Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/qCyOSQ_nLbJPE0Qd24-yJvrTGM8.roa
File: qCyOSQ_nLbJPE0Qd24-yJvrTGM8.roa (raw, json)
Hash identifier: +rJ9VRdOtxo5JJjTJ9Rc0+mj3jJ7lDVUb10DweLoMi8=
Subject key identifier: A8:2C:8E:49:0F:E7:2D:B2:4F:13:44:1D:DB:8F:B2:26:FA:D3:18:CF
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 018B8FC6DB5A5989E95E0142F45DD5E05D11
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/qCyOSQ_nLbJPE0Qd24-yJvrTGM8.roa
Signing time: Thu 02 Nov 2023 11:24:15 +0000
ROA not before: Thu 02 Nov 2023 11:24:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 45.120.176.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
89.221.224.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
193.203.202.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
45.67.231.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.228.0/24 maxlen: 24
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c40::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 Nov 2023 14:54:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:c6:db:5a:59:89:e9:5e:01:42:f4:5d:d5:e0:5d:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Nov 2 11:24:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a82c8e490fe72db24f13441ddb8fb226fad318cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:89:f1:d8:77:9f:1d:fd:04:59:e9:26:32:4a:
4a:95:65:e6:17:9e:ae:ee:d5:e4:d4:cc:3f:16:95:
a0:8d:16:d5:8a:e2:df:eb:74:03:90:9a:93:95:6c:
90:4c:45:4c:76:25:3e:88:a6:5c:ce:8f:49:4a:5a:
07:3e:bd:2b:ed:bf:08:73:2a:af:73:19:c4:62:c8:
67:1a:79:78:53:9b:cc:78:1c:96:2b:41:44:14:43:
f6:2b:97:8d:73:ab:0b:2a:08:3f:65:f0:2f:1d:22:
67:92:68:48:d9:23:1a:b6:db:a2:6f:ab:5e:7d:65:
2c:a0:7c:54:39:2c:1a:1a:f9:d3:0e:be:9c:2f:9d:
18:39:99:ff:aa:00:a2:13:a0:df:c6:a1:83:d6:fc:
c3:14:9d:66:8e:6e:53:fe:15:19:7d:f2:14:05:46:
10:b6:8f:ca:7b:f9:3b:ec:74:8d:ed:9f:29:1a:7f:
2b:48:3c:f1:81:e3:ce:c0:c2:ee:54:4f:9f:31:e9:
2f:25:4e:08:3d:1e:f5:12:43:4a:83:2e:f6:44:6d:
b6:46:bd:97:c3:6d:af:16:de:a7:ed:de:44:27:8b:
9f:6a:e2:cd:56:15:63:ac:d3:73:16:25:90:05:e3:
5b:45:49:88:ec:47:cf:ee:6e:9e:47:5f:c1:3b:6a:
0b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2C:8E:49:0F:E7:2D:B2:4F:13:44:1D:DB:8F:B2:26:FA:D3:18:CF
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/qCyOSQ_nLbJPE0Qd24-yJvrTGM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
45.120.176.0/22
74.119.192.0/22
80.92.204.0-80.92.206.255
89.221.224.0/23
91.194.161.0/24
91.225.218.0/24
103.35.188.0/22
103.113.68.0/22
176.120.64.0/22
176.120.72.0/22
185.242.84.0/22
185.250.148.0/22
193.203.202.0/24
195.149.87.0/24
IPv6:
2a09:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
60:4a:3b:2f:ca:95:a2:a4:52:47:50:a4:38:5d:51:31:65:c1:
33:65:d8:25:84:e7:ce:81:ba:60:21:65:d7:94:77:6f:75:ad:
cd:81:eb:c7:a6:4e:05:38:d1:69:cd:7b:cf:d4:d0:fd:4f:e8:
48:9a:95:47:bf:b2:c7:2b:2f:0f:02:ba:e5:4d:06:4f:26:5a:
ec:78:3c:75:00:ae:ac:81:45:9e:93:49:ef:06:38:a9:35:2a:
b3:20:9a:c6:e1:86:64:51:62:00:d5:ec:fd:ff:c5:bc:af:a0:
90:b2:86:81:5c:ec:e3:40:5f:6a:83:a2:21:82:67:15:44:21:
5a:b7:da:36:f5:54:f2:ae:57:51:64:79:30:c4:62:a2:f3:a8:
03:3d:26:01:18:99:2d:3b:7f:1f:5c:ac:70:fe:aa:57:36:22:
15:f5:85:ff:b9:fd:dd:23:6d:83:cc:60:ec:f7:56:a5:45:d6:
e2:a9:03:4c:6d:46:ca:94:b4:57:17:46:e2:2e:19:7c:94:2d:
64:b0:1c:07:db:ce:4e:fa:bc:51:4b:7e:5d:7e:32:b6:68:bd:
b6:ec:a2:b8:21:eb:0e:94:31:6d:5b:75:9a:38:2a:39:61:21:
6e:22:bc:c4:14:f8:bc:f6:9c:b9:bb:16:98:6d:e3:05:ab:78:
e9:cc:6d:0a
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYuPxttaWYnpXgFC9F3V4F0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMxMTAyMTEyNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODJjOGU0OTBmZTcyZGIyNGYxMzQ0MWRkYjhmYjIyNmZhZDMxOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArInx2HefHf0EWekmMkpKlWXmF56u
7tXk1Mw/FpWgjRbViuLf63QDkJqTlWyQTEVMdiU+iKZczo9JSloHPr0r7b8Icyqv
cxnEYshnGnl4U5vMeByWK0FEFEP2K5eNc6sLKgg/ZfAvHSJnkmhI2SMattuib6te
fWUsoHxUOSwaGvnTDr6cL50YOZn/qgCiE6DfxqGD1vzDFJ1mjm5T/hUZffIUBUYQ
to/Ke/k77HSN7Z8pGn8rSDzxgePOwMLuVE+fMekvJU4IPR71EkNKgy72RG22Rr2X
w22vFt6n7d5EJ4ufauLNVhVjrNNzFiWQBeNbRUmI7EfP7m6eR1/BO2oLDwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFKgsjkkP5y2yTxNEHduPsib60xjPMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvcUN5T1NRX25MYkpQRTBRZDI0LXlKdnJUR004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAi1D5AME
Ai14sAMEAkp3wDAMAwQCUFzMAwQAUFzOAwQBWd3gAwQAW8KhAwQAW+HaAwQCZyO8
AwQCZ3FEAwQCsHhAAwQCsHhIAwQCufJUAwQCufqUAwQAwcvKAwQAw5VXMA0EAgAC
MAcDBQMqCXxAMA0GCSqGSIb3DQEBCwUAA4IBAQBgSjsvypWipFJHUKQ4XVExZcEz
ZdglhOfOgbpgIWXXlHdvda3NgevHpk4FONFpzXvP1ND9T+hImpVHv7LHKy8PArrl
TQZPJlrseDx1AK6sgUWek0nvBjipNSqzIJrG4YZkUWIA1ez9/8W8r6CQsoaBXOzj
QF9qg6IhgmcVRCFat9o29VTyrldRZHkwxGKi86gDPSYBGJktO38fXKxw/qpXNiIV
9YX/uf3dI22DzGDs91alRdbiqQNMbUbKlLRXF0biLhl8lC1ksBwH285O+rxRS35d
fjK2aL227KK4IesOlDFtW3WaOCo5YSFuIrzEFPi89py5uxaYbeMFq3jpzG0K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org