Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/QnZV3RIcZQ22ssuWBgBMupWFjKE.roa
File: QnZV3RIcZQ22ssuWBgBMupWFjKE.roa (raw, json)
Hash identifier: pzk+Oe2zDvh7tSraLQC1DhatPk8tlmD4HHayVvFrX8U=
Subject key identifier: 42:76:55:DD:12:1C:65:0D:B6:B2:CB:96:06:00:4C:BA:95:85:8C:A1
Certificate issuer: /CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Certificate serial: 01856EB92613AC8CF36BDE4AE43967058031
Authority key identifier: DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/QnZV3RIcZQ22ssuWBgBMupWFjKE.roa
Signing time: Sun 01 Jan 2023 19:05:05 +0000
ROA not before: Sun 01 Jan 2023 19:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47172
IP address blocks: 185.200.106.0/24 maxlen: 24
185.200.107.0/24 maxlen: 24
37.218.242.0/24 maxlen: 24
37.218.243.0/24 maxlen: 24
37.218.245.0/24 maxlen: 24
37.218.246.0/24 maxlen: 24
37.218.247.0/24 maxlen: 24
185.88.140.0/22 maxlen: 24
195.190.28.0/24 maxlen: 24
37.218.240.0/24 maxlen: 24
185.200.104.0/24 maxlen: 24
213.108.104.0/21 maxlen: 24
2a00:c6c0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:26:13:ac:8c:f3:6b:de:4a:e4:39:67:05:80:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Validity
Not Before: Jan 1 19:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=427655dd121c650db6b2cb9606004cba95858ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3e:5e:78:11:60:4f:14:bb:51:11:b4:c5:89:
59:6d:fa:c5:75:57:e6:df:ee:7e:00:e6:36:31:72:
88:44:8c:1c:44:60:3f:c3:fb:58:a3:bb:0e:46:d2:
9b:3a:b2:b6:ba:80:b1:96:89:5a:5a:41:e7:ba:fd:
8c:d3:37:c2:f0:62:b7:61:6c:90:c9:60:36:41:73:
c5:2e:a9:4a:1e:59:79:c8:a5:7d:3d:17:30:98:11:
a4:c6:62:7f:bb:0e:58:bd:98:3e:d4:63:38:19:3a:
1f:86:30:c7:e7:1a:e0:6d:f7:3d:0c:f1:02:7a:a8:
a4:ed:c2:25:41:52:0c:5b:68:1d:7d:a4:ce:f3:54:
d9:70:e7:11:b1:97:3b:b5:73:cc:54:78:58:39:d4:
31:ee:dd:7c:2f:8d:8a:b7:f0:4b:a3:c7:15:74:38:
5d:7c:e4:3b:17:c8:9c:04:f5:4f:75:b5:26:b4:43:
b3:46:57:e7:b9:b3:b2:f9:e4:f4:3d:6f:c0:a8:91:
56:cd:21:2e:d5:8f:39:53:a3:0d:66:c9:5a:8e:15:
a6:ff:b6:3c:3b:07:2c:5f:61:02:bf:80:aa:fe:98:
88:ac:49:85:14:31:d8:97:5f:3b:e8:43:ac:93:15:
b3:61:fc:50:e6:a4:9a:51:81:34:e8:65:11:fd:08:
27:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:76:55:DD:12:1C:65:0D:B6:B2:CB:96:06:00:4C:BA:95:85:8C:A1
X509v3 Authority Key Identifier:
keyid:DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/QnZV3RIcZQ22ssuWBgBMupWFjKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.240.0/24
37.218.242.0/23
37.218.245.0-37.218.247.255
185.88.140.0/22
185.200.104.0/24
185.200.106.0/23
195.190.28.0/24
