Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d26026-1596-44d8-8af3-5e5a624d74b8/1/qJQfIhGQu0sBgv83p1JGKOSLpDY.roa
File: qJQfIhGQu0sBgv83p1JGKOSLpDY.roa (raw, json)
Hash identifier: Td8+c2tln/9bZX5FCzwuJTqm5uLRquux4qNXQ3bNWMY=
Subject key identifier: A8:94:1F:22:11:90:BB:4B:01:82:FF:37:A7:52:46:28:E4:8B:A4:36
Certificate issuer: /CN=cfdc217388aa7e9028dd1e04ba64291352d60bef
Certificate serial: 0193B601A9726DC9911099EE0A314D743B51
Authority key identifier: CF:DC:21:73:88:AA:7E:90:28:DD:1E:04:BA:64:29:13:52:D6:0B:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9whc4iqfpAo3R4EumQpE1LWC-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d26026-1596-44d8-8af3-5e5a624d74b8/1/qJQfIhGQu0sBgv83p1JGKOSLpDY.roa
Signing time: Wed 11 Dec 2024 13:56:22 +0000
ROA not before: Wed 11 Dec 2024 13:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49034
IP address blocks: 185.39.56.0/22 maxlen: 22
193.218.95.0/24 maxlen: 24
2a00:f6e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:01:a9:72:6d:c9:91:10:99:ee:0a:31:4d:74:3b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfdc217388aa7e9028dd1e04ba64291352d60bef
Validity
Not Before: Dec 11 13:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8941f221190bb4b0182ff37a7524628e48ba436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4f:45:5d:f1:0a:c7:81:8a:03:48:8e:1d:5c:
c1:7d:d4:95:b8:d1:a4:48:95:6a:22:e1:49:e3:ce:
a3:3c:68:7e:f3:d5:a5:cd:76:4f:67:24:eb:7b:ba:
23:57:77:9c:8b:80:f2:3f:c0:93:6e:1a:dc:37:14:
62:1f:f9:79:f4:7b:d0:0b:46:26:5e:56:d6:22:0c:
cd:a9:ba:4c:15:ff:41:8b:bf:b4:92:de:2a:e8:b0:
c5:dd:d3:b9:03:9a:b5:f6:cb:f0:84:0b:ed:ad:80:
ec:f4:19:02:bb:04:86:c4:e0:39:5c:26:3e:9e:97:
48:af:8c:42:a6:15:42:12:57:e5:c2:81:ad:5a:38:
4b:a7:ba:35:7a:e3:16:48:cb:06:69:40:98:b7:f4:
08:4f:84:41:e9:2e:1f:6c:ea:d6:53:26:b4:6a:96:
ae:2d:b4:1c:00:80:ae:16:d5:78:93:34:3f:35:53:
88:1c:a1:03:ee:e4:3b:70:b6:b3:c0:69:1b:1d:67:
f3:ef:ef:a5:48:a7:02:7b:f2:fb:97:d8:65:59:44:
6e:7e:6d:57:75:0a:a7:27:2a:df:e3:ed:b1:cc:64:
74:4c:67:fb:fc:bf:16:33:e4:eb:af:f5:55:9a:d9:
b5:ee:55:b3:e6:30:44:55:92:8c:2e:4b:df:f6:da:
b5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:94:1F:22:11:90:BB:4B:01:82:FF:37:A7:52:46:28:E4:8B:A4:36
X509v3 Authority Key Identifier:
keyid:CF:DC:21:73:88:AA:7E:90:28:DD:1E:04:BA:64:29:13:52:D6:0B:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9whc4iqfpAo3R4EumQpE1LWC-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d26026-1596-44d8-8af3-5e5a624d74b8/1/qJQfIhGQu0sBgv83p1JGKOSLpDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d26026-1596-44d8-8af3-5e5a624d74b8/1/z9whc4iqfpAo3R4EumQpE1LWC-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.56.0/22
