Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Qzln8Q2xu62DEEgj4eJf0rwCCkg.roa
File: Qzln8Q2xu62DEEgj4eJf0rwCCkg.roa (raw, json)
Hash identifier: rF/O8NaQxFIazFmoBVfbQ1jthMSN69yBZUHp0Xbvg+o=
Subject key identifier: 43:39:67:F1:0D:B1:BB:AD:83:10:48:23:E1:E2:5F:D2:BC:02:0A:48
Certificate issuer: /CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Certificate serial: 018E1388DFFA1E0F5B4FB1981C9FD867314B
Authority key identifier: 15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Qzln8Q2xu62DEEgj4eJf0rwCCkg.roa
Signing time: Wed 06 Mar 2024 11:32:01 +0000
ROA not before: Wed 06 Mar 2024 11:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61173
IP address blocks: 5.182.44.0/24 maxlen: 24
5.182.45.0/24 maxlen: 24
5.182.46.0/24 maxlen: 24
5.182.47.0/24 maxlen: 24
45.159.112.0/24 maxlen: 24
45.159.113.0/24 maxlen: 24
45.159.114.0/24 maxlen: 24
45.159.115.0/24 maxlen: 24
62.3.42.0/24 maxlen: 24
85.208.253.0/24 maxlen: 24
85.208.254.0/24 maxlen: 24
85.208.255.0/24 maxlen: 24
185.4.28.0/24 maxlen: 24
185.4.29.0/24 maxlen: 24
185.4.30.0/24 maxlen: 24
185.4.31.0/24 maxlen: 24
185.50.37.0/24 maxlen: 24
185.50.38.0/24 maxlen: 24
185.50.39.0/24 maxlen: 24
185.116.160.0/24 maxlen: 24
185.116.161.0/24 maxlen: 24
185.116.162.0/24 maxlen: 24
185.116.163.0/24 maxlen: 24
185.213.164.0/24 maxlen: 24
185.213.165.0/24 maxlen: 24
185.213.166.0/24 maxlen: 24
185.213.167.0/24 maxlen: 24
185.255.88.0/24 maxlen: 24
185.255.89.0/24 maxlen: 24
185.255.90.0/24 maxlen: 24
185.255.91.0/24 maxlen: 24
193.141.64.0/24 maxlen: 24
193.141.65.0/24 maxlen: 24
193.141.126.0/24 maxlen: 24
193.141.127.0/24 maxlen: 24
2a05:ab80::/29 maxlen: 29
2a05:ab80::/48 maxlen: 48
2a05:ab80:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 06 Mar 2024 13:33:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:88:df:fa:1e:0f:5b:4f:b1:98:1c:9f:d8:67:31:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Validity
Not Before: Mar 6 11:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=433967f10db1bbad83104823e1e25fd2bc020a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0f:bb:40:26:4d:22:b2:eb:a8:16:5b:95:88:
3f:97:da:e9:bc:54:42:45:04:1a:06:44:ab:a7:67:
58:fb:de:ee:b1:24:54:99:9c:fe:84:d9:a6:16:c7:
e7:21:92:ad:7d:25:19:22:e6:07:f2:f2:d7:52:1d:
ae:b8:e3:68:22:46:76:0d:1e:14:8a:2b:c6:52:22:
87:2a:dd:06:9e:d0:06:80:79:14:1e:23:76:02:0d:
a8:da:f1:60:9e:6e:02:41:26:76:5b:c6:d6:05:ec:
de:19:30:94:59:0f:47:14:5e:53:33:88:83:d1:2f:
db:c9:37:f6:94:fb:6f:c7:04:a3:8d:9b:69:74:bc:
30:de:e6:1d:95:66:6c:de:05:63:60:5d:2d:82:1d:
7a:43:53:51:c1:0e:b1:2a:60:9a:18:0e:66:c2:7e:
41:22:04:41:ed:4d:e3:06:91:e2:b3:e1:c7:60:ee:
d4:aa:b8:04:10:e5:0d:89:37:47:3a:5f:5c:91:95:
c0:a2:71:f1:05:f0:11:09:70:3d:76:c8:08:9b:70:
a3:b8:13:85:09:af:31:ae:ac:76:db:21:09:68:0f:
28:49:68:05:3f:18:83:34:e8:80:b0:31:de:7e:ce:
0f:b9:86:43:c6:b8:03:f0:0d:2a:0a:0c:d5:3d:db:
54:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:39:67:F1:0D:B1:BB:AD:83:10:48:23:E1:E2:5F:D2:BC:02:0A:48
