Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/QUD5sH8I6tUxyA69_txfUeGcSb8.roa
File: QUD5sH8I6tUxyA69_txfUeGcSb8.roa (raw, json)
Hash identifier: vRFDbROZm5E+WXk5EHW3O8oHVosoLHWdIQsrLwhCYwo=
Subject key identifier: 41:40:F9:B0:7F:08:EA:D5:31:C8:0E:BD:FE:DC:5F:51:E1:9C:49:BF
Certificate issuer: /CN=e833461e9d2bdafcc29ad9189fb0acf1f33960a9
Certificate serial: 01856C6ED92FADEA190E07E8FF185C6C1156
Authority key identifier: E8:33:46:1E:9D:2B:DA:FC:C2:9A:D9:18:9F:B0:AC:F1:F3:39:60:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/QUD5sH8I6tUxyA69_txfUeGcSb8.roa
Signing time: Sun 01 Jan 2023 08:24:41 +0000
ROA not before: Sun 01 Jan 2023 08:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205275
IP address blocks: 89.33.24.0/24 maxlen: 24
188.215.2.0/24 maxlen: 24
89.33.27.0/24 maxlen: 24
89.33.25.0/24 maxlen: 24
89.33.26.0/24 maxlen: 24
89.33.44.0/24 maxlen: 24
89.39.246.0/24 maxlen: 24
188.214.210.0/24 maxlen: 24
188.214.211.0/24 maxlen: 24
188.214.215.0/24 maxlen: 24
86.107.23.0/24 maxlen: 24
89.40.72.0/24 maxlen: 24
86.107.169.0/24 maxlen: 24
86.104.13.0/24 maxlen: 24
85.204.19.0/24 maxlen: 24
86.106.30.0/24 maxlen: 24
188.241.142.0/24 maxlen: 24
188.241.152.0/24 maxlen: 24
89.42.219.0/24 maxlen: 24
89.42.217.0/24 maxlen: 24
89.42.218.0/24 maxlen: 24
89.42.216.0/24 maxlen: 24
89.42.221.0/24 maxlen: 24
89.42.222.0/24 maxlen: 24
89.42.220.0/24 maxlen: 24
89.42.223.0/24 maxlen: 24
89.39.83.0/24 maxlen: 24
188.240.20.0/24 maxlen: 24
188.240.21.0/24 maxlen: 24
188.240.22.0/24 maxlen: 24
188.240.23.0/24 maxlen: 24
188.209.214.0/24 maxlen: 24
89.45.83.0/24 maxlen: 24
188.213.205.0/24 maxlen: 24
89.45.15.0/24 maxlen: 24
86.105.214.0/24 maxlen: 24
89.47.53.0/24 maxlen: 24
89.34.92.0/24 maxlen: 24
93.115.53.0/24 maxlen: 24
89.41.37.0/24 maxlen: 24
89.41.38.0/24 maxlen: 24
89.41.36.0/24 maxlen: 24
89.41.39.0/24 maxlen: 24
89.44.137.0/24 maxlen: 24
89.37.213.0/24 maxlen: 24
89.47.240.0/24 maxlen: 24
89.37.212.0/24 maxlen: 24
89.47.241.0/24 maxlen: 24
89.37.214.0/24 maxlen: 24
89.47.242.0/24 maxlen: 24
89.37.215.0/24 maxlen: 24
89.47.243.0/24 maxlen: 24
185.162.64.0/24 maxlen: 24
185.162.65.0/24 maxlen: 24
185.162.66.0/24 maxlen: 24
185.162.67.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:d9:2f:ad:ea:19:0e:07:e8:ff:18:5c:6c:11:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e833461e9d2bdafcc29ad9189fb0acf1f33960a9