193.218.95.0/24
IPv6:
2a00:f6e0::/32
Signature Algorithm: sha256WithRSAEncryption
15:1a:a2:a1:ca:a1:6b:57:46:a5:2f:0e:50:ed:f5:96:62:79:
ec:e1:5c:f9:55:53:4b:86:1a:88:b3:a9:b9:8c:a6:37:2c:a2:
d9:3a:d8:63:d3:d9:86:05:f0:db:d4:14:3a:2e:31:41:04:d7:
a9:ac:01:a7:5b:85:ad:cd:64:10:53:2d:9c:3e:f2:3e:fb:55:
c2:50:20:1b:db:4c:4b:d3:1a:1d:c3:c3:ab:da:d9:58:8b:08:
ed:e0:1e:a6:25:82:f2:59:e7:48:82:21:6d:65:b8:07:fa:5a:
2a:5f:be:7c:87:e2:2b:65:a9:33:d9:f9:ae:91:8b:e7:e4:5b:
0e:c2:49:9f:29:b5:3e:88:06:37:52:42:c6:8e:31:fe:ec:52:
e7:0d:60:02:58:59:54:88:db:75:b1:71:25:6a:b8:d8:e1:a4:
cc:5c:e7:bf:3d:50:20:52:cc:a6:2e:2e:de:62:ea:b8:00:40:
d4:a4:ee:2e:66:5c:38:50:8e:0d:37:b4:10:d7:84:5a:64:6a:
8f:eb:52:19:ac:bf:7b:48:93:66:64:f1:69:56:5e:11:e5:fb:
0c:e3:a6:3b:18:b3:8d:a2:b1:b5:5e:16:20:7a:63:22:22:0a:
09:b0:31:71:63:5a:6d:b2:99:5f:5f:b6:91:64:2b:10:ed:2d:
f3:dd:97:bc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZO2AalybcmREJnuCjFNdDtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGMyMTczODhhYTdlOTAyOGRkMWUwNGJhNjQyOTEzNTJk
NjBiZWYwHhcNMjQxMjExMTM1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODk0MWYyMjExOTBiYjRiMDE4MmZmMzdhNzUyNDYyOGU0OGJhNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU9FXfEKx4GKA0iOHVzBfdSVuNGk
SJVqIuFJ486jPGh+89WlzXZPZyTre7ojV3eci4DyP8CTbhrcNxRiH/l59HvQC0Ym
XlbWIgzNqbpMFf9Bi7+0kt4q6LDF3dO5A5q19svwhAvtrYDs9BkCuwSGxOA5XCY+
npdIr4xCphVCElflwoGtWjhLp7o1euMWSMsGaUCYt/QIT4RB6S4fbOrWUya0apau
LbQcAICuFtV4kzQ/NVOIHKED7uQ7cLazwGkbHWfz7++lSKcCe/L7l9hlWURufm1X
dQqnJyrf4+2xzGR0TGf7/L8WM+Trr/VVmtm17lWz5jBEVZKMLkvf9tq1FwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKiUHyIRkLtLAYL/N6dSRijki6Q2MB8GA1UdIwQY
MBaAFM/cIXOIqn6QKN0eBLpkKRNS1gvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejl3aGM0aXFmcEFvM1I0RXVtUXBFMUxXQy04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kMjYwMjYtMTU5Ni00NGQ4LThhZjMt
NWU1YTYyNGQ3NGI4LzEvcUpRZkloR1F1MHNCZ3Y4M3AxSkdLT1NMcERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kMjYwMjYtMTU5Ni00NGQ4LThhZjMtNWU1YTYyNGQ3NGI4
LzEvejl3aGM0aXFmcEFvM1I0RXVtUXBFMUxXQy04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSc4AwQA
wdpfMA0EAgACMAcDBQAqAPbgMA0GCSqGSIb3DQEBCwUAA4IBAQAVGqKhyqFrV0al
Lw5Q7fWWYnns4Vz5VVNLhhqIs6m5jKY3LKLZOthj09mGBfDb1BQ6LjFBBNeprAGn
W4WtzWQQUy2cPvI++1XCUCAb20xL0xodw8Or2tlYiwjt4B6mJYLyWedIgiFtZbgH
+loqX758h+IrZakz2fmukYvn5FsOwkmfKbU+iAY3UkLGjjH+7FLnDWACWFlUiNt1
sXElarjY4aTMXOe/PVAgUsymLi7eYuq4AEDUpO4uZlw4UI4NN7QQ14RaZGqP61IZ
rL97SJNmZPFpVl4R5fsM46Y7GLONorG1XhYgemMiIgoJsDFxY1ptsplfX7aRZCsQ
7S3z3Ze8
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:26:50 2025 by rpki-client