Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/qFwjq6cBv0i_Gig7HGze8Pys2BU.roa
File: qFwjq6cBv0i_Gig7HGze8Pys2BU.roa (raw, json)
Hash identifier: U7DTVnVXnWsHvUw9qgP+epVkp0trXAY1jIKjv21ouEE=
Subject key identifier: A8:5C:23:AB:A7:01:BF:48:BF:1A:28:3B:1C:6C:DE:F0:FC:AC:D8:15
Certificate issuer: /CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Certificate serial: 01941FFA9F7219CC82B83C2DEE5C9FE61D83
Authority key identifier: F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/qFwjq6cBv0i_Gig7HGze8Pys2BU.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205051
IP address blocks: 45.142.168.0/22 maxlen: 24
91.205.80.0/22 maxlen: 24
91.205.82.0/24 maxlen: 24
185.231.208.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 09:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9f:72:19:cc:82:b8:3c:2d:ee:5c:9f:e6:1d:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f457c020cdc22b68da26a469f6ffa6b448370d1d
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a85c23aba701bf48bf1a283b1c6cdef0fcacd815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:25:08:08:a3:c8:ee:fa:bc:40:9d:6f:d7:a5:
07:7e:5d:39:71:42:aa:87:84:2d:fc:e5:8f:7a:0c:
bf:8c:c2:92:fd:41:4f:f2:32:ba:31:f4:f1:0f:a9:
ba:ce:60:35:5f:82:c0:8e:57:5b:0e:4a:b4:36:4a:
fb:17:78:65:6f:e8:50:1c:36:93:43:0f:5c:04:fa:
fd:2c:35:66:5b:f6:53:22:ad:5f:31:f1:27:e4:3b:
78:3f:57:fe:82:68:bc:71:dd:7e:01:9e:98:41:ba:
a9:b0:3a:a1:9e:b5:f5:8c:39:5b:c0:ac:32:30:79:
eb:52:d3:2e:88:da:5f:68:25:47:c9:fe:ac:65:ab:
24:a4:a6:15:a4:7c:4e:ae:60:57:d8:87:f0:70:16:
70:1e:4e:21:3f:1e:b8:41:7a:54:ca:88:3c:f0:ec:
1e:86:fd:6d:8f:2d:46:6e:6b:37:09:9c:cd:db:4f:
19:6a:e4:e8:36:ba:21:5b:c1:df:cd:8d:95:6d:04:
6a:a0:2e:72:cd:7b:10:62:75:73:22:73:b2:09:34:
38:d5:77:70:ea:e4:6b:79:93:04:50:a8:23:79:24:
8f:17:f0:69:4b:01:67:af:59:9d:67:dc:e2:d8:80:
1b:95:ce:ab:cb:d3:d5:d9:ea:f9:cf:1c:b2:05:1c:
3b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5C:23:AB:A7:01:BF:48:BF:1A:28:3B:1C:6C:DE:F0:FC:AC:D8:15
X509v3 Authority Key Identifier:
keyid:F4:57:C0:20:CD:C2:2B:68:DA:26:A4:69:F6:FF:A6:B4:48:37:0D:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9FfAIM3CK2jaJqRp9v-mtEg3DR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/qFwjq6cBv0i_Gig7HGze8Pys2BU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e0cb06-deca-495d-acc0-7bafd43e7862/1/9FfAIM3CK2jaJqRp9v-mtEg3DR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.168.0/22
91.205.80.0/22
