Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/Qd63y-fKnDc61aYVq2Y8NfPLV0Q.roa
File: Qd63y-fKnDc61aYVq2Y8NfPLV0Q.roa (raw, json)
Hash identifier: Om8etr/1SgCfzLBvelPw/Aci92cp5pUs3fNOoNlzIIw=
Subject key identifier: 41:DE:B7:CB:E7:CA:9C:37:3A:D5:A6:15:AB:66:3C:35:F3:CB:57:44
Certificate issuer: /CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
Certificate serial: 018931E2BF6AB324F75784C324B7ECA209EE
Authority key identifier: C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/Qd63y-fKnDc61aYVq2Y8NfPLV0Q.roa
Signing time: Fri 07 Jul 2023 19:44:50 +0000
ROA not before: Fri 07 Jul 2023 19:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34569
IP address blocks: 109.120.192.0/18 maxlen: 18
109.120.213.0/24 maxlen: 24
212.25.32.0/19 maxlen: 19
212.25.58.0/24 maxlen: 24
212.25.62.0/24 maxlen: 24
109.120.215.0/24 maxlen: 24
185.211.200.0/23 maxlen: 23
109.120.218.0/23 maxlen: 23
109.120.222.0/23 maxlen: 23
109.120.224.0/22 maxlen: 22
109.120.220.0/23 maxlen: 23
109.120.230.0/23 maxlen: 23
109.120.228.0/23 maxlen: 24
109.120.232.0/23 maxlen: 23
109.120.238.0/23 maxlen: 23
109.120.240.0/23 maxlen: 23
109.120.242.0/23 maxlen: 23
109.120.244.0/22 maxlen: 22
109.120.252.0/23 maxlen: 23
109.120.248.0/22 maxlen: 22
77.78.38.0/24 maxlen: 24
77.78.56.0/22 maxlen: 22
77.78.60.0/22 maxlen: 22
77.78.0.0/18 maxlen: 18
77.78.20.0/23 maxlen: 23
2a13:86c1:400::/40 maxlen: 40
2a13:86c1:300::/40 maxlen: 40
2a13:86c1:e00::/40 maxlen: 40
2a13:86c1:b00::/40 maxlen: 40
2a13:86c1::/40 maxlen: 40
2a13:86c1:500::/40 maxlen: 40
2a13:86c1:200::/40 maxlen: 40
2a13:86c1:700::/40 maxlen: 40
2a13:86c1:a00::/40 maxlen: 40
2a13:86c1:d00::/40 maxlen: 40
2a13:86c1:1000::/40 maxlen: 40
2a13:86c1:900::/40 maxlen: 40
2a13:86c1:c00::/40 maxlen: 40
2a13:86c1:800::/40 maxlen: 40
2a13:86c1:600::/40 maxlen: 40
2a13:86c1:f00::/40 maxlen: 40
2a13:86c1:100::/40 maxlen: 40
2a13:86c2::/40 maxlen: 40
2a13:86c0::/40 maxlen: 40
2a13:86c0::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:31:e2:bf:6a:b3:24:f7:57:84:c3:24:b7:ec:a2:09:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
Validity
Not Before: Jul 7 19:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41deb7cbe7ca9c373ad5a615ab663c35f3cb5744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9d:df:fc:3a:1f:1e:8b:a7:bf:9c:f1:58:2c:
ce:5b:79:22:f5:4b:a5:02:ff:0d:40:f9:fc:60:4a:
e0:57:47:aa:4c:26:6e:7f:0e:51:7b:24:2d:28:96:
58:4d:e8:be:62:41:74:4d:98:f7:33:85:10:ec:7e:
95:a4:e4:20:cd:ca:69:3c:ad:ce:9f:55:de:fa:f2:
7a:a9:71:25:bc:0c:21:0b:39:a5:68:03:7a:d6:26:
db:c2:dd:f1:a8:f4:25:7c:c8:39:20:6b:22:e0:b1:
51:fa:2a:33:ad:2b:bf:44:42:59:e2:d0:dc:34:41:
6c:a6:8f:80:a9:52:ab:63:86:ff:7b:96:b9:25:4d:
63:86:fa:4e:9b:d8:f4:07:bd:ce:7b:37:a1:0c:7c:
d1:77:58:9d:b4:39:f3:42:ac:b3:ec:e5:7e:ec:dd:
0f:12:90:91:d2:7c:80:49:1e:07:d0:00:45:60:86:
c2:a1:a7:06:92:0a:1a:1b:fd:77:0d:bd:30:4a:4c:
80:dd:6e:c7:23:73:5f:75:25:30:a7:c4:df:9b:a8:
ce:18:7f:3c:9f:3d:1e:b1:64:e8:6c:df:3c:f2:39:
07:9f:eb:d0:e3:27:e0:b0:d0:82:3d:b6:01:35:a7:
85:17:71:98:12:e5:bb:87:92:85:db:ee:36:9c:87:
47:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:DE:B7:CB:E7:CA:9C:37:3A:D5:A6:15:AB:66:3C:35:F3:CB:57:44
X509v3 Authority Key Identifier:
keyid:C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/Qd63y-fKnDc61aYVq2Y8NfPLV0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/x0636jUjjQKZfELrV0o4ow5dAOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.0.0/18
109.120.192.0/18
185.211.200.0/23
212.25.32.0/19
IPv6:
2a13:86c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:6d:30:70:ab:c2:d7:a3:04:99:0a:f3:ff:2f:ab:6a:9d:5b:
f1:26:83:f7:53:11:72:15:30:e8:56:fd:6c:f0:a8:0f:f7:55:
b5:9a:03:22:b9:63:af:d4:42:37:c3:09:06:38:e0:b9:dc:6f:
dc:9d:71:3a:c9:41:4c:71:8c:7e:87:eb:be:43:57:1a:3d:c0:
c7:c4:f8:a9:c1:36:dd:b0:ab:7d:59:e4:29:30:dd:09:c8:ba:
c6:73:a7:3e:5c:64:f1:23:99:3e:f9:a8:76:6e:62:07:f4:7a:
63:bb:7a:67:22:29:11:97:91:65:55:8d:89:fb:a8:f8:d9:cd:
a3:8b:10:0f:8f:47:eb:32:78:fe:c9:1a:26:e1:18:29:be:31:
09:82:bc:0f:85:e3:8a:04:e6:4e:9c:54:17:4f:6d:14:d5:92:
3a:84:ea:12:2b:8a:4b:d0:37:4a:6b:9d:1f:ea:7e:4a:f4:4f:
39:d0:a1:1a:74:4b:6f:e5:cc:e6:76:5a:28:4e:dc:db:f0:05:
97:0c:de:b9:6b:10:c4:64:44:0f:99:5e:48:4d:e6:e3:7f:59:
76:05:c1:14:0f:05:4a:3f:f2:20:2a:35:8f:45:24:68:71:23:
9c:04:92:cc:6c:95:fb:17:1f:d2:26:ae:df:33:7e:e7:d7:c9:
8b:a0:65:2e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYkx4r9qsyT3V4TDJLfsognuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGViN2VhMzUyMzhkMDI5OTdjNDJlYjU3NGEzOGEzMGU1
ZDAwZTcwHhcNMjMwNzA3MTk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWRlYjdjYmU3Y2E5YzM3M2FkNWE2MTVhYjY2M2MzNWYzY2I1NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn53f/DofHounv5zxWCzOW3ki9Uul
Av8NQPn8YErgV0eqTCZufw5ReyQtKJZYTei+YkF0TZj3M4UQ7H6VpOQgzcppPK3O
n1Xe+vJ6qXElvAwhCzmlaAN61ibbwt3xqPQlfMg5IGsi4LFR+iozrSu/REJZ4tDc
NEFspo+AqVKrY4b/e5a5JU1jhvpOm9j0B73OezehDHzRd1idtDnzQqyz7OV+7N0P
EpCR0nyASR4H0ABFYIbCoacGkgoaG/13Db0wSkyA3W7HI3NfdSUwp8Tfm6jOGH88
nz0esWTobN888jkHn+vQ4yfgsNCCPbYBNaeFF3GYEuW7h5KF2+42nIdHYwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEHet8vnypw3OtWmFatmPDXzy1dEMB8GA1UdIwQY
MBaAFMdOt+o1I40CmXxC61dKOKMOXQDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDA2MzZqVWpqUUtaZkVMclYwbzRvdzVkQU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9mNmJkNWYtN2UyNi00MDcyLTlkMWEt
MTU3ZTNjMTY5OTE4LzEvUWQ2M3ktZktuRGM2MWFZVnEyWThOZlBMVjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9mNmJkNWYtN2UyNi00MDcyLTlkMWEtMTU3ZTNjMTY5OTE4
LzEveDA2MzZqVWpqUUtaZkVMclYwbzRvdzVkQU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGTU4AAwQG
bXjAAwQBudPIAwQF1BkgMA0EAgACMAcDBQMqE4bAMA0GCSqGSIb3DQEBCwUAA4IB
AQA+bTBwq8LXowSZCvP/L6tqnVvxJoP3UxFyFTDoVv1s8KgP91W1mgMiuWOv1EI3
wwkGOOC53G/cnXE6yUFMcYx+h+u+Q1caPcDHxPipwTbdsKt9WeQpMN0JyLrGc6c+
XGTxI5k++ah2bmIH9Hpju3pnIikRl5FlVY2J+6j42c2jixAPj0frMnj+yRom4Rgp
vjEJgrwPheOKBOZOnFQXT20U1ZI6hOoSK4pL0DdKa50f6n5K9E850KEadEtv5czm
dlooTtzb8AWXDN65axDEZEQPmV5ITebjf1l2BcEUDwVKP/IgKjWPRSRocSOcBJLM
bJX7Fx/SJq7fM37n18mLoGUu
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:02 2024 by rpki-client on console-ams.rpki-client.org