Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/QF1k2U0CcrGCKimBlaZFsrrDFZM.roa
File: QF1k2U0CcrGCKimBlaZFsrrDFZM.roa (raw, json)
Hash identifier: 2m0WRf0qqzW7AX+Gi88CEsz/4Y/4zb1WwJv53/Nl8bM=
Subject key identifier: 40:5D:64:D9:4D:02:72:B1:82:2A:29:81:95:A6:45:B2:BA:C3:15:93
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 0188D3AB62F3E430EF31EB2B4E99E42FF460
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/QF1k2U0CcrGCKimBlaZFsrrDFZM.roa
Signing time: Mon 19 Jun 2023 12:40:04 +0000
ROA not before: Mon 19 Jun 2023 12:40:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 185.71.116.0/24 maxlen: 24
185.71.117.0/24 maxlen: 24
185.71.118.0/24 maxlen: 24
185.71.119.0/24 maxlen: 24
212.50.35.0/24 maxlen: 24
212.50.42.0/24 maxlen: 24
212.50.43.0/24 maxlen: 24
212.50.45.0/24 maxlen: 24
212.50.46.0/24 maxlen: 24
212.50.47.0/24 maxlen: 24
212.50.48.0/24 maxlen: 24
212.50.49.0/24 maxlen: 24
212.50.50.0/24 maxlen: 24
212.50.51.0/24 maxlen: 24
212.50.52.0/24 maxlen: 24
212.50.53.0/24 maxlen: 24
212.50.56.0/24 maxlen: 24
212.50.57.0/24 maxlen: 24
212.50.58.0/24 maxlen: 24
212.50.59.0/24 maxlen: 24
212.50.60.0/24 maxlen: 24
212.50.62.0/24 maxlen: 24
212.50.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d3:ab:62:f3:e4:30:ef:31:eb:2b:4e:99:e4:2f:f4:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Jun 19 12:40:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=405d64d94d0272b1822a298195a645b2bac31593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4b:cf:eb:2c:ef:b5:41:81:10:91:ff:9b:d3:
b8:9a:58:f8:14:1f:11:ab:73:1e:ed:80:75:47:51:
29:4b:d8:9f:d7:3a:4a:84:32:0b:83:50:ed:c8:06:
f0:9e:4e:dc:f1:34:df:b9:5b:ea:37:63:2e:60:d2:
4f:3e:40:7b:df:f3:6c:a1:72:c8:8e:22:6c:e9:59:
43:87:ce:42:0a:21:93:89:22:23:0f:69:a5:c6:88:
2f:7f:fc:3d:4a:fe:de:59:be:a2:44:d1:65:fa:89:
9b:9b:8b:86:6c:96:d7:aa:89:ca:12:be:08:65:e9:
34:23:9b:ad:9a:df:f2:c4:ff:91:4f:8f:26:ba:5c:
08:aa:2b:46:c2:12:f6:34:fc:e4:35:8c:7a:b1:2e:
fc:a4:e6:ea:58:d7:0d:c4:30:fa:b9:0e:20:02:f0:
ea:50:cf:71:00:56:18:b4:3f:3b:50:d7:78:2f:37:
53:30:7c:66:54:09:49:1f:57:79:94:df:a8:4d:fe:
4b:0a:29:96:f2:f4:7e:e8:05:05:38:39:5a:16:f5:
9a:9f:d7:51:9a:bf:29:1e:4d:1d:35:2a:df:37:2b:
61:e6:96:43:fe:01:98:4f:cf:ad:ec:fd:0d:12:25:
db:8f:27:25:48:3d:88:55:36:81:f0:dd:2b:3e:67:
fd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5D:64:D9:4D:02:72:B1:82:2A:29:81:95:A6:45:B2:BA:C3:15:93
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/QF1k2U0CcrGCKimBlaZFsrrDFZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.116.0/22
