Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/q8-Zrq9p78j-jz1oXLqXCSOiWSM.roa
File: q8-Zrq9p78j-jz1oXLqXCSOiWSM.roa (raw, json)
Hash identifier: SyEC2MrdtOm6XPCF6tjyqt29wuyQcEQDT6Fozkbwuf0=
Subject key identifier: AB:CF:99:AE:AF:69:EF:C8:FE:8F:3D:68:5C:BA:97:09:23:A2:59:23
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 018CC8DECD238D1763432CFBA9D6938C4FE3
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/q8-Zrq9p78j-jz1oXLqXCSOiWSM.roa
Signing time: Tue 02 Jan 2024 06:31:33 +0000
ROA not before: Tue 02 Jan 2024 06:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 185.17.24.0/22 maxlen: 22
78.157.192.0/19 maxlen: 19
78.110.160.0/20 maxlen: 20
94.229.64.0/20 maxlen: 20
77.74.192.0/21 maxlen: 21
31.132.0.0/21 maxlen: 21
185.103.96.0/22 maxlen: 22
178.159.0.0/20 maxlen: 20
37.9.56.0/21 maxlen: 21
5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
2a01:a500::/32 maxlen: 32
2a01:a500:2566::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:1::/48 maxlen: 48
2a01:a507::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Mar 2024 19:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:cd:23:8d:17:63:43:2c:fb:a9:d6:93:8c:4f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Jan 2 06:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abcf99aeaf69efc8fe8f3d685cba970923a25923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:47:f0:24:3c:47:49:1c:ec:84:7c:92:ff:1d:
e6:b5:50:a8:6d:8f:05:6b:9b:54:8e:87:33:83:30:
0d:6e:7c:c6:a2:76:b7:da:2a:85:a4:94:5a:47:57:
7d:76:69:90:e1:b9:7a:b5:b1:12:26:de:b2:ba:3b:
dd:26:b4:c9:6c:b5:81:9e:01:af:a1:fe:76:ba:d5:
ba:f9:2c:90:ba:d4:17:be:cb:00:26:ee:d3:e8:b3:
98:3b:ff:ba:5c:49:b0:82:d2:72:ff:09:69:b0:26:
45:76:58:d8:d9:ee:3e:c0:3a:74:16:b6:d9:1f:d2:
8a:bb:1a:2e:c2:37:64:5d:5a:89:69:a8:93:42:96:
c1:a2:a1:75:13:38:46:96:86:fd:c2:83:ab:0b:92:
a1:e5:71:55:a9:b9:c3:d6:29:95:5e:77:ca:97:aa:
0c:19:d4:3f:30:13:d2:e9:51:5d:5c:b4:e0:b3:6a:
3a:bb:ad:af:32:01:7e:d4:b1:ec:59:2d:f8:34:c4:
0a:9c:85:2f:9b:ba:b0:f7:da:10:01:cf:ea:03:da:
28:d9:94:44:e9:eb:01:3e:be:1e:61:8c:ec:20:31:
16:0a:e7:40:08:95:6e:d3:17:f7:d9:2c:14:ca:db:
a4:37:82:3f:17:43:a7:a7:af:a2:4a:c7:c0:37:ef:
37:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:CF:99:AE:AF:69:EF:C8:FE:8F:3D:68:5C:BA:97:09:23:A2:59:23
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/q8-Zrq9p78j-jz1oXLqXCSOiWSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
78.110.160.0/20
