Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QdNK2eD0SzGDufYKr8pxsGYKNyg.roa
File: QdNK2eD0SzGDufYKr8pxsGYKNyg.roa (raw, json)
Hash identifier: Yx8UJunwR6tgGWjd3E8EU6ftb2hRF6/X2gecIDcI/GE=
Subject key identifier: 41:D3:4A:D9:E0:F4:4B:31:83:B9:F6:0A:AF:CA:71:B0:66:0A:37:28
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAE871FC004C7BE1310EA22BEE5C86
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QdNK2eD0SzGDufYKr8pxsGYKNyg.roa
Signing time: Sun 01 Jan 2023 10:05:15 +0000
ROA not before: Sun 01 Jan 2023 10:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42649
IP address blocks: 194.14.135.0/24 maxlen: 24
193.235.51.0/24 maxlen: 24
193.235.73.0/24 maxlen: 24
194.71.245.0/24 maxlen: 24
194.68.159.0/24 maxlen: 24
193.234.255.0/24 maxlen: 24
192.71.184.0/24 maxlen: 24
193.180.20.0/24 maxlen: 24
193.235.193.0/24 maxlen: 24
194.68.160.0/24 maxlen: 24
193.235.130.0/24 maxlen: 24
193.234.83.0/24 maxlen: 24
193.234.86.0/24 maxlen: 24
193.180.121.0/24 maxlen: 24
194.103.4.0/24 maxlen: 24
193.183.239.0/24 maxlen: 24
193.234.77.0/24 maxlen: 24
193.234.76.0/24 maxlen: 24
192.165.198.0/24 maxlen: 24
192.36.31.0/24 maxlen: 24
194.68.43.0/24 maxlen: 24
194.103.43.0/24 maxlen: 24
192.165.127.0/24 maxlen: 24
192.165.131.0/24 maxlen: 24
192.165.138.0/23 maxlen: 24
193.182.110.0/24 maxlen: 24
192.121.226.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e8:71:fc:00:4c:7b:e1:31:0e:a2:2b:ee:5c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41d34ad9e0f44b3183b9f60aafca71b0660a3728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2e:6c:bb:6f:d0:1d:5d:f7:81:5f:ad:81:b5:
87:cc:9b:05:aa:00:75:d1:66:7a:a5:5a:1d:7c:5b:
ae:3b:df:30:8b:e2:58:1a:53:3a:77:0c:ef:a0:87:
6a:6e:d7:bc:80:c7:c4:7e:56:8c:43:94:0e:c3:df:
4b:53:79:f8:ef:0c:8f:a9:fa:67:45:07:72:8a:f1:
40:ce:93:5b:78:90:ab:e4:e6:2e:c2:91:8a:4d:76:
9d:f2:2b:8d:b4:16:f7:f8:f4:76:9f:4f:d0:ea:2f:
80:e4:ec:0d:f7:56:99:ea:2c:3f:63:53:03:e4:18:
f0:47:c4:f1:d2:7d:b5:01:eb:5f:25:9a:96:e7:29:
c5:e9:bd:ca:c5:6e:d1:e9:59:e0:a8:e2:9c:33:31:
7a:14:0f:dd:65:12:e0:94:e7:fa:21:bd:3f:76:a0:
d8:bf:76:e7:74:ce:d1:9a:f4:6b:7f:c4:7a:97:43:
bc:a4:18:fc:43:a3:02:b5:ac:4a:2a:06:c0:81:18:
c4:4a:f5:f3:f5:f7:8b:45:14:81:1a:0c:02:63:da:
e6:0f:7c:5b:9a:78:41:ee:83:7c:5a:c4:bb:8c:cb:
1d:10:cc:a1:39:66:8b:b8:fb:7b:1f:e8:54:b2:21:
fd:0e:8a:12:5e:08:94:e9:47:6e:39:e7:54:12:36:
48:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D3:4A:D9:E0:F4:4B:31:83:B9:F6:0A:AF:CA:71:B0:66:0A:37:28
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QdNK2eD0SzGDufYKr8pxsGYKNyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.31.0/24
192.71.184.0/24
192.121.226.0/24
