Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/QuV3GJRZaOFjs-QADs40t6jAXpY.roa
File: QuV3GJRZaOFjs-QADs40t6jAXpY.roa (raw, json)
Hash identifier: t+JQooCHcN1pKwcp9mQucFqxJ5tyL4FnL3R6T1UAUVQ=
Subject key identifier: 42:E5:77:18:94:59:68:E1:63:B3:E4:00:0E:CE:34:B7:A8:C0:5E:96
Certificate issuer: /CN=b53ba18d5ceb8e794c8139ce02a791b8501825ef
Certificate serial: 018C151C8C6366E7EDE4AD421BB260EA75A8
Authority key identifier: B5:3B:A1:8D:5C:EB:8E:79:4C:81:39:CE:02:A7:91:B8:50:18:25:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTuhjVzrjnlMgTnOAqeRuFAYJe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/QuV3GJRZaOFjs-QADs40t6jAXpY.roa
Signing time: Tue 28 Nov 2023 08:47:21 +0000
ROA not before: Tue 28 Nov 2023 08:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16365
IP address blocks: 212.149.0.0/18 maxlen: 18
212.149.0.0/19 maxlen: 19
195.42.236.0/24 maxlen: 24
195.42.236.0/22 maxlen: 22
195.42.239.0/24 maxlen: 24
212.149.30.0/24 maxlen: 24
212.149.29.0/24 maxlen: 24
212.149.32.0/19 maxlen: 19
2a00:d580:4900::/40 maxlen: 40
2a00:d580::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:1c:8c:63:66:e7:ed:e4:ad:42:1b:b2:60:ea:75:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53ba18d5ceb8e794c8139ce02a791b8501825ef
Validity
Not Before: Nov 28 08:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42e57718945968e163b3e4000ece34b7a8c05e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:44:51:32:76:be:37:9c:6e:c5:8e:23:1a:16:
56:dd:b6:f9:0b:c1:b7:12:dc:68:40:a1:56:91:27:
2f:39:40:a4:71:03:ff:e3:f8:d8:57:7d:d6:89:48:
0a:d9:28:5b:86:ab:e2:73:72:f4:93:92:1b:99:50:
4b:3b:26:74:b2:6b:61:3b:68:60:fc:93:7e:d7:25:
e6:e1:89:fd:22:2d:49:7a:51:81:e7:e7:b5:b8:aa:
d1:f1:3b:2a:66:0b:3c:3b:b6:a6:83:ff:81:46:a9:
a0:2c:fa:4e:55:c2:f2:e6:33:a8:4b:b4:5a:5e:5a:
f0:c0:3f:ef:a2:f0:ff:e2:a1:8f:6b:af:8e:fe:7a:
7d:9a:a1:18:35:33:50:48:b2:fd:3b:ae:e8:12:e7:
2e:9d:40:bf:d7:ed:97:7e:ec:b3:07:50:e1:ca:20:
61:03:fd:be:a8:3c:41:0d:64:66:9a:25:90:84:ee:
12:a4:69:e8:a6:2a:ed:3b:46:dd:d2:50:59:76:18:
78:ce:aa:1a:45:c7:3c:3d:01:9d:8c:7c:c6:1e:ea:
90:b1:01:d2:00:96:f8:9f:02:f2:c6:f5:52:07:75:
8b:dc:41:5b:be:79:a0:5f:c3:74:fc:38:29:4e:5c:
f4:11:10:9a:0e:e6:4e:bc:87:b4:23:74:df:da:c2:
25:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E5:77:18:94:59:68:E1:63:B3:E4:00:0E:CE:34:B7:A8:C0:5E:96
X509v3 Authority Key Identifier:
keyid:B5:3B:A1:8D:5C:EB:8E:79:4C:81:39:CE:02:A7:91:B8:50:18:25:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTuhjVzrjnlMgTnOAqeRuFAYJe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/QuV3GJRZaOFjs-QADs40t6jAXpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/tTuhjVzrjnlMgTnOAqeRuFAYJe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.236.0/22
