Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/q3SwPBmvp4IxVAhsjgd2NkhO5wM.roa
File: q3SwPBmvp4IxVAhsjgd2NkhO5wM.roa (raw, json)
Hash identifier: 1pJ/uaEVh8eR3ifZvxnLo/MsRgqUPg79O+tmixALAwM=
Subject key identifier: AB:74:B0:3C:19:AF:A7:82:31:54:08:6C:8E:07:76:36:48:4E:E7:03
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 01856D78721DF8046422D82C05FC8481EC06
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/q3SwPBmvp4IxVAhsjgd2NkhO5wM.roa
Signing time: Sun 01 Jan 2023 13:14:48 +0000
ROA not before: Sun 01 Jan 2023 13:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34659
IP address blocks: 83.136.160.0/21 maxlen: 25
5.104.192.0/21 maxlen: 24
193.36.52.0/22 maxlen: 24
185.153.96.0/22 maxlen: 24
178.21.176.0/21 maxlen: 24
77.247.104.0/22 maxlen: 24
213.41.240.0/21 maxlen: 21
185.45.228.0/22 maxlen: 24
194.169.176.0/22 maxlen: 24
194.104.16.0/22 maxlen: 24
85.31.168.0/22 maxlen: 24
185.83.236.0/22 maxlen: 24
185.185.4.0/22 maxlen: 24
185.185.8.0/22 maxlen: 24
185.96.156.0/22 maxlen: 24
2a07:8580::/29 maxlen: 48
2a00:1db8::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Jul 2023 09:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:72:1d:f8:04:64:22:d8:2c:05:fc:84:81:ec:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jan 1 13:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab74b03c19afa7823154086c8e077636484ee703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:85:86:75:a7:ba:a5:11:4c:e0:ca:a9:c3:ab:
a8:62:79:9c:7b:dd:09:91:e9:9e:7b:0e:fe:9a:ae:
38:a2:4c:66:65:b7:a0:14:f0:30:38:34:e8:07:3a:
c8:9e:b7:d5:24:9b:56:99:e7:88:1a:58:6d:6c:51:
c1:f7:6a:3b:9b:af:de:0b:0f:b3:5f:54:e0:e3:1f:
96:18:e9:f5:c1:ca:4a:5a:fb:0f:7b:8b:70:bf:76:
55:a9:c0:de:5a:2b:3a:67:d5:de:c2:a8:97:4a:a8:
af:d7:27:e9:ec:31:d3:05:71:63:54:05:5e:f7:3b:
6c:fa:01:41:76:c3:84:7e:56:af:be:f4:f7:b9:6b:
0c:a6:fe:ac:a4:6e:ff:ca:4b:d9:5f:4c:b3:51:9e:
44:e2:2e:b9:f1:32:cb:22:cc:61:d6:d4:30:98:f7:
d4:f6:9e:7b:17:a9:dc:e0:42:01:cf:0e:f5:63:f7:
87:88:f1:6a:a4:f6:8f:72:28:c2:2b:e1:3a:83:b1:
ad:b6:23:cc:d3:70:8c:1e:5a:4d:92:2a:0f:d2:ad:
69:91:5e:df:97:7c:8d:e4:fb:8d:15:3a:f3:ed:b6:
b2:50:75:95:d2:5a:af:b1:b0:75:4d:cb:09:c7:c2:
f4:dc:4f:db:0e:da:e7:bd:c2:98:6c:aa:cc:d7:ed:
9f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:74:B0:3C:19:AF:A7:82:31:54:08:6C:8E:07:76:36:48:4E:E7:03
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/q3SwPBmvp4IxVAhsjgd2NkhO5wM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.192.0/21
77.247.104.0/22
83.136.160.0/21
85.31.168.0/22
178.21.176.0/21
185.45.228.0/22
185.83.236.0/22
