Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/qJGwwBPXNi6zXQeRgvLzy97EPwM.roa
File: qJGwwBPXNi6zXQeRgvLzy97EPwM.roa (raw, json)
Hash identifier: Z3+hmMQbHXK5WNSjJ9DwoaXlKXRG955sHac+hAD9LWs=
Subject key identifier: A8:91:B0:C0:13:D7:36:2E:B3:5D:07:91:82:F2:F3:CB:DE:C4:3F:03
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018CFC738F9DA162033FBBFC150C4D42D93F
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/qJGwwBPXNi6zXQeRgvLzy97EPwM.roa
Signing time: Fri 12 Jan 2024 06:54:40 +0000
ROA not before: Fri 12 Jan 2024 06:54:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
45.66.155.0/24 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
85.208.107.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.235.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
5.253.44.0/24 maxlen: 24
5.253.39.0/24 maxlen: 24
45.8.252.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.4.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.9.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 08:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:73:8f:9d:a1:62:03:3f:bb:fc:15:0c:4d:42:d9:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 12 06:54:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a891b0c013d7362eb35d079182f2f3cbdec43f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:97:33:2e:17:e6:cc:56:98:ce:a6:52:6b:2f:
25:08:ec:8a:49:9e:2e:35:b7:7f:f5:21:74:33:76:
75:09:46:14:43:29:95:df:6f:88:c2:76:6c:56:14:
1b:5a:c9:d3:cf:6b:67:9e:86:3d:1c:57:30:cd:ea:
7c:ce:fd:34:69:e7:7e:1e:e3:a7:ab:98:67:d1:a2:
31:f1:bc:7a:4d:d8:26:fd:ca:88:4e:26:08:46:2e:
11:25:44:1b:f5:e1:de:7b:1e:19:24:89:0f:a6:59:
6f:b6:58:fc:34:37:c2:a8:55:60:77:3d:55:84:06:
10:1f:10:3c:5d:17:68:1b:4e:5c:8b:49:da:57:dc:
bd:1f:a5:fb:83:09:69:7f:23:e0:cc:2e:00:89:7c:
dd:45:ea:7d:d8:e0:2b:d7:98:ce:cd:cf:dc:c5:4c:
6d:86:9b:c3:2b:de:1e:ed:1a:c4:42:af:fe:3c:cc:
ed:48:6f:4e:03:95:fa:2d:75:f5:ad:a4:75:23:a3:
a4:2e:42:1d:ab:55:34:de:f4:26:c3:bd:6f:87:5c:
6d:04:55:a7:30:69:6a:92:34:c9:a9:0e:2e:d6:5b:
c3:34:5c:57:a1:1f:f8:3b:5a:ca:20:b5:99:1e:35:
e7:5d:30:fb:bd:99:c8:54:60:7f:2c:6c:06:c4:af:
07:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:91:B0:C0:13:D7:36:2E:B3:5D:07:91:82:F2:F3:CB:DE:C4:3F:03
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/qJGwwBPXNi6zXQeRgvLzy97EPwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.50.0/23
5.180.80.0/24
5.180.235.0/24
5.253.39.0/24
5.253.44.0/23
5.253.47.0/24
45.8.188.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0/24
45.8.255.0-45.9.1.255
45.9.4.0/24
45.9.6.0/23
45.66.152.0/24
45.66.154.0/23
85.208.105.0/24
85.208.107.0/24
85.208.113.0/24
85.208.115.0/24
85.209.160.0/24
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
46:38:ff:29:e8:b0:21:2e:40:d3:f7:34:37:4c:48:7d:7b:bb:
65:21:6d:98:85:ef:d2:29:13:52:7f:cf:14:e3:cf:47:3d:96:
46:ba:17:4e:92:34:fb:16:9e:64:7b:b7:f0:0e:ed:ec:ff:e7:
c3:42:3f:01:a4:30:6c:e5:3b:a9:2f:37:c7:6b:2e:c0:19:37:
ea:d4:79:99:8b:5f:3b:49:e7:87:ed:02:89:c7:2a:24:80:dd:
d6:98:e6:c4:0d:e9:d5:92:e4:0b:22:65:82:91:49:e2:f9:68:
8e:73:b1:03:95:c4:13:ab:1f:fb:d0:35:39:37:44:17:df:a5:
68:3b:2a:b6:1b:53:f0:42:de:a1:80:34:bb:62:2d:3d:dd:99:
da:12:94:5e:85:be:58:5b:26:d9:c1:e8:ad:4c:01:5d:c8:6f:
c9:6f:e0:40:5a:8d:a5:04:12:54:9a:82:cd:13:57:d0:49:c0:
1d:4b:df:22:0e:9e:40:0c:11:cf:eb:47:1c:d0:6f:81:c8:de:
fe:36:0c:d0:55:53:f5:26:2a:84:7c:d7:b5:63:ed:92:4e:fd:
14:f0:16:5f:fa:1e:03:a4:19:f2:84:19:d9:bf:94:54:a5:17:
fd:82:3d:86:51:71:cc:eb:a2:fa:bc:2a:71:0e:aa:38:a3:c3:
a7:15:88:86
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYz8c4+doWIDP7v8FQxNQtk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTEyMDY1NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODkxYjBjMDEzZDczNjJlYjM1ZDA3OTE4MmYyZjNjYmRlYzQzZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZczLhfmzFaYzqZSay8lCOyKSZ4u
Nbd/9SF0M3Z1CUYUQymV32+IwnZsVhQbWsnTz2tnnoY9HFcwzep8zv00aed+HuOn
q5hn0aIx8bx6Tdgm/cqITiYIRi4RJUQb9eHeex4ZJIkPpllvtlj8NDfCqFVgdz1V
hAYQHxA8XRdoG05ci0naV9y9H6X7gwlpfyPgzC4AiXzdRep92OAr15jOzc/cxUxt
hpvDK94e7RrEQq/+PMztSG9OA5X6LXX1raR1I6OkLkIdq1U03vQmw71vh1xtBFWn
MGlqkjTJqQ4u1lvDNFxXoR/4O1rKILWZHjXnXTD7vZnIVGB/LGwGxK8H6QIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFKiRsMAT1zYus10HkYLy88vexD8DMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvcUpHd3dCUFhOaTZ6WFFlUmd2THp5OTdFUHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIF
tCADBAEFtDIDBAAFtFADBAAFtOsDBAAF/ScDBAEF/SwDBAAF/S8wDAMEAi0IvAME
Ai0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQALQj8MAwDBAAtCP8DBAEtCQADBAAt
CQQDBAEtCQYDBAAtQpgDBAEtQpoDBABV0GkDBABV0GsDBABV0HEDBABV0HMDBABV
0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBAEY4/ynosCEuQNP3NDdMSH17u2Uh
bZiF79IpE1J/zxTjz0c9lka6F06SNPsWnmR7t/AO7ez/58NCPwGkMGzlO6kvN8dr
LsAZN+rUeZmLXztJ54ftAonHKiSA3daY5sQN6dWS5AsiZYKRSeL5aI5zsQOVxBOr
H/vQNTk3RBffpWg7KrYbU/BC3qGANLtiLT3dmdoSlF6FvlhbJtnB6K1MAV3Ib8lv
4EBajaUEElSags0TV9BJwB1L3yIOnkAMEc/rRxzQb4HI3v42DNBVU/UmKoR817Vj
7ZJO/RTwFl/6HgOkGfKEGdm/lFSlF/2CPYZRcczrovq8KnEOqjijw6cViIY=
-----END CERTIFICATE-----
Generated at Fri Mar 1 08:51:29 2024 by rpki-client on console-ams.rpki-client.org