Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/QHprrPiInHD8qjZ7-qkeY7171ng.roa
File: QHprrPiInHD8qjZ7-qkeY7171ng.roa (raw, json)
Hash identifier: xCTjrbZMs4a1E644ztJZgXQBUIotxLwz2AuiXdHgvQE=
Subject key identifier: 40:7A:6B:AC:F8:88:9C:70:FC:AA:36:7B:FA:A9:1E:63:BD:7B:D6:78
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: 0186B633E821318F11799B73F064696DD4D9
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/QHprrPiInHD8qjZ7-qkeY7171ng.roa
Signing time: Mon 06 Mar 2023 09:15:00 +0000
ROA not before: Mon 06 Mar 2023 09:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44600
IP address blocks: 185.46.148.0/22 maxlen: 22
185.128.232.0/22 maxlen: 22
185.128.235.0/24 maxlen: 24
91.202.72.0/22 maxlen: 22
94.131.254.0/24 maxlen: 24
194.42.200.0/22 maxlen: 24
185.41.248.0/22 maxlen: 22
46.182.80.0/22 maxlen: 22
46.182.84.0/22 maxlen: 22
185.156.53.0/24 maxlen: 24
185.156.52.0/24 maxlen: 24
185.156.54.0/24 maxlen: 24
94.131.245.0/24 maxlen: 24
94.131.244.0/24 maxlen: 24
94.131.248.0/24 maxlen: 24
94.131.250.0/23 maxlen: 23
94.131.250.0/24 maxlen: 24
94.131.249.0/24 maxlen: 24
94.131.252.0/24 maxlen: 24
94.131.253.0/24 maxlen: 24
2a03:a600::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:33:e8:21:31:8f:11:79:9b:73:f0:64:69:6d:d4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: Mar 6 09:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=407a6bacf8889c70fcaa367bfaa91e63bd7bd678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c2:f0:3e:32:3a:1e:34:da:ef:9c:07:96:1f:
77:95:8c:8b:cc:4f:08:75:ba:97:0c:a0:e6:c4:ee:
3d:e9:8c:4b:1d:a5:d0:43:8a:4c:a6:6b:3d:bf:8e:
7d:d8:79:6d:1f:33:67:bc:30:8a:f1:64:36:ba:d1:
3a:ed:78:68:08:d8:e6:4a:4d:e3:69:aa:bc:3a:7c:
7c:8a:64:cd:38:c6:2e:75:27:fc:58:bc:8e:f8:24:
ad:4b:12:c7:fb:28:72:06:7b:15:d9:61:37:81:30:
df:20:06:a5:9a:d2:af:fa:ba:fb:2b:fd:91:14:63:
94:bb:a5:d8:00:3e:47:13:a0:00:d6:be:dd:a5:0b:
3d:45:cf:f6:ed:34:17:7d:63:67:f2:19:8a:bf:ff:
51:20:6b:aa:5f:ab:79:58:2d:ff:3a:e5:5b:a4:97:
30:78:7d:68:64:1f:7b:f0:9d:48:91:79:d4:d0:fe:
99:3e:32:69:c9:15:a6:b7:5c:dd:50:cc:52:28:c6:
d3:07:8c:c0:30:35:72:46:4d:05:d3:cf:cd:f8:6b:
55:2d:56:5f:d0:8b:64:3b:f0:e6:32:23:ba:66:99:
1a:70:e1:29:5d:1a:46:55:2a:17:81:36:ea:48:5a:
18:27:bb:8e:1b:02:47:29:d4:57:84:c3:15:e5:d9:
de:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7A:6B:AC:F8:88:9C:70:FC:AA:36:7B:FA:A9:1E:63:BD:7B:D6:78
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/QHprrPiInHD8qjZ7-qkeY7171ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.80.0/21
91.202.72.0/22
94.131.244.0/23
94.131.248.0-94.131.254.255
185.41.248.0/22