185.96.156.0/22
185.153.96.0/22
185.185.4.0-185.185.11.255
193.36.52.0/22
194.104.16.0/22
194.169.176.0/22
213.41.240.0/21
IPv6:
2a00:1db8::/29
2a07:8580::/29
Signature Algorithm: sha256WithRSAEncryption
71:35:cc:c0:c4:74:51:5d:1f:e1:f3:60:2e:8b:04:24:38:d4:
b0:c9:e7:da:30:38:b2:58:df:d8:57:1b:10:82:3a:87:4d:17:
ba:65:02:46:78:e6:48:06:5b:53:aa:33:b1:a1:31:f8:68:77:
ef:49:a5:9b:25:8c:07:d0:f4:e7:e9:5a:6c:b7:1f:1e:e5:a2:
62:1d:47:62:cc:7e:0e:c4:d1:27:d9:53:15:69:a3:14:b3:74:
23:4d:fe:74:79:54:a2:91:29:bd:3f:39:dd:52:6e:a7:32:98:
c9:3f:c1:c9:b9:f6:73:97:e8:24:27:19:a4:c1:1c:a6:3e:ae:
79:1c:45:92:72:d5:f0:ab:e8:db:39:10:06:cf:a5:d9:03:9a:
df:71:da:30:11:89:be:20:ca:80:71:ff:cf:fd:a7:7c:ae:fc:
cb:54:45:76:ae:02:a7:f1:96:12:df:1e:95:73:ec:9a:13:70:
93:36:63:45:8b:88:b3:75:9d:9f:76:31:58:88:76:60:1e:56:
d4:c6:58:2a:f6:fa:5c:5e:50:19:e3:c0:21:1e:f7:a5:67:04:
b5:6e:b1:b6:a4:03:9a:eb:1c:94:84:23:29:bd:9e:d2:b3:35:
3d:c9:bb:15:ec:ac:9c:c0:f5:80:6c:a1:e8:de:c4:4b:4d:0e:
d4:1d:d4:da
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYVteHId+ARkItgsBfyEgewGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjMwMTAxMTMxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjc0YjAzYzE5YWZhNzgyMzE1NDA4NmM4ZTA3NzYzNjQ4NGVlNzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYWGdae6pRFM4Mqpw6uoYnmce90J
kemeew7+mq44okxmZbegFPAwODToBzrInrfVJJtWmeeIGlhtbFHB92o7m6/eCw+z
X1Tg4x+WGOn1wcpKWvsPe4twv3ZVqcDeWis6Z9XewqiXSqiv1yfp7DHTBXFjVAVe
9zts+gFBdsOEflavvvT3uWsMpv6spG7/ykvZX0yzUZ5E4i658TLLIsxh1tQwmPfU
9p57F6nc4EIBzw71Y/eHiPFqpPaPcijCK+E6g7GttiPM03CMHlpNkioP0q1pkV7f
l3yN5PuNFTrz7bayUHWV0lqvsbB1TcsJx8L03E/bDtrnvcKYbKrM1+2flQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFKt0sDwZr6eCMVQIbI4HdjZITucDMB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvcTNTd1BCbXZwNEl4VkFoc2pnZDJOa2hPNXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi
LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXAMEAwVowAME
Ak33aAMEA1OIoAMEAlUfqAMEA7IVsAMEArkt5AMEArlT7AMEArlgnAMEArmZYDAM
AwQCubkEAwQCubkIAwQCwSQ0AwQCwmgQAwQCwqmwAwQD1SnwMBQEAgACMA4DBQMq
AB24AwUDKgeFgDANBgkqhkiG9w0BAQsFAAOCAQEAcTXMwMR0UV0f4fNgLosEJDjU
sMnn2jA4sljf2FcbEII6h00XumUCRnjmSAZbU6ozsaEx+Gh370mlmyWMB9D05+la
bLcfHuWiYh1HYsx+DsTRJ9lTFWmjFLN0I03+dHlUopEpvT853VJupzKYyT/Bybn2
c5foJCcZpMEcpj6ueRxFknLV8Kvo2zkQBs+l2QOa33HaMBGJviDKgHH/z/2nfK78
y1RFdq4Cp/GWEt8elXPsmhNwkzZjRYuIs3Wdn3YxWIh2YB5W1MZYKvb6XF5QGePA
IR73pWcEtW6xtqQDmusclIQjKb2e0rM1Pcm7FeysnMD1gGyh6N7ES00O1B3U2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:27 2024 by rpki-client on console-fra.rpki-client.org