Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/qHFPWudzBPcrrWHI8sDhVvFYKko.roa
File: qHFPWudzBPcrrWHI8sDhVvFYKko.roa (raw, json)
Hash identifier: gW0UQXhFLX3ka2jk1hk9BVZ8klknplMvS2OOMR6/zOE=
Subject key identifier: A8:71:4F:5A:E7:73:04:F7:2B:AD:61:C8:F2:C0:E1:56:F1:58:2A:4A
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 018BECE486CC6E959D1EC8D5AC5E080388E7
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/qHFPWudzBPcrrWHI8sDhVvFYKko.roa
Signing time: Mon 20 Nov 2023 13:21:21 +0000
ROA not before: Mon 20 Nov 2023 13:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16589
IP address blocks: 85.153.127.0/24 maxlen: 24
85.153.126.0/24 maxlen: 24
85.153.76.0/22 maxlen: 22
85.153.83.0/24 maxlen: 24
85.153.93.0/24 maxlen: 24
85.153.96.0/22 maxlen: 22
85.153.100.0/22 maxlen: 22
85.153.16.0/22 maxlen: 22
85.153.23.0/24 maxlen: 24
85.153.22.0/24 maxlen: 24
85.153.21.0/24 maxlen: 24
85.153.20.0/24 maxlen: 24
85.153.31.0/24 maxlen: 24
85.153.30.0/24 maxlen: 24
85.153.28.0/24 maxlen: 24
85.153.44.0/24 maxlen: 24
85.153.46.0/24 maxlen: 24
85.153.45.0/24 maxlen: 24
85.153.48.0/22 maxlen: 22
85.153.57.0/24 maxlen: 24
85.115.205.0/24 maxlen: 24
85.115.206.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:e4:86:cc:6e:95:9d:1e:c8:d5:ac:5e:08:03:88:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Nov 20 13:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8714f5ae77304f72bad61c8f2c0e156f1582a4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:80:e2:d2:4b:38:dd:49:47:c1:16:e4:65:f5:
37:24:13:0f:e8:30:5e:5f:ec:81:99:b8:5b:3d:f2:
d0:f9:51:55:3e:c4:48:80:cd:e1:a1:5c:0b:cd:34:
5e:87:8a:4c:7b:f1:14:28:f7:e1:b9:07:e9:2e:20:
08:79:a8:63:51:8b:ef:27:f7:fc:a3:ab:6f:15:95:
e8:d9:fa:39:56:3a:77:9a:d5:07:c7:be:38:92:fb:
59:49:7f:34:94:f6:92:8d:31:8b:5e:69:8d:d4:95:
ba:30:fe:5b:ac:6e:74:6e:33:58:b1:b9:02:97:83:
29:5c:d3:40:d3:70:79:a0:e6:f0:62:f7:e6:68:21:
df:a6:2c:8a:64:40:55:ac:7f:00:d2:02:9f:a5:8c:
97:aa:fc:53:2c:87:de:90:d0:57:94:07:36:45:e0:
9c:32:c7:a6:b7:f2:8f:7b:05:e6:2d:ab:66:93:fa:
a1:59:5f:81:c0:3d:87:8c:47:63:06:d8:40:0f:06:
8e:7d:57:97:a5:c3:5b:3e:7c:78:e1:f5:fa:a0:68:
74:46:d8:99:30:09:ac:dd:aa:88:57:87:85:5e:b2:
51:2a:76:59:e6:92:cd:55:f7:4b:69:d9:25:f2:13:
de:ed:59:1d:55:51:50:88:76:1e:2d:27:95:56:75:
be:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:71:4F:5A:E7:73:04:F7:2B:AD:61:C8:F2:C0:E1:56:F1:58:2A:4A
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/qHFPWudzBPcrrWHI8sDhVvFYKko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.205.0-85.115.206.255