212.149.0.0/18
IPv6:
2a00:d580::/32
Signature Algorithm: sha256WithRSAEncryption
71:72:19:8d:80:52:ac:01:22:4c:85:01:9a:fa:1d:f4:12:f6:
ed:6a:31:54:58:bd:5a:26:6c:92:e8:81:81:ad:86:65:31:c8:
8d:1f:19:4f:d5:00:30:0d:ad:a2:64:8a:f9:e7:a2:09:29:06:
45:26:f9:d7:52:81:47:37:18:bd:ab:3e:92:54:cb:2b:ba:61:
2a:31:b4:79:11:30:a1:ab:38:67:52:57:82:b9:7d:f1:0b:68:
2b:52:89:a3:e1:21:d6:0e:bf:c1:10:25:e7:96:8d:95:5e:92:
e1:b4:26:9f:a0:e1:8b:86:e3:bb:89:e7:36:84:84:c9:39:66:
7e:7b:21:09:33:d5:08:32:bc:87:1a:97:29:07:39:d4:41:bf:
07:e2:17:c3:65:b4:30:4d:92:b2:02:4d:51:6e:0a:03:a5:07:
51:00:c9:b0:e9:f9:a8:7f:67:12:c1:a5:9d:90:27:a3:aa:97:
91:97:5c:28:ff:3c:8a:85:6c:84:36:2c:3b:38:b5:f4:45:96:
6d:ee:dd:79:e3:5d:84:73:46:00:a5:ee:e0:a7:1a:5d:36:bb:
2e:3b:63:8c:38:ab:4c:bc:e1:dc:cb:f3:d5:aa:4d:1f:f1:54:
eb:b7:03:36:8d:1c:69:e9:66:15:11:d5:70:0b:37:06:4a:e0:
c3:52:cf:85
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYwVHIxjZuft5K1CG7Jg6nWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2JhMThkNWNlYjhlNzk0YzgxMzljZTAyYTc5MWI4NTAx
ODI1ZWYwHhcNMjMxMTI4MDg0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmU1NzcxODk0NTk2OGUxNjNiM2U0MDAwZWNlMzRiN2E4YzA1ZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0RRMna+N5xuxY4jGhZW3bb5C8G3
EtxoQKFWkScvOUCkcQP/4/jYV33WiUgK2Shbhqvic3L0k5IbmVBLOyZ0smthO2hg
/JN+1yXm4Yn9Ii1JelGB5+e1uKrR8TsqZgs8O7amg/+BRqmgLPpOVcLy5jOoS7Ra
XlrwwD/vovD/4qGPa6+O/np9mqEYNTNQSLL9O67oEucunUC/1+2XfuyzB1DhyiBh
A/2+qDxBDWRmmiWQhO4SpGnopirtO0bd0lBZdhh4zqoaRcc8PQGdjHzGHuqQsQHS
AJb4nwLyxvVSB3WL3EFbvnmgX8N0/DgpTlz0ERCaDuZOvIe0I3Tf2sIl/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFELldxiUWWjhY7PkAA7ONLeowF6WMB8GA1UdIwQY
MBaAFLU7oY1c6455TIE5zgKnkbhQGCXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFR1aGpWenJqbmxNZ1RuT0FxZVJ1RkFZSmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lMjUxMGQtZTU3My00NWQzLTlkMjAt
NzU0YjYwYzViNTY4LzEvUXVWM0dKUlphT0Zqcy1RQURzNDB0NmpBWHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lMjUxMGQtZTU3My00NWQzLTlkMjAtNzU0YjYwYzViNTY4
LzEvdFR1aGpWenJqbmxNZ1RuT0FxZVJ1RkFZSmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwyrsAwQG
1JUAMA0EAgACMAcDBQAqANWAMA0GCSqGSIb3DQEBCwUAA4IBAQBxchmNgFKsASJM
hQGa+h30EvbtajFUWL1aJmyS6IGBrYZlMciNHxlP1QAwDa2iZIr556IJKQZFJvnX
UoFHNxi9qz6SVMsrumEqMbR5ETChqzhnUleCuX3xC2grUomj4SHWDr/BECXnlo2V
XpLhtCafoOGLhuO7iec2hITJOWZ+eyEJM9UIMryHGpcpBznUQb8H4hfDZbQwTZKy
Ak1RbgoDpQdRAMmw6fmof2cSwaWdkCejqpeRl1wo/zyKhWyENiw7OLX0RZZt7t15
412Ec0YApe7gpxpdNrsuO2OMOKtMvOHcy/PVqk0f8VTrtwM2jRxp6WYVEdVwCzcG
SuDDUs+F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:34 2024 by rpki-client on console-fra.rpki-client.org