Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/QEG_cyyAkqfrQ4SZJfLTX_rrDcQ.roa
File: QEG_cyyAkqfrQ4SZJfLTX_rrDcQ.roa (raw, json)
Hash identifier: TTEpkfmM3XOHMSfd8zbLAqJMQxqWiIx+WH6jrXjHizQ=
Subject key identifier: 40:41:BF:73:2C:80:92:A7:EB:43:84:99:25:F2:D3:5F:FA:EB:0D:C4
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 018B5C5FFB744DF3CB432AC829BF04CC4B27
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/QEG_cyyAkqfrQ4SZJfLTX_rrDcQ.roa
Signing time: Mon 23 Oct 2023 11:51:16 +0000
ROA not before: Mon 23 Oct 2023 11:51:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3170
IP address blocks: 83.97.16.0/22 maxlen: 24
195.144.8.0/24 maxlen: 24
91.240.224.0/24 maxlen: 24
185.17.196.0/22 maxlen: 24
195.74.52.0/22 maxlen: 24
185.175.90.0/24 maxlen: 24
195.191.218.0/23 maxlen: 24
193.35.56.0/22 maxlen: 24
193.105.188.0/24 maxlen: 24
194.69.165.0/24 maxlen: 24
2a03:ee40::/32 maxlen: 32
2a11:2641::/32 maxlen: 32
2a10:4740::/29 maxlen: 48
2a07:240::/29 maxlen: 48
2a11:2640::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:5f:fb:74:4d:f3:cb:43:2a:c8:29:bf:04:cc:4b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Oct 23 11:51:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4041bf732c8092a7eb43849925f2d35ffaeb0dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:51:49:d4:73:c6:c3:f6:2f:16:da:73:76:67:
c4:45:5c:8b:05:a5:31:d4:23:cc:10:9e:3e:3e:08:
ef:32:ec:90:56:e1:14:29:03:22:fe:94:c6:8d:8b:
00:08:50:e4:98:41:02:0e:3a:a6:e7:14:8e:73:b8:
4e:33:f1:0d:1d:10:03:40:24:c6:18:57:09:a4:84:
d5:bf:7a:ac:27:18:3a:27:03:59:b4:7b:93:3d:a4:
e0:2c:b0:2a:2d:82:ef:59:5a:97:bf:a2:ae:6e:30:
39:21:91:1c:36:89:10:86:66:ba:35:37:d3:f4:2d:
19:eb:b6:57:4e:96:97:20:0e:a4:7a:d3:97:89:ec:
41:31:a1:85:37:2f:47:a7:6e:8e:38:15:3b:c9:b7:
b8:fa:32:2c:75:c9:90:4e:77:a4:a1:2d:dd:1b:0b:
b0:34:cc:06:0c:b5:9e:b6:38:3a:2a:dc:0a:b2:be:
b0:a7:0b:0b:71:c6:be:b4:31:03:4e:b0:98:82:b7:
41:b8:f1:39:61:27:57:c7:ec:ac:6f:ad:90:da:38:
55:e2:03:31:3c:46:68:b6:05:be:68:80:f3:c5:6b:
93:83:a8:43:32:7d:01:3c:c4:23:7d:40:a8:93:7e:
73:4c:c9:4f:1e:39:6d:4b:98:bc:4e:18:87:d1:82:
aa:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:41:BF:73:2C:80:92:A7:EB:43:84:99:25:F2:D3:5F:FA:EB:0D:C4
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/QEG_cyyAkqfrQ4SZJfLTX_rrDcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.16.0/22
91.240.224.0/24
185.17.196.0/22
185.175.90.0/24
193.35.56.0/22
193.105.188.0/24
194.69.165.0/24