192.165.127.0/24
192.165.131.0/24
192.165.138.0/23
192.165.198.0/24
193.180.20.0/24
193.180.121.0/24
193.182.110.0/24
193.183.239.0/24
193.234.76.0/23
193.234.83.0/24
193.234.86.0/24
193.234.255.0/24
193.235.51.0/24
193.235.73.0/24
193.235.130.0/24
193.235.193.0/24
194.14.135.0/24
194.68.43.0/24
194.68.159.0-194.68.160.255
194.71.245.0/24
194.103.4.0/24
194.103.43.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:64:01:b6:df:20:87:71:fd:8a:dd:4a:dc:0a:b3:d8:48:09:
94:70:a4:97:bb:72:3e:59:35:af:c9:08:53:a9:69:ce:71:ca:
7a:58:e7:56:58:9b:a4:4a:bb:52:b2:2c:0d:9d:4e:d7:d3:46:
7f:96:c5:f4:e3:c5:42:a0:68:cc:55:41:70:92:aa:62:3d:eb:
71:e2:ac:e3:48:cb:44:88:ec:20:dd:bb:9c:00:ca:05:e6:1b:
f2:e2:a2:bf:f1:0c:72:8c:81:91:43:24:fa:82:3b:eb:a8:93:
1f:8c:97:1b:2c:a4:05:7f:c0:db:c2:e9:52:c4:3d:db:6b:79:
f2:01:70:09:6e:61:72:81:36:40:56:91:a3:0e:e6:52:ff:d0:
c0:c3:e9:bf:46:aa:3f:26:6f:69:f9:f6:02:7a:f9:55:16:89:
19:43:57:7c:ff:70:88:1a:7d:1c:0c:18:f7:21:37:fb:f1:a9:
51:59:c7:bb:1f:db:58:4b:53:f5:5c:10:7d:2e:5f:a3:14:b9:
a5:67:ec:5b:11:54:b5:48:65:f5:1f:11:29:79:bc:75:81:b4:
dd:30:9b:5f:76:7d:9a:f5:5c:e0:51:e7:6e:66:c1:fd:e9:b7:
59:5a:47:30:21:3d:e4:d0:ad:d5:b8:ba:56:4e:d6:f1:8d:c5:
a0:ed:ef:4f
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYVsyuhx/ABMe+ExDqIr7lyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQzNGFkOWUwZjQ0YjMxODNiOWY2MGFhZmNhNzFiMDY2MGEzNzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS5su2/QHV33gV+tgbWHzJsFqgB1
0WZ6pVodfFuuO98wi+JYGlM6dwzvoIdqbte8gMfEflaMQ5QOw99LU3n47wyPqfpn
RQdyivFAzpNbeJCr5OYuwpGKTXad8iuNtBb3+PR2n0/Q6i+A5OwN91aZ6iw/Y1MD
5BjwR8Tx0n21AetfJZqW5ynF6b3KxW7R6VngqOKcMzF6FA/dZRLglOf6Ib0/dqDY
v3bndM7RmvRrf8R6l0O8pBj8Q6MCtaxKKgbAgRjESvXz9feLRRSBGgwCY9rmD3xb
mnhB7oN8WsS7jMsdEMyhOWaLuPt7H+hUsiH9DooSXgiU6UduOedUEjZIcQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFEHTStng9Esxg7n2Cq/KcbBmCjcoMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUWROSzJlRDBTekdEdWZZS3I4cHhzR1lLTnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBADA
JB8DBADAR7gDBADAeeIDBADApX8DBADApYMDBAHApYoDBADApcYDBADBtBQDBADB
tHkDBADBtm4DBADBt+8DBAHB6kwDBADB6lMDBADB6lYDBADB6v8DBADB6zMDBADB
60kDBADB64IDBADB68EDBADCDocDBADCRCswDAMEAMJEnwMEAMJEoAMEAMJH9QME
AMJnBAMEAMJnKzANBgkqhkiG9w0BAQsFAAOCAQEAs2QBtt8gh3H9it1K3Aqz2EgJ
lHCkl7tyPlk1r8kIU6lpznHKeljnVlibpEq7UrIsDZ1O19NGf5bF9OPFQqBozFVB
cJKqYj3rceKs40jLRIjsIN27nADKBeYb8uKiv/EMcoyBkUMk+oI766iTH4yXGyyk
BX/A28LpUsQ922t58gFwCW5hcoE2QFaRow7mUv/QwMPpv0aqPyZvafn2Anr5VRaJ
GUNXfP9wiBp9HAwY9yE3+/GpUVnHux/bWEtT9VwQfS5foxS5pWfsWxFUtUhl9R8R
KXm8dYG03TCbX3Z9mvVc4FHnbmbB/em3WVpHMCE95NCt1bi6Vk7W8Y3FoO3vTw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org