Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/qJKMHYgZOGsH2mKGlqnLx8SnBTM.roa
File: qJKMHYgZOGsH2mKGlqnLx8SnBTM.roa (raw, json)
Hash identifier: M12uhuq8goSnp17raPTVUfmthFLGZxXwLU1DDcnDhPI=
Subject key identifier: A8:92:8C:1D:88:19:38:6B:07:DA:62:86:96:A9:CB:C7:C4:A7:05:33
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 0186DB2306D0119DB2B187C1B236ACA9B16E
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/qJKMHYgZOGsH2mKGlqnLx8SnBTM.roa
Signing time: Mon 13 Mar 2023 13:22:31 +0000
ROA not before: Mon 13 Mar 2023 13:22:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52145
IP address blocks: 185.21.120.0/24 maxlen: 24
185.21.121.0/24 maxlen: 24
185.21.122.0/24 maxlen: 24
185.21.123.0/24 maxlen: 24
185.21.120.0/22 maxlen: 22
46.253.82.0/24 maxlen: 24
46.253.84.0/23 maxlen: 23
46.253.85.0/24 maxlen: 24
46.253.84.0/24 maxlen: 24
46.253.82.0/23 maxlen: 23
46.253.83.0/24 maxlen: 24
46.253.80.0/20 maxlen: 20
46.253.80.0/23 maxlen: 23
46.253.80.0/21 maxlen: 21
46.253.80.0/24 maxlen: 24
46.253.81.0/24 maxlen: 24
46.253.89.0/24 maxlen: 24
46.253.86.0/24 maxlen: 24
46.253.87.0/24 maxlen: 24
46.253.88.0/24 maxlen: 24
46.253.90.0/24 maxlen: 24
46.253.90.0/25 maxlen: 25
46.253.90.128/25 maxlen: 25
46.253.91.0/24 maxlen: 24
46.253.88.0/21 maxlen: 21
46.253.86.0/23 maxlen: 23
46.253.92.0/24 maxlen: 24
46.253.93.0/24 maxlen: 24
46.253.94.0/24 maxlen: 24
46.253.95.0/24 maxlen: 24
2a04:19c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:23:06:d0:11:9d:b2:b1:87:c1:b2:36:ac:a9:b1:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Mar 13 13:22:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8928c1d8819386b07da628696a9cbc7c4a70533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:50:76:2e:a4:47:a7:21:93:f3:a5:3b:90:f0:
31:0b:31:de:a2:81:e2:fa:ba:12:88:6d:8d:9f:3c:
e6:ca:d5:b7:da:02:8b:43:0f:e5:b7:e8:b7:61:19:
6d:bc:54:f9:bd:96:39:d4:c1:fb:75:ac:96:5b:29:
2e:24:94:a9:dd:5d:61:ae:b1:3e:dc:9a:a0:34:a2:
8a:ad:de:8e:82:07:e5:73:ff:2f:16:96:4c:4a:10:
0f:de:09:5b:86:c4:1b:73:39:a7:44:d8:52:6d:5b:
93:7d:c8:36:c5:c2:d3:f8:4b:c5:f2:ba:01:23:61:
02:fa:77:8d:36:a7:ba:c9:77:71:33:bc:f2:bc:bf:
91:59:bb:78:97:0d:7e:be:34:85:19:c0:c0:39:3b:
8f:cb:45:f0:63:69:06:e3:b7:39:82:c8:3d:10:a7:
db:fc:ec:db:39:f8:0a:74:88:ec:7f:a4:f5:c0:19:
0b:ed:26:0e:93:46:9a:0f:72:75:9f:96:b1:1c:b7:
97:24:cb:e1:ef:c8:d5:31:6f:af:37:ca:a7:95:78:
91:7b:65:34:18:6a:1b:51:33:cf:5c:2c:c5:c9:e1:
97:7a:92:e8:2f:87:c0:bb:df:1d:19:61:55:a6:ff:
2a:fd:a2:cd:50:db:62:88:2c:a7:d0:07:ad:aa:79:
