Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/kqkGMaJFw-aYL0xD_663-Yb-GtI.roa
File: kqkGMaJFw-aYL0xD_663-Yb-GtI.roa (raw, json)
Hash identifier: gt8ykSukaE3/yyZi2xFCJ7FqZEKEmjMvhrZKCzyothc=
Subject key identifier: 92:A9:06:31:A2:45:C3:E6:98:2F:4C:43:FF:AE:B7:F9:86:FE:1A:D2
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0185727A2CBCDE276F2FC0BE06A230EA979C
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/kqkGMaJFw-aYL0xD_663-Yb-GtI.roa
Signing time: Mon 02 Jan 2023 12:34:47 +0000
ROA not before: Mon 02 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209574
IP address blocks: 89.40.207.0/24 maxlen: 24
188.213.252.0/22 maxlen: 22
188.213.248.0/22 maxlen: 22
188.208.48.0/22 maxlen: 22
89.35.90.0/24 maxlen: 24
91.218.238.0/23 maxlen: 23
91.218.236.0/23 maxlen: 23
188.208.109.0/24 maxlen: 24
86.104.224.0/23 maxlen: 23
86.104.222.0/23 maxlen: 23
86.106.140.0/23 maxlen: 23
188.214.94.0/24 maxlen: 24
93.114.51.0/24 maxlen: 24
93.114.52.0/23 maxlen: 23
93.114.54.0/24 maxlen: 24
89.39.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Jan 2023 09:15:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:2c:bc:de:27:6f:2f:c0:be:06:a2:30:ea:97:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jan 2 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92a90631a245c3e6982f4c43ffaeb7f986fe1ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:52:89:60:cd:35:46:91:8c:a2:ee:47:9b:a2:
1b:57:4d:10:55:bd:49:d9:fb:d0:8f:54:5d:9c:2d:
fa:76:3f:78:f7:a7:66:87:ee:84:e4:81:96:ab:b3:
7c:7a:c5:44:ec:49:11:66:ea:70:77:39:c5:c6:5b:
c8:71:8c:eb:0d:88:43:c7:e0:3f:7a:bc:27:b8:8e:
00:73:84:b2:e9:82:d4:9d:8f:15:38:28:24:ee:c0:
f6:57:9c:91:7c:56:db:53:2a:15:c9:f4:5c:27:89:
44:29:18:01:bf:fc:a7:b1:ef:d4:28:6e:dc:e1:59:
57:a6:89:37:58:4a:d0:5f:f0:e5:e4:32:43:56:76:
e6:e1:97:20:6d:75:16:4d:f3:fa:76:4f:91:1f:06:
ae:37:18:93:89:7d:40:72:d8:b5:88:02:4e:45:58:
8c:57:87:23:1f:f7:e5:5a:79:5f:1f:73:f9:be:20:
a3:97:bb:f2:15:fd:3f:3b:61:be:42:9b:d5:0b:0a:
b1:c3:60:45:32:af:de:94:8b:77:a4:46:ae:2a:5e:
0d:51:b3:f4:11:8e:65:fb:30:43:92:bc:7b:03:3a:
66:e3:30:78:c2:fe:d4:9a:02:f9:9f:24:62:75:6f:
f3:d4:42:35:5f:db:b4:57:04:a9:f5:6a:e9:fe:63:
34:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:A9:06:31:A2:45:C3:E6:98:2F:4C:43:FF:AE:B7:F9:86:FE:1A:D2
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/kqkGMaJFw-aYL0xD_663-Yb-GtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.222.0-86.104.225.255
