Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/skdi-cqq_gmP_Y_lTnkCnJLK2Zo.roa
File: skdi-cqq_gmP_Y_lTnkCnJLK2Zo.roa (raw, json)
Hash identifier: rPKRd1tX0OQS8Ee4Vjie6S3eP/gekk7GeCBhcHSvJQM=
Subject key identifier: B2:47:62:F9:CA:AA:FE:09:8F:FD:8F:E5:4E:79:02:9C:92:CA:D9:9A
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018AFF0DF1A120298504BE4403ACB73E8B95
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/skdi-cqq_gmP_Y_lTnkCnJLK2Zo.roa
Signing time: Thu 05 Oct 2023 08:56:58 +0000
ROA not before: Thu 05 Oct 2023 08:56:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8447
IP address blocks: 213.147.160.0/19 maxlen: 19
192.164.128.0/19 maxlen: 19
178.188.0.0/14 maxlen: 14
85.90.128.0/19 maxlen: 19
213.33.63.0/24 maxlen: 24
193.187.212.0/22 maxlen: 22
213.157.128.0/19 maxlen: 19
192.164.64.0/21 maxlen: 21
193.80.0.0/15 maxlen: 15
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
192.164.80.0/20 maxlen: 20
212.16.32.0/19 maxlen: 19
193.187.240.0/22 maxlen: 22
213.225.0.0/18 maxlen: 18
192.164.96.0/19 maxlen: 19
213.33.0.0/17 maxlen: 17
192.164.224.0/19 maxlen: 19
93.111.0.0/16 maxlen: 22
212.124.128.0/19 maxlen: 19
195.3.64.0/18 maxlen: 18
188.20.0.0/14 maxlen: 24
89.144.192.0/18 maxlen: 18
46.74.0.0/15 maxlen: 23
192.164.208.0/20 maxlen: 20
176.66.0.0/18 maxlen: 18
80.240.224.0/20 maxlen: 24
194.96.0.0/16 maxlen: 16
80.89.96.0/20 maxlen: 20
195.170.64.0/19 maxlen: 19
192.164.0.0/19 maxlen: 19
88.116.217.0/24 maxlen: 24
81.5.192.0/18 maxlen: 18
192.164.32.0/22 maxlen: 22
193.154.0.0/16 maxlen: 16
192.164.40.0/21 maxlen: 21
192.164.39.0/24 maxlen: 24
176.66.128.0/17 maxlen: 17
192.164.48.0/20 maxlen: 20
92.248.0.0/17 maxlen: 17
212.197.128.0/18 maxlen: 18
193.83.0.0/16 maxlen: 16
80.120.0.0/14 maxlen: 24
62.46.0.0/15 maxlen: 15
194.152.160.0/19 maxlen: 19
212.88.160.0/19 maxlen: 24
195.230.32.0/19 maxlen: 19
212.183.0.0/17 maxlen: 24
80.75.56.0/21 maxlen: 21
213.240.64.0/18 maxlen: 18
93.82.0.0/15 maxlen: 15
188.45.0.0/16 maxlen: 16
91.112.0.0/14 maxlen: 14
194.166.0.0/16 maxlen: 16
80.75.34.0/24 maxlen: 24
80.75.32.0/19 maxlen: 22
88.116.0.0/15 maxlen: 15
62.116.32.0/19 maxlen: 19
194.48.124.0/22 maxlen: 22
194.48.128.0/21 maxlen: 21
194.48.136.0/22 maxlen: 22
194.48.136.0/24 maxlen: 24
217.149.160.0/20 maxlen: 20
212.60.160.0/19 maxlen: 19
195.64.0.0/19 maxlen: 19
194.118.0.0/16 maxlen: 16
194.152.96.0/19 maxlen: 19
212.88.0.0/19 maxlen: 19
