Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/Q_VsQXMpkTRSmXP1pMkRgwFUWYY.roa
File: Q_VsQXMpkTRSmXP1pMkRgwFUWYY.roa (raw, json)
Hash identifier: EK4hqBTRhGZFnEqfjyVoCD3ZjAILQw8KYejQmqXifOQ=
Subject key identifier: 43:F5:6C:41:73:29:91:34:52:99:73:F5:A4:C9:11:83:01:54:59:86
Certificate issuer: /CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Certificate serial: 0186FE4D58550FD755908D342573ADE3B755
Authority key identifier: C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/Q_VsQXMpkTRSmXP1pMkRgwFUWYY.roa
Signing time: Mon 20 Mar 2023 09:15:27 +0000
ROA not before: Mon 20 Mar 2023 09:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42707
IP address blocks: 84.39.204.0/22 maxlen: 23
77.75.48.0/22 maxlen: 23
185.245.88.0/22 maxlen: 23
91.189.224.0/21 maxlen: 22
193.33.134.0/23 maxlen: 24
185.252.124.0/22 maxlen: 23
185.254.48.0/22 maxlen: 23
91.195.64.0/22 maxlen: 23
185.148.28.0/22 maxlen: 23
185.250.136.0/22 maxlen: 23
193.36.164.0/22 maxlen: 23
185.247.44.0/22 maxlen: 23
185.247.48.0/22 maxlen: 23
185.248.228.0/22 maxlen: 23
5.45.32.0/22 maxlen: 23
5.206.208.0/20 maxlen: 21
185.233.212.0/22 maxlen: 23
185.236.4.0/22 maxlen: 23
185.229.80.0/22 maxlen: 23
185.231.24.0/22 maxlen: 23
185.231.28.0/22 maxlen: 23
83.143.76.0/22 maxlen: 23
109.207.72.0/22 maxlen: 23
5.57.248.0/21 maxlen: 22
195.42.224.0/22 maxlen: 23
195.42.228.0/23 maxlen: 24
194.49.88.0/22 maxlen: 23
2a00:5140::/32 maxlen: 32
2a00:5141::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 Mar 2023 15:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:4d:58:55:0f:d7:55:90:8d:34:25:73:ad:e3:b7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1a190504b6d9ed9c18096840425b11d7b22dff4
Validity
Not Before: Mar 20 09:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43f56c4173299134529973f5a4c9118301545986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:19:de:a5:bc:03:46:d3:fc:b9:84:53:3c:90:
08:09:70:ff:e2:62:be:91:b9:26:b9:b4:82:32:95:
68:b9:6e:4c:8f:d5:80:b0:7f:13:31:cd:e3:a0:ad:
4a:40:84:91:4f:18:57:5d:ce:15:c3:b4:03:bb:ac:
53:15:7c:56:b5:92:b3:48:23:80:77:69:73:54:fd:
89:17:f4:bc:bf:04:b7:dc:b4:e1:d9:e0:f4:83:98:
42:e9:80:92:8b:d3:03:2f:7e:dd:fc:4a:5f:1b:69:
9d:9f:f9:e5:7d:a1:36:40:85:94:33:79:ce:65:85:
aa:57:50:de:2a:0a:b0:c3:8c:06:97:76:79:16:a2:
80:18:e8:59:22:e4:06:7d:5f:84:7b:a3:e6:cd:2b:
d5:1d:63:92:6a:18:35:46:00:12:1f:79:fb:46:82:
8c:51:98:35:26:82:e4:38:2b:c2:d5:c1:27:4c:cb:
06:41:40:c6:09:aa:0f:45:b8:dc:8e:2d:81:fd:7d:
e6:03:cc:7e:6a:d4:0b:04:6e:6b:11:4f:fe:33:18:
6d:43:ea:7c:62:f1:be:8a:d9:eb:ae:6e:83:b0:05:
cf:ba:70:4f:e9:c7:9d:1c:b6:c1:78:35:36:ab:0a:
19:cb:90:21:5a:6e:68:35:4c:2b:05:0a:b4:95:3c:
3b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F5:6C:41:73:29:91:34:52:99:73:F5:A4:C9:11:83:01:54:59:86
X509v3 Authority Key Identifier:
keyid:C1:A1:90:50:4B:6D:9E:D9:C1:80:96:84:04:25:B1:1D:7B:22:DF:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/waGQUEttntnBgJaEBCWxHXsi3_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/Q_VsQXMpkTRSmXP1pMkRgwFUWYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/387f21-101b-487e-8a0f-0b838a599662/1/waGQUEttntnBgJaEBCWxHXsi3_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.32.0/22