185.231.208.0/22
Signature Algorithm: sha256WithRSAEncryption
56:63:2b:4b:17:ff:8c:90:21:1d:e0:ad:c4:74:db:a7:55:28:
4f:e6:a9:6a:b4:00:e8:5e:97:30:54:55:f2:2a:de:3f:7b:d0:
fc:2e:02:0c:8c:c4:19:c3:81:77:fe:5c:bc:5d:ed:01:79:dc:
70:04:60:85:2c:57:a5:ea:f0:73:9e:62:fc:51:e0:fe:41:34:
70:12:de:1d:b2:9d:5b:ba:c0:a0:35:53:98:df:a2:d4:bd:1c:
07:13:01:96:3c:8c:ab:e0:51:53:4c:44:cb:fd:14:91:7e:cc:
db:e6:4d:24:0f:63:ed:f8:96:57:a9:ee:0c:51:a3:f4:02:22:
b9:0f:e8:1a:8c:6c:41:92:57:95:7a:a6:c6:60:1e:3a:63:c8:
f4:f3:d3:05:0c:d5:38:69:5e:02:9c:2c:a5:fb:af:ee:1d:3d:
ab:7a:44:42:3b:e3:b6:72:1d:12:ee:08:83:95:10:3c:61:bf:
c5:4c:aa:a2:51:14:6f:e8:29:db:04:b3:ef:68:00:a2:c9:57:
61:69:b6:b1:bf:cc:c2:3c:8a:f0:49:cf:05:a8:d2:ae:a4:5c:
e3:e6:60:4f:5d:75:a8:c8:c0:07:5e:48:9d:fc:54:6e:30:78:
93:7d:1a:e4:43:33:34:73:d2:04:3b:9a:2c:d0:bf:c9:24:93:
54:ab:ed:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+p9yGcyCuDwt7lyf5h2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NTdjMDIwY2RjMjJiNjhkYTI2YTQ2OWY2ZmZhNmI0NDgz
NzBkMWQwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODVjMjNhYmE3MDFiZjQ4YmYxYTI4M2IxYzZjZGVmMGZjYWNkODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiUICKPI7vq8QJ1v16UHfl05cUKq
h4Qt/OWPegy/jMKS/UFP8jK6MfTxD6m6zmA1X4LAjldbDkq0Nkr7F3hlb+hQHDaT
Qw9cBPr9LDVmW/ZTIq1fMfEn5Dt4P1f+gmi8cd1+AZ6YQbqpsDqhnrX1jDlbwKwy
MHnrUtMuiNpfaCVHyf6sZaskpKYVpHxOrmBX2IfwcBZwHk4hPx64QXpUyog88Owe
hv1tjy1Gbms3CZzN208ZauToNrohW8HfzY2VbQRqoC5yzXsQYnVzInOyCTQ41Xdw
6uRreZMEUKgjeSSPF/BpSwFnr1mdZ9zi2IAblc6ry9PV2er5zxyyBRw7hwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKhcI6unAb9IvxooOxxs3vD8rNgVMB8GA1UdIwQY
MBaAFPRXwCDNwito2iakafb/prRINw0dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAt
N2JhZmQ0M2U3ODYyLzEvcUZ3anE2Y0J2MGlfR2lnN0hHemU4UHlzMkJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lMGNiMDYtZGVjYS00OTVkLWFjYzAtN2JhZmQ0M2U3ODYy
LzEvOUZmQUlNM0NLMmphSnFScDl2LW10RWczRFIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY6oAwQC
W81QAwQCuefQMA0GCSqGSIb3DQEBCwUAA4IBAQBWYytLF/+MkCEd4K3EdNunVShP
5qlqtADoXpcwVFXyKt4/e9D8LgIMjMQZw4F3/ly8Xe0BedxwBGCFLFel6vBznmL8
UeD+QTRwEt4dsp1busCgNVOY36LUvRwHEwGWPIyr4FFTTETL/RSRfszb5k0kD2Pt
+JZXqe4MUaP0AiK5D+gajGxBkleVeqbGYB46Y8j089MFDNU4aV4CnCyl+6/uHT2r
ekRCO+O2ch0S7giDlRA8Yb/FTKqiURRv6CnbBLPvaACiyVdhabaxv8zCPIrwSc8F
qNKupFzj5mBPXXWoyMAHXkid/FRuMHiTfRrkQzM0c9IEO5os0L/JJJNUq+3X
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:36:56 2025 by rpki-client