Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/O6_QRpLKABNELW0TRzXHc4lC76s.roa
File: O6_QRpLKABNELW0TRzXHc4lC76s.roa (raw, json)
Hash identifier: vAaDZfLlcMVhPbEt/wNkNfrtNm0fbqPU0mamOP5cPI8=
Subject key identifier: 3B:AF:D0:46:92:CA:00:13:44:2D:6D:13:47:35:C7:73:89:42:EF:AB
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018DEB728963659A215C98B6686822B0CD5D
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/O6_QRpLKABNELW0TRzXHc4lC76s.roa
Signing time: Tue 27 Feb 2024 16:42:48 +0000
ROA not before: Tue 27 Feb 2024 16:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 Feb 2024 12:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:eb:72:89:63:65:9a:21:5c:98:b6:68:68:22:b0:cd:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Feb 27 16:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bafd04692ca0013442d6d134735c7738942efab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b7:5f:a4:0f:63:71:c7:86:78:7c:cd:b7:84:
3c:f5:f9:88:3a:04:39:2c:73:f1:fc:4c:3d:ce:35:
d2:0f:52:a0:e8:6d:06:ce:61:48:e0:7f:a7:42:ae:
ea:0b:83:e6:9f:9f:78:3e:ed:11:a3:a9:72:df:83:
35:8e:f2:d3:e7:cd:18:cb:00:c9:f3:25:1f:d1:32:
32:a3:d3:eb:19:09:0a:19:af:1b:ed:9f:52:b0:01:
d4:16:a3:73:2a:bc:99:18:a4:24:fd:75:4e:3e:46:
71:61:16:4c:09:99:0e:aa:22:b4:b4:26:63:b6:b9:
26:12:b6:3f:ad:f1:cd:d6:b4:b3:34:bf:73:c8:83:
8b:a0:a9:c9:cc:ab:04:5a:cf:43:5d:49:23:32:f5:
71:c0:ad:5f:98:3c:af:e7:f3:28:b2:30:b3:96:61:
d9:b1:54:6d:3e:fc:64:a2:bf:93:2d:84:b9:2c:57:
d7:da:6b:1a:10:0f:1c:a4:7f:88:a4:fc:2b:49:59:
5a:c6:32:a7:e5:ca:6e:83:85:d8:6d:85:c5:47:9d:
0a:c3:84:7a:66:5a:b0:e4:88:ca:75:fc:bb:10:8d:
80:13:c0:96:65:29:a8:f9:fa:55:a9:30:5a:9b:dd:
18:b0:ac:3c:e3:10:c3:cb:8d:99:01:81:74:55:a3:
c1:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:AF:D0:46:92:CA:00:13:44:2D:6D:13:47:35:C7:73:89:42:EF:AB
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/O6_QRpLKABNELW0TRzXHc4lC76s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
a1:c9:06:d4:8f:49:5e:0e:1b:50:05:c5:1a:2a:41:a2:d9:37:
f5:74:05:d7:60:b6:97:91:ac:7a:e0:ec:1b:37:d1:c2:e7:df:
5d:03:71:da:15:38:11:ae:95:df:f7:d7:b9:65:9a:a6:3c:01:
ad:3e:31:59:ed:9a:8c:6d:b0:4e:63:a4:f7:d3:d4:f9:78:9b:
36:0a:dc:12:38:92:ac:f0:8e:54:c8:52:c2:29:0f:98:89:a4:
47:59:41:4d:c9:79:53:b8:c2:30:4d:7d:54:2a:81:10:68:19:
56:bb:71:d1:15:3c:b8:e3:60:a8:e0:72:8c:87:43:40:b3:e2:
c6:23:50:f7:e7:eb:f3:b1:34:cd:27:06:9e:fc:e5:87:e1:bd:
89:75:52:75:1c:d4:f8:dd:35:78:b4:a3:9f:f3:75:12:3b:a6:
f9:2f:f3:51:f7:90:21:0c:27:7b:34:24:98:42:29:8d:05:2b:
da:ad:7c:af:17:d1:4e:c5:31:73:42:2b:98:b3:35:87:e8:83:
0d:c3:35:ff:5d:ed:dc:06:08:1a:ca:9c:78:b1:5b:a5:07:c7:
f6:cf:ee:11:4b:d7:4e:a0:b5:e1:a8:dd:2c:5a:15:e8:57:70:
95:0d:37:a0:d8:06:b3:68:55:05:cb:c7:62:0e:d7:db:4d:4c:
41:b3:61:61
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY3rcoljZZohXJi2aGgisM1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMjI3MTY0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmFmZDA0NjkyY2EwMDEzNDQyZDZkMTM0NzM1Yzc3Mzg5NDJlZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLdfpA9jcceGeHzNt4Q89fmIOgQ5
LHPx/Ew9zjXSD1Kg6G0GzmFI4H+nQq7qC4Pmn594Pu0Ro6ly34M1jvLT580YywDJ
8yUf0TIyo9PrGQkKGa8b7Z9SsAHUFqNzKryZGKQk/XVOPkZxYRZMCZkOqiK0tCZj
trkmErY/rfHN1rSzNL9zyIOLoKnJzKsEWs9DXUkjMvVxwK1fmDyv5/MosjCzlmHZ
sVRtPvxkor+TLYS5LFfX2msaEA8cpH+IpPwrSVlaxjKn5cpug4XYbYXFR50Kw4R6
Zlqw5IjKdfy7EI2AE8CWZSmo+fpVqTBam90YsKw84xDDy42ZAYF0VaPB2wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDuv0EaSygATRC1tE0c1x3OJQu+rMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvTzZfUVJwTEtBQk5FTFcwVFJ6WEhjNGxDNzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQBwn+eAwQB
wn+iMBsEAgACMBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJKoZIhvcNAQELBQAD
ggEBAKHJBtSPSV4OG1AFxRoqQaLZN/V0BddgtpeRrHrg7Bs30cLn310DcdoVOBGu
ld/317llmqY8Aa0+MVntmoxtsE5jpPfT1Pl4mzYK3BI4kqzwjlTIUsIpD5iJpEdZ
QU3JeVO4wjBNfVQqgRBoGVa7cdEVPLjjYKjgcoyHQ0Cz4sYjUPfn6/OxNM0nBp78
5YfhvYl1UnUc1PjdNXi0o5/zdRI7pvkv81H3kCEMJ3s0JJhCKY0FK9qtfK8X0U7F
MXNCK5izNYfogw3DNf9d7dwGCBrKnHixW6UHx/bP7hFL106gteGo3SxaFehXcJUN
N6DYBrNoVQXLx2IO19tNTEGzYWE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:24 2025 by rpki-client