Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/QEiM0JQvPjJM5UDV6C5T64fYLUY.roa
File: QEiM0JQvPjJM5UDV6C5T64fYLUY.roa (raw, json)
Hash identifier: HdfoyCFUIDv63TaI/+9lkMoi05SaYimuWIo0y3WeFoI=
Subject key identifier: 40:48:8C:D0:94:2F:3E:32:4C:E5:40:D5:E8:2E:53:EB:87:D8:2D:46
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018BBDC6FF2162BAE59330053384675340C7
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/QEiM0JQvPjJM5UDV6C5T64fYLUY.roa
Signing time: Sat 11 Nov 2023 09:46:57 +0000
ROA not before: Sat 11 Nov 2023 09:46:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8849
IP address blocks: 185.230.245.0/24 maxlen: 24
103.111.112.0/22 maxlen: 22
91.192.81.0/24 maxlen: 24
5.44.249.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.36.162.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
193.35.224.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
2a06:f902:4000::/36 maxlen: 36
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:c6:ff:21:62:ba:e5:93:30:05:33:84:67:53:40:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Nov 11 09:46:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40488cd0942f3e324ce540d5e82e53eb87d82d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:81:47:52:37:44:5a:a8:87:76:d2:34:b1:62:
e1:bd:f2:c0:e1:90:1c:af:ac:30:51:32:2d:a7:29:
00:b9:32:02:e6:06:0e:79:52:c2:7e:a0:a4:77:f8:
05:40:f6:a2:d1:ef:96:76:63:e0:69:3d:e1:da:f2:
a2:c3:9e:f3:9f:33:43:02:0a:14:70:28:b0:01:b8:
74:d3:3a:05:4a:c9:7a:28:71:53:c1:3c:a9:da:54:
17:3a:31:97:a9:0b:7a:e3:29:b8:f7:50:28:19:d8:
78:7a:cb:2a:1b:1c:40:18:76:6b:32:d1:f8:0e:4c:
73:4f:91:f6:06:41:22:46:db:7e:1d:c8:75:8f:22:
45:10:c8:9b:17:27:8b:9f:d5:e9:d6:aa:a9:dc:8a:
23:f5:1c:fb:d9:87:1f:f5:68:3b:ec:da:3d:6e:da:
50:3f:18:87:bb:23:3d:10:e2:ef:d4:a4:e7:ce:e0:
72:7a:3d:11:60:88:e8:53:ea:d7:c5:c4:0d:59:e6:
15:dd:84:20:0e:e6:a0:8f:60:44:08:63:3a:66:23:
13:6a:7e:42:5d:f3:0e:fb:42:95:6b:4b:3d:5e:63:
f9:90:c2:1b:54:56:72:ec:88:d9:c3:28:69:f6:e4:
64:89:33:d0:ac:db:41:99:61:eb:51:97:b5:70:d8:
52:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:48:8C:D0:94:2F:3E:32:4C:E5:40:D5:E8:2E:53:EB:87:D8:2D:46
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/QEiM0JQvPjJM5UDV6C5T64fYLUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.174.68.0/22
103.111.112.0/22
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.230.245.0/24
193.35.224.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
Signature Algorithm: sha256WithRSAEncryption
42:ea:28:10:da:25:e5:7b:98:98:ff:ab:19:fa:27:a4:bd:d6:
59:3c:a6:84:d8:91:14:68:48:fd:45:20:27:7b:7d:f0:04:3b:
b8:33:66:05:b9:c5:83:21:6c:9c:4b:d4:51:b1:40:6f:52:47:
a6:89:5f:26:14:b8:d2:05:4d:b6:c7:ae:15:e2:08:76:a6:f1:
1b:27:1e:6f:57:02:a6:32:0a:99:86:3c:a9:f5:be:81:25:41:
19:8f:33:29:3a:c4:fd:95:2f:70:83:99:f6:b4:1b:ee:bb:b4:
6e:b6:c0:fb:28:41:21:dd:80:b7:06:63:3d:d7:14:15:b2:ed:
c6:d3:ab:6f:f3:1d:16:ae:d6:d9:e4:d7:27:d3:68:51:5e:71:
2f:48:80:0f:28:d7:4a:db:22:a9:2c:e3:66:e6:06:1e:c7:13:
cd:01:ab:82:f0:eb:67:08:67:ad:16:7c:f3:8e:06:c8:4a:b7:
6f:68:70:f2:67:5d:25:03:dd:d8:01:cf:a8:f3:f8:b5:7d:ba:
5a:75:19:ac:20:cb:f3:b9:50:d3:bb:17:aa:0c:8b:8f:e7:77:
93:e7:5c:4a:11:9e:e7:46:e7:2d:97:98:8c:ee:0f:36:43:7b:
eb:79:94:4b:85:bf:7b:21:19:5d:e7:d5:aa:fd:c0:ef:1f:cd:
17:f5:e3:a1
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYu9xv8hYrrlkzAFM4RnU0DHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMxMTExMDk0NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQ4OGNkMDk0MmYzZTMyNGNlNTQwZDVlODJlNTNlYjg3ZDgyZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoFHUjdEWqiHdtI0sWLhvfLA4ZAc
r6wwUTItpykAuTIC5gYOeVLCfqCkd/gFQPai0e+WdmPgaT3h2vKiw57znzNDAgoU
cCiwAbh00zoFSsl6KHFTwTyp2lQXOjGXqQt64ym491AoGdh4essqGxxAGHZrMtH4
DkxzT5H2BkEiRtt+Hch1jyJFEMibFyeLn9Xp1qqp3Ioj9Rz72Ycf9Wg77No9btpQ
PxiHuyM9EOLv1KTnzuByej0RYIjoU+rXxcQNWeYV3YQgDuagj2BECGM6ZiMTan5C
XfMO+0KVa0s9XmP5kMIbVFZy7IjZwyhp9uRkiTPQrNtBmWHrUZe1cNhSCQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFEBIjNCULz4yTOVA1eguU+uH2C1GMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvUUVpTTBKUXZQakpNNVVEVjZDNVQ2NGZZTFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijBgBAIAATBaAwQABSz5
AwQAH97iAwQAPnq7AwQBWNIkAwQBWSSiAwQAWSjiAwQAW8BRAwQCX65EAwQCZ29w
AwQAnv9MAwQAsGHAAwQBuYzSAwQAuZM1AwQAueb1AwQAwSPgMCYEAgACMCADBgQq
BvkBQAMGBCoG+QGAAwYEKgb5AcADBgQqBvkCQDANBgkqhkiG9w0BAQsFAAOCAQEA
QuooENol5XuYmP+rGfonpL3WWTymhNiRFGhI/UUgJ3t98AQ7uDNmBbnFgyFsnEvU
UbFAb1JHpolfJhS40gVNtseuFeIIdqbxGyceb1cCpjIKmYY8qfW+gSVBGY8zKTrE
/ZUvcIOZ9rQb7ru0brbA+yhBId2AtwZjPdcUFbLtxtOrb/MdFq7W2eTXJ9NoUV5x
L0iADyjXStsiqSzjZuYGHscTzQGrgvDrZwhnrRZ8844GyEq3b2hw8mddJQPd2AHP
qPP4tX26WnUZrCDL87lQ07sXqgyLj+d3k+dcShGe50bnLZeYjO4PNkN763mUS4W/
eyEZXefVqv3A7x/NF/XjoQ==
-----END CERTIFICATE-----
Generated at Tue Nov 14 23:18:41 2023 by rpki-client on console-fra.rpki-client.org