Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/QTsVCx2HYvmmSMEsWBlG_kV-kZU.roa
File: QTsVCx2HYvmmSMEsWBlG_kV-kZU.roa (raw, json)
Hash identifier: m+CNFREMPH323DiSAon33aej7mmzd85c3n0oV42dN6c=
Subject key identifier: 41:3B:15:0B:1D:87:62:F9:A6:48:C1:2C:58:19:46:FE:45:7E:91:95
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01856D53EF24E324CC542540FAAA8211867B
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/QTsVCx2HYvmmSMEsWBlG_kV-kZU.roa
Signing time: Sun 01 Jan 2023 12:34:55 +0000
ROA not before: Sun 01 Jan 2023 12:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49687
IP address blocks: 146.66.212.0/22 maxlen: 22
146.66.216.0/23 maxlen: 23
5.157.224.0/22 maxlen: 22
178.157.127.0/24 maxlen: 24
5.157.137.0/24 maxlen: 24
5.157.136.0/21 maxlen: 21
5.157.138.0/24 maxlen: 24
5.157.144.0/21 maxlen: 21
5.157.140.0/22 maxlen: 22
188.119.176.0/22 maxlen: 22
188.74.191.0/24 maxlen: 24
37.35.44.0/22 maxlen: 22
188.74.154.0/23 maxlen: 23
188.74.153.0/24 maxlen: 24
188.74.170.0/24 maxlen: 24
2a03:8800::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:ef:24:e3:24:cc:54:25:40:fa:aa:82:11:86:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 12:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=413b150b1d8762f9a648c12c581946fe457e9195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3c:6d:39:19:f3:67:c4:f8:2a:b5:08:a5:33:
18:d6:1e:63:8b:57:40:05:21:30:66:45:31:6f:61:
a5:24:7f:62:5e:6b:2b:f1:f0:90:da:7a:26:03:1f:
69:29:de:ae:44:22:f3:b0:2f:67:17:c8:ad:a3:b7:
96:73:3e:09:6f:31:8c:03:e9:ed:0b:93:fe:3d:64:
ae:44:aa:39:8f:80:e7:72:e5:bb:d5:0a:f0:60:fa:
b2:31:9b:5b:17:2a:1d:2e:c1:df:a5:14:e7:17:32:
79:14:b0:3b:85:cb:5c:6e:0a:1d:b3:9c:64:86:58:
bc:05:fe:d9:37:d4:7d:70:d4:e9:4a:28:f3:48:b4:
66:9c:5d:b4:69:43:80:d3:6e:83:6d:6a:75:68:44:
32:b2:81:21:a9:37:15:94:ac:4e:46:c2:59:3a:95:
fc:3a:f7:85:6e:b0:d1:b2:76:d4:d1:07:b0:57:d7:
c4:5d:bd:6a:ad:b8:5f:6d:5b:1f:24:a0:1c:b9:c6:
07:4b:a2:63:68:68:68:62:28:35:4f:4a:8c:29:53:
38:57:20:aa:3a:90:8c:ea:b8:67:85:f3:b6:d4:43:
a5:64:61:42:e4:54:3e:4e:42:39:96:b6:64:86:83:
90:58:f0:d2:10:99:37:37:68:1f:61:25:b5:62:88:
38:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:3B:15:0B:1D:87:62:F9:A6:48:C1:2C:58:19:46:FE:45:7E:91:95
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/QTsVCx2HYvmmSMEsWBlG_kV-kZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0-5.157.151.255
5.157.224.0/22
37.35.44.0/22
