Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/sqWVqe7MdZXHTGDiSMPVboofslE.roa
File: sqWVqe7MdZXHTGDiSMPVboofslE.roa (raw, json)
Hash identifier: hPtHO6KoeAyA3ctN6RmXX7AldGauPSnsnNToKpG5PWI=
Subject key identifier: B2:A5:95:A9:EE:CC:75:95:C7:4C:60:E2:48:C3:D5:6E:8A:1F:B2:51
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0189971F214D2886EB3AA42931FC6F683DBE
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/sqWVqe7MdZXHTGDiSMPVboofslE.roa
Signing time: Thu 27 Jul 2023 11:32:26 +0000
ROA not before: Thu 27 Jul 2023 11:32:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50261
IP address blocks: 45.147.156.0/22 maxlen: 22
80.64.64.0/21 maxlen: 21
77.111.112.0/21 maxlen: 21
80.64.72.0/21 maxlen: 21
37.220.128.0/20 maxlen: 20
77.111.120.0/21 maxlen: 21
92.61.104.0/21 maxlen: 21
109.74.48.0/20 maxlen: 20
185.112.240.0/22 maxlen: 24
2a02:d400::/29 maxlen: 29
2a02:d400:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 29 Aug 2023 13:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:1f:21:4d:28:86:eb:3a:a4:29:31:fc:6f:68:3d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jul 27 11:32:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2a595a9eecc7595c74c60e248c3d56e8a1fb251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8b:d2:e4:3d:90:32:90:a3:dc:7b:cf:be:0d:
7b:c4:13:03:cb:58:7a:0f:3c:87:77:1b:bc:42:e7:
ed:40:88:db:b2:1a:a7:dd:07:f7:eb:fd:1b:42:2e:
69:27:83:a6:ab:0d:5b:fc:a0:55:fd:58:ad:c2:53:
26:96:3b:8f:a5:dd:1d:88:84:8c:99:88:af:45:08:
38:96:7e:ed:c8:02:73:e8:f2:bd:e2:cf:f6:d2:14:
1e:dc:15:71:27:03:03:ea:d7:23:8e:77:c5:61:5a:
74:83:be:b0:50:e8:01:77:66:88:90:41:ac:a6:8b:
1e:f4:ab:b7:d3:dd:a0:cd:00:e6:30:bb:91:c7:67:
1d:75:3b:8e:a3:36:4e:8d:40:d0:da:95:1b:a6:0a:
e6:7d:e2:43:8f:d6:e7:c2:95:45:e3:e6:27:35:41:
b8:b8:98:3f:7a:d3:c0:dc:c2:30:6c:d3:d6:e9:79:
52:95:a5:0d:9a:07:ab:13:dd:83:76:5d:f3:f1:37:
bc:96:13:8f:d0:bd:91:e5:d3:14:ad:b7:5a:50:7e:
02:40:93:a1:4b:d9:62:f8:c7:d8:cf:bb:fd:8b:39:
9b:5d:91:91:3a:f1:ca:30:98:bb:b3:38:b5:d8:25:
cf:08:d9:b3:db:b4:88:f0:c1:6f:e2:9b:b0:c3:29:
0c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A5:95:A9:EE:CC:75:95:C7:4C:60:E2:48:C3:D5:6E:8A:1F:B2:51
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/sqWVqe7MdZXHTGDiSMPVboofslE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.128.0/20
45.147.156.0/22
77.111.112.0/20
80.64.64.0/20
92.61.104.0/21
109.74.48.0/20
185.112.240.0/22
IPv6:
2a02:d400::/29
Signature Algorithm: sha256WithRSAEncryption
30:90:57:26:b6:85:d6:52:75:a6:92:d7:77:66:79:bf:d8:f5:
ac:65:b0:63:9a:d4:69:b6:e4:8b:fe:c8:cf:63:6e:e9:4e:50:
a7:c3:2c:3d:44:b7:65:cd:f7:52:83:e6:e9:cc:18:52:78:e5:
1d:6e:11:19:57:f8:af:40:d6:8a:69:57:bc:d7:d7:95:d8:b9:
43:63:0d:21:2e:32:18:b0:c6:f9:17:01:7e:83:72:8a:b6:46:
5f:a2:a0:e8:3e:0d:95:59:b2:d3:33:2e:8f:5d:eb:1f:40:07:
44:87:f1:80:b1:c8:04:d6:a7:08:1b:d2:94:19:af:8e:b7:91:
b0:90:0f:b1:82:a5:d8:14:5d:96:50:7c:30:64:f8:6f:fe:88:
de:52:f9:ae:05:f0:19:91:3f:ab:4f:5a:28:4d:22:fb:35:cf:
60:08:f2:f3:36:07:e8:90:10:e6:51:2f:c2:96:49:b7:de:2e:
04:d0:bf:28:e9:b0:eb:9a:f3:d9:5c:68:02:5e:42:d6:fe:a3:
b1:cc:cd:b9:bd:04:6b:2d:0b:46:eb:27:71:9f:f8:55:8a:3e:
f2:e2:c2:a8:62:b0:a1:88:23:fc:ad:79:8d:0d:30:7c:d5:41:
57:aa:6c:bb:c6:f0:54:eb:c5:38:4e:8d:d4:5a:ad:4f:e2:5d:
b7:17:7c:c6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYmXHyFNKIbrOqQpMfxvaD2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjMwNzI3MTEzMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmE1OTVhOWVlY2M3NTk1Yzc0YzYwZTI0OGMzZDU2ZThhMWZiMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlovS5D2QMpCj3HvPvg17xBMDy1h6
DzyHdxu8QuftQIjbshqn3Qf36/0bQi5pJ4Omqw1b/KBV/VitwlMmljuPpd0diISM
mYivRQg4ln7tyAJz6PK94s/20hQe3BVxJwMD6tcjjnfFYVp0g76wUOgBd2aIkEGs
pose9Ku3092gzQDmMLuRx2cddTuOozZOjUDQ2pUbpgrmfeJDj9bnwpVF4+YnNUG4
uJg/etPA3MIwbNPW6XlSlaUNmgerE92Ddl3z8Te8lhOP0L2R5dMUrbdaUH4CQJOh
S9li+MfYz7v9izmbXZGROvHKMJi7szi12CXPCNmz27SI8MFv4puwwykMCwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLKllanuzHWVx0xg4kjD1W6KH7JRMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvc3FXVnFlN01kWlhIVEdEaVNNUFZib29mc2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEJdyAAwQC
LZOcAwQETW9wAwQEUEBAAwQDXD1oAwQEbUowAwQCuXDwMA0EAgACMAcDBQMqAtQA
MA0GCSqGSIb3DQEBCwUAA4IBAQAwkFcmtoXWUnWmktd3Znm/2PWsZbBjmtRptuSL
/sjPY27pTlCnwyw9RLdlzfdSg+bpzBhSeOUdbhEZV/ivQNaKaVe819eV2LlDYw0h
LjIYsMb5FwF+g3KKtkZfoqDoPg2VWbLTMy6PXesfQAdEh/GAscgE1qcIG9KUGa+O
t5GwkA+xgqXYFF2WUHwwZPhv/ojeUvmuBfAZkT+rT1ooTSL7Nc9gCPLzNgfokBDm
US/Clkm33i4E0L8o6bDrmvPZXGgCXkLW/qOxzM25vQRrLQtG6ydxn/hVij7y4sKo
YrChiCP8rXmNDTB81UFXqmy7xvBU68U4To3UWq1P4l23F3zG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org