195.74.52.0/22
195.144.8.0/24
195.191.218.0/23
IPv6:
2a03:ee40::/32
2a07:240::/29
2a10:4740::/29
2a11:2640::/31
Signature Algorithm: sha256WithRSAEncryption
65:09:4e:20:2f:5f:23:08:4f:af:34:01:3b:a0:bb:5d:e6:28:
e7:e5:89:e6:e3:a3:68:a0:18:d1:bf:b9:dd:e4:fb:9d:7a:4a:
50:7c:88:3e:52:f1:80:06:c9:35:3a:f7:8d:09:34:3a:12:53:
c6:01:6a:cb:6a:78:88:6a:c9:da:d6:55:04:6c:bc:b2:1e:d4:
e1:ae:dd:b5:96:a6:dd:56:d6:dc:17:f4:a8:d8:e1:17:02:89:
3f:d8:18:73:7e:12:32:35:cf:5e:37:9e:56:7a:ee:1a:be:ef:
06:1d:3b:65:ed:aa:71:7c:c4:8a:58:69:d8:df:5d:f7:39:2e:
e1:6b:e0:d8:e7:02:be:64:8e:bf:41:66:4d:62:60:36:29:f6:
22:63:1f:d6:23:4b:62:0b:48:7c:f9:43:60:1c:1e:0e:4a:95:
6f:fb:d2:9e:e6:b8:67:e9:8e:19:90:b8:c7:12:b1:41:e4:f3:
d7:bd:91:75:2e:a9:93:e3:9e:e5:81:5a:cc:d7:d2:f8:02:79:
4d:ea:48:c0:2c:97:81:d5:c9:68:ef:c2:a1:7f:73:92:9d:5f:
19:24:2a:4e:f8:42:3c:48:a5:0d:8e:84:f5:2c:1a:ca:bd:d0:
88:a5:5a:f8:8d:25:fd:ce:0b:8b:57:c0:a4:89:fe:3e:c0:99:
99:75:7c:5a
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYtcX/t0TfPLQyrIKb8EzEsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjMxMDIzMTE1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQxYmY3MzJjODA5MmE3ZWI0Mzg0OTkyNWYyZDM1ZmZhZWIwZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFFJ1HPGw/YvFtpzdmfERVyLBaUx
1CPMEJ4+PgjvMuyQVuEUKQMi/pTGjYsACFDkmEECDjqm5xSOc7hOM/ENHRADQCTG
GFcJpITVv3qsJxg6JwNZtHuTPaTgLLAqLYLvWVqXv6KubjA5IZEcNokQhma6NTfT
9C0Z67ZXTpaXIA6ketOXiexBMaGFNy9Hp26OOBU7ybe4+jIsdcmQTnekoS3dGwuw
NMwGDLWetjg6KtwKsr6wpwsLcca+tDEDTrCYgrdBuPE5YSdXx+ysb62Q2jhV4gMx
PEZotgW+aIDzxWuTg6hDMn0BPMQjfUCok35zTMlPHjltS5i8ThiH0YKqaQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFEBBv3MsgJKn60OEmSXy01/66w3EMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvUUVHX2N5eUFrcWZyUTRTWkpmTFRYX3JyRGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBCBAIAATA8AwQCU2EQAwQA
W/DgAwQCuRHEAwQAua9aAwQCwSM4AwQAwWm8AwQAwkWlAwQCw0o0AwQAw5AIAwQB
w7/aMCIEAgACMBwDBQAqA+5AAwUDKgcCQAMFAyoQR0ADBQEqESZAMA0GCSqGSIb3
DQEBCwUAA4IBAQBlCU4gL18jCE+vNAE7oLtd5ijn5Ynm46NooBjRv7nd5PudekpQ
fIg+UvGABsk1OveNCTQ6ElPGAWrLaniIasna1lUEbLyyHtThrt21lqbdVtbcF/So
2OEXAok/2BhzfhIyNc9eN55Weu4avu8GHTtl7apxfMSKWGnY3133OS7ha+DY5wK+
ZI6/QWZNYmA2KfYiYx/WI0tiC0h8+UNgHB4OSpVv+9Ke5rhn6Y4ZkLjHErFB5PPX
vZF1LqmT457lgVrM19L4AnlN6kjALJeB1clo78Khf3OSnV8ZJCpO+EI8SKUNjoT1
LBrKvdCIpVr4jSX9zguLV8Ckif4+wJmZdXxa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:06 2024 by rpki-client on console-ams.rpki-client.org