85.153.16.0/21
85.153.28.0/24
85.153.30.0/23
85.153.44.0-85.153.46.255
85.153.48.0/22
85.153.57.0/24
85.153.76.0/22
85.153.83.0/24
85.153.93.0/24
85.153.96.0/21
85.153.126.0/23
Signature Algorithm: sha256WithRSAEncryption
45:c3:0c:81:ab:a2:7c:6f:09:0c:90:3e:f9:61:1f:6d:9e:88:
f2:9b:7a:7b:c0:da:ac:d0:5a:7b:79:f8:6e:0b:28:aa:a7:e3:
e9:1c:3c:e1:6f:19:de:60:dd:94:41:8c:9e:18:0f:70:7c:05:
08:46:a5:5b:0c:21:49:be:57:df:64:d5:c4:4b:a1:ae:0f:03:
df:4c:71:b5:83:f2:f9:9a:38:79:54:e2:16:fb:6f:06:51:4e:
5d:db:10:48:1c:9c:02:cf:66:7e:75:79:26:d3:fd:f7:aa:05:
b8:d3:a1:a8:92:bd:e6:ef:a0:41:19:a9:29:6a:15:f7:a5:ff:
d8:dd:56:3e:d7:1d:6f:10:eb:67:f5:f7:1a:28:63:01:68:32:
6b:1c:e3:68:e3:2d:c9:8a:d4:d7:cb:ac:59:6a:92:16:e0:c0:
ce:82:b2:ab:b6:ab:56:fd:b7:a2:5a:18:dc:07:bc:4f:53:91:
65:1f:f2:93:fd:ee:4f:b6:7e:ad:ba:92:52:03:a2:55:72:62:
70:41:ed:5d:ec:4c:66:2c:0f:2b:c4:f8:a2:f5:98:95:7d:50:
56:c2:7f:d7:29:0d:78:03:1b:6a:0d:f1:80:27:3f:b9:23:e1:
58:01:53:d4:0e:64:bf:ee:10:8d:52:87:42:3e:68:f3:20:4e:
4a:dd:2e:19
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYvs5IbMbpWdHsjVrF4IA4jnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMxMTIwMTMyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODcxNGY1YWU3NzMwNGY3MmJhZDYxYzhmMmMwZTE1NmYxNTgyYTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIDi0ks43UlHwRbkZfU3JBMP6DBe
X+yBmbhbPfLQ+VFVPsRIgM3hoVwLzTReh4pMe/EUKPfhuQfpLiAIeahjUYvvJ/f8
o6tvFZXo2fo5Vjp3mtUHx744kvtZSX80lPaSjTGLXmmN1JW6MP5brG50bjNYsbkC
l4MpXNNA03B5oObwYvfmaCHfpiyKZEBVrH8A0gKfpYyXqvxTLIfekNBXlAc2ReCc
Msemt/KPewXmLatmk/qhWV+BwD2HjEdjBthADwaOfVeXpcNbPnx44fX6oGh0RtiZ
MAms3aqIV4eFXrJRKnZZ5pLNVfdLadkl8hPe7VkdVVFQiHYeLSeVVnW+MQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFKhxT1rncwT3K61hyPLA4VbxWCpKMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvcUhGUFd1ZHpCUGNycldISThzRGhWdkZZS2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYMAwDBABVc80D
BABVc84DBANVmRADBABVmRwDBAFVmR4wDAMEAlWZLAMEAFWZLgMEAlWZMAMEAFWZ
OQMEAlWZTAMEAFWZUwMEAFWZXQMEA1WZYAMEAVWZfjANBgkqhkiG9w0BAQsFAAOC
AQEARcMMgauifG8JDJA++WEfbZ6I8pt6e8DarNBae3n4bgsoqqfj6Rw84W8Z3mDd
lEGMnhgPcHwFCEalWwwhSb5X32TVxEuhrg8D30xxtYPy+Zo4eVTiFvtvBlFOXdsQ
SBycAs9mfnV5JtP996oFuNOhqJK95u+gQRmpKWoV96X/2N1WPtcdbxDrZ/X3Gihj
AWgyaxzjaOMtyYrU18usWWqSFuDAzoKyq7arVv23oloY3Ae8T1ORZR/yk/3uT7Z+
rbqSUgOiVXJicEHtXexMZiwPK8T4ovWYlX1QVsJ/1ykNeAMbag3xgCc/uSPhWAFT
1A5kv+4QjVKHQj5o8yBOSt0uGQ==
-----END CERTIFICATE-----
Generated at Fri Nov 24 16:38:22 2023 by rpki-client on console-ams.rpki-client.org