Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/q_FvaLbEshYTvOVwRNZM1HCNVhE.roa
File: q_FvaLbEshYTvOVwRNZM1HCNVhE.roa (raw, json)
Hash identifier: KKNYzm73vHbfXWbariG0HnXi6tuHjzSYasSdGvYMoCo=
Subject key identifier: AB:F1:6F:68:B6:C4:B2:16:13:BC:E5:70:44:D6:4C:D4:70:8D:56:11
Certificate issuer: /CN=e07e008d6ed2388ad31b7422423152a92a54de71
Certificate serial: 018572F123732A364F9D3D71102677789F68
Authority key identifier: E0:7E:00:8D:6E:D2:38:8A:D3:1B:74:22:42:31:52:A9:2A:54:DE:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4H4AjW7SOIrTG3QiQjFSqSpU3nE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/q_FvaLbEshYTvOVwRNZM1HCNVhE.roa
Signing time: Mon 02 Jan 2023 14:44:43 +0000
ROA not before: Mon 02 Jan 2023 14:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197227
IP address blocks: 145.14.240.0/21 maxlen: 24
46.243.156.0/22 maxlen: 24
185.131.160.0/22 maxlen: 22
213.5.208.0/21 maxlen: 24
185.81.56.0/22 maxlen: 24
46.175.40.0/21 maxlen: 24
85.234.248.0/21 maxlen: 24
37.247.56.0/21 maxlen: 24
5.133.248.0/21 maxlen: 24
195.80.128.0/21 maxlen: 24
188.211.16.0/21 maxlen: 24
2a03:1280::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:f1:23:73:2a:36:4f:9d:3d:71:10:26:77:78:9f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e07e008d6ed2388ad31b7422423152a92a54de71
Validity
Not Before: Jan 2 14:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abf16f68b6c4b21613bce57044d64cd4708d5611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7d:4a:c5:ea:18:64:a2:0a:ce:e6:6c:92:04:
c4:41:0e:09:1a:4a:fe:a1:1a:a4:6a:1c:87:74:c2:
2c:5a:f6:9c:e3:23:ba:54:ba:95:a6:8f:a2:aa:74:
a6:cf:c4:7e:36:92:50:be:2c:7c:1c:37:f9:47:16:
08:63:1e:20:d5:ab:17:c3:3d:04:0a:78:a9:94:5d:
84:6d:bc:dc:54:eb:7b:d6:72:af:ee:b9:e4:77:6a:
62:5b:80:1a:52:5b:c6:50:ad:2e:b6:f5:c9:d2:17:
08:5c:70:7e:61:32:b0:e8:4e:96:d5:59:3b:61:89:
cf:e9:6d:c7:9b:23:3d:fb:a9:86:ed:57:fa:58:e6:
63:f3:89:62:9f:e5:3f:02:98:9a:82:8b:41:cc:ae:
e8:7b:ca:d7:b1:b5:1d:6c:1b:72:f2:0c:7f:78:98:
8d:30:c6:00:50:a9:47:5a:ff:11:0a:48:c9:e0:eb:
70:f5:be:81:ae:4f:36:3a:e8:d5:ee:eb:17:15:17:
3d:14:b0:3c:26:c4:0b:90:2f:b0:a4:7b:2f:67:00:
39:13:17:4b:f7:d2:61:59:01:1c:b2:5e:ff:8f:0e:
21:28:30:4b:26:7d:3c:13:3a:62:89:26:2d:91:cc:
1a:d5:33:95:4e:5e:e8:77:ca:54:17:c3:1f:c2:f9:
3c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F1:6F:68:B6:C4:B2:16:13:BC:E5:70:44:D6:4C:D4:70:8D:56:11
X509v3 Authority Key Identifier:
keyid:E0:7E:00:8D:6E:D2:38:8A:D3:1B:74:22:42:31:52:A9:2A:54:DE:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4H4AjW7SOIrTG3QiQjFSqSpU3nE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/q_FvaLbEshYTvOVwRNZM1HCNVhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/d479cc-a712-4bc3-832d-2727247af210/1/4H4AjW7SOIrTG3QiQjFSqSpU3nE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.248.0/21
37.247.56.0/21
