Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/qCChbfXH-mgXCzJv2AH7BP0WvBo.roa
File: qCChbfXH-mgXCzJv2AH7BP0WvBo.roa (raw, json)
Hash identifier: rmkgF6lGJU66Sxbdo1PD4nK572v6iUdzBg0PI+XpKRk=
Subject key identifier: A8:20:A1:6D:F5:C7:FA:68:17:0B:32:6F:D8:01:FB:04:FD:16:BC:1A
Certificate issuer: /CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Certificate serial: 0185F48A6CD8C0806F3FCB48CA7D72E679D9
Authority key identifier: 38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/qCChbfXH-mgXCzJv2AH7BP0WvBo.roa
Signing time: Fri 27 Jan 2023 18:43:10 +0000
ROA not before: Fri 27 Jan 2023 18:43:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34978
IP address blocks: 185.52.10.0/24 maxlen: 24
185.52.11.0/24 maxlen: 24
185.52.8.0/22 maxlen: 22
185.52.8.0/24 maxlen: 24
185.52.9.0/24 maxlen: 24
81.29.224.0/20 maxlen: 20
2a04:c640::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f4:8a:6c:d8:c0:80:6f:3f:cb:48:ca:7d:72:e6:79:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a37c24ddca347d713ed794d33cd4a81a8b498a
Validity
Not Before: Jan 27 18:43:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a820a16df5c7fa68170b326fd801fb04fd16bc1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f2:d5:08:75:26:b2:a1:54:31:50:a9:17:43:
20:fd:e0:03:97:28:d0:ad:f4:c3:1d:d3:aa:24:e0:
10:d5:fd:3b:8c:3f:a0:a5:70:5f:85:93:84:f4:96:
02:98:d0:13:91:24:65:d4:9e:26:5f:ae:18:6f:f2:
d1:56:ac:33:c4:9f:ba:22:37:85:b0:89:fe:68:28:
a0:c4:15:dc:a6:92:58:f6:22:b1:70:c9:80:23:f9:
2f:bc:b4:42:4f:19:a3:90:ca:78:19:90:ac:98:b2:
cd:27:99:9d:a1:16:18:4a:e4:b9:52:d2:64:0c:02:
73:35:6f:53:c1:16:72:f4:65:f3:a9:84:02:83:7c:
70:3f:14:51:31:2a:e9:9a:1f:34:cb:3f:6f:3a:d2:
be:96:2c:73:70:e7:ed:80:a1:89:41:9c:6d:3f:8e:
3d:6d:1d:a8:d6:18:d4:62:92:ed:f1:98:ab:67:50:
e8:6c:01:60:89:88:b2:21:13:20:58:86:4e:6e:2b:
72:8d:8c:6b:80:b9:79:f0:f5:f0:9e:84:ee:c2:d7:
38:0b:4c:c2:42:3d:68:09:50:4a:c7:a4:20:f5:fc:
64:f2:64:49:cf:4a:f5:0d:83:2f:5e:1d:8a:18:d3:
4e:5c:d6:5a:56:13:c1:6f:77:ea:6f:21:46:5d:93:
5a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:20:A1:6D:F5:C7:FA:68:17:0B:32:6F:D8:01:FB:04:FD:16:BC:1A
X509v3 Authority Key Identifier:
keyid:38:A3:7C:24:DD:CA:34:7D:71:3E:D7:94:D3:3C:D4:A8:1A:8B:49:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKN8JN3KNH1xPteU0zzUqBqLSYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/qCChbfXH-mgXCzJv2AH7BP0WvBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1e33c3-d197-45f2-828e-44a49d263700/1/OKN8JN3KNH1xPteU0zzUqBqLSYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.29.224.0/20
