Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/QrZXiEhxSaBv29sbNrIN54Mjlug.roa
File: QrZXiEhxSaBv29sbNrIN54Mjlug.roa (raw, json)
Hash identifier: 9XV6fyHBrxIGV7cTp9Z8wulw6iTrBIdc/vkMxPkDSHE=
Subject key identifier: 42:B6:57:88:48:71:49:A0:6F:DB:DB:1B:36:B2:0D:E7:83:23:96:E8
Certificate issuer: /CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Certificate serial: 018BD22F588971326B0723E8408D9476148A
Authority key identifier: 29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/QrZXiEhxSaBv29sbNrIN54Mjlug.roa
Signing time: Wed 15 Nov 2023 08:53:20 +0000
ROA not before: Wed 15 Nov 2023 08:53:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25106
IP address blocks: 176.60.4.0/22 maxlen: 22
176.60.0.0/18 maxlen: 24
176.60.44.0/22 maxlen: 22
176.60.40.0/22 maxlen: 22
46.56.114.0/23 maxlen: 23
46.56.125.0/24 maxlen: 24
176.60.128.0/18 maxlen: 24
176.60.132.0/22 maxlen: 22
176.60.64.0/18 maxlen: 24
176.60.80.0/23 maxlen: 23
46.56.56.0/22 maxlen: 24
46.56.60.0/23 maxlen: 24
46.56.60.0/24 maxlen: 24
46.56.62.0/23 maxlen: 23
46.56.64.0/19 maxlen: 24
46.56.96.0/19 maxlen: 24
46.56.40.0/24 maxlen: 24
46.56.41.0/24 maxlen: 24
46.56.42.0/24 maxlen: 24
46.56.40.0/21 maxlen: 21
46.216.184.0/21 maxlen: 21
46.216.192.0/21 maxlen: 21
46.216.192.0/18 maxlen: 24
46.216.128.0/18 maxlen: 24
46.216.144.0/21 maxlen: 21
134.17.208.0/22 maxlen: 24
134.17.208.0/20 maxlen: 24
46.216.152.0/21 maxlen: 21
134.17.224.0/20 maxlen: 24
46.216.246.0/24 maxlen: 24
134.17.16.0/21 maxlen: 21
134.17.17.0/24 maxlen: 24
185.20.112.0/23 maxlen: 23
178.168.160.0/21 maxlen: 21
185.20.114.0/23 maxlen: 23
178.168.168.0/21 maxlen: 24
134.17.24.0/21 maxlen: 21
134.17.24.0/22 maxlen: 22
134.17.28.0/24 maxlen: 24
134.17.32.0/19 maxlen: 19
134.17.32.0/22 maxlen: 22
178.168.180.0/22 maxlen: 22
178.168.192.0/19 maxlen: 24
134.17.64.0/20 maxlen: 20
176.60.176.0/23 maxlen: 23
178.168.128.0/18 maxlen: 24
176.60.184.0/22 maxlen: 24
176.60.192.0/20 maxlen: 20
178.168.144.0/23 maxlen: 23
176.60.192.0/18 maxlen: 24
134.17.0.0/20 maxlen: 24
176.60.208.0/23 maxlen: 23
134.17.124.0/24 maxlen: 24
134.17.128.0/19 maxlen: 19
134.17.128.0/21 maxlen: 21
134.17.136.0/21 maxlen: 21
134.17.144.0/20 maxlen: 20
134.17.160.0/19 maxlen: 19
46.216.0.0/17 maxlen: 24
178.168.220.0/22 maxlen: 22
178.168.224.0/19 maxlen: 24
134.17.79.0/24 maxlen: 24
134.17.80.0/21 maxlen: 21
134.17.80.0/22 maxlen: 22
134.17.88.0/21 maxlen: 24
134.17.89.0/24 maxlen: 24
178.168.242.0/23 maxlen: 23
134.17.96.0/19 maxlen: 19