185.46.148.0/22
185.128.232.0/22
185.156.52.0-185.156.54.255
194.42.200.0/22
IPv6:
2a03:a600::/29
Signature Algorithm: sha256WithRSAEncryption
54:c3:56:f2:a0:17:31:10:f2:2a:42:4c:d6:68:27:fa:4a:1d:
4a:c6:69:d1:78:60:fe:df:ad:9b:8f:9f:1d:37:85:b5:a5:76:
ae:c4:be:47:25:3a:8e:05:dc:5c:54:08:f7:39:0a:06:29:27:
a6:dc:10:4a:40:93:74:39:3f:3d:d0:a1:18:5b:f8:dd:a7:66:
08:7a:6a:4b:d5:bf:ef:d8:b7:7f:cd:d2:04:36:a3:9d:ef:4d:
02:bf:0c:81:e0:e5:15:d6:d3:93:d7:e5:97:fc:44:9e:97:51:
61:75:ae:99:72:4b:da:7c:89:7e:60:8d:c6:ff:fc:49:d3:88:
e4:2c:05:39:8b:b2:b3:5b:8b:26:0e:1c:01:01:79:c0:1d:ff:
21:3a:da:d9:c1:76:ed:5f:01:39:b5:f3:c7:35:8f:73:3d:57:
69:7f:ee:ed:0b:22:73:97:ba:88:4c:5d:29:51:31:0f:83:3c:
86:21:5b:b6:0f:df:94:75:04:bf:d3:41:3a:2a:01:2b:63:cb:
40:7c:c8:85:70:d7:cb:19:4c:a3:d5:72:74:3d:6f:80:a9:0f:
80:67:d7:a2:32:b8:80:7d:77:d0:ac:6f:98:22:c9:3c:69:48:
a2:5b:ae:6b:63:96:c3:18:79:d5:b2:b7:df:ed:2a:07:4d:cd:
dc:a8:c7:5e
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYa2M+ghMY8ReZtz8GRpbdTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmIwYzAwMWE5OWFiNjI5NmUyNDIxNzNiZjdlN2ZkY2Yw
M2MwMTkwHhcNMjMwMzA2MDkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdhNmJhY2Y4ODg5YzcwZmNhYTM2N2JmYWE5MWU2M2JkN2JkNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8LwPjI6HjTa75wHlh93lYyLzE8I
dbqXDKDmxO496YxLHaXQQ4pMpms9v4592HltHzNnvDCK8WQ2utE67XhoCNjmSk3j
aaq8Onx8imTNOMYudSf8WLyO+CStSxLH+yhyBnsV2WE3gTDfIAalmtKv+rr7K/2R
FGOUu6XYAD5HE6AA1r7dpQs9Rc/27TQXfWNn8hmKv/9RIGuqX6t5WC3/OuVbpJcw
eH1oZB978J1IkXnU0P6ZPjJpyRWmt1zdUMxSKMbTB4zAMDVyRk0F08/N+GtVLVZf
0ItkO/DmMiO6ZpkacOEpXRpGVSoXgTbqSFoYJ7uOGwJHKdRXhMMV5dneMQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFEB6a6z4iJxw/Ko2e/qpHmO9e9Z4MB8GA1UdIwQY
MBaAFFxrDAAamatiluJCFzv35/3PA8AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMt
YzE4ZTNjY2M3NDJiLzEvUUhwcnJQaUluSEQ4cWpaNy1xa2VZNzE3MW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJi
LzEvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQDLrZQAwQC
W8pIAwQBXoP0MAwDBANeg/gDBABeg/4DBAK5KfgDBAK5LpQDBAK5gOgwDAMEArmc
NAMEALmcNgMEAsIqyDANBAIAAjAHAwUDKgOmADANBgkqhkiG9w0BAQsFAAOCAQEA
VMNW8qAXMRDyKkJM1mgn+kodSsZp0Xhg/t+tm4+fHTeFtaV2rsS+RyU6jgXcXFQI
9zkKBiknptwQSkCTdDk/PdChGFv43admCHpqS9W/79i3f83SBDajne9NAr8MgeDl
FdbTk9fll/xEnpdRYXWumXJL2nyJfmCNxv/8SdOI5CwFOYuys1uLJg4cAQF5wB3/
ITra2cF27V8BObXzxzWPcz1XaX/u7Qsic5e6iExdKVExD4M8hiFbtg/flHUEv9NB
OioBK2PLQHzIhXDXyxlMo9VydD1vgKkPgGfXojK4gH130KxvmCLJPGlIoluua2OW
wxh51bK33+0qB03N3KjHXg==
-----END CERTIFICATE-----
Generated at Fri Oct 20 10:36:10 2023 by rpki-client on console-ams.rpki-client.org