Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/l6qVr3b0juvnCnE685xmK17y_48.roa
File: l6qVr3b0juvnCnE685xmK17y_48.roa (raw, json)
Hash identifier: f7Lwm52nWpHFQZlO8i8afXIscXKVrGcqcW+qruWSU6U=
Subject key identifier: 97:AA:95:AF:76:F4:8E:EB:E7:0A:71:3A:F3:9C:66:2B:5E:F2:FF:8F
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 018B4733EA51A3C75F8C1B9BAFF3018FFF68
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/l6qVr3b0juvnCnE685xmK17y_48.roa
Signing time: Thu 19 Oct 2023 09:11:06 +0000
ROA not before: Thu 19 Oct 2023 09:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197184
IP address blocks: 89.252.222.0/24 maxlen: 24
85.14.55.0/24 maxlen: 24
85.14.54.0/24 maxlen: 24
85.14.54.0/23 maxlen: 23
85.14.53.0/24 maxlen: 24
85.14.52.0/23 maxlen: 23
85.14.52.0/24 maxlen: 24
85.14.52.0/22 maxlen: 22
85.14.8.0/22 maxlen: 22
82.119.88.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:33:ea:51:a3:c7:5f:8c:1b:9b:af:f3:01:8f:ff:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Oct 19 09:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97aa95af76f48eebe70a713af39c662b5ef2ff8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:79:63:12:c7:bf:ac:e2:cb:be:f8:f3:b2:ca:
92:db:d0:26:b9:02:54:9b:e7:de:b4:98:c9:a3:54:
a4:49:53:46:76:4a:7c:b4:91:c6:60:92:66:43:25:
7a:e3:03:d3:d3:43:2a:c3:36:7c:c1:8e:23:82:69:
ea:48:18:80:95:5c:8a:ef:4f:c4:4b:0d:f1:21:52:
88:39:44:73:b0:6d:69:a1:d1:8b:15:1d:39:e2:59:
a0:57:ee:de:75:e1:d8:9f:58:20:aa:80:10:67:b4:
52:8d:8f:b7:c8:fd:1d:be:09:3c:a8:ee:78:77:66:
00:e8:72:1d:b0:ad:40:79:2b:4a:83:41:a8:37:6e:
fd:f5:e4:f6:14:9b:e2:c9:e4:9e:bb:4a:80:6d:23:
7a:d7:1a:45:72:71:58:ef:06:15:2d:bb:35:e5:e6:
f1:34:9b:9c:66:01:7a:e0:6e:ff:b9:67:a5:c4:a7:
5b:48:20:ff:d7:e5:7e:e3:13:8e:b5:61:b0:f9:16:
fe:68:b5:20:57:6c:c3:55:8c:fa:f9:8a:c6:fe:e1:
1e:03:b0:8c:33:35:19:b4:6c:a3:1d:be:36:c4:a8:
95:ff:16:0b:d5:f7:d3:db:48:38:33:d6:28:3b:27:
b6:0c:bf:0d:de:50:b8:12:64:c9:e2:99:bb:c3:30:
46:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AA:95:AF:76:F4:8E:EB:E7:0A:71:3A:F3:9C:66:2B:5E:F2:FF:8F
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/l6qVr3b0juvnCnE685xmK17y_48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.88.0/23
85.14.8.0/22
85.14.52.0/22
89.252.222.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:d2:85:f5:be:1b:46:c5:d2:d3:ff:96:d4:d2:48:b9:51:0a:
d8:da:05:88:3d:c0:c4:d1:11:ab:28:b7:de:ba:9c:c0:18:92:
22:04:a5:56:f9:2c:0b:96:d1:09:9d:b6:37:fa:60:1f:b1:9d:
6c:96:59:8b:f0:9a:36:5b:a0:a3:ce:f2:66:8d:d5:5c:51:57:
9e:1a:c7:db:50:80:5c:3d:0f:e8:11:3b:11:b4:a2:97:d7:dc:
8b:8c:70:9d:d1:4d:24:37:58:0e:ea:19:b7:df:42:88:96:14:
90:a4:f5:2b:03:fb:d0:8e:6f:10:80:26:de:54:7d:90:9e:89:
2c:37:5d:cc:58:2d:06:84:bd:ce:ba:75:05:7d:f9:00:80:77:
fe:28:de:39:a9:77:d7:20:cc:f1:1b:75:cc:36:c4:2e:3b:41:
18:16:c4:31:0b:6d:95:bb:28:b0:6c:c6:b7:58:44:c6:fb:d5:
87:e0:f3:f3:b5:c5:47:57:cd:a3:05:05:21:4b:ad:79:94:9a:
24:1a:c1:d4:f0:03:d4:cf:90:dc:7d:0e:e1:01:ff:9d:2d:b6:
43:48:2d:26:1e:b5:bc:4c:df:dd:7e:23:6f:98:58:ee:22:2e:
f3:ae:1b:f1:d9:e8:75:75:70:68:06:f6:0a:23:00:43:72:19:
39:31:97:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtHM+pRo8dfjBubr/MBj/9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMxMDE5MDkxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FhOTVhZjc2ZjQ4ZWViZTcwYTcxM2FmMzljNjYyYjVlZjJmZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3ljEse/rOLLvvjzssqS29AmuQJU
m+fetJjJo1SkSVNGdkp8tJHGYJJmQyV64wPT00MqwzZ8wY4jgmnqSBiAlVyK70/E
Sw3xIVKIOURzsG1podGLFR054lmgV+7edeHYn1ggqoAQZ7RSjY+3yP0dvgk8qO54
d2YA6HIdsK1AeStKg0GoN2799eT2FJviyeSeu0qAbSN61xpFcnFY7wYVLbs15ebx
NJucZgF64G7/uWelxKdbSCD/1+V+4xOOtWGw+Rb+aLUgV2zDVYz6+YrG/uEeA7CM
MzUZtGyjHb42xKiV/xYL1ffT20g4M9YoOye2DL8N3lC4EmTJ4pm7wzBGNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJeqla929I7r5wpxOvOcZite8v+PMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvbDZxVnIzYjBqdXZuQ25FNjg1eG1LMTd5XzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUndYAwQC
VQ4IAwQCVQ40AwQAWfzeMA0GCSqGSIb3DQEBCwUAA4IBAQBe0oX1vhtGxdLT/5bU
0ki5UQrY2gWIPcDE0RGrKLfeupzAGJIiBKVW+SwLltEJnbY3+mAfsZ1sllmL8Jo2
W6CjzvJmjdVcUVeeGsfbUIBcPQ/oETsRtKKX19yLjHCd0U0kN1gO6hm330KIlhSQ
pPUrA/vQjm8QgCbeVH2QnoksN13MWC0GhL3OunUFffkAgHf+KN45qXfXIMzxG3XM
NsQuO0EYFsQxC22VuyiwbMa3WETG+9WH4PPztcVHV82jBQUhS615lJokGsHU8APU
z5DcfQ7hAf+dLbZDSC0mHrW8TN/dfiNvmFjuIi7zrhvx2eh1dXBoBvYKIwBDchk5
MZdY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org