212.50.35.0/24
212.50.42.0/23
212.50.45.0-212.50.53.255
212.50.56.0-212.50.60.255
212.50.62.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:4f:cb:75:c4:ba:da:27:4a:95:0c:bd:d6:a0:43:86:81:61:
a8:63:a4:a3:71:1d:25:e9:b5:52:e3:6e:89:20:85:c5:97:6a:
79:dc:61:b8:5d:c6:4e:f9:0e:75:49:c3:d3:87:2d:31:26:4a:
86:8c:ef:33:9e:af:70:d0:94:2f:92:5c:c3:50:a4:99:7a:04:
75:c7:49:26:de:d2:44:4a:31:01:0e:6c:cf:fe:a6:9a:95:52:
50:da:b0:4e:77:29:fc:2a:e9:14:1e:2c:97:5b:70:98:6a:1a:
bc:a7:ed:78:b3:44:48:9b:2d:b1:d1:db:dc:96:cf:81:1b:4f:
aa:b6:50:42:5f:ea:09:f1:11:5b:46:6c:05:19:e3:5a:ce:d7:
a9:09:d0:33:29:11:fb:ae:e5:11:9d:a9:f3:ae:33:d3:bd:e4:
5b:09:1f:4e:c0:39:bf:28:d3:34:64:39:dc:68:13:60:7c:97:
3f:2d:75:32:6c:f8:20:9d:c1:9e:6c:7b:41:aa:b0:0a:75:3e:
63:7c:35:cd:0d:59:c1:7c:fb:ae:dd:2d:9b:01:ac:df:32:9a:
c6:aa:9d:3b:73:63:12:61:78:bb:ee:89:f5:08:10:1d:07:32:
2c:75:ce:70:4b:8c:f9:8e:8d:0d:4d:36:19:aa:9b:ec:86:a8:
36:ee:33:25
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYjTq2Lz5DDvMesrTpnkL/RgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGQ2NGEwZGMyMTk5NmIxYzk5ZTY4Y2M5NTE2OTRlMjkz
ZWRlZmUwHhcNMjMwNjE5MTI0MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDVkNjRkOTRkMDI3MmIxODIyYTI5ODE5NWE2NDViMmJhYzMxNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEvP6yzvtUGBEJH/m9O4mlj4FB8R
q3Me7YB1R1EpS9if1zpKhDILg1DtyAbwnk7c8TTfuVvqN2MuYNJPPkB73/NsoXLI
jiJs6VlDh85CCiGTiSIjD2mlxogvf/w9Sv7eWb6iRNFl+ombm4uGbJbXqonKEr4I
Zek0I5utmt/yxP+RT48mulwIqitGwhL2NPzkNYx6sS78pObqWNcNxDD6uQ4gAvDq
UM9xAFYYtD87UNd4LzdTMHxmVAlJH1d5lN+oTf5LCimW8vR+6AUFODlaFvWan9dR
mr8pHk0dNSrfNyth5pZD/gGYT8+t7P0NEiXbjyclSD2IVTaB8N0rPmf9SwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFEBdZNlNAnKxgiopgZWmRbK6wxWTMB8GA1UdIwQY
MBaAFLuNZKDcIZlrHJnmjMlRaU4pPt7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUt
ZGQ0YTIxN2Q2MDZiLzEvUUYxazJVMENjckdDS2ltQmxhWkZzcnJERlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUtZGQ0YTIxN2Q2MDZi
LzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQCuUd0AwQA
1DIjAwQB1DIqMAwDBADUMi0DBAHUMjQwDAMEA9QyOAMEANQyPAMEAdQyPjANBgkq
hkiG9w0BAQsFAAOCAQEAH0/LdcS62idKlQy91qBDhoFhqGOko3EdJem1UuNuiSCF
xZdqedxhuF3GTvkOdUnD04ctMSZKhozvM56vcNCUL5Jcw1CkmXoEdcdJJt7SREox
AQ5sz/6mmpVSUNqwTncp/CrpFB4sl1twmGoavKfteLNESJstsdHb3JbPgRtPqrZQ
Ql/qCfERW0ZsBRnjWs7XqQnQMykR+67lEZ2p864z073kWwkfTsA5vyjTNGQ53GgT
YHyXPy11Mmz4IJ3Bnmx7QaqwCnU+Y3w1zQ1ZwXz7rt0tmwGs3zKaxqqdO3NjEmF4
u+6J9QgQHQcyLHXOcEuM+Y6NDU02Gaqb7IaoNu4zJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:57 2024 by rpki-client on console-fra.rpki-client.org