Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/q1uMQOxNrqk14aGVHXeZZbGY2Lc.roa
File: q1uMQOxNrqk14aGVHXeZZbGY2Lc.roa (raw, json)
Hash identifier: 8XLNZKQiccQy7+YMCYNPPUbB9uqoDRHq5Gf/ndGgwis=
Subject key identifier: AB:5B:8C:40:EC:4D:AE:A9:35:E1:A1:95:1D:77:99:65:B1:98:D8:B7
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 018CC6B7802B09C88164E94FC7F12AFFAEC7
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/q1uMQOxNrqk14aGVHXeZZbGY2Lc.roa
Signing time: Mon 01 Jan 2024 20:29:23 +0000
ROA not before: Mon 01 Jan 2024 20:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25252
IP address blocks: 153.112.160.0/21 maxlen: 21
153.112.176.0/20 maxlen: 20
153.112.173.0/24 maxlen: 24
79.170.17.0/24 maxlen: 24
79.170.16.0/24 maxlen: 24
79.170.21.0/24 maxlen: 24
79.170.22.0/24 maxlen: 24
79.170.23.0/24 maxlen: 24
79.170.18.0/24 maxlen: 24
79.170.19.0/24 maxlen: 24
79.170.20.0/24 maxlen: 24
153.112.208.0/23 maxlen: 23
153.112.132.0/22 maxlen: 22
153.112.139.0/24 maxlen: 24
153.112.150.0/23 maxlen: 23
153.112.149.0/24 maxlen: 24
192.138.109.0/24 maxlen: 24
192.138.110.0/23 maxlen: 23
192.138.116.0/23 maxlen: 23
192.157.11.0/24 maxlen: 24
192.157.8.0/23 maxlen: 23
192.157.8.0/24 maxlen: 24
192.157.9.0/24 maxlen: 24
192.157.10.0/24 maxlen: 24
153.112.240.0/24 maxlen: 24
153.112.241.0/24 maxlen: 24
2a02:f784:30::/48 maxlen: 48
2a02:f784:8001::/48 maxlen: 48
2a02:f784:20::/48 maxlen: 48
2a02:f784:8000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 May 2024 07:54:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:80:2b:09:c8:81:64:e9:4f:c7:f1:2a:ff:ae:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 20:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab5b8c40ec4daea935e1a1951d779965b198d8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f6:a5:94:83:0b:6c:c7:b7:91:8e:43:0e:d4:
e1:03:dd:87:70:37:c1:4a:40:27:23:37:ac:67:d5:
a4:2b:b2:0f:30:2a:6c:be:75:4f:f7:bf:5a:34:03:
4e:10:e7:1e:b4:33:be:c2:73:07:8e:59:59:98:18:
a6:dd:1e:f6:a1:59:01:af:66:fe:c1:a1:69:0f:34:
29:05:9b:0b:5e:7f:f6:ea:e4:a6:6a:3b:0d:26:4d:
29:a8:1e:a9:d9:e5:98:a7:ba:d2:f1:f2:9f:f9:cd:
0e:37:0e:4e:a7:8c:5f:cd:34:82:3b:b2:d4:27:50:
3b:12:7c:b5:e9:24:e7:fe:09:0c:09:79:e1:6d:41:
b8:7c:28:21:13:99:b0:2d:c1:34:ba:80:7b:2a:d8:
79:d0:9f:28:46:95:c9:fa:f3:e9:95:e2:ce:65:3c:
b1:e1:3f:cc:0c:dc:8a:85:59:2f:40:19:b4:ee:3f:
a4:27:9b:93:78:79:0d:5e:53:7d:cd:39:35:b7:88:
4f:e7:11:8d:78:4f:52:dc:10:8a:17:7a:9d:71:93:
e6:91:4a:e0:bc:8b:cb:10:bb:15:93:e2:bc:b3:cf:
fd:58:a5:d7:29:4a:37:59:e0:0d:b5:fb:2b:3c:a1:
dc:b7:cd:bd:76:16:62:02:dd:1c:0f:f8:fc:26:4f:
cf:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5B:8C:40:EC:4D:AE:A9:35:E1:A1:95:1D:77:99:65:B1:98:D8:B7