5e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:92:8C:1D:88:19:38:6B:07:DA:62:86:96:A9:CB:C7:C4:A7:05:33
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/qJKMHYgZOGsH2mKGlqnLx8SnBTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/20
185.21.120.0/22
IPv6:
2a04:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
c9:ce:51:48:ee:6e:e9:d3:d1:20:e7:b8:a5:99:e2:bb:25:fa:
4b:e3:75:91:06:7d:49:4c:e4:78:70:c7:23:40:32:50:e2:bd:
4a:39:55:76:0a:7b:55:32:14:26:e1:03:5d:2f:48:df:85:b0:
8e:25:d2:92:db:86:42:2b:fb:f6:8e:76:28:d8:b0:43:43:54:
9d:a5:92:06:1a:ad:ec:eb:a0:7c:1f:0c:fc:cb:de:3f:17:51:
38:89:ce:70:7e:75:d9:44:72:cf:90:8a:69:76:15:53:1c:db:
cb:91:72:7a:4e:1a:7d:72:18:43:18:1b:89:e0:06:56:63:e5:
f9:09:75:92:d5:9f:f3:77:fd:96:7a:ce:34:9f:3c:7d:be:07:
2d:3c:92:3d:a8:89:83:24:1d:60:b1:23:a3:66:ee:5f:c8:f0:
af:01:bf:07:d9:78:0b:2a:0a:8f:b9:de:e7:1e:ef:32:52:ea:
d9:d3:aa:4c:5d:8e:be:1d:cd:da:c7:76:c1:ff:18:b1:51:50:
42:d4:57:4e:60:0d:62:9b:a6:e5:3b:fc:81:7b:d0:1a:d0:f5:
52:45:76:38:ab:ac:5e:1a:8b:39:bf:a8:96:13:c7:37:09:5a:
b0:f7:7d:f5:a0:da:26:de:33:63:b5:21:b0:0f:ec:6c:8e:12:
8c:99:b2:e2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbbIwbQEZ2ysYfBsjasqbFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjMwMzEzMTMyMjMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODkyOGMxZDg4MTkzODZiMDdkYTYyODY5NmE5Y2JjN2M0YTcwNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilB2LqRHpyGT86U7kPAxCzHeooHi
+roSiG2NnzzmytW32gKLQw/lt+i3YRltvFT5vZY51MH7dayWWykuJJSp3V1hrrE+
3JqgNKKKrd6Oggflc/8vFpZMShAP3glbhsQbczmnRNhSbVuTfcg2xcLT+EvF8roB
I2EC+neNNqe6yXdxM7zyvL+RWbt4lw1+vjSFGcDAOTuPy0XwY2kG47c5gsg9EKfb
/OzbOfgKdIjsf6T1wBkL7SYOk0aaD3J1n5axHLeXJMvh78jVMW+vN8qnlXiRe2U0
GGobUTPPXCzFyeGXepLoL4fAu98dGWFVpv8q/aLNUNtiiCyn0AetqnleAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKiSjB2IGThrB9pihpapy8fEpwUzMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvcUpLTUhZZ1pPR3NIMm1LR2xxbkx4OFNuQlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELv1QAwQC
uRV4MA0EAgACMAcDBQMqBBnAMA0GCSqGSIb3DQEBCwUAA4IBAQDJzlFI7m7p09Eg
57ilmeK7JfpL43WRBn1JTOR4cMcjQDJQ4r1KOVV2CntVMhQm4QNdL0jfhbCOJdKS
24ZCK/v2jnYo2LBDQ1SdpZIGGq3s66B8Hwz8y94/F1E4ic5wfnXZRHLPkIppdhVT
HNvLkXJ6Thp9chhDGBuJ4AZWY+X5CXWS1Z/zd/2Wes40nzx9vgctPJI9qImDJB1g
sSOjZu5fyPCvAb8H2XgLKgqPud7nHu8yUurZ06pMXY6+Hc3ax3bB/xixUVBC1FdO
YA1im6blO/yBe9Aa0PVSRXY4q6xeGos5v6iWE8c3CVqw9331oNom3jNjtSGwD+xs
jhKMmbLi
-----END CERTIFICATE-----
Generated at Thu Aug 3 12:56:53 2023 by rpki-client on console-ams.rpki-client.org