4e9d19ebdb92ef9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e8:b0:f7:84:00:fc:dc:fc:c1:6d:4b:10:4a:
83:b3:b9:d0:79:00:24:77:09:d1:50:cb:f8:ef:31:
60:94:7a:df:2a:e4:2a:94:aa:9e:e9:4d:d2:f2:1c:
35:9c:8a:52:e7:79:c8:14:63:cc:cc:96:fa:0c:10:
5b:1d:e3:8c:ae:75:6d:09:f7:5f:40:8a:60:c6:81:
26:40:54:a0:53:c5:01:c6:c1:d1:b6:01:b6:6b:c8:
f9:72:2f:9a:a1:ea:a9:4b:fe:1c:5e:01:0a:a1:a0:
29:61:3d:68:f2:43:b8:60:14:9e:d5:ce:bc:40:c7:
ec:d2:b0:b5:fd:97:09:6d:b7:42:f2:e4:ca:3f:ce:
62:31:e1:19:7b:81:74:07:ed:51:4f:c2:23:d5:4f:
18:b8:95:8c:24:70:05:c3:ee:dd:69:b2:8b:9b:fa:
9d:10:73:eb:17:27:56:b8:c6:e1:3d:c7:67:5d:f0:
f5:44:c6:1e:ee:d1:cb:3f:ae:60:3f:76:0f:9b:a0:
7c:5e:d7:d3:31:47:94:2c:cb:8a:9d:fe:07:ac:2b:
12:52:96:9d:86:ef:48:4a:9d:a1:64:0c:98:18:fa:
05:5b:89:f4:3e:a2:75:a9:dd:6e:ac:86:1f:a2:a9:
dc:e2:e7:14:dd:a0:e2:cc:59:21:de:42:cc:61:2d:
a7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BA:79:85:91:AE:0E:C0:C1:31:87:5A:4E:9D:19:EB:DB:92:EF:9A
X509v3 Authority Key Identifier:
keyid:62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/qbp5hZGuDsDBMYdaTp0Z69uS75o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.96.0/20
149.126.64.0/21
185.251.52.0-185.251.54.255
193.200.249.0/24
194.169.198.0/24
IPv6:
2a00:e30::/41
2a00:e30:280::/41
2a00:e30:a00::/40
2a00:e30:2100::/41
2a00:e30:3000::/41
2a00:e30:6900::/41
2a00:e30:ed00::/41
Signature Algorithm: sha256WithRSAEncryption
04:56:b4:01:1f:c4:7b:07:52:39:2b:3f:17:57:4f:cb:aa:3c:
27:b5:74:2f:ef:81:b7:dd:38:f2:46:4e:9f:6b:09:aa:08:d5:
b7:c7:be:54:02:87:dc:bd:78:d8:8c:59:a3:13:a1:9b:d6:db:
c0:ad:5b:e9:92:70:1f:1a:61:b7:4f:e8:9b:a7:c8:2e:0b:d4:
04:d5:8b:26:fa:c5:bf:ed:a6:ba:0e:23:d7:c2:d6:4f:c8:32:
11:fb:a5:7d:79:e2:f8:97:b5:5f:a4:2d:d3:51:fd:9b:b0:b8:
d1:1c:8b:6a:4e:12:15:8d:d7:cd:69:d9:d9:07:73:d0:10:78:
59:96:6c:41:e2:0f:17:de:60:74:c0:d0:6b:f4:fe:08:90:03:
29:92:26:26:6e:9a:ab:79:0e:3a:7d:5e:6f:b1:d6:99:72:d9:
65:68:dd:97:09:98:77:7e:8c:c0:0f:5e:3b:7f:3c:04:4d:1f:
9b:4f:23:18:0a:cf:6b:2f:0f:61:72:8d:07:6b:f5:c6:95:7b:
81:3b:4c:1c:ee:61:df:f0:8b:1c:e8:3e:01:c2:07:2d:ff:36:
68:61:c5:8a:dc:63:43:0f:15:22:42:fc:82:df:7f:ba:13:d2:
0b:fa:54:b0:15:ab:7a:7d:83:f9:34:e9:a5:62:4f:a7:3d:aa:
0c:88:50:d0
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYmTUBiUm2Tv/gMptPrYuUxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMzUyNmFkOWZiZWM1NzRmYTRlYzNkOWJhZGI1NDMzZmRh
YWNhN2IwHhcNMjMwNzI2MTc0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWJhNzk4NTkxYWUwZWMwYzEzMTg3NWE0ZTlkMTllYmRiOTJlZjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguiw94QA/Nz8wW1LEEqDs7nQeQAk
dwnRUMv47zFglHrfKuQqlKqe6U3S8hw1nIpS53nIFGPMzJb6DBBbHeOMrnVtCfdf
QIpgxoEmQFSgU8UBxsHRtgG2a8j5ci+aoeqpS/4cXgEKoaApYT1o8kO4YBSe1c68
QMfs0rC1/ZcJbbdC8uTKP85iMeEZe4F0B+1RT8Ij1U8YuJWMJHAFw+7dabKLm/qd
EHPrFydWuMbhPcdnXfD1RMYe7tHLP65gP3YPm6B8XtfTMUeULMuKnf4HrCsSUpad
hu9ISp2hZAyYGPoFW4n0PqJ1qd1urIYfoqnc4ucU3aDizFkh3kLMYS2nowIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFKm6eYWRrg7AwTGHWk6dGevbku+aMB8GA1UdIwQY
MBaAFGI1Jq2fvsV0+k7D2brbVDP9qsp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2Yt
ODFjOGNlNzUwMTI0LzEvcWJwNWhaR3VEc0RCTVlkYVRwMFo2OXVTNzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2YtODFjOGNlNzUwMTI0
LzEvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwLAQCAAEwJgMEBF7kYAME
A5V+QDAMAwQCufs0AwQAufs2AwQAwcj5AwQAwqnGMEQEAgACMD4DBwcqAA4wAAAD
BwcqAA4wAoADBgAqAA4wCgMHByoADjAhAAMHByoADjAwAAMHByoADjBpAAMHByoA
DjDtADANBgkqhkiG9w0BAQsFAAOCAQEABFa0AR/EewdSOSs/F1dPy6o8J7V0L++B
t9048kZOn2sJqgjVt8e+VAKH3L142IxZoxOhm9bbwK1b6ZJwHxpht0/om6fILgvU
BNWLJvrFv+2mug4j18LWT8gyEfulfXni+Je1X6Qt01H9m7C40RyLak4SFY3XzWnZ
2Qdz0BB4WZZsQeIPF95gdMDQa/T+CJADKZImJm6aq3kOOn1eb7HWmXLZZWjdlwmY
d36MwA9eO388BE0fm08jGArPay8PYXKNB2v1xpV7gTtMHO5h3/CLHOg+AcIHLf82
aGHFitxjQw8VIkL8gt9/uhPSC/pUsBWren2D+TTppWJPpz2qDIhQ0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:03 2024 by rpki-client on console-fra.rpki-client.org