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/q1uMQOxNrqk14aGVHXeZZbGY2Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.16.0/21
153.112.132.0/22
153.112.139.0/24
153.112.149.0-153.112.151.255
153.112.160.0/21
153.112.173.0/24
153.112.176.0/20
153.112.208.0/23
153.112.240.0/23
192.138.109.0-192.138.111.255
192.138.116.0/23
192.157.8.0/22
IPv6:
2a02:f784:20::/48
2a02:f784:30::/48
2a02:f784:8000::/47
Signature Algorithm: sha256WithRSAEncryption
08:03:ad:f6:47:8f:27:33:c8:b4:a5:cb:cd:01:8e:57:52:ee:
d7:f1:78:dd:a4:e5:bb:d1:6c:d7:ba:2e:a5:d6:28:b7:23:19:
f8:13:75:6f:30:84:71:e7:b1:fd:2b:3f:86:58:d5:af:0e:85:
76:f6:fb:f1:87:b8:91:6d:54:79:9b:aa:a3:ed:d0:e3:43:3f:
2b:83:24:b0:24:1e:c4:d9:fa:14:66:39:eb:99:16:72:e6:e5:
cb:72:fc:15:6c:0b:95:47:0d:f4:98:ab:dc:1d:ad:7b:9b:08:
1a:02:45:13:70:ac:45:22:55:60:cb:57:8e:9f:28:72:d3:f2:
7f:e4:de:b0:53:94:99:bb:6c:08:de:73:ad:32:b9:8e:68:1b:
27:d6:2b:b6:1c:b4:ad:70:f3:25:3e:08:e0:db:f3:a8:a6:f7:
cb:93:b6:d2:98:04:76:55:5f:49:7f:ac:4c:22:db:65:11:6e:
ad:7d:a0:87:29:a3:33:0c:82:75:c7:cd:74:20:90:49:3a:c8:
8c:c6:86:b3:9a:0d:cb:84:cd:b0:5a:0a:8a:5f:3c:31:97:92:
bf:c0:6a:f9:20:69:f2:69:ea:44:f7:13:67:57:b6:a3:d2:f8:
29:3d:74:67:80:0d:fa:6b:2b:56:a0:29:84:79:37:07:06:d2:
54:03:c3:c8
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYzGt4ArCciBZOlPx/Eq/67HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjQwMTAxMjAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjViOGM0MGVjNGRhZWE5MzVlMWExOTUxZDc3OTk2NWIxOThkOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/allIMLbMe3kY5DDtThA92HcDfB
SkAnIzesZ9WkK7IPMCpsvnVP979aNANOEOcetDO+wnMHjllZmBim3R72oVkBr2b+
waFpDzQpBZsLXn/26uSmajsNJk0pqB6p2eWYp7rS8fKf+c0ONw5Op4xfzTSCO7LU
J1A7Eny16STn/gkMCXnhbUG4fCghE5mwLcE0uoB7Kth50J8oRpXJ+vPpleLOZTyx
4T/MDNyKhVkvQBm07j+kJ5uTeHkNXlN9zTk1t4hP5xGNeE9S3BCKF3qdcZPmkUrg
vIvLELsVk+K8s8/9WKXXKUo3WeANtfsrPKHct829dhZiAt0cD/j8Jk/PVwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFKtbjEDsTa6pNeGhlR13mWWxmNi3MB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvcTF1TVFPeE5ycWsxNGFHVkhYZVpaYkdZMkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBeBAIAATBYAwQDT6oQ
AwQCmXCEAwQAmXCLMAwDBACZcJUDBAOZcJADBAOZcKADBACZcK0DBASZcLADBAGZ
cNADBAGZcPAwDAMEAMCKbQMEBMCKYAMEAcCKdAMEAsCdCDAhBAIAAjAbAwcAKgL3
hAAgAwcAKgL3hAAwAwcBKgL3hIAAMA0GCSqGSIb3DQEBCwUAA4IBAQAIA632R48n
M8i0pcvNAY5XUu7X8XjdpOW70WzXui6l1ii3Ixn4E3VvMIRx57H9Kz+GWNWvDoV2
9vvxh7iRbVR5m6qj7dDjQz8rgySwJB7E2foUZjnrmRZy5uXLcvwVbAuVRw30mKvc
Ha17mwgaAkUTcKxFIlVgy1eOnyhy0/J/5N6wU5SZu2wI3nOtMrmOaBsn1iu2HLSt
cPMlPgjg2/OopvfLk7bSmAR2VV9Jf6xMIttlEW6tfaCHKaMzDIJ1x810IJBJOsiM
xoazmg3LhM2wWgqKXzwxl5K/wGr5IGnyaepE9xNnV7aj0vgpPXRngA36aytWoCmE
eTcHBtJUA8PI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org