146.66.212.0-146.66.217.255
178.157.127.0/24
188.74.153.0-188.74.155.255
188.74.170.0/24
188.74.191.0/24
188.119.176.0/22
IPv6:
2a03:8800::/32
Signature Algorithm: sha256WithRSAEncryption
15:77:8d:b8:78:6c:20:7a:05:81:f8:bc:d4:f4:9d:43:f5:e7:
b8:d9:37:e2:4b:75:fb:1e:c1:e9:00:bd:b4:fc:3e:ea:bc:73:
10:2c:2c:ce:2d:bf:1d:90:22:c6:0d:d3:a7:00:3f:8b:80:15:
fa:36:2f:6e:bb:a6:63:ee:47:da:ec:94:09:8e:eb:8f:aa:b2:
35:96:28:97:cd:e3:65:bf:d4:13:df:b3:3d:f1:cb:15:67:aa:
6b:a9:e5:8a:39:d0:77:4e:11:1d:bc:0d:b8:02:32:2d:e7:b8:
73:e0:7d:f2:88:83:ba:99:3a:66:66:cb:62:63:2e:4a:d7:1c:
03:70:7e:1e:56:f1:95:fb:0f:82:76:c0:e9:02:a8:66:14:9d:
92:af:ab:6f:a4:d6:c2:cb:af:b3:13:86:fe:56:b9:af:c3:f5:
f9:30:bb:5f:56:27:6c:c5:c2:ac:27:70:08:7f:7f:3d:6e:55:
e6:52:cb:39:92:2f:8a:ef:11:89:bf:9a:8e:6d:db:01:b4:be:
5f:2d:f0:69:a2:17:96:8b:29:97:fb:f7:7a:eb:95:85:e7:ee:
64:e4:d4:35:20:19:6b:3d:aa:c7:de:48:37:a7:63:06:c2:d2:
8e:38:36:f3:42:29:ac:89:52:91:c1:d2:68:9d:89:53:90:55:
cf:c4:a1:47
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYVtU+8k4yTMVCVA+qqCEYZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTNiMTUwYjFkODc2MmY5YTY0OGMxMmM1ODE5NDZmZTQ1N2U5MTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujxtORnzZ8T4KrUIpTMY1h5ji1dA
BSEwZkUxb2GlJH9iXmsr8fCQ2nomAx9pKd6uRCLzsC9nF8ito7eWcz4JbzGMA+nt
C5P+PWSuRKo5j4DncuW71QrwYPqyMZtbFyodLsHfpRTnFzJ5FLA7hctcbgods5xk
hli8Bf7ZN9R9cNTpSijzSLRmnF20aUOA026DbWp1aEQysoEhqTcVlKxORsJZOpX8
OveFbrDRsnbU0QewV9fEXb1qrbhfbVsfJKAcucYHS6JjaGhoYig1T0qMKVM4VyCq
OpCM6rhnhfO21EOlZGFC5FQ+TkI5lrZkhoOQWPDSEJk3N2gfYSW1Yog4SwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFEE7FQsdh2L5pkjBLFgZRv5FfpGVMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvUVRzVkN4MkhZdm1tU01Fc1dCbEdfa1Yta1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOMAwDBAMFnYgD
BAMFnZADBAIFneADBAIlIywwDAMEApJC1AMEAZJC2AMEALKdfzAMAwQAvEqZAwQC
vEqYAwQAvEqqAwQAvEq/AwQCvHewMA0EAgACMAcDBQAqA4gAMA0GCSqGSIb3DQEB
CwUAA4IBAQAVd424eGwgegWB+LzU9J1D9ee42TfiS3X7HsHpAL20/D7qvHMQLCzO
Lb8dkCLGDdOnAD+LgBX6Ni9uu6Zj7kfa7JQJjuuPqrI1liiXzeNlv9QT37M98csV
Z6prqeWKOdB3ThEdvA24AjIt57hz4H3yiIO6mTpmZstiYy5K1xwDcH4eVvGV+w+C
dsDpAqhmFJ2Sr6tvpNbCy6+zE4b+Vrmvw/X5MLtfVidsxcKsJ3AIf389blXmUss5
ki+K7xGJv5qObdsBtL5fLfBpoheWiymX+/d665WF5+5k5NQ1IBlrParH3kg3p2MG
wtKOODbzQimsiVKRwdJonYlTkFXPxKFH
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:24 2024 by rpki-client on console-ams.rpki-client.org