46.175.40.0/21
46.243.156.0/22
85.234.248.0/21
145.14.240.0/21
185.81.56.0/22
185.131.160.0/22
188.211.16.0/21
195.80.128.0/21
213.5.208.0/21
IPv6:
2a03:1280::/32
Signature Algorithm: sha256WithRSAEncryption
ab:9a:a1:77:ee:23:b9:d9:52:63:25:6a:9d:19:b7:1c:3c:bf:
b7:a8:85:80:d7:8d:71:b1:5b:f5:ff:89:3a:f4:16:62:da:fc:
85:a3:49:17:d6:1e:57:f5:32:ba:66:46:48:b0:e3:3e:c9:65:
73:da:23:2f:b2:f3:a2:4e:c2:37:aa:28:95:2b:c3:8a:57:d8:
8f:3d:af:31:0a:d7:fb:10:20:ee:e1:83:f3:d6:c9:4e:c1:48:
41:11:43:6b:ee:8b:e7:62:41:31:68:02:d9:0a:1f:f4:04:25:
78:7d:56:5a:a2:72:2a:83:a0:2a:78:37:6e:83:ff:cc:7c:74:
15:7f:89:0a:c8:85:ca:7f:53:cf:b0:b5:c1:64:14:8b:03:ff:
05:24:91:21:f6:18:35:47:5b:74:dd:05:6f:22:fd:c9:b2:d0:
6a:ab:0b:35:d4:8d:2e:34:ab:f7:ea:0f:20:52:da:25:e0:0f:
5e:6c:eb:c6:85:11:8e:8a:39:25:2c:e8:51:fb:35:54:ae:84:
ee:0b:36:f1:35:51:a5:81:ec:35:4e:83:4d:c2:3b:61:5f:16:
da:07:da:68:9f:0a:80:ae:c1:f8:09:69:94:d8:ca:35:4b:7b:
9c:f4:c1:56:fb:f7:e4:8e:b4:26:2c:72:2c:77:29:5a:06:dc:
6b:64:d0:c4
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVy8SNzKjZPnT1xECZ3eJ9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwN2UwMDhkNmVkMjM4OGFkMzFiNzQyMjQyMzE1MmE5MmE1
NGRlNzEwHhcNMjMwMTAyMTQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmYxNmY2OGI2YzRiMjE2MTNiY2U1NzA0NGQ2NGNkNDcwOGQ1NjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn1KxeoYZKIKzuZskgTEQQ4JGkr+
oRqkahyHdMIsWvac4yO6VLqVpo+iqnSmz8R+NpJQvix8HDf5RxYIYx4g1asXwz0E
CniplF2EbbzcVOt71nKv7rnkd2piW4AaUlvGUK0utvXJ0hcIXHB+YTKw6E6W1Vk7
YYnP6W3HmyM9+6mG7Vf6WOZj84lin+U/ApiagotBzK7oe8rXsbUdbBty8gx/eJiN
MMYAUKlHWv8RCkjJ4Otw9b6Brk82OujV7usXFRc9FLA8JsQLkC+wpHsvZwA5ExdL
99JhWQEcsl7/jw4hKDBLJn08EzpiiSYtkcwa1TOVTl7od8pUF8Mfwvk8YwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFKvxb2i2xLIWE7zlcETWTNRwjVYRMB8GA1UdIwQY
MBaAFOB+AI1u0jiK0xt0IkIxUqkqVN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEg0QWpXN1NPSXJURzNRaVFqRlNxU3BVM25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9kNDc5Y2MtYTcxMi00YmMzLTgzMmQt
MjcyNzI0N2FmMjEwLzEvcV9GdmFMYkVzaFlUdk9Wd1JOWk0xSENOVmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9kNDc5Y2MtYTcxMi00YmMzLTgzMmQtMjcyNzI0N2FmMjEw
LzEvNEg0QWpXN1NPSXJURzNRaVFqRlNxU3BVM25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDBYX4AwQD
Jfc4AwQDLq8oAwQCLvOcAwQDVer4AwQDkQ7wAwQCuVE4AwQCuYOgAwQDvNMQAwQD
w1CAAwQD1QXQMA0EAgACMAcDBQAqAxKAMA0GCSqGSIb3DQEBCwUAA4IBAQCrmqF3
7iO52VJjJWqdGbccPL+3qIWA141xsVv1/4k69BZi2vyFo0kX1h5X9TK6ZkZIsOM+
yWVz2iMvsvOiTsI3qiiVK8OKV9iPPa8xCtf7ECDu4YPz1slOwUhBEUNr7ovnYkEx
aALZCh/0BCV4fVZaonIqg6AqeDdug//MfHQVf4kKyIXKf1PPsLXBZBSLA/8FJJEh
9hg1R1t03QVvIv3JstBqqws11I0uNKv36g8gUtol4A9ebOvGhRGOijklLOhR+zVU
roTuCzbxNVGlgew1ToNNwjthXxbaB9ponwqArsH4CWmU2Mo1S3uc9MFW+/fkjrQm
LHIsdylaBtxrZNDE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:42 2024 by rpki-client on console-ams.rpki-client.org