84.20.160.0/19 maxlen: 19
46.206.0.0/15 maxlen: 15
2001:4bb8::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:850::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 05 Oct 2023 11:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:0d:f1:a1:20:29:85:04:be:44:03:ac:b7:3e:8b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Oct 5 08:56:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b24762f9caaafe098ffd8fe54e79029c92cad99a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:60:38:fe:49:9b:dd:85:37:20:0b:fc:6f:b8:
1b:85:7f:9e:cc:a8:fe:9e:8f:13:84:40:19:18:ef:
a8:a4:a6:e9:4f:03:0d:5f:20:fb:7d:9d:e6:2a:8b:
17:ef:60:6a:cb:17:ec:fd:a0:ea:3d:18:34:d9:d6:
f0:29:6b:1f:d0:54:35:1a:ca:11:14:cb:9c:28:44:
87:52:c1:db:69:68:69:e2:f9:31:44:4f:33:43:f5:
5a:11:53:4d:12:d1:90:ab:0e:94:98:95:7a:97:9b:
a3:89:41:11:ab:2a:fe:74:8d:78:68:ee:73:88:f5:
1e:be:c5:13:e0:95:f2:37:6d:dd:2a:08:7e:66:7c:
71:a2:fd:cc:78:69:4e:a1:ac:b4:71:e4:bf:57:2c:
a6:6b:0d:6b:e0:f6:6b:74:6f:3e:a2:45:72:cf:51:
a0:5f:71:cf:d4:f8:9d:7a:75:f2:8f:1e:a4:06:59:
10:43:12:e7:77:9a:a1:e8:5c:1a:36:a4:ff:46:e3:
bb:32:04:9e:6d:67:bb:2b:93:b7:e5:d5:ad:a0:0c:
c7:29:a7:6c:c7:14:b5:91:25:a3:5b:43:37:00:58:
9e:62:21:05:f6:12:b9:b6:9c:5d:92:28:da:08:3d:
1e:43:3d:20:67:96:d4:c5:e1:cd:ae:0b:55:97:af:
c6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:47:62:F9:CA:AA:FE:09:8F:FD:8F:E5:4E:79:02:9C:92:CA:D9:9A
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/skdi-cqq_gmP_Y_lTnkCnJLK2Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
62.116.32.0/19
80.75.32.0/19
80.89.96.0/20
80.120.0.0/14
80.240.224.0/20
81.5.192.0/18
84.20.160.0/19
85.90.128.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.80.0.0/15
193.83.0.0/16
193.154.0.0/16
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
194.96.0.0/16
194.118.0.0/16
194.152.96.0/19
194.152.160.0/19
194.166.0.0/16
195.3.64.0/18
195.64.0.0/19
195.170.64.0/19
195.230.32.0/19
212.16.32.0/19
212.60.160.0/19
212.88.0.0/19
212.88.160.0/19
212.124.128.0/19
212.183.0.0/17
212.197.128.0/18
213.33.0.0/17
213.147.160.0/19
213.157.128.0/19
213.225.0.0/18
213.240.64.0/18
217.149.160.0/20
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
6a:25:84:98:ea:3a:d6:f7:b2:97:11:09:c7:6a:d2:5f:3e:86:
49:8e:38:e5:c1:5b:dc:65:27:03:f9:70:30:84:c4:bf:30:bb:
25:31:f1:fe:8b:48:ad:5c:3b:9e:67:ae:3d:65:54:40:c2:cd:
80:31:47:ac:97:a3:cf:09:c1:00:7e:90:fe:c1:5e:07:11:a2:
6f:10:98:c2:6c:b3:a3:4c:01:62:71:e9:83:60:b7:6b:1f:4f:
