Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/QJ6p-xioRq-oLMwok0USXedy-9o.roa
File: QJ6p-xioRq-oLMwok0USXedy-9o.roa (raw, json)
Hash identifier: SswXNDBaXh+cb/ozJBSSfplyO2jWl3n/TGlv1LXrmBQ=
Subject key identifier: 40:9E:A9:FB:18:A8:46:AF:A8:2C:CC:28:93:45:12:5D:E7:72:FB:DA
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0185719E8499C9C71A59F47F367362DA794D
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/QJ6p-xioRq-oLMwok0USXedy-9o.roa
Signing time: Mon 02 Jan 2023 08:34:52 +0000
ROA not before: Mon 02 Jan 2023 08:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 195.208.52.0/22 maxlen: 24
212.192.195.0/24 maxlen: 24
212.192.196.0/22 maxlen: 24
195.19.2.0/24 maxlen: 24
195.19.0.0/23 maxlen: 24
193.232.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 May 2023 12:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:84:99:c9:c7:1a:59:f4:7f:36:73:62:da:79:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 08:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=409ea9fb18a846afa82ccc289345125de772fbda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:20:c1:85:8a:14:b0:0c:40:80:7b:1d:53:f0:
e8:29:f0:56:7b:7e:62:a8:f3:b1:14:8e:df:95:11:
c4:b4:4d:c1:b5:74:bb:63:14:31:e2:e1:3c:6a:59:
8c:05:75:2d:39:49:26:f1:a7:c5:62:c2:fa:db:98:
a4:46:79:57:a8:9e:40:a9:16:ea:90:a9:e3:97:05:
2d:3d:90:3e:18:ba:62:03:f5:05:5f:03:c5:01:9e:
db:cd:af:37:f6:34:50:8f:8f:4b:41:cc:4d:35:83:
db:8a:66:83:11:54:87:19:04:ff:e2:61:91:d2:9a:
59:41:17:84:56:c5:10:ca:35:f5:24:20:8e:77:29:
c0:ac:a1:e5:9c:02:79:7c:7a:39:04:86:3c:d2:8c:
32:b4:90:f9:1d:65:4a:c0:fa:a9:cd:cf:3a:3a:5d:
41:35:9d:9d:a3:bb:5a:97:32:f3:56:6c:92:5f:dc:
c7:d7:e8:6e:93:19:a9:cf:f1:dc:65:13:97:7b:c5:
d8:ca:63:a4:42:d4:e5:c1:5b:cd:8b:7c:0a:a0:a5:
8e:44:e0:92:8c:b4:11:93:0a:37:eb:f0:aa:aa:74:
33:99:2c:11:be:91:40:88:ba:34:d5:5b:1b:7f:16:
5d:a8:9b:35:2e:59:63:31:f0:f8:fd:32:84:d4:a6:
ce:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9E:A9:FB:18:A8:46:AF:A8:2C:CC:28:93:45:12:5D:E7:72:FB:DA
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/QJ6p-xioRq-oLMwok0USXedy-9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.40.0/22
195.19.0.0-195.19.2.255
195.208.52.0/22
212.192.195.0-212.192.199.255
Signature Algorithm: sha256WithRSAEncryption
8a:05:2e:27:b4:7b:b0:ae:68:c9:c0:68:8f:06:34:e2:fc:d8:
69:3f:5c:c0:7a:f2:8d:aa:42:93:6f:c6:22:9a:e4:be:59:78:
f4:c6:08:b5:a6:3b:73:9d:b7:6b:90:09:86:90:f7:b7:1e:74:
fe:c3:c5:02:f2:08:33:90:9e:32:2f:f9:fb:5a:9c:7a:23:4e:
8f:4f:ae:b9:9b:81:e5:67:f2:07:b4:e6:5a:3a:97:37:9b:b3:
5f:27:3c:37:03:7d:56:ca:3e:f3:31:86:d7:18:27:3f:b8:af:
56:2a:76:a3:70:8c:73:e4:30:9e:42:fa:52:59:07:8e:9e:ac:
ab:17:98:2d:18:97:78:06:79:4f:fe:c4:d8:3b:0e:e4:50:1b:
d5:87:06:cb:c3:fb:8b:24:2a:f4:f5:25:b5:fb:7c:d6:6f:c9:
33:c6:f1:85:0e:3f:8b:87:13:51:cf:70:34:d4:3d:3c:ce:3a:
20:62:1b:fe:10:17:f6:4a:62:43:fe:6a:4d:c9:b9:f1:c0:95:
5b:3a:54:74:9c:1a:78:32:1f:a8:fa:ab:ee:a5:e1:e0:7c:47:
84:41:0f:99:e1:bd:78:b6:fd:cd:87:b1:4c:c3:8d:f7:af:eb:
d1:66:17:34:c8:70:33:10:31:6d:83:2c:20:7e:28:9c:be:6c:
7d:6b:e1:ec
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxnoSZyccaWfR/NnNi2nlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwMTAyMDgzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDllYTlmYjE4YTg0NmFmYTgyY2NjMjg5MzQ1MTI1ZGU3NzJmYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniDBhYoUsAxAgHsdU/DoKfBWe35i
qPOxFI7flRHEtE3BtXS7YxQx4uE8almMBXUtOUkm8afFYsL625ikRnlXqJ5AqRbq
kKnjlwUtPZA+GLpiA/UFXwPFAZ7bza839jRQj49LQcxNNYPbimaDEVSHGQT/4mGR
0ppZQReEVsUQyjX1JCCOdynArKHlnAJ5fHo5BIY80owytJD5HWVKwPqpzc86Ol1B
NZ2do7talzLzVmySX9zH1+hukxmpz/HcZROXe8XYymOkQtTlwVvNi3wKoKWOROCS
jLQRkwo36/CqqnQzmSwRvpFAiLo01VsbfxZdqJs1LlljMfD4/TKE1KbOfwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFECeqfsYqEavqCzMKJNFEl3ncvvaMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvUUo2cC14aW9ScS1vTE13b2swVVNYZWR5LTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwQCwegoMAsD
AwDDEwMEAMMTAgMEAsPQNDAMAwQA1MDDAwQD1MDAMA0GCSqGSIb3DQEBCwUAA4IB
AQCKBS4ntHuwrmjJwGiPBjTi/NhpP1zAevKNqkKTb8YimuS+WXj0xgi1pjtznbdr
kAmGkPe3HnT+w8UC8ggzkJ4yL/n7Wpx6I06PT665m4HlZ/IHtOZaOpc3m7NfJzw3
A31Wyj7zMYbXGCc/uK9WKnajcIxz5DCeQvpSWQeOnqyrF5gtGJd4BnlP/sTYOw7k
UBvVhwbLw/uLJCr09SW1+3zWb8kzxvGFDj+LhxNRz3A01D08zjogYhv+EBf2SmJD
/mpNybnxwJVbOlR0nBp4Mh+o+qvupeHgfEeEQQ+Z4b14tv3Nh7FMw433r+vRZhc0
yHAzEDFtgywgfiicvmx9a+Hs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org