Validity
Not Before: Jan 1 08:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4140f9b07f08ead531c80ebdfedc5f51e19c49bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d8:6d:3b:ca:02:19:10:d8:7c:0c:43:0d:4e:
3e:a1:f7:e1:00:4b:e5:24:a7:06:29:3e:7b:ad:1c:
cf:3b:e2:98:24:6b:49:8b:e9:2b:fc:35:68:b6:c4:
7b:1a:08:23:66:9f:e5:e5:3a:e0:71:e4:51:18:a2:
72:48:36:47:cc:0b:6c:c8:ba:d5:14:e9:1a:36:40:
fe:03:ef:bb:d4:45:95:92:36:db:ca:99:23:ae:ef:
f2:63:34:36:f6:d9:14:9f:20:f8:ab:28:55:42:58:
03:42:ab:d6:cb:ce:a4:c1:fd:06:43:4f:e0:91:f6:
65:22:0c:d5:a6:c6:45:43:f4:c1:49:2d:55:e0:08:
7d:c3:fe:7c:e7:75:9b:ba:71:15:1b:15:40:9b:a2:
86:ac:48:44:f5:1c:8d:07:2f:1f:b4:7d:3c:63:6d:
a3:10:5d:76:6b:74:9d:35:75:75:8b:3f:fc:99:6d:
9a:cb:f0:b0:4f:d6:bd:44:20:05:06:8e:b2:4a:5a:
18:9c:4e:41:14:98:3e:ad:73:b4:2a:53:f7:83:2c:
1f:d0:e1:e0:91:5b:99:48:86:96:db:3f:6b:a7:67:
bc:67:58:db:41:c2:30:44:66:41:7e:3b:df:77:7b:
45:d1:df:45:cc:95:80:be:b0:a0:03:33:43:86:1f:
ca:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:40:F9:B0:7F:08:EA:D5:31:C8:0E:BD:FE:DC:5F:51:E1:9C:49:BF
X509v3 Authority Key Identifier:
keyid:E8:33:46:1E:9D:2B:DA:FC:C2:9A:D9:18:9F:B0:AC:F1:F3:39:60:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/QUD5sH8I6tUxyA69_txfUeGcSb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.19.0/24
86.104.13.0/24
86.105.214.0/24
86.106.30.0/24
86.107.23.0/24
86.107.169.0/24
89.33.24.0/22
89.33.44.0/24
89.34.92.0/24
89.37.212.0/22
89.39.83.0/24
89.39.246.0/24
89.40.72.0/24
89.41.36.0/22
89.42.216.0/21
89.44.137.0/24
89.45.15.0/24
89.45.83.0/24
89.47.53.0/24
89.47.240.0/22
93.115.53.0/24
185.162.64.0/22
188.209.214.0/24
188.213.205.0/24
188.214.210.0/23
188.214.215.0/24
188.215.2.0/24
188.240.20.0/22
188.241.142.0/24
188.241.152.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:ae:73:2f:c7:18:57:db:e9:2f:fe:c4:c8:dd:5e:18:b7:16:
8f:dc:3e:a6:42:1b:b7:1e:65:53:94:84:62:b0:02:dd:43:32:
ba:53:36:f5:5e:d0:a9:cb:d2:ca:07:ac:f5:3a:5e:9c:18:f0:
83:7d:da:18:0b:6e:43:c3:52:50:12:32:18:5a:56:2d:27:37:
18:cd:77:43:55:90:fa:ae:c9:1b:f6:11:a4:6f:82:c5:d5:4e:
cb:e0:bf:9b:87:4f:49:89:6c:75:bd:8a:59:a0:e4:cb:cd:bb:
04:ff:c4:fd:96:b5:c3:23:7e:57:ad:ad:af:c0:e2:e1:a0:be:
5f:fe:36:9f:ae:67:c9:d6:91:93:1c:62:b5:89:26:10:54:8d:
f7:8c:5c:ff:be:31:00:19:39:be:b1:21:1e:b9:de:9d:3c:ab:
81:5c:a4:84:d1:c1:0f:00:8e:56:74:10:ad:80:86:0d:e3:18:
c8:70:dd:37:6c:28:b5:01:bf:d9:e8:a0:5b:8a:27:17:31:ed:
55:fa:94:6b:0b:89:f7:d5:83:ab:36:10:31:86:03:b6:19:34:
0e:9d:89:be:bf:f6:28:7f:08:d2:0d:d6:8d:e1:5d:75:ae:f2:
f4:c4:9a:65:e6:c0:02:d6:99:ae:73:ed:22:7a:4d:71:83:18:
61:80:f7:ed
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYVsbtkvreoZDgfo/xhcbBFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MzM0NjFlOWQyYmRhZmNjMjlhZDkxODlmYjBhY2YxZjMz
OTYwYTkwHhcNMjMwMTAxMDgyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQwZjliMDdmMDhlYWQ1MzFjODBlYmRmZWRjNWY1MWUxOWM0OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqthtO8oCGRDYfAxDDU4+offhAEvl
JKcGKT57rRzPO+KYJGtJi+kr/DVotsR7GggjZp/l5TrgceRRGKJySDZHzAtsyLrV
FOkaNkD+A++71EWVkjbbypkjru/yYzQ29tkUnyD4qyhVQlgDQqvWy86kwf0GQ0/g
kfZlIgzVpsZFQ/TBSS1V4Ah9w/5853WbunEVGxVAm6KGrEhE9RyNBy8ftH08Y22j
EF12a3SdNXV1iz/8mW2ay/CwT9a9RCAFBo6ySloYnE5BFJg+rXO0KlP3gywf0OHg
kVuZSIaW2z9rp2e8Z1jbQcIwRGZBfjvfd3tF0d9FzJWAvrCgAzNDhh/KiwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFEFA+bB/COrVMcgOvf7cX1HhnEm/MB8GA1UdIwQY
MBaAFOgzRh6dK9r8wprZGJ+wrPHzOWCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkROR0hwMHIydnpDbXRrWW43Q3M4Zk01WUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS82NzExOTQtNTFjOC00YmNmLWJkODMt
YWVmZThkMTc4ZTZhLzEvUVVENXNIOEk2dFV4eUE2OV90eGZVZUdjU2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS82NzExOTQtNTFjOC00YmNmLWJkODMtYWVmZThkMTc4ZTZh
LzEvNkROR0hwMHIydnpDbXRrWW43Q3M4Zk01WUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBABV
zBMDBABWaA0DBABWadYDBABWah4DBABWaxcDBABWa6kDBAJZIRgDBABZISwDBABZ
IlwDBAJZJdQDBABZJ1MDBABZJ/YDBABZKEgDBAJZKSQDBANZKtgDBABZLIkDBABZ
LQ8DBABZLVMDBABZLzUDBAJZL/ADBABdczUDBAK5okADBAC80dYDBAC81c0DBAG8
1tIDBAC81tcDBAC81wIDBAK88BQDBAC88Y4DBAC88ZgwDQYJKoZIhvcNAQELBQAD
ggEBAA2ucy/HGFfb6S/+xMjdXhi3Fo/cPqZCG7ceZVOUhGKwAt1DMrpTNvVe0KnL
0soHrPU6XpwY8IN92hgLbkPDUlASMhhaVi0nNxjNd0NVkPquyRv2EaRvgsXVTsvg
v5uHT0mJbHW9ilmg5MvNuwT/xP2WtcMjfletra/A4uGgvl/+Np+uZ8nWkZMcYrWJ
JhBUjfeMXP++MQAZOb6xIR653p08q4FcpITRwQ8AjlZ0EK2Ahg3jGMhw3TdsKLUB
v9nooFuKJxcx7VX6lGsLiffVg6s2EDGGA7YZNA6dib6/9ih/CNIN1o3hXXWu8vTE
mmXmwALWma5z7SJ6TXGDGGGA9+0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:59 2024 by rpki-client on console-ams.rpki-client.org