Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/KQ7k7u-FBvaDbFTghcKHyqHKqtY.roa
File: KQ7k7u-FBvaDbFTghcKHyqHKqtY.roa (raw, json)
Hash identifier: q7XZ223GunyMYQyqxfihTUPVcL+ZgzVpRymt8qMvZcg=
Subject key identifier: 29:0E:E4:EE:EF:85:06:F6:83:6C:54:E0:85:C2:87:CA:A1:CA:AA:D6
Certificate issuer: /CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Certificate serial: 018718BA7B27552A28DE3BE51E2A088953E0
Authority key identifier: 07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/KQ7k7u-FBvaDbFTghcKHyqHKqtY.roa
Signing time: Sat 25 Mar 2023 12:24:46 +0000
ROA not before: Sat 25 Mar 2023 12:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201978
IP address blocks: 185.114.20.0/24 maxlen: 24
185.114.23.0/24 maxlen: 24
185.114.21.0/24 maxlen: 24
185.114.22.0/24 maxlen: 24
194.61.119.0/24 maxlen: 24
185.146.89.0/24 maxlen: 24
185.146.90.0/24 maxlen: 24
185.146.88.0/24 maxlen: 24
185.146.91.0/24 maxlen: 24
185.1.132.0/24 maxlen: 24
185.169.53.0/24 maxlen: 24
185.169.54.0/24 maxlen: 24
185.169.52.0/24 maxlen: 24
185.169.55.0/24 maxlen: 24
194.61.117.0/24 maxlen: 24
194.61.118.0/24 maxlen: 24
194.61.116.0/24 maxlen: 24
185.50.68.0/24 maxlen: 24
185.50.69.0/24 maxlen: 24
185.50.71.0/24 maxlen: 24
185.50.70.0/24 maxlen: 24
2a0a:3900::/29 maxlen: 29
2a01:a420::/29 maxlen: 29
2a0f:d500::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:18:ba:7b:27:55:2a:28:de:3b:e5:1e:2a:08:89:53:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Validity
Not Before: Mar 25 12:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=290ee4eeef8506f6836c54e085c287caa1caaad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:85:c4:35:95:49:0f:5a:42:be:0d:82:47:e7:
ac:58:41:4a:0b:db:a9:88:51:47:97:63:11:ca:d8:
bf:c5:84:95:fa:f4:6e:00:00:b7:15:08:36:96:2e:
ed:a8:27:b0:7c:b8:d7:4a:41:dd:22:ec:3f:83:19:
4d:0d:ab:b0:82:34:a4:11:66:17:ed:af:a5:4d:80:
fc:e2:a7:0b:30:88:d0:d6:01:1a:1b:bf:53:55:50:
ad:39:55:88:6c:d8:4b:d5:de:cc:8d:c9:f2:a0:60:
5b:6a:ef:66:a8:19:6a:31:70:b8:b8:79:f3:e5:e1:
27:d7:6b:d7:60:90:48:79:34:b3:99:ef:08:78:ad:
db:4d:db:51:bc:13:dd:09:36:2f:3d:33:44:cf:c4:
05:5b:0a:1d:8e:75:6e:71:e3:7b:e3:c6:fa:20:1e:
d2:6f:48:4a:ef:32:b9:5c:92:c6:0d:44:f0:87:8b:
d8:48:cf:ae:05:74:b8:10:2e:55:a1:41:a7:2c:a9:
5a:03:5e:f7:34:b0:2c:29:3e:31:2e:41:6a:f9:e7:
b8:ba:76:d3:4e:dd:31:b5:16:fb:2e:fb:91:38:fd:
ae:7c:53:fd:ad:9a:d4:94:2e:af:c2:8e:a4:e9:82:
b2:f3:b4:d5:c0:dc:f2:68:79:75:63:1c:02:9f:7e:
cc:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0E:E4:EE:EF:85:06:F6:83:6C:54:E0:85:C2:87:CA:A1:CA:AA:D6
X509v3 Authority Key Identifier:
keyid:07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/KQ7k7u-FBvaDbFTghcKHyqHKqtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.132.0/24
185.50.68.0/22