X509v3 Authority Key Identifier:
keyid:15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Qzln8Q2xu62DEEgj4eJf0rwCCkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.44.0/22
45.159.112.0/22
62.3.42.0/24
85.208.253.0-85.208.255.255
185.4.28.0/22
185.50.37.0-185.50.39.255
185.116.160.0/22
185.213.164.0/22
185.255.88.0/22
193.141.64.0/23
193.141.126.0/23
IPv6:
2a05:ab80::/29
Signature Algorithm: sha256WithRSAEncryption
59:00:3a:dc:5a:d7:ce:c7:94:1f:8f:e8:de:88:25:dc:13:b9:
87:30:d1:8a:dc:94:78:e7:fe:af:18:7e:6f:f5:8f:57:5e:cb:
37:f4:7e:7e:c1:ed:fb:a4:9b:85:f0:6c:36:4d:61:2e:e1:1e:
a8:e6:3f:30:4c:d6:4c:43:0f:c9:09:3d:ce:c9:70:79:39:ba:
6f:22:cb:e3:4e:01:2e:e4:b7:0b:71:a9:1f:c5:30:bb:4c:f9:
87:49:e3:cc:77:90:35:a6:e9:73:b4:de:20:64:76:0a:00:e2:
ae:88:47:17:d7:2a:81:e8:9e:81:79:29:4c:78:8a:6e:e6:05:
ca:21:e8:86:02:88:39:d7:33:83:30:85:13:0b:3a:bf:a7:56:
e2:01:8e:f1:ba:05:93:61:df:7f:81:d1:63:02:1f:55:03:e5:
f9:3d:72:49:fe:76:24:c7:d6:50:0b:7b:03:0a:3e:26:c4:fe:
16:3f:48:1e:ed:57:de:c6:ed:40:fd:16:7a:97:50:8f:41:60:
b2:bc:ef:3a:9c:17:ec:38:02:d7:14:5c:fc:df:26:5d:07:45:
6f:82:b3:1e:de:69:80:e6:c9:7e:a8:81:22:49:ed:c9:51:d5:
32:d0:46:de:04:32:64:38:36:a2:05:2f:fb:b0:98:02:01:43:
ba:8f:dd:da
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY4TiN/6Hg9bT7GYHJ/YZzFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQzODA0ZTAwYjllMDZhODJjZWQ5ZjA3YjM0ZmUzZmQ4
MDM5NGUwHhcNMjQwMzA2MTEzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM5NjdmMTBkYjFiYmFkODMxMDQ4MjNlMWUyNWZkMmJjMDIwYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ+7QCZNIrLrqBZblYg/l9rpvFRC
RQQaBkSrp2dY+97usSRUmZz+hNmmFsfnIZKtfSUZIuYH8vLXUh2uuONoIkZ2DR4U
iivGUiKHKt0GntAGgHkUHiN2Ag2o2vFgnm4CQSZ2W8bWBezeGTCUWQ9HFF5TM4iD
0S/byTf2lPtvxwSjjZtpdLww3uYdlWZs3gVjYF0tgh16Q1NRwQ6xKmCaGA5mwn5B
IgRB7U3jBpHis+HHYO7UqrgEEOUNiTdHOl9ckZXAonHxBfARCXA9dsgIm3CjuBOF
Ca8xrqx22yEJaA8oSWgFPxiDNOiAsDHefs4PuYZDxrgD8A0qCgzVPdtU4wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFEM5Z/ENsbutgxBII+HiX9K8AgpIMB8GA1UdIwQY
MBaAFBX9OATgC54GqCztnwezT+P9gDlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEt
NzgzNWQzMjA4Mzk2LzEvUXpsbjhRMnh1NjJERUVnajRlSmYwcndDQ2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEtNzgzNWQzMjA4Mzk2
LzEvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBXBAIAATBRAwQCBbYsAwQC
LZ9wAwQAPgMqMAsDBABV0P0DAwBV0AMEArkEHDAMAwQAuTIlAwQDuTIgAwQCuXSg
AwQCudWkAwQCuf9YAwQBwY1AAwQBwY1+MA0EAgACMAcDBQMqBauAMA0GCSqGSIb3
DQEBCwUAA4IBAQBZADrcWtfOx5Qfj+jeiCXcE7mHMNGK3JR45/6vGH5v9Y9XXss3
9H5+we37pJuF8Gw2TWEu4R6o5j8wTNZMQw/JCT3OyXB5ObpvIsvjTgEu5LcLcakf
xTC7TPmHSePMd5A1pulztN4gZHYKAOKuiEcX1yqB6J6BeSlMeIpu5gXKIeiGAog5
1zODMIUTCzq/p1biAY7xugWTYd9/gdFjAh9VA+X5PXJJ/nYkx9ZQC3sDCj4mxP4W
P0ge7Vfexu1A/RZ6l1CPQWCyvO86nBfsOALXFFz83yZdB0VvgrMe3mmA5sl+qIEi
Se3JUdUy0EbeBDJkODaiBS/7sJgCAUO6j93a
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:42:05 2025 by rpki-client