Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/qMPn46FB08hpQl8K6Ro1movX5eQ.roa
File: qMPn46FB08hpQl8K6Ro1movX5eQ.roa (raw, json)
Hash identifier: TEgTmKx7rDNMWTNiMuoQ1oteVMAJ6fxUH80+95r5Sf0=
Subject key identifier: A8:C3:E7:E3:A1:41:D3:C8:69:42:5F:0A:E9:1A:35:9A:8B:D7:E5:E4
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0193817FB445354A6D92BE322E1045BAF0F2
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/qMPn46FB08hpQl8K6Ro1movX5eQ.roa
Signing time: Sun 01 Dec 2024 09:14:10 +0000
ROA not before: Sun 01 Dec 2024 09:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.21.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:81:7f:b4:45:35:4a:6d:92:be:32:2e:10:45:ba:f0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Dec 1 09:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8c3e7e3a141d3c869425f0ae91a359a8bd7e5e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ca:66:6d:22:e9:25:09:f3:2b:7e:6c:b1:9b:
30:9b:64:c2:d6:16:94:68:c2:ee:0a:7f:a1:df:17:
5d:3d:93:ee:8e:14:f2:cb:30:fc:55:ca:82:1c:b9:
dc:01:9f:03:ed:b4:c6:87:7a:88:62:9b:b9:cf:6f:
92:24:0e:06:03:e3:c2:f8:96:e5:fe:9b:91:5e:97:
5c:3e:a5:2f:ea:5b:e9:50:99:56:2b:b4:35:41:ef:
ca:bf:9b:ab:af:5b:e7:9d:98:8d:74:b5:4f:c2:44:
15:96:af:c4:cc:ca:18:50:31:20:90:5a:c6:16:2a:
ec:40:f0:08:88:ed:ff:13:08:12:bd:27:fd:bf:a2:
b8:71:9a:ba:48:7a:26:74:ee:35:ee:9a:b9:1d:82:
c9:ab:82:49:6b:11:aa:bf:37:67:42:56:68:c5:cd:
50:b7:d0:28:da:70:ea:3d:34:d3:74:55:1d:40:01:
91:8d:09:4a:aa:e2:46:3c:28:07:cf:ad:79:61:8d:
f7:32:08:86:d1:1a:6b:91:7c:1f:9e:fe:bd:a6:58:
76:00:bb:9f:f9:86:92:f2:41:60:f4:92:aa:59:6b:
b8:12:8f:c2:34:b6:1b:20:44:12:78:57:df:5b:54:
1f:0c:a6:63:6b:2f:68:ee:0e:be:f1:b3:e9:fc:b3:
b1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C3:E7:E3:A1:41:D3:C8:69:42:5F:0A:E9:1A:35:9A:8B:D7:E5:E4
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/qMPn46FB08hpQl8K6Ro1movX5eQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.253.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:0d:ee:0f:d9:17:ac:14:e7:d5:d3:ad:a6:fc:71:c1:15:a3:
7a:27:68:6e:73:9e:87:ca:b4:0f:26:b3:d1:df:dd:40:7d:6e:
5c:92:45:1a:7a:26:b3:4e:be:8f:07:53:ee:10:34:30:dc:25:
66:0e:7e:4e:3b:d9:bb:d3:f8:ba:dd:02:a8:e0:db:65:65:e4:
f2:22:56:1c:d2:0c:c7:72:73:56:55:45:d4:c5:25:d7:49:41:
4b:7d:84:74:22:96:93:80:01:6e:50:b5:4d:72:ea:2a:d5:c2:
9e:13:61:a4:0c:d7:c1:65:2c:66:23:ba:7c:82:58:d4:c1:33:
3d:d3:67:49:df:29:70:0e:b6:d3:bb:57:47:cb:92:7b:fb:32:
ea:96:0b:45:ea:0e:cf:fb:56:00:f9:98:f2:15:69:91:0e:dc:
8d:65:50:f0:e5:c3:cd:f7:0a:c2:01:f7:9c:8e:ea:d2:01:73:
24:35:7a:b6:0d:4c:37:92:f7:47:a1:ca:85:dc:96:98:1b:22:
98:cb:fc:10:ca:2d:dc:00:44:ce:68:e4:92:2b:e1:61:a2:07:
49:0e:ca:63:87:7d:f3:39:22:d3:aa:b7:01:62:f5:dc:b8:15:
18:3a:8e:e6:75:73:03:41:b7:f3:a2:1a:da:92:49:82:2e:6a:
e0:9f:e4:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOBf7RFNUptkr4yLhBFuvDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMjAxMDkxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGMzZTdlM2ExNDFkM2M4Njk0MjVmMGFlOTFhMzU5YThiZDdlNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18pmbSLpJQnzK35ssZswm2TC1haU
aMLuCn+h3xddPZPujhTyyzD8VcqCHLncAZ8D7bTGh3qIYpu5z2+SJA4GA+PC+Jbl
/puRXpdcPqUv6lvpUJlWK7Q1Qe/Kv5urr1vnnZiNdLVPwkQVlq/EzMoYUDEgkFrG
FirsQPAIiO3/EwgSvSf9v6K4cZq6SHomdO417pq5HYLJq4JJaxGqvzdnQlZoxc1Q
t9Ao2nDqPTTTdFUdQAGRjQlKquJGPCgHz615YY33MgiG0RprkXwfnv69plh2ALuf
+YaS8kFg9JKqWWu4Eo/CNLYbIEQSeFffW1QfDKZjay9o7g6+8bPp/LOxtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjD5+OhQdPIaUJfCukaNZqL1+XkMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvcU1QbjQ2RkIwOGhwUWw4SzZSbzFtb3ZYNWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX9MA0G
CSqGSIb3DQEBCwUAA4IBAQDUDe4P2ResFOfV062m/HHBFaN6J2huc56HyrQPJrPR
391AfW5ckkUaeiazTr6PB1PuEDQw3CVmDn5OO9m70/i63QKo4NtlZeTyIlYc0gzH
cnNWVUXUxSXXSUFLfYR0IpaTgAFuULVNcuoq1cKeE2GkDNfBZSxmI7p8gljUwTM9
02dJ3ylwDrbTu1dHy5J7+zLqlgtF6g7P+1YA+ZjyFWmRDtyNZVDw5cPN9wrCAfec
jurSAXMkNXq2DUw3kvdHocqF3JaYGyKYy/wQyi3cAETOaOSSK+FhogdJDspjh33z
OSLTqrcBYvXcuBUYOo7mdXMDQbfzohrakkmCLmrgn+RJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:54 2025 by rpki-client