Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/qgSkGImG1D5jx9tNbYbZSSyF9F0.roa
File: qgSkGImG1D5jx9tNbYbZSSyF9F0.roa (raw, json)
Hash identifier: r2nS9ZeKP8jwGGT5H5z/ynjgsY/KXWemqKGDFDVvrck=
Subject key identifier: AA:04:A4:18:89:86:D4:3E:63:C7:DB:4D:6D:86:D9:49:2C:85:F4:5D
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018E087F5D11A256221B45D89C8836A3A723
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/qgSkGImG1D5jx9tNbYbZSSyF9F0.roa
Signing time: Mon 04 Mar 2024 08:05:48 +0000
ROA not before: Mon 04 Mar 2024 08:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 45.143.68.0/24 maxlen: 24
45.143.69.0/24 maxlen: 24
45.143.70.0/24 maxlen: 24
45.143.71.0/24 maxlen: 24
83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
95.181.216.0/24 maxlen: 24
95.181.217.0/24 maxlen: 24
95.181.218.0/24 maxlen: 24
95.181.219.0/24 maxlen: 24
185.75.208.0/24 maxlen: 24
185.75.209.0/24 maxlen: 24
185.75.210.0/24 maxlen: 24
185.75.211.0/24 maxlen: 24
185.201.190.0/24 maxlen: 24
193.108.242.0/24 maxlen: 24
193.108.243.0/24 maxlen: 24
193.201.248.0/24 maxlen: 24
193.201.249.0/24 maxlen: 24
193.201.250.0/24 maxlen: 24
193.201.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 03:17:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:08:7f:5d:11:a2:56:22:1b:45:d8:9c:88:36:a3:a7:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 4 08:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa04a4188986d43e63c7db4d6d86d9492c85f45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:47:0c:c1:da:8b:9d:c8:64:4d:6b:fe:6a:34:
da:23:0f:ed:f0:dd:de:e5:d0:cd:5d:f4:25:45:9a:
85:a1:c5:10:4d:df:94:4b:ed:24:de:80:ea:82:16:
5a:54:55:60:b0:3a:99:9f:27:2b:1a:c9:55:60:88:
d1:43:cc:ce:81:f6:61:6c:58:cf:74:f5:b1:0e:89:
b5:78:cb:37:9f:a7:f1:56:95:7c:6e:13:07:c1:19:
1a:d5:6b:44:cc:2c:f8:91:23:3e:7a:d5:24:30:f1:
b4:b8:71:fe:04:be:a4:fb:1b:9b:bb:88:39:53:aa:
b4:5a:f2:42:f4:84:3e:9e:e0:4d:32:70:9b:d7:04:
6e:20:d7:56:b5:b1:17:73:b8:d9:07:9b:e1:73:e4:
81:a4:e0:94:bd:c4:b5:cb:6e:a5:41:70:5b:73:66:
83:a7:ec:3f:97:fc:54:b3:3a:c7:ac:24:fb:99:88:
a1:19:57:9b:35:f7:f8:1d:8a:e3:3f:59:58:ad:e1:
1d:f6:24:cb:bd:b6:eb:9c:9d:3f:c6:38:a0:84:16:
47:05:fc:07:e1:54:fd:c7:69:bc:ec:f7:4e:f4:cc:
36:45:87:b4:6c:c5:33:d9:49:69:13:0a:45:8c:a7:
9e:90:4c:e5:d1:47:e7:a6:5a:81:7b:73:57:d6:2e:
bd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:04:A4:18:89:86:D4:3E:63:C7:DB:4D:6D:86:D9:49:2C:85:F4:5D
