Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/qKJgtWcA0sxSDMzXEiviUPo8c5M.roa
File: qKJgtWcA0sxSDMzXEiviUPo8c5M.roa (raw, json)
Hash identifier: n70IK975VtTctuvtOuB1yo17dErmnBG8F7fqiUJQf7A=
Subject key identifier: A8:A2:60:B5:67:00:D2:CC:52:0C:CC:D7:12:2B:E2:50:FA:3C:73:93
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 018570398B62AEC71168DE87CD7066C31D8F
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/qKJgtWcA0sxSDMzXEiviUPo8c5M.roa
Signing time: Mon 02 Jan 2023 02:04:57 +0000
ROA not before: Mon 02 Jan 2023 02:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12824
IP address blocks: 46.41.128.0/18 maxlen: 18
62.129.245.0/24 maxlen: 24
62.129.250.0/24 maxlen: 24
89.161.253.0/24 maxlen: 24
212.85.96.0/24 maxlen: 24
212.85.96.0/19 maxlen: 19
89.161.254.0/24 maxlen: 24
46.41.159.0/24 maxlen: 24
46.242.144.0/24 maxlen: 24
79.96.0.0/16 maxlen: 16
46.242.150.0/24 maxlen: 24
62.129.192.0/18 maxlen: 18
188.128.244.0/24 maxlen: 24
188.128.255.0/24 maxlen: 24
89.161.128.0/17 maxlen: 17
46.242.128.0/17 maxlen: 17
188.128.128.0/17 maxlen: 17
188.128.128.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
2a02:25a8:dead::/48 maxlen: 48
2a02:25ad:1a:d1::/64 maxlen: 64
2a02:25a8::/32 maxlen: 32
2a02:25a8::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:8b:62:ae:c7:11:68:de:87:cd:70:66:c3:1d:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Jan 2 02:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8a260b56700d2cc520cccd7122be250fa3c7393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:84:04:a4:8f:d3:16:78:8b:b2:b0:4d:43:53:
7c:82:08:29:78:61:04:6c:ad:4f:a9:b9:08:bb:2b:
40:73:03:54:23:e6:c6:10:48:52:cd:57:5d:ed:52:
83:86:21:44:b3:4e:4e:38:6a:7d:b7:e4:20:ec:5f:
4d:7f:14:87:51:1d:ef:46:a7:0c:c1:27:9a:f0:4b:
29:b6:cd:02:74:0f:af:42:14:ef:0a:12:58:92:74:
88:c2:d1:20:af:fc:f0:0d:8f:e7:06:f6:37:61:a2:
2f:30:e0:b0:c6:66:43:21:ca:00:89:39:af:7b:ae:
30:5a:b7:8b:54:6e:5d:4c:f4:62:47:27:52:2b:5a:
b6:35:9d:ea:bd:51:29:03:cd:09:4c:5e:e6:b8:33:
02:d1:7f:0b:26:31:26:91:0d:2c:9b:e6:b5:7a:8e:
76:97:3e:f6:07:00:19:b9:5b:a7:aa:81:c9:a7:08:
57:fa:2f:64:94:94:e5:26:f1:68:f1:04:fb:70:6e:
75:95:89:5d:86:9f:9f:89:40:0c:66:61:d8:25:87:
a4:79:43:8b:eb:ba:fd:51:c8:48:8c:07:34:4a:9c:
6f:a8:d7:27:49:59:e9:af:aa:bc:5e:34:53:9b:e5:
85:ee:fe:66:7f:c7:45:5d:c1:cb:b1:1e:f7:ea:85:
1d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A2:60:B5:67:00:D2:CC:52:0C:CC:D7:12:2B:E2:50:FA:3C:73:93