5.57.248.0/21
5.206.208.0/20
77.75.48.0/22
83.143.76.0/22
84.39.204.0/22
91.189.224.0/21
91.195.64.0/22
109.207.72.0/22
185.148.28.0/22
185.229.80.0/22
185.231.24.0/21
185.233.212.0/22
185.236.4.0/22
185.245.88.0/22
185.247.44.0-185.247.51.255
185.248.228.0/22
185.250.136.0/22
185.252.124.0/22
185.254.48.0/22
193.33.134.0/23
193.36.164.0/22
194.49.88.0/22
195.42.224.0-195.42.229.255
IPv6:
2a00:5140::/31
Signature Algorithm: sha256WithRSAEncryption
3a:aa:3e:8f:51:ca:96:37:6f:8f:52:e2:fe:04:55:3d:2c:d0:
d5:ab:5d:89:41:03:30:e2:23:a6:37:db:b3:42:ee:8f:ac:7b:
c5:fb:c8:a8:c3:ca:e1:97:01:70:5f:a5:62:87:bc:2c:82:77:
3d:4a:69:25:7b:8a:ed:5d:08:eb:22:6d:af:0b:3b:41:04:e2:
bb:96:16:9c:25:50:9a:76:4c:6c:11:d9:bd:4c:dc:ac:fe:a1:
c1:2e:8a:e9:fd:f1:73:d1:90:3e:04:0a:27:94:eb:13:e1:7a:
20:d6:fd:07:e6:5d:d0:80:0c:60:9d:6b:86:de:d3:69:6e:f1:
60:9a:d8:b7:e5:7e:06:10:c4:6e:f8:b7:f0:29:5f:71:9c:24:
5e:be:71:e1:ca:bb:85:68:02:59:cc:44:fa:19:91:7e:8e:5e:
78:7c:27:a2:a1:ef:e2:e0:a5:ad:5e:c5:1d:18:70:fe:8f:c5:
a0:4f:b4:ae:e8:f6:42:7d:e3:16:79:f6:0a:8d:5a:d4:ec:20:
90:81:64:b2:24:e4:44:60:b2:d5:e7:f5:a5:f4:9d:ee:00:2a:
dd:83:2c:53:4e:d0:96:d9:14:b2:7a:a2:77:96:cb:bd:2f:a1:
d9:9f:6c:3e:72:88:08:06:70:b5:9b:98:4f:43:97:49:5c:6e:
fa:14:29:70
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAYb+TVhVD9dVkI00JXOt47dVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYTE5MDUwNGI2ZDllZDljMTgwOTY4NDA0MjViMTFkN2Iy
MmRmZjQwHhcNMjMwMzIwMDkxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Y1NmM0MTczMjk5MTM0NTI5OTczZjVhNGM5MTE4MzAxNTQ1OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthnepbwDRtP8uYRTPJAICXD/4mK+
kbkmubSCMpVouW5Mj9WAsH8TMc3joK1KQISRTxhXXc4Vw7QDu6xTFXxWtZKzSCOA
d2lzVP2JF/S8vwS33LTh2eD0g5hC6YCSi9MDL37d/EpfG2mdn/nlfaE2QIWUM3nO
ZYWqV1DeKgqww4wGl3Z5FqKAGOhZIuQGfV+Ee6PmzSvVHWOSahg1RgASH3n7RoKM
UZg1JoLkOCvC1cEnTMsGQUDGCaoPRbjcji2B/X3mA8x+atQLBG5rEU/+MxhtQ+p8
YvG+itnrrm6DsAXPunBP6cedHLbBeDU2qwoZy5AhWm5oNUwrBQq0lTw71QIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFEP1bEFzKZE0Uplz9aTJEYMBVFmGMB8GA1UdIwQY
MBaAFMGhkFBLbZ7ZwYCWhAQlsR17It/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYt
MGI4MzhhNTk5NjYyLzEvUV9Wc1FYTXBrVFJTbVhQMXBNa1Jnd0ZVV1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODdmMjEtMTAxYi00ODdlLThhMGYtMGI4MzhhNTk5NjYy
LzEvd2FHUVVFdHRudG5CZ0phRUJDV3hIWHNpM19RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBpwQCAAEwgaADBAIF
LSADBAMFOfgDBAQFztADBAJNSzADBAJTj0wDBAJUJ8wDBANbveADBAJbw0ADBAJt
z0gDBAK5lBwDBAK55VADBAO55xgDBAK56dQDBAK57AQDBAK59VgwDAMEArn3LAME
Arn3MAMEArn45AMEArn6iAMEArn8fAMEArn+MAMEAcEhhgMEAsEkpAMEAsIxWDAM
AwQFwyrgAwQBwyrkMA0EAgACMAcDBQEqAFFAMA0GCSqGSIb3DQEBCwUAA4IBAQA6
qj6PUcqWN2+PUuL+BFU9LNDVq12JQQMw4iOmN9uzQu6PrHvF+8iow8rhlwFwX6Vi
h7wsgnc9Smkle4rtXQjrIm2vCztBBOK7lhacJVCadkxsEdm9TNys/qHBLorp/fFz
0ZA+BAonlOsT4Xog1v0H5l3QgAxgnWuG3tNpbvFgmti35X4GEMRu+LfwKV9xnCRe
vnHhyruFaAJZzET6GZF+jl54fCeioe/i4KWtXsUdGHD+j8WgT7Su6PZCfeMWefYK
jVrU7CCQgWSyJOREYLLV5/Wl9J3uACrdgyxTTtCW2RSyeqJ3lsu9L6HZn2w+cogI
BnC1m5hPQ5dJXG76FClw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:40 2024 by rpki-client on console-fra.rpki-client.org