213.108.104.0/21
IPv6:
2a00:c6c0::/48
Signature Algorithm: sha256WithRSAEncryption
82:59:48:49:f1:73:a4:1c:a1:ec:03:14:9b:cd:63:e7:51:c5:
6b:82:c1:14:5b:bc:4f:21:e8:f4:a4:b6:29:c2:bb:50:22:c4:
e6:26:f9:bc:f8:58:69:87:a9:c2:7d:4b:a7:f3:49:0a:da:07:
0b:3d:16:63:6e:90:8d:e9:34:42:80:73:36:92:43:f3:36:25:
b6:06:e6:8d:5d:35:9f:2f:25:b3:0f:a5:56:36:12:aa:0e:83:
cb:cb:4a:23:e6:89:e9:58:5d:56:2b:00:21:1c:cb:8c:7d:cf:
d6:6b:1e:b9:c3:7d:1b:b7:ed:ca:22:da:61:91:db:b9:54:c5:
1d:64:18:d8:bc:4d:6c:4b:fd:08:6f:48:a1:2c:18:75:eb:dd:
67:4c:a6:70:80:2f:19:cf:03:e4:0a:ac:75:61:8a:81:2c:d8:
67:4c:ae:de:78:5d:3e:17:e5:41:bd:0e:37:ec:92:ec:6d:bc:
c8:12:4c:54:36:9a:54:79:e2:38:72:c1:50:2f:ce:22:9c:17:
e7:2a:6f:b2:a5:a6:3f:3b:e4:b2:eb:a5:5d:b1:e9:4c:89:cd:
c6:0b:73:19:16:0a:51:65:5a:91:04:d8:4f:c0:2a:3b:81:90:
53:74:8b:e5:10:47:ce:3f:12:e3:ad:9c:6d:1e:ca:3c:55:d5:
e7:9c:3c:4b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYVuuSYTrIzza95K5DlnBYAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTBkNDMyOTNjZmViZjg3ZTdlYWIyYjBkNTUzZmQyMWE2
ZTk2NDEwHhcNMjMwMTAxMTkwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjc2NTVkZDEyMWM2NTBkYjZiMmNiOTYwNjAwNGNiYTk1ODU4Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD5eeBFgTxS7URG0xYlZbfrFdVfm
3+5+AOY2MXKIRIwcRGA/w/tYo7sORtKbOrK2uoCxlolaWkHnuv2M0zfC8GK3YWyQ
yWA2QXPFLqlKHll5yKV9PRcwmBGkxmJ/uw5YvZg+1GM4GTofhjDH5xrgbfc9DPEC
eqik7cIlQVIMW2gdfaTO81TZcOcRsZc7tXPMVHhYOdQx7t18L42Kt/BLo8cVdDhd
fOQ7F8icBPVPdbUmtEOzRlfnubOy+eT0PW/AqJFWzSEu1Y85U6MNZslajhWm/7Y8
OwcsX2ECv4Cq/piIrEmFFDHYl1876EOskxWzYfxQ5qSaUYE06GUR/QgnGQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFEJ2Vd0SHGUNtrLLlgYATLqVhYyhMB8GA1UdIwQY
MBaAFN6Q1DKTz+v4fn6rKw1VP9IabpZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODkt
NTNlZGM2MjZiMjg3LzEvUW5aVjNSSWNaUTIyc3N1V0JnQk11cFdGaktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODktNTNlZGM2MjZiMjg3
LzEvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTA+BAIAATA4AwQAJdrwAwQB
JdryMAwDBAAl2vUDBAMl2vADBAK5WIwDBAC5yGgDBAG5yGoDBADDvhwDBAPVbGgw
DwQCAAIwCQMHACoAxsAAADANBgkqhkiG9w0BAQsFAAOCAQEAgllISfFzpByh7AMU
m81j51HFa4LBFFu8TyHo9KS2KcK7UCLE5ib5vPhYaYepwn1Lp/NJCtoHCz0WY26Q
jek0QoBzNpJD8zYltgbmjV01ny8lsw+lVjYSqg6Dy8tKI+aJ6VhdVisAIRzLjH3P
1mseucN9G7ftyiLaYZHbuVTFHWQY2LxNbEv9CG9IoSwYdevdZ0ymcIAvGc8D5Aqs
dWGKgSzYZ0yu3nhdPhflQb0ON+yS7G28yBJMVDaaVHniOHLBUC/OIpwX5ypvsqWm
PzvksuulXbHpTInNxgtzGRYKUWVakQTYT8AqO4GQU3SL5RBHzj8S462cbR7KPFXV
55w8Sw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:21 2024 by rpki-client on console-fra.rpki-client.org