Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/QRcxQS6DRDhtZCzxotwp1hXNKc4.roa
File: QRcxQS6DRDhtZCzxotwp1hXNKc4.roa (raw, json)
Hash identifier: EIl89wrH/RDqWFn/6l1fWFPpHkwTb9WzaJZqg2vvjSc=
Subject key identifier: 41:17:31:41:2E:83:44:38:6D:64:2C:F1:A2:DC:29:D6:15:CD:29:CE
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018D31D530B6A606448448D884C9C6FB8A35
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/QRcxQS6DRDhtZCzxotwp1hXNKc4.roa
Signing time: Mon 22 Jan 2024 15:41:11 +0000
ROA not before: Mon 22 Jan 2024 15:41:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.233.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.156.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 12:50:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:d5:30:b6:a6:06:44:84:48:d8:84:c9:c6:fb:8a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 22 15:41:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=411731412e8344386d642cf1a2dc29d615cd29ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c7:69:01:4d:ad:9e:27:83:aa:04:33:af:89:
d7:e3:d1:68:ca:35:6d:a3:1b:a2:50:f2:2f:29:76:
91:1f:3e:d5:f6:44:30:bd:7e:c0:d8:4a:36:3c:8f:
72:fd:1d:bb:b4:c4:26:c9:cf:3e:e2:02:03:f9:99:
8f:5c:02:74:6a:6b:26:5e:84:4c:25:8f:9a:21:22:
2e:76:4d:89:98:91:7e:b2:df:51:1a:c3:e4:bb:e7:
23:08:aa:d5:1b:ea:a8:73:28:d1:7d:38:b4:a8:84:
fd:4b:99:a3:87:db:0e:8c:ae:92:f2:7f:ca:31:04:
88:28:c9:be:60:57:91:04:c6:48:28:a5:cc:d3:0f:
11:33:51:1b:17:48:20:04:d1:54:46:ce:83:8d:e5:
01:ec:a9:cd:5c:46:6e:24:3f:ad:69:ad:0f:b0:30:
a4:38:e5:e8:7c:6d:03:e7:c5:62:28:d8:9f:99:36:
9f:a3:e6:57:c2:56:00:39:95:96:55:0e:69:37:d6:
de:71:8b:67:d7:ba:18:40:8b:45:ae:30:09:89:a8:
8a:6b:1d:14:63:6c:04:fc:66:5b:4c:da:eb:79:b5:
56:59:eb:b6:5f:22:13:40:f4:53:4c:de:2a:9b:03:
4d:4e:70:a5:5f:97:38:22:ff:d0:26:b2:9b:4d:d0:
b4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:17:31:41:2E:83:44:38:6D:64:2C:F1:A2:DC:29:D6:15:CD:29:CE
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/QRcxQS6DRDhtZCzxotwp1hXNKc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/22
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/21
91.92.33.0-91.92.35.255
91.92.40.0/21
91.92.49.0-91.92.53.255
93.152.205.0-93.152.227.255
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
09:15:d5:99:64:ae:5b:eb:9d:91:19:0d:2b:e2:5e:fa:67:67:
7f:88:77:9b:f5:60:57:63:f9:6a:0d:83:02:af:fc:ab:75:6c:
b0:57:29:67:12:59:57:e2:d8:25:fb:38:05:42:14:e8:6e:16:
c8:bf:4c:84:65:17:db:2e:36:a3:1a:86:93:2c:8d:bd:39:90:
89:dd:d7:3c:04:eb:1e:4e:2b:fa:a6:1c:16:ba:8a:55:cf:86:
ae:95:fb:78:fa:78:2b:36:c8:af:fc:8e:e9:84:30:7f:07:04:
9d:89:ce:2f:2b:5b:70:2e:44:b9:19:b1:69:b8:f2:73:fa:7d:
ed:bd:61:8c:5d:a4:19:c2:c3:f5:6d:b5:db:7e:eb:c5:32:58:
1b:45:ab:b6:7d:24:e6:52:eb:60:01:46:da:45:07:29:44:53:
8d:1a:28:ff:42:d1:10:a6:86:f0:93:4f:3b:eb:19:7f:69:e4:
fa:e9:7e:15:f2:72:7e:8f:1b:71:bf:1f:c5:d7:b3:80:ab:ec:
60:df:24:bf:85:46:6d:66:f1:02:4d:ef:aa:2a:b9:58:6c:6e:
0b:ab:fe:fe:26:0d:6e:cf:17:70:75:1a:ff:cb:cc:50:8c:e7:
de:05:50:99:aa:c7:8a:d9:58:d3:bd:db:44:b8:20:f1:5d:73:
66:b3:2e:11
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAY0x1TC2pgZEhEjYhMnG+4o1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMTIyMTU0MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTE3MzE0MTJlODM0NDM4NmQ2NDJjZjFhMmRjMjlkNjE1Y2QyOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsdpAU2tnieDqgQzr4nX49FoyjVt
oxuiUPIvKXaRHz7V9kQwvX7A2Eo2PI9y/R27tMQmyc8+4gID+ZmPXAJ0amsmXoRM
JY+aISIudk2JmJF+st9RGsPku+cjCKrVG+qocyjRfTi0qIT9S5mjh9sOjK6S8n/K
MQSIKMm+YFeRBMZIKKXM0w8RM1EbF0ggBNFURs6DjeUB7KnNXEZuJD+taa0PsDCk
OOXofG0D58ViKNifmTafo+ZXwlYAOZWWVQ5pN9becYtn17oYQItFrjAJiaiKax0U
Y2wE/GZbTNrrebVWWeu2XyITQPRTTN4qmwNNTnClX5c4Iv/QJrKbTdC0XwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFEEXMUEug0Q4bWQs8aLcKdYVzSnOMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvUVJjeFFTNkRSRGh0WkN6eG90d3AxaFhOS2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAIt
jegDBAFOn4ADBABOn4MDBAJOn4gwDAMEAE6flQMEAE6flgMEA06fmDAMAwQAW1wh
AwQCW1wgAwQDW1woMAwDBABbXDEDBAFbXDQwDAMEAF2YzQMEAl2Y4AMEAV4aHAME
Al4aTDAMAwQAXhpZAwQAXhpaAwQAXr7DAwQBuWD8AwQAuWD/AwQA1GZpAwQA1GZr
MA0GCSqGSIb3DQEBCwUAA4IBAQAJFdWZZK5b652RGQ0r4l76Z2d/iHeb9WBXY/lq
DYMCr/yrdWywVylnEllX4tgl+zgFQhTobhbIv0yEZRfbLjajGoaTLI29OZCJ3dc8
BOseTiv6phwWuopVz4aulft4+ngrNsiv/I7phDB/BwSdic4vK1twLkS5GbFpuPJz
+n3tvWGMXaQZwsP1bbXbfuvFMlgbRau2fSTmUutgAUbaRQcpRFONGij/QtEQpobw
k0876xl/aeT66X4V8nJ+jxtxvx/F17OAq+xg3yS/hUZtZvECTe+qKrlYbG4Lq/7+
Jg1uzxdwdRr/y8xQjOfeBVCZqseK2VjTvdtEuCDxXXNmsy4R
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:59 2025 by rpki-client