178.168.253.0/24 maxlen: 24
2a02:bf0:1000::/36 maxlen: 36
2a02:bf0::/32 maxlen: 32
2a02:bf0:6000::/36 maxlen: 44
2a02:bf0:5000::/36 maxlen: 44
2a02:bf0:3000::/36 maxlen: 44
2a02:bf0:7000::/36 maxlen: 44
2a02:bf0:4000::/36 maxlen: 44
2a02:bf0:27::/48 maxlen: 48
2a02:bf0:1002::/48 maxlen: 48
2a02:bf0:2::/48 maxlen: 48
2a02:bf0:26::/48 maxlen: 48
2a02:bf0:29::/48 maxlen: 48
2a02:bf0:10::/44 maxlen: 44
2a02:bf0:1::/48 maxlen: 48
2a02:bf0:25::/48 maxlen: 48
2a02:bf0::/48 maxlen: 48
2a02:bf0:7::/48 maxlen: 48
2a02:bf0:6::/48 maxlen: 48
2a02:bf0:28::/48 maxlen: 48
2a02:bf0:3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:2f:58:89:71:32:6b:07:23:e8:40:8d:94:76:14:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2988a3c688e8eb1fef06c374a7aa5cf8fd778e0f
Validity
Not Before: Nov 15 08:53:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42b65788487149a06fdbdb1b36b20de7832396e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6f:50:62:62:ee:0c:06:39:06:e4:2f:b7:ff:
fb:a5:46:b3:c9:cf:70:87:c1:79:f9:46:21:4e:c0:
76:36:e3:1e:8e:73:d2:7e:6b:d4:8c:f2:0a:9e:0b:
82:dd:fd:3b:a0:8e:44:80:15:cc:9d:10:7d:ec:38:
8d:76:70:95:99:1e:82:e9:59:d8:d9:7e:c5:7f:8c:
bc:c6:45:35:28:72:e9:f5:50:6b:6f:5f:a2:d9:dd:
e1:c1:c2:e7:40:5e:1f:9d:17:99:64:47:c0:c6:cc:
94:70:b4:9b:1f:a8:15:5e:c5:76:e8:b4:ce:6c:7e:
04:a5:d8:f8:0e:98:cd:b7:92:8d:cc:49:68:66:99:
fd:36:5a:8a:7e:a2:98:58:9c:5e:5f:5b:97:97:d1:
fb:92:9b:2b:1c:3a:76:95:00:e6:49:34:e6:5f:a0:
2c:c9:0f:37:f6:57:64:d2:ab:36:f6:02:7c:8c:0d:
37:0e:21:0f:02:7c:29:d8:bc:b2:c1:07:3d:53:cb:
49:e6:ea:b7:fa:c6:12:1e:03:f1:66:22:fd:84:91:
73:55:fa:dd:f4:a6:9e:cd:55:37:b2:8e:88:2f:cb:
54:98:5a:4b:49:2b:ab:0b:bb:68:96:78:7b:cb:4a:
1e:3c:7d:01:24:ec:50:64:35:80:8b:9d:15:a0:c8:
dd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B6:57:88:48:71:49:A0:6F:DB:DB:1B:36:B2:0D:E7:83:23:96:E8
X509v3 Authority Key Identifier:
keyid:29:88:A3:C6:88:E8:EB:1F:EF:06:C3:74:A7:AA:5C:F8:FD:77:8E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYijxojo6x_vBsN0p6pc-P13jg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/QrZXiEhxSaBv29sbNrIN54Mjlug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/9f52d1-c95d-455b-af08-cec0dbc8d246/1/KYijxojo6x_vBsN0p6pc-P13jg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.56.40.0/21
46.56.56.0-46.56.127.255
46.216.0.0/16
134.17.0.0-134.17.191.255
134.17.208.0-134.17.239.255
176.60.0.0/16
178.168.128.0/17
185.20.112.0/22
IPv6:
2a02:bf0::/32
Signature Algorithm: sha256WithRSAEncryption