185.114.20.0/22
185.146.88.0/22
185.169.52.0/22
194.61.116.0/22
IPv6:
2a01:a420::/29
2a0a:3900::/29
2a0f:d500::/29
Signature Algorithm: sha256WithRSAEncryption
3a:5c:af:07:4c:d3:06:c8:0a:ea:c4:81:44:1c:81:a2:53:7f:
6d:65:d2:35:9b:b4:5d:8a:16:84:47:a8:08:aa:87:f5:0a:20:
68:11:00:b6:7e:e7:7f:8e:1b:da:74:0d:a6:7a:0a:93:1a:75:
72:1b:c4:e8:75:4a:13:32:14:b6:f2:60:4f:e6:2b:1f:ec:46:
cd:16:1a:26:28:2d:95:ba:19:62:58:e8:9a:34:7e:e7:c3:5b:
74:28:8e:be:67:58:bc:af:47:31:f1:9e:bf:80:a0:9b:ea:3d:
70:eb:24:89:96:09:d4:94:a3:d6:68:32:3c:9f:68:a7:23:77:
eb:74:1f:f0:18:2c:8e:60:5f:6f:b4:47:1e:96:00:6c:3e:85:
9e:89:39:f7:17:12:88:17:b9:cd:0a:92:74:a9:3f:3f:c1:eb:
d2:5d:d8:bc:16:5a:13:89:a5:45:18:da:68:a1:76:b3:c4:56:
ae:bc:a2:2d:f5:e8:9e:d8:49:27:48:db:68:df:4f:b0:07:02:
83:74:af:21:31:8a:99:fb:49:13:3e:57:73:c2:e5:3d:c2:08:
69:8a:51:b8:68:44:fc:50:7c:c6:fd:f9:74:3f:e1:7c:63:57:
fc:4d:a3:7b:9b:28:c3:47:59:08:3f:3c:f3:1c:c8:d0:c5:c7:
94:e2:6b:e8
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYcYunsnVSoo3jvlHioIiVPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ODYyOWY1ZjYxZmIyNTU2NDI4NGZiZmVmZmI5M2MzZWQ0
NGJmZTIwHhcNMjMwMzI1MTIyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBlZTRlZWVmODUwNmY2ODM2YzU0ZTA4NWMyODdjYWExY2FhYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4XENZVJD1pCvg2CR+esWEFKC9up
iFFHl2MRyti/xYSV+vRuAAC3FQg2li7tqCewfLjXSkHdIuw/gxlNDauwgjSkEWYX
7a+lTYD84qcLMIjQ1gEaG79TVVCtOVWIbNhL1d7MjcnyoGBbau9mqBlqMXC4uHnz
5eEn12vXYJBIeTSzme8IeK3bTdtRvBPdCTYvPTNEz8QFWwodjnVuceN748b6IB7S
b0hK7zK5XJLGDUTwh4vYSM+uBXS4EC5VoUGnLKlaA173NLAsKT4xLkFq+ee4unbT
Tt0xtRb7LvuROP2ufFP9rZrUlC6vwo6k6YKy87TVwNzyaHl1YxwCn37MlwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFCkO5O7vhQb2g2xU4IXCh8qhyqrWMB8GA1UdIwQY
MBaAFAeGKfX2H7JVZChPv+/7k8PtRL/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjRZcDlmWWZzbFZrS0UtXzdfdVR3LTFFdi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8wNjE4ZTQtN2E2NC00NjBjLWFhZjkt
NjNhZjJjNGY0MDIwLzEvS1E3azd1LUZCdmFEYkZUZ2hjS0h5cUhLcXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8wNjE4ZTQtN2E2NC00NjBjLWFhZjktNjNhZjJjNGY0MDIw
LzEvQjRZcDlmWWZzbFZrS0UtXzdfdVR3LTFFdi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQAuQGEAwQC
uTJEAwQCuXIUAwQCuZJYAwQCuak0AwQCwj10MBsEAgACMBUDBQMqAaQgAwUDKgo5
AAMFAyoP1QAwDQYJKoZIhvcNAQELBQADggEBADpcrwdM0wbICurEgUQcgaJTf21l
0jWbtF2KFoRHqAiqh/UKIGgRALZ+53+OG9p0DaZ6CpMadXIbxOh1ShMyFLbyYE/m
Kx/sRs0WGiYoLZW6GWJY6Jo0fufDW3Qojr5nWLyvRzHxnr+AoJvqPXDrJImWCdSU
o9ZoMjyfaKcjd+t0H/AYLI5gX2+0Rx6WAGw+hZ6JOfcXEogXuc0KknSpPz/B69Jd
2LwWWhOJpUUY2mihdrPEVq68oi316J7YSSdI22jfT7AHAoN0ryExipn7SRM+V3PC
5T3CCGmKUbhoRPxQfMb9+XQ/4XxjV/xNo3ubKMNHWQg/PPMcyNDFx5Tia+g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:19 2024 by rpki-client on console-fra.rpki-client.org