6b:2c:88:61:65:28:cb:26:bf:7e:4a:37:f3:2e:89:c0:14:40:
73:22:e8:0e:ce:da:9a:10:8a:93:f5:0a:6e:2a:ac:f9:df:a7:
6c:d6:a5:30:ca:71:34:32:86:67:74:9e:a9:89:1a:e8:87:68:
55:e7:65:d6:a6:0d:d4:66:ff:5f:78:e9:6d:6f:57:79:84:89:
75:7d:8b:c3:55:67:4b:94:ca:a4:fe:4f:93:17:2f:b7:b1:90:
06:14:a4:03:25:c2:a4:71:78:78:b4:83:60:38:50:c6:f4:bb:
f8:ce:4d:b8:3f:46:cd:fb:7f:69:d6:c3:e7:42:5c:f0:f4:63:
bf:73:83:12:17:d4:60:df:d3:d1:32:63:a0:76:2b:9a:50:af:
c5:70:0f:a4:57:ea:a2:2e:4e:ba:56:a2:a1:0e:1f:15:72:0c:
fc:0f:d9:17
-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgISAYr/DfGhICmFBL5EA6y3PouVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMxMDA1MDg1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjQ3NjJmOWNhYWFmZTA5OGZmZDhmZTU0ZTc5MDI5YzkyY2FkOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWA4/kmb3YU3IAv8b7gbhX+ezKj+
no8ThEAZGO+opKbpTwMNXyD7fZ3mKosX72Bqyxfs/aDqPRg02dbwKWsf0FQ1GsoR
FMucKESHUsHbaWhp4vkxRE8zQ/VaEVNNEtGQqw6UmJV6l5ujiUERqyr+dI14aO5z
iPUevsUT4JXyN23dKgh+Znxxov3MeGlOoay0ceS/Vyymaw1r4PZrdG8+okVyz1Gg
X3HP1PidenXyjx6kBlkQQxLnd5qh6FwaNqT/RuO7MgSebWe7K5O35dWtoAzHKads
xxS1kSWjW0M3AFieYiEF9hK5tpxdkijaCD0eQz0gZ5bUxeHNrgtVl6/GFQIDAQAB
o4IDjDCCA4gwHQYDVR0OBBYEFLJHYvnKqv4Jj/2P5U55ApySytmaMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvc2tkaS1jcXFfZ21QX1lfbFRua0NuSkxLMlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBoAYIKwYBBQUHAQcBAf8EggGPMIIBizCCAWMEAgABMIIB
WwMDAS5KAwMBLs4DAwE+LgMEBT50IAMEBVBLIAMEBFBZYAMDAlB4AwQEUPDgAwQG
UQXAAwQFVBSgAwQFVVqAAwMBWHQDBAZZkMADAwJbcAMEB1z4AAMDAV1SAwMAXW8D
BAawQgADBAewQoADAwKyvAMDArwUAwMAvC0wCwMDAsCkAwQCwKQgMAwDBADApCcD
BAPApEAwDAMEBMCkUAMEBcCkgDALAwQEwKTQAwMAwKQDAwHBUAMDAMFTAwMAwZow
DAMEAsG71AMEAsG78DAMAwQCwjB8AwQCwjCIAwMAwmADAwDCdgMEBcKYYAMEBcKY
oAMDAMKmAwQGwwNAAwQFw0AAAwQFw6pAAwQFw+YgAwQF1BAgAwQF1DygAwQF1FgA
AwQF1FigAwQF1HyAAwQH1LcAAwQG1MWAAwQH1SEAAwQF1ZOgAwQF1Z2AAwQG1eEA
AwQG1fBAAwQE2ZWgMCIEAgACMBwDBQMgAQhQAwUDIAEIcAMFAyABCJADBQMgAUu4
MA0GCSqGSIb3DQEBCwUAA4IBAQBqJYSY6jrW97KXEQnHatJfPoZJjjjlwVvcZScD
+XAwhMS/MLslMfH+i0itXDueZ649ZVRAws2AMUesl6PPCcEAfpD+wV4HEaJvEJjC
bLOjTAFicemDYLdrH09rLIhhZSjLJr9+SjfzLonAFEBzIugOztqaEIqT9QpuKqz5
36ds1qUwynE0MoZndJ6piRroh2hV52XWpg3UZv9feOltb1d5hIl1fYvDVWdLlMqk
/k+TFy+3sZAGFKQDJcKkcXh4tINgOFDG9Lv4zk24P0bN+39p1sPnQlzw9GO/c4MS
F9Rg39PRMmOgdiuaUK/FcA+kV+qiLk66VqKhDh8Vcgz8D9kX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:16 2024 by rpki-client on console-ams.rpki-client.org