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/qKJgtWcA0sxSDMzXEiviUPo8c5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.128.0/18
46.242.128.0/17
62.129.192.0/18
79.96.0.0/16
89.161.128.0/17
188.128.128.0/17
212.85.96.0/19
IPv6:
2a02:25a8::/29
Signature Algorithm: sha256WithRSAEncryption
7f:21:b4:48:b9:c3:04:1e:97:d6:38:a8:0b:65:41:e6:66:81:
bb:69:61:42:f4:55:bf:88:cb:1a:85:a1:a9:d8:e7:66:61:16:
4b:b8:b1:75:8a:ac:70:bf:82:04:8d:76:12:b7:3a:c1:71:64:
2c:e4:b8:4a:59:cc:ac:83:62:f1:f4:49:ac:2f:07:33:3c:a4:
f8:ff:a3:c8:54:9d:8c:30:ce:c2:a9:a4:7e:bf:ba:cd:fb:ac:
2b:53:c7:bb:d3:cc:ba:33:13:1f:84:80:be:58:8f:4e:79:04:
71:6a:13:5c:4e:79:af:d2:cf:56:8a:c2:e8:d1:4f:65:05:5e:
23:ff:f0:cc:09:94:95:c8:37:c2:a5:33:0e:5c:75:f6:d6:94:
53:a3:21:95:f6:7a:4c:6b:20:02:82:66:4c:07:89:22:4b:5f:
e7:67:4d:38:e6:b4:ed:11:a6:83:fb:b4:bf:ab:75:63:8c:92:
eb:f8:3d:eb:f2:44:af:8c:25:b6:17:83:5e:81:e5:f6:dd:d9:
38:a5:2e:85:6c:9c:7b:6b:19:ba:ae:02:d5:4b:b2:74:b7:94:
14:42:1d:b0:0a:1f:29:2c:87:de:f7:12:5f:3c:47:40:2e:b3:
3e:f5:58:10:a3:ae:ad:ac:f8:2e:0c:56:d3:66:8b:83:fc:f3:
20:e1:30:20
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYVwOYtirscRaN6HzXBmwx2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjMwMTAyMDIwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGEyNjBiNTY3MDBkMmNjNTIwY2NjZDcxMjJiZTI1MGZhM2M3MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IQEpI/TFniLsrBNQ1N8gggpeGEE
bK1PqbkIuytAcwNUI+bGEEhSzVdd7VKDhiFEs05OOGp9t+Qg7F9NfxSHUR3vRqcM
wSea8Espts0CdA+vQhTvChJYknSIwtEgr/zwDY/nBvY3YaIvMOCwxmZDIcoAiTmv
e64wWreLVG5dTPRiRydSK1q2NZ3qvVEpA80JTF7muDMC0X8LJjEmkQ0sm+a1eo52
lz72BwAZuVunqoHJpwhX+i9klJTlJvFo8QT7cG51lYldhp+fiUAMZmHYJYekeUOL
67r9UchIjAc0SpxvqNcnSVnpr6q8XjRTm+WF7v5mf8dFXcHLsR736oUd4wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKiiYLVnANLMUgzM1xIr4lD6PHOTMB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEvcUtKZ3RXY0Ewc3hTRE16WEVpdmlVUG84YzVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGLimAAwQH
LvKAAwQGPoHAAwMAT2ADBAdZoYADBAe8gIADBAXUVWAwDQQCAAIwBwMFAyoCJagw
DQYJKoZIhvcNAQELBQADggEBAH8htEi5wwQel9Y4qAtlQeZmgbtpYUL0Vb+IyxqF
oanY52ZhFku4sXWKrHC/ggSNdhK3OsFxZCzkuEpZzKyDYvH0SawvBzM8pPj/o8hU
nYwwzsKppH6/us37rCtTx7vTzLozEx+EgL5Yj055BHFqE1xOea/Sz1aKwujRT2UF
XiP/8MwJlJXIN8KlMw5cdfbWlFOjIZX2ekxrIAKCZkwHiSJLX+dnTTjmtO0RpoP7
tL+rdWOMkuv4PevyRK+MJbYXg16B5fbd2TilLoVsnHtrGbquAtVLsnS3lBRCHbAK
Hyksh973El88R0Ausz71WBCjrq2s+C4MVtNmi4P88yDhMCA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:33 2024 by rpki-client on console-fra.rpki-client.org