185.52.8.0/22
IPv6:
2a04:c640::/29
Signature Algorithm: sha256WithRSAEncryption
26:c9:fd:de:c3:4c:a3:5a:25:3a:c1:36:a8:76:cb:50:a6:57:
05:8e:27:d5:31:87:94:b9:bc:88:24:71:2a:2a:0a:7f:f7:41:
2b:1b:81:32:fe:2c:95:3a:3a:40:70:ca:a1:5e:7d:3d:68:d0:
2c:63:16:fc:8c:8d:82:2f:e5:ef:fd:71:7e:7f:4b:38:bc:bf:
20:4c:ff:cc:10:59:7f:e2:3a:5a:ec:38:ee:b5:2c:a5:b2:24:
2a:52:43:df:d7:e4:33:d5:09:16:65:60:ca:d9:a4:6c:60:65:
e0:4b:a9:e2:83:05:8c:75:7c:f2:3c:a4:22:07:8c:e5:64:4c:
a5:13:7c:b8:31:93:6a:90:0a:49:d3:e1:9d:d2:4e:9b:cc:fc:
2e:c2:82:53:4f:f9:c0:49:ee:fe:30:22:ad:9a:8d:68:8a:43:
d9:4d:07:91:83:71:89:df:51:97:d3:f2:d8:12:fe:53:1c:d8:
82:ba:c6:f6:a9:52:3b:5f:ff:f3:37:e1:db:86:d6:4e:fe:25:
c9:f6:83:0f:55:2d:0b:98:fa:9d:5c:d8:79:78:6f:1c:24:45:
49:da:af:23:a2:b1:28:53:b2:bf:99:37:a0:71:51:1a:34:82:
fd:23:f7:b2:91:2f:11:29:81:03:1d:42:50:b4:7c:c2:a6:ce:
17:ea:28:83
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYX0imzYwIBvP8tIyn1y5nnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTM3YzI0ZGRjYTM0N2Q3MTNlZDc5NGQzM2NkNGE4MWE4
YjQ5OGEwHhcNMjMwMTI3MTg0MzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODIwYTE2ZGY1YzdmYTY4MTcwYjMyNmZkODAxZmIwNGZkMTZiYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfLVCHUmsqFUMVCpF0Mg/eADlyjQ
rfTDHdOqJOAQ1f07jD+gpXBfhZOE9JYCmNATkSRl1J4mX64Yb/LRVqwzxJ+6IjeF
sIn+aCigxBXcppJY9iKxcMmAI/kvvLRCTxmjkMp4GZCsmLLNJ5mdoRYYSuS5UtJk
DAJzNW9TwRZy9GXzqYQCg3xwPxRRMSrpmh80yz9vOtK+lixzcOftgKGJQZxtP449
bR2o1hjUYpLt8ZirZ1DobAFgiYiyIRMgWIZObityjYxrgLl58PXwnoTuwtc4C0zC
Qj1oCVBKx6Qg9fxk8mRJz0r1DYMvXh2KGNNOXNZaVhPBb3fqbyFGXZNaGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKggoW31x/poFwsyb9gB+wT9FrwaMB8GA1UdIwQY
MBaAFDijfCTdyjR9cT7XlNM81Kgai0mKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUt
NDRhNDlkMjYzNzAwLzEvcUNDaGJmWEgtbWdYQ3pKdjJBSDdCUDBXdkJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZTMzYzMtZDE5Ny00NWYyLTgyOGUtNDRhNDlkMjYzNzAw
LzEvT0tOOEpOM0tOSDF4UHRlVTB6elVxQnFMU1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUR3gAwQC
uTQIMA0EAgACMAcDBQMqBMZAMA0GCSqGSIb3DQEBCwUAA4IBAQAmyf3ew0yjWiU6
wTaodstQplcFjifVMYeUubyIJHEqKgp/90ErG4Ey/iyVOjpAcMqhXn09aNAsYxb8
jI2CL+Xv/XF+f0s4vL8gTP/MEFl/4jpa7DjutSylsiQqUkPf1+Qz1QkWZWDK2aRs
YGXgS6nigwWMdXzyPKQiB4zlZEylE3y4MZNqkApJ0+Gd0k6bzPwuwoJTT/nASe7+
MCKtmo1oikPZTQeRg3GJ31GX0/LYEv5THNiCusb2qVI7X//zN+HbhtZO/iXJ9oMP
VS0LmPqdXNh5eG8cJEVJ2q8jorEoU7K/mTegcVEaNIL9I/eykS8RKYEDHUJQtHzC
ps4X6iiD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:33 2024 by rpki-client on console-ams.rpki-client.org