Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/QGNa6GLhiI5YamygWZiANk5FT3A.roa
File: QGNa6GLhiI5YamygWZiANk5FT3A.roa (raw, json)
Hash identifier: PX8WS6PnN5VC1Q3uuwj7u7GAK0CJEIt4a5jNu2WyAkM=
Subject key identifier: 40:63:5A:E8:62:E1:88:8E:58:6A:6C:A0:59:98:80:36:4E:45:4F:70
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01907814AA5D016030A9399400A7FB5A0439
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/QGNa6GLhiI5YamygWZiANk5FT3A.roa
Signing time: Wed 03 Jul 2024 10:12:18 +0000
ROA not before: Wed 03 Jul 2024 10:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57344
IP address blocks: 5.104.168.0/23 maxlen: 23
5.104.174.0/24 maxlen: 24
77.76.8.0/24 maxlen: 24
77.76.10.0/24 maxlen: 24
77.76.11.0/24 maxlen: 24
78.128.0.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.67.0/24 maxlen: 24
78.128.72.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.79.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.92.0/24 maxlen: 24
78.128.94.0/24 maxlen: 24
78.128.98.0/24 maxlen: 24
78.128.108.0/23 maxlen: 23
78.142.1.0/24 maxlen: 24
78.142.4.0/23 maxlen: 23
78.142.17.0/24 maxlen: 24
78.142.20.0/24 maxlen: 24
78.142.24.0/24 maxlen: 24
78.142.33.0/24 maxlen: 24
78.142.34.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.60.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.0.0/24 maxlen: 24
79.124.15.0/24 maxlen: 24
79.124.20.0/23 maxlen: 23
79.124.23.0/24 maxlen: 24
79.124.24.0/22 maxlen: 24
79.124.28.0/24 maxlen: 24
79.124.50.0/24 maxlen: 24
79.124.51.0/24 maxlen: 24
79.124.73.0/24 maxlen: 24
79.124.74.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.79.0/24 maxlen: 24
79.124.82.0/24 maxlen: 24
82.118.224.0/24 maxlen: 24
82.118.236.0/24 maxlen: 24
82.118.238.0/24 maxlen: 24
82.118.244.0/24 maxlen: 24
82.118.246.0/23 maxlen: 23
91.148.131.0/24 maxlen: 24
91.148.140.0/24 maxlen: 24
91.148.160.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
94.72.145.0/24 maxlen: 24
94.72.148.0/22 maxlen: 24
94.72.158.0/24 maxlen: 24
94.72.159.0/24 maxlen: 24
130.185.224.0/24 maxlen: 24
130.185.226.0/24 maxlen: 24
130.185.229.0/24 maxlen: 24
130.185.235.0/24 maxlen: 24
130.185.236.0/24 maxlen: 24
130.185.237.0/24 maxlen: 24
130.185.248.0/24 maxlen: 24
130.185.250.0/24 maxlen: 24
176.241.176.0/23 maxlen: 24
178.132.80.0/24 maxlen: 24
178.132.81.0/24 maxlen: 24
178.132.82.0/23 maxlen: 24
178.132.84.0/23 maxlen: 24
185.148.160.0/22 maxlen: 22
217.174.148.0/23 maxlen: 24
217.174.150.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.154.0/24 maxlen: 24
217.174.159.0/24 maxlen: 24