78.157.192.0/19
94.229.64.0/20
178.159.0.0/20
185.17.24.0/22
185.103.96.0/22
IPv6:
2a01:a500::/32
2a01:a507::/32
Signature Algorithm: sha256WithRSAEncryption
7a:1b:83:63:0b:9c:63:ca:9a:a1:3f:bf:26:2b:ad:ef:e7:6a:
31:89:1a:ea:a5:e3:b7:7b:2b:a5:1a:34:26:e0:3e:b7:67:d5:
40:2e:1e:b5:8b:1a:da:7c:b6:d8:26:03:e0:fa:a5:d1:85:4e:
12:f4:3e:c2:e0:94:73:70:d5:03:f2:d4:1a:0d:3d:70:37:39:
78:94:9e:f5:e5:3f:d8:a7:b2:9f:a3:3a:a3:cb:86:be:df:57:
3d:90:f2:d2:d0:35:1e:86:6f:62:76:d0:de:c7:cf:6d:cc:75:
e8:d5:eb:9c:9c:52:1c:4c:2a:ce:ff:2c:25:1f:f9:a2:4a:eb:
52:91:ca:bd:fd:ba:aa:6f:91:31:ad:1d:63:e1:a0:f0:ca:2e:
3d:df:1a:94:6d:2b:6b:70:cd:f6:24:c1:ae:c7:37:b7:5a:71:
b7:47:62:8c:28:51:b7:34:89:c1:ff:57:af:f5:24:49:f8:ab:
e0:b4:63:e4:d6:39:fa:47:5b:50:b9:90:b4:ee:0b:ff:00:c8:
45:73:53:1e:32:67:54:9d:75:90:2e:3f:d6:e0:bb:6a:5d:af:
94:57:3d:37:d4:8f:5b:98:a4:28:1d:2d:d3:69:f0:28:25:21:
07:c7:7c:2f:74:99:8c:d5:ab:80:48:1c:47:51:94:2c:53:2a:
5d:96:bb:42
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzI3s0jjRdjQyz7qdaTjE/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjQwMTAyMDYzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmNmOTlhZWFmNjllZmM4ZmU4ZjNkNjg1Y2JhOTcwOTIzYTI1OTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkfwJDxHSRzshHyS/x3mtVCobY8F
a5tUjoczgzANbnzGona32iqFpJRaR1d9dmmQ4bl6tbESJt6yujvdJrTJbLWBngGv
of52utW6+SyQutQXvssAJu7T6LOYO/+6XEmwgtJy/wlpsCZFdljY2e4+wDp0FrbZ
H9KKuxouwjdkXVqJaaiTQpbBoqF1EzhGlob9woOrC5Kh5XFVqbnD1imVXnfKl6oM
GdQ/MBPS6VFdXLTgs2o6u62vMgF+1LHsWS34NMQKnIUvm7qw99oQAc/qA9oo2ZRE
6esBPr4eYYzsIDEWCudACJVu0xf32SwUytukN4I/F0Onp6+iSsfAN+83swIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFKvPma6vae/I/o89aFy6lwkjolkjMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvcTgtWnJxOXA3OGotanoxb1hMcVhDU09pV1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQMAwDBAMFZYgD
BAMFZZADBAMFZagDBAMfhAADBAMlCTgDBANNSsADBANNS3gDBARObqADBAVOncAD
BARe5UADBASynwADBAK5ERgDBAK5Z2AwFAQCAAIwDgMFACoBpQADBQAqAaUHMA0G
CSqGSIb3DQEBCwUAA4IBAQB6G4NjC5xjypqhP78mK63v52oxiRrqpeO3eyulGjQm
4D63Z9VALh61ixrafLbYJgPg+qXRhU4S9D7C4JRzcNUD8tQaDT1wNzl4lJ715T/Y
p7Kfozqjy4a+31c9kPLS0DUehm9idtDex89tzHXo1eucnFIcTCrO/ywlH/miSutS
kcq9/bqqb5ExrR1j4aDwyi493xqUbStrcM32JMGuxze3WnG3R2KMKFG3NInB/1ev
9SRJ+KvgtGPk1jn6R1tQuZC07gv/AMhFc1MeMmdUnXWQLj/W4LtqXa+UVz031I9b
mKQoHS3TafAoJSEHx3wvdJmM1auASBxHUZQsUypdlrtC
Generated at Tue Mar 12 21:02:14 2024 by rpki-client on console-fra.rpki-client.org