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/qgSkGImG1D5jx9tNbYbZSSyF9F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.68.0/22
83.150.240.0/22
95.181.216.0/22
185.75.208.0/22
185.201.190.0/24
193.108.242.0/23
193.201.248.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:61:a3:cd:4c:7f:88:14:7e:20:c1:ff:21:0c:32:97:35:89:
10:90:b3:72:bf:b1:77:7f:71:25:60:4e:04:16:78:c7:5e:ef:
2b:54:30:8d:1f:48:f3:9d:74:b8:7b:c3:0d:cc:b6:46:d1:74:
d8:28:a5:0a:df:6a:6d:89:c0:6a:fc:a1:68:79:8e:94:08:92:
31:bd:5a:78:69:8c:c2:22:6f:be:ae:11:8b:01:7f:a8:39:15:
fd:4a:82:22:12:b3:9f:09:90:bc:92:e3:21:ff:a4:af:62:2a:
2a:60:1e:9a:aa:b4:b9:f3:22:95:55:3e:25:76:18:3c:e8:7c:
90:9f:a6:18:a3:f0:7c:8c:49:3a:a9:ac:4c:39:3b:fe:18:aa:
a3:b3:6c:a6:6f:6a:b5:5a:3c:74:85:c7:75:24:c9:13:54:32:
f8:d3:4a:79:e8:71:fc:d2:ca:8d:06:b6:18:92:94:ec:46:09:
c0:43:79:e7:2d:a5:cc:80:7d:5f:1c:4e:9f:b7:50:49:ad:ec:
0f:c6:d6:7c:51:60:fa:0a:5b:57:48:57:8c:b6:5c:3d:c8:0e:
6e:d6:6b:d1:1e:71:ad:06:9b:ff:53:5c:5e:2e:da:8e:50:35:
81:5f:8c:3b:5c:c4:4c:47:8f:5f:a4:07:01:9d:9c:64:d6:a3:
46:f6:c1:91
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY4If10RolYiG0XYnIg2o6cjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMzA0MDgwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA0YTQxODg5ODZkNDNlNjNjN2RiNGQ2ZDg2ZDk0OTJjODVmNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0cMwdqLnchkTWv+ajTaIw/t8N3e
5dDNXfQlRZqFocUQTd+US+0k3oDqghZaVFVgsDqZnycrGslVYIjRQ8zOgfZhbFjP
dPWxDom1eMs3n6fxVpV8bhMHwRka1WtEzCz4kSM+etUkMPG0uHH+BL6k+xubu4g5
U6q0WvJC9IQ+nuBNMnCb1wRuINdWtbEXc7jZB5vhc+SBpOCUvcS1y26lQXBbc2aD
p+w/l/xUszrHrCT7mYihGVebNff4HYrjP1lYreEd9iTLvbbrnJ0/xjighBZHBfwH
4VT9x2m87PdO9Mw2RYe0bMUz2UlpEwpFjKeekEzl0UfnplqBe3NX1i69JwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKoEpBiJhtQ+Y8fbTW2G2UkshfRdMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvcWdTa0dJbUcxRDVqeDl0TmJZYlpTU3lGOUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLY9EAwQC
U5bwAwQCX7XYAwQCuUvQAwQAucm+AwQBwWzyAwQCwcn4MA0GCSqGSIb3DQEBCwUA
A4IBAQBqYaPNTH+IFH4gwf8hDDKXNYkQkLNyv7F3f3ElYE4EFnjHXu8rVDCNH0jz
nXS4e8MNzLZG0XTYKKUK32pticBq/KFoeY6UCJIxvVp4aYzCIm++rhGLAX+oORX9
SoIiErOfCZC8kuMh/6SvYioqYB6aqrS58yKVVT4ldhg86HyQn6YYo/B8jEk6qaxM
OTv+GKqjs2ymb2q1Wjx0hcd1JMkTVDL400p56HH80sqNBrYYkpTsRgnAQ3nnLaXM
gH1fHE6ft1BJrewPxtZ8UWD6CltXSFeMtlw9yA5u1mvRHnGtBpv/U1xeLtqOUDWB
X4w7XMRMR49fpAcBnZxk1qNG9sGR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org