a6:33:03:39:57:6d:d9:8e:9d:64:2b:c1:f7:8b:20:74:8a:da:
d9:30:19:ac:60:46:85:7a:31:36:c6:9d:62:88:dc:9c:a1:b7:
5b:e7:10:b8:71:9a:8f:60:2c:de:07:96:15:65:04:76:c8:d8:
fa:fe:fd:f3:84:fe:b2:b6:5d:a9:a8:34:c7:ab:05:51:5f:6a:
9c:66:e9:39:ca:a4:38:89:d1:1b:01:02:a0:ba:3d:54:39:8b:
ca:83:d7:b5:99:33:3b:90:d0:b5:d1:4f:42:91:95:f9:45:9d:
94:4b:6c:9e:aa:22:c6:1d:16:77:7b:7a:fa:74:43:32:c2:a9:
a2:8c:24:89:ab:6f:32:2a:24:c0:67:2a:d4:c3:de:5a:e9:bc:
23:4b:d7:5c:b2:2b:6f:5f:10:5e:b7:c8:76:e6:56:16:85:cd:
e6:35:13:fd:a8:00:21:1a:5c:16:6b:d6:ea:8a:0c:76:51:f1:
db:7a:82:3b:50:7a:3e:ae:98:78:91:82:d0:19:1c:8e:98:a1:
38:b3:82:0b:fd:03:a0:b6:b4:50:0f:00:2c:cd:97:1a:b8:5a:
f8:d6:52:36:65:3f:2c:8e:8c:f5:52:68:fe:8d:f3:9a:4f:35:
d2:aa:07:36:1e:f3:9e:77:6a:39:15:cc:6a:98:45:85:5b:cc:
4c:bc:63:57
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYvSL1iJcTJrByPoQI2UdhSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ODhhM2M2ODhlOGViMWZlZjA2YzM3NGE3YWE1Y2Y4ZmQ3
NzhlMGYwHhcNMjMxMTE1MDg1MzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmI2NTc4ODQ4NzE0OWEwNmZkYmRiMWIzNmIyMGRlNzgzMjM5NmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW9QYmLuDAY5BuQvt//7pUazyc9w
h8F5+UYhTsB2NuMejnPSfmvUjPIKnguC3f07oI5EgBXMnRB97DiNdnCVmR6C6VnY
2X7Ff4y8xkU1KHLp9VBrb1+i2d3hwcLnQF4fnReZZEfAxsyUcLSbH6gVXsV26LTO
bH4Epdj4DpjNt5KNzEloZpn9NlqKfqKYWJxeX1uXl9H7kpsrHDp2lQDmSTTmX6As
yQ839ldk0qs29gJ8jA03DiEPAnwp2LyywQc9U8tJ5uq3+sYSHgPxZiL9hJFzVfrd
9KaezVU3so6IL8tUmFpLSSurC7tolnh7y0oePH0BJOxQZDWAi50VoMjdaQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEK2V4hIcUmgb9vbGzayDeeDI5boMB8GA1UdIwQY
MBaAFCmIo8aI6Osf7wbDdKeqXPj9d44PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgt
Y2VjMGRiYzhkMjQ2LzEvUXJaWGlFaHhTYUJ2MjlzYk5ySU41NE1qbHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85ZjUyZDEtYzk1ZC00NTViLWFmMDgtY2VjMGRiYzhkMjQ2
LzEvS1lpanhvam82eF92QnNOMHA2cGMtUDEzamc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBLBAIAATBFAwQDLjgoMAwD
BAMuODgDBAcuOAADAwAu2DALAwMAhhEDBAaGEYAwDAMEBIYR0AMEBIYR4AMDALA8
AwQHsqiAAwQCuRRwMA0EAgACMAcDBQAqAgvwMA0GCSqGSIb3DQEBCwUAA4IBAQCm
MwM5V23Zjp1kK8H3iyB0itrZMBmsYEaFejE2xp1iiNycobdb5xC4cZqPYCzeB5YV
ZQR2yNj6/v3zhP6ytl2pqDTHqwVRX2qcZuk5yqQ4idEbAQKguj1UOYvKg9e1mTM7
kNC10U9CkZX5RZ2US2yeqiLGHRZ3e3r6dEMywqmijCSJq28yKiTAZyrUw95a6bwj
S9dcsitvXxBet8h25lYWhc3mNRP9qAAhGlwWa9bqigx2UfHbeoI7UHo+rph4kYLQ
GRyOmKE4s4IL/QOgtrRQDwAszZcauFr41lI2ZT8sjoz1Umj+jfOaTzXSqgc2HvOe
d2o5FcxqmEWFW8xMvGNX
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:50 2024 by rpki-client on console.sobornost.net