86.106.140.0/23
89.35.90.0/24
89.39.69.0/24
89.40.207.0/24
91.218.236.0/22
93.114.51.0-93.114.54.255
188.208.48.0/22
188.208.109.0/24
188.213.248.0/21
188.214.94.0/24
Signature Algorithm: sha256WithRSAEncryption
72:02:54:37:e0:c2:a8:ff:23:f3:b5:05:b0:b5:d8:26:c6:38:
0c:40:0d:be:d9:80:6c:2b:e8:38:9d:f3:fa:c4:26:06:bb:a5:
ee:e2:15:16:f3:98:32:5f:81:e8:a2:2e:ff:c6:06:f5:7b:72:
54:8d:69:4d:5e:8e:08:e4:b6:14:93:1a:fd:f2:7e:b6:a1:92:
43:57:33:fc:d0:68:fd:56:fc:e2:f3:d7:a7:ae:18:08:e6:63:
a4:a8:3c:e5:0d:f2:c9:d3:19:87:05:50:92:35:24:7f:f8:e2:
37:0e:c0:8a:e8:0c:2a:90:45:0b:f0:52:c9:b7:e4:97:37:4d:
59:bf:f1:14:da:8e:cf:8f:0c:70:2f:48:2c:f5:cd:89:5f:79:
b4:14:72:5e:c9:f7:68:7f:56:ec:f0:19:06:3e:2f:ee:32:1d:
09:b9:b8:5b:30:9d:2d:2a:b9:ef:5c:d6:7c:a8:37:03:60:d7:
ea:7c:30:19:22:4b:50:ed:ed:69:56:67:9b:5d:4d:79:16:67:
3d:59:42:fc:b7:7c:39:11:e3:5f:24:04:3e:51:91:a1:18:5f:
98:9f:16:5c:38:5a:e7:65:83:2c:4d:d6:07:8e:7e:f7:a9:68:
01:16:6a:0c:08:34:c1:be:17:b2:42:c2:68:38:b7:e2:3c:1a:
bb:c5:b3:9e
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYVyeiy83idvL8C+BqIw6pecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMwMTAyMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmE5MDYzMWEyNDVjM2U2OTgyZjRjNDNmZmFlYjdmOTg2ZmUxYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVKJYM01RpGMou5Hm6IbV00QVb1J
2fvQj1RdnC36dj9496dmh+6E5IGWq7N8esVE7EkRZupwdznFxlvIcYzrDYhDx+A/
erwnuI4Ac4Sy6YLUnY8VOCgk7sD2V5yRfFbbUyoVyfRcJ4lEKRgBv/ynse/UKG7c
4VlXpok3WErQX/Dl5DJDVnbm4ZcgbXUWTfP6dk+RHwauNxiTiX1Acti1iAJORViM
V4cjH/flWnlfH3P5viCjl7vyFf0/O2G+QpvVCwqxw2BFMq/elIt3pEauKl4NUbP0
EY5l+zBDkrx7Azpm4zB4wv7UmgL5nyRidW/z1EI1X9u0VwSp9Wrp/mM0MwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFJKpBjGiRcPmmC9MQ/+ut/mG/hrSMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEva3FrR01hSkZ3LWFZTDB4RF82NjMtWWItR3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBAFWaN4D
BAFWaOADBAFWaowDBABZI1oDBABZJ0UDBABZKM8DBAJb2uwwDAMEAF1yMwMEAF1y
NgMEArzQMAMEALzQbQMEA7zV+AMEALzWXjANBgkqhkiG9w0BAQsFAAOCAQEAcgJU
N+DCqP8j87UFsLXYJsY4DEANvtmAbCvoOJ3z+sQmBrul7uIVFvOYMl+B6KIu/8YG
9XtyVI1pTV6OCOS2FJMa/fJ+tqGSQ1cz/NBo/Vb84vPXp64YCOZjpKg85Q3yydMZ
hwVQkjUkf/jiNw7AiugMKpBFC/BSybfklzdNWb/xFNqOz48McC9ILPXNiV95tBRy
Xsn3aH9W7PAZBj4v7jIdCbm4WzCdLSq571zWfKg3A2DX6nwwGSJLUO3taVZnm11N
eRZnPVlC/Ld8ORHjXyQEPlGRoRhfmJ8WXDha52WDLE3WB45+96loARZqDAg0wb4X
skLCaDi34jwau8Wzng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org