2a01:8740::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Aug 2024 10:35:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:14:aa:5d:01:60:30:a9:39:94:00:a7:fb:5a:04:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jul 3 10:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40635ae862e1888e586a6ca0599880364e454f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a8:83:d7:79:27:67:7b:7d:a7:b1:2b:f4:cf:
d1:2c:6a:38:55:1d:c0:31:62:62:f0:b7:de:20:d1:
66:0e:f0:3e:a8:4c:97:64:67:dc:e2:20:b7:17:e6:
f3:fd:49:68:f5:16:5d:a5:03:9c:c6:a4:b9:56:5d:
c8:e2:07:5f:2e:c1:b3:cc:8e:9d:05:e0:07:9c:76:
0e:38:6d:57:f6:3f:bd:2e:09:bc:af:ba:c5:51:15:
b6:de:2e:84:75:20:84:ee:65:bd:85:a3:6a:08:0d:
20:17:36:02:2b:9f:59:a8:38:42:39:d3:2f:67:a2:
1c:bd:d1:0b:75:47:8f:50:98:ac:df:03:b9:4f:5b:
a6:01:a1:73:22:2e:48:e4:ce:c1:62:df:ab:16:f2:
da:aa:25:74:03:73:b8:31:04:95:9d:1a:0a:01:58:
dd:a2:3c:d0:90:b0:4c:f6:f6:d4:bd:dd:44:df:4b:
0b:bf:2c:ac:62:3a:9b:11:8a:aa:9b:72:f3:a0:c5:
72:8d:87:b7:a6:98:35:d0:1b:97:78:f6:26:2d:5f:
03:8b:16:76:23:fa:15:47:b3:86:a1:e9:95:3c:17:
91:e6:18:c9:31:83:da:65:ba:b9:c3:97:51:8d:4b:
cf:e2:be:4b:83:9c:3b:5f:cb:30:20:7a:c3:66:e6:
86:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:63:5A:E8:62:E1:88:8E:58:6A:6C:A0:59:98:80:36:4E:45:4F:70
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/QGNa6GLhiI5YamygWZiANk5FT3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.168.0/23
5.104.174.0/24
77.76.8.0/24
77.76.10.0/23
78.128.0.0/24
78.128.8.0/24
78.128.43.0/24
78.128.60.0/24
78.128.67.0/24
78.128.72.0/24
78.128.76.0/24
78.128.79.0/24
78.128.81.0/24
78.128.92.0/24
78.128.94.0/24
78.128.98.0/24
78.128.108.0/23
78.142.1.0/24
78.142.4.0/23
78.142.17.0/24
78.142.20.0/24
78.142.24.0/24
78.142.33.0-78.142.34.255
78.142.47.0/24
78.142.60.0/24
78.142.63.0/24
79.124.0.0/24
79.124.15.0/24
79.124.20.0/23
79.124.23.0-79.124.28.255
79.124.50.0/23
79.124.73.0-79.124.74.255
79.124.76.0/24
79.124.79.0/24
79.124.82.0/24
82.118.224.0/24
82.118.236.0/24
82.118.238.0/24
82.118.244.0/24
82.118.246.0/23
91.148.131.0/24
91.148.140.0/24
91.148.160.0/24
91.148.168.0/24
94.72.145.0/24
94.72.148.0/22
94.72.158.0/23
130.185.224.0/24
130.185.226.0/24
130.185.229.0/24
130.185.235.0-130.185.237.255
130.185.248.0/24
130.185.250.0/24
176.241.176.0/23
178.132.80.0-178.132.85.255
185.148.160.0/22
217.174.148.0-217.174.150.255
217.174.152.0-217.174.154.255
217.174.159.0/24
IPv6:
2a01:8740::/32
Signature Algorithm: sha256WithRSAEncryption
38:ad:72:49:88:b0:54:86:53:96:df:c0:db:60:cc:08:58:b0:
39:f9:28:03:34:30:e5:f7:d1:d1:fd:ae:40:40:c8:41:80:17:
92:f6:58:e4:47:a3:a4:f9:82:3e:b5:6f:cb:14:74:eb:1c:93:
01:a0:01:ea:bf:80:7e:95:05:68:86:ef:48:18:60:75:6b:52:
c0:75:61:db:d9:8a:06:8a:ba:38:d1:13:6e:99:32:6c:d9:54:
d9:e9:e9:7a:1d:90:41:22:20:41:38:55:13:3e:ca:4c:03:37:
9b:24:82:55:33:c0:ae:7d:4c:82:fb:d4:d7:21:99:52:5f:2c:
3f:8d:95:41:81:a0:20:b8:8b:b6:d2:89:a0:10:0b:8c:1f:0a:
99:b6:fb:c8:56:7a:3d:cc:1a:e4:3e:7b:27:0c:50:33:11:94:
c0:4b:0d:fc:b7:b7:a2:cf:f5:74:2f:5a:a2:f1:8b:7b:28:0d:
d2:60:6b:32:a2:78:37:a8:2d:dc:e5:4e:a1:9b:9d:ab:b6:bc:
3e:bf:32:4f:8b:42:b1:39:ac:28:2b:de:ba:7e:38:b8:33:b4:
02:98:1f:7a:fd:92:32:6e:18:cf:dc:e8:1c:5f:45:bc:b6:09:
33:70:28:90:d2:c7:ae:de:22:eb:2c:5b:2a:be:82:7a:cc:88:
15:ca:13:6e
-----BEGIN CERTIFICATE-----
MIIGqjCCBZKgAwIBAgISAZB4FKpdAWAwqTmUAKf7WgQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQwNzAzMTAxMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDYzNWFlODYyZTE4ODhlNTg2YTZjYTA1OTk4ODAzNjRlNDU0ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqiD13knZ3t9p7Er9M/RLGo4VR3A
MWJi8LfeINFmDvA+qEyXZGfc4iC3F+bz/Ulo9RZdpQOcxqS5Vl3I4gdfLsGzzI6d
BeAHnHYOOG1X9j+9Lgm8r7rFURW23i6EdSCE7mW9haNqCA0gFzYCK59ZqDhCOdMv
Z6IcvdELdUePUJis3wO5T1umAaFzIi5I5M7BYt+rFvLaqiV0A3O4MQSVnRoKAVjd
ojzQkLBM9vbUvd1E30sLvyysYjqbEYqqm3LzoMVyjYe3ppg10BuXePYmLV8DixZ2
I/oVR7OGoemVPBeR5hjJMYPaZbq5w5dRjUvP4r5Lg5w7X8swIHrDZuaGsQIDAQAB
o4IDtjCCA7IwHQYDVR0OBBYEFEBjWuhi4YiOWGpsoFmYgDZORU9wMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvUUdOYTZHTGhpSTVZYW15Z1daaUFOazVGVDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBygYIKwYBBQUHAQcBAf8EggG5MIIBtTCCAaIEAgABMIIB
mgMEAQVoqAMEAAVorgMEAE1MCAMEAU1MCgMEAE6AAAMEAE6ACAMEAE6AKwMEAE6A
PAMEAE6AQwMEAE6ASAMEAE6ATAMEAE6ATwMEAE6AUQMEAE6AXAMEAE6AXgMEAE6A
YgMEAU6AbAMEAE6OAQMEAU6OBAMEAE6OEQMEAE6OFAMEAE6OGDAMAwQATo4hAwQA
To4iAwQATo4vAwQATo48AwQATo4/AwQAT3wAAwQAT3wPAwQBT3wUMAwDBABPfBcD
BABPfBwDBAFPfDIwDAMEAE98SQMEAE98SgMEAE98TAMEAE98TwMEAE98UgMEAFJ2
4AMEAFJ27AMEAFJ27gMEAFJ29AMEAVJ29gMEAFuUgwMEAFuUjAMEAFuUoAMEAFuU
qAMEAF5IkQMEAl5IlAMEAV5IngMEAIK54AMEAIK54gMEAIK55TAMAwQAgrnrAwQB
grnsAwQAgrn4AwQAgrn6AwQBsPGwMAwDBASyhFADBAGyhFQDBAK5lKAwDAMEAtmu
lAMEANmuljAMAwQD2a6YAwQA2a6aAwQA2a6fMA0EAgACMAcDBQAqAYdAMA0GCSqG
SIb3DQEBCwUAA4IBAQA4rXJJiLBUhlOW38DbYMwIWLA5+SgDNDDl99HR/a5AQMhB
gBeS9ljkR6Ok+YI+tW/LFHTrHJMBoAHqv4B+lQVohu9IGGB1a1LAdWHb2YoGiro4
0RNumTJs2VTZ6el6HZBBIiBBOFUTPspMAzebJIJVM8CufUyC+9TXIZlSXyw/jZVB
gaAguIu20omgEAuMHwqZtvvIVno9zBrkPnsnDFAzEZTASw38t7eiz/V0L1qi8Yt7
KA3SYGsyong3qC3c5U6hm52rtrw+vzJPi0KxOawoK966fji4M7QCmB96/ZIybhjP
3OgcX0W8tgkzcCiQ0seu3iLrLFsqvoJ6zIgVyhNu
-----END CERTIFICATE-----
Generated at Tue Aug 6 15:08:09 2024 by rpki-client on console-ams.rpki-client.org