Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/qfdSNi0kmBPVIU95yntLoVfzsJE.roa
File: qfdSNi0kmBPVIU95yntLoVfzsJE.roa (raw, json)
Hash identifier: GxoBIHgEqaphLkGaYMGn3y+NHyZLhQOQi9qBjSre6bA=
Subject key identifier: A9:F7:52:36:2D:24:98:13:D5:21:4F:79:CA:7B:4B:A1:57:F3:B0:91
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 018B04AFACEB17823EBD1F50F0AB3BA96417
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/qfdSNi0kmBPVIU95yntLoVfzsJE.roa
Signing time: Fri 06 Oct 2023 11:11:43 +0000
ROA not before: Fri 06 Oct 2023 11:11:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201942
IP address blocks: 185.58.196.0/22 maxlen: 22
185.119.112.0/22 maxlen: 22
195.184.72.0/24 maxlen: 24
45.130.16.0/22 maxlen: 22
193.56.3.0/24 maxlen: 24
46.226.144.0/21 maxlen: 21
194.26.143.0/24 maxlen: 24
195.182.205.0/24 maxlen: 24
193.163.117.0/24 maxlen: 24
193.46.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Oct 2023 17:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:af:ac:eb:17:82:3e:bd:1f:50:f0:ab:3b:a9:64:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Oct 6 11:11:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9f752362d249813d5214f79ca7b4ba157f3b091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:97:cf:76:3d:d4:ba:ba:5a:fe:51:b9:f5:e0:
fe:fc:83:87:30:ac:f4:7e:b2:3e:04:6e:0c:89:1a:
b3:a1:6c:e2:06:c2:9c:3b:61:a8:fa:ae:73:c4:ca:
c7:dc:91:38:3a:4b:84:eb:98:2b:4e:78:52:be:a4:
67:6e:80:1e:88:13:2d:c4:0f:27:83:73:11:0b:1a:
01:c3:62:32:32:e8:9b:a7:a5:e6:27:09:bf:aa:fe:
d5:38:42:67:67:ef:d7:fb:89:e8:6d:60:6a:7f:20:
39:ef:02:4d:bc:52:f8:ef:20:b6:a4:c4:fa:15:eb:
bb:db:56:ed:84:a5:24:b3:00:58:eb:8a:4d:bb:e9:
69:75:19:63:d5:10:1e:a5:2d:75:e8:ea:d6:0d:c7:
34:03:8a:b1:98:9e:90:44:62:9c:d5:45:79:5f:4e:
26:7e:ce:00:41:d2:08:d3:ae:11:5a:b0:08:0a:bc:
5e:70:fb:44:c4:9d:90:b6:17:1c:ed:c8:32:96:f3:
c8:a3:8c:dc:86:1c:6e:cc:e1:80:7a:04:1d:0e:ad:
aa:3a:09:3e:a1:d4:62:f5:ba:0a:42:0f:12:f6:0f:
1f:17:95:eb:bf:82:6d:4f:65:ca:48:31:2e:c0:10:
1d:e6:bc:c2:f4:69:9c:e9:58:a7:d1:a0:53:a7:93:
66:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F7:52:36:2D:24:98:13:D5:21:4F:79:CA:7B:4B:A1:57:F3:B0:91
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/qfdSNi0kmBPVIU95yntLoVfzsJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.16.0/22
46.226.144.0/21
185.58.196.0/22
185.119.112.0/22
193.46.216.0/24
193.56.3.0/24
193.163.117.0/24
194.26.143.0/24
195.182.205.0/24
195.184.72.0/24
Signature Algorithm: sha256WithRSAEncryption
67:2d:cb:f3:1c:ad:dd:54:a2:9a:ca:49:ea:81:c6:98:26:08:
7f:fc:88:85:94:f4:eb:31:e3:27:7b:e5:8d:39:13:35:00:8d:
ac:29:3c:99:84:18:3c:25:92:e9:cd:e6:c0:3d:ea:09:da:f0:
14:01:92:10:f3:5c:b6:ae:21:1f:f9:c7:48:34:82:4a:c4:61:
e2:27:35:6a:31:8b:c3:ef:49:23:13:24:a6:ed:c6:11:a8:3a:
01:e5:b8:2e:e6:31:ac:5f:51:7b:ae:a4:78:ef:e3:21:a6:6f:
7d:3c:b5:1b:bf:3c:41:87:fe:b9:40:b5:85:71:83:6c:b9:aa:
28:2b:de:4c:64:4f:dc:b0:cc:92:64:a9:66:80:cd:af:a6:3d:
df:27:3e:fb:b2:80:43:9a:73:a0:a9:58:fb:6a:0e:b6:8d:a0:
5c:2c:61:4f:10:f4:31:25:09:0c:6a:4f:e8:ac:f8:4b:59:b1:
00:69:62:1d:ec:15:18:0b:b1:d3:d1:2c:c8:d6:5c:16:87:a3:
8d:e0:ec:b4:39:eb:77:77:2e:8d:91:09:92:59:3a:5b:b2:06:
e3:f3:36:fc:6c:ca:c1:e7:a1:5c:17:ed:94:13:08:4a:55:1f:
ee:e4:24:70:56:bd:1a:c9:6c:15:e1:ae:c1:29:4e:7b:55:2a:
5f:b6:14:d9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYsEr6zrF4I+vR9Q8Ks7qWQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMxMDA2MTExMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY3NTIzNjJkMjQ5ODEzZDUyMTRmNzljYTdiNGJhMTU3ZjNiMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5fPdj3Uurpa/lG59eD+/IOHMKz0
frI+BG4MiRqzoWziBsKcO2Go+q5zxMrH3JE4OkuE65grTnhSvqRnboAeiBMtxA8n
g3MRCxoBw2IyMuibp6XmJwm/qv7VOEJnZ+/X+4nobWBqfyA57wJNvFL47yC2pMT6
Feu721bthKUkswBY64pNu+lpdRlj1RAepS116OrWDcc0A4qxmJ6QRGKc1UV5X04m
fs4AQdII064RWrAICrxecPtExJ2Qthcc7cgylvPIo4zchhxuzOGAegQdDq2qOgk+
odRi9boKQg8S9g8fF5Xrv4JtT2XKSDEuwBAd5rzC9Gmc6Vin0aBTp5NmqwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKn3UjYtJJgT1SFPecp7S6FX87CRMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvcWZkU05pMGttQlBWSVU5NXludExvVmZ6c0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLYIQAwQD
LuKQAwQCuTrEAwQCuXdwAwQAwS7YAwQAwTgDAwQAwaN1AwQAwhqPAwQAw7bNAwQA
w7hIMA0GCSqGSIb3DQEBCwUAA4IBAQBnLcvzHK3dVKKayknqgcaYJgh//IiFlPTr
MeMne+WNORM1AI2sKTyZhBg8JZLpzebAPeoJ2vAUAZIQ81y2riEf+cdINIJKxGHi
JzVqMYvD70kjEySm7cYRqDoB5bgu5jGsX1F7rqR47+Mhpm99PLUbvzxBh/65QLWF
cYNsuaooK95MZE/csMySZKlmgM2vpj3fJz77soBDmnOgqVj7ag62jaBcLGFPEPQx
JQkMak/orPhLWbEAaWId7BUYC7HT0SzI1lwWh6ON4Oy0Oet3dy6NkQmSWTpbsgbj
8zb8bMrB56FcF+2UEwhKVR/u5CRwVr0ayWwV4a7BKU57VSpfthTZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org