Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QEJtyqQfhDhzosmFBtUXiosnYz4.roa
File: QEJtyqQfhDhzosmFBtUXiosnYz4.roa (raw, json)
Hash identifier: 3PDIvTH2nSkxQTNBUCSlcvKVmc1oaicMq2Dea1Rw/7I=
Subject key identifier: 40:42:6D:CA:A4:1F:84:38:73:A2:C9:85:06:D5:17:8A:8B:27:63:3E
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0193DE2E69D93D3D89EDB9D5883F170DF83C
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QEJtyqQfhDhzosmFBtUXiosnYz4.roa
Signing time: Thu 19 Dec 2024 09:10:03 +0000
ROA not before: Thu 19 Dec 2024 09:10:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214882
IP address blocks: 195.88.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:de:2e:69:d9:3d:3d:89:ed:b9:d5:88:3f:17:0d:f8:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 19 09:10:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40426dcaa41f843873a2c98506d5178a8b27633e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:75:ed:cf:32:49:17:eb:80:8c:b4:23:e4:d3:
b1:92:13:ac:af:b2:3c:95:36:5d:81:b4:45:9e:5f:
08:2f:0e:a0:62:3f:fb:4b:6f:25:d9:b9:20:87:46:
9f:b1:d1:68:67:55:d1:e8:e2:23:1f:47:21:89:2c:
9d:96:1e:86:51:60:f6:e4:1c:08:cc:87:56:bd:08:
96:07:ae:ee:62:ec:4f:97:9b:d1:65:c9:72:9b:8a:
99:e7:14:6d:1d:43:2e:6c:b9:95:29:56:24:6d:2d:
a9:33:3a:36:e5:2e:f3:f8:6d:bf:eb:5e:46:ee:ea:
66:08:47:a9:53:04:e3:e4:5b:05:04:9f:e6:a9:b4:
7f:9f:6c:11:8a:2d:ed:dd:b5:7b:e5:2b:94:f5:e1:
82:58:d9:f9:35:74:4b:f9:19:58:ea:9b:2a:d3:ec:
17:3e:01:91:d6:f2:6e:ed:77:a8:10:0b:32:da:c2:
46:9d:8e:3f:b3:16:f4:f6:6f:ce:b9:0a:3f:2d:02:
63:1d:9c:22:ee:d3:7b:3d:01:31:13:79:9d:1d:c6:
36:39:ff:3e:c2:b6:78:e5:cf:f4:43:4f:9b:a8:af:
22:f1:9c:e1:c7:10:a4:c8:65:f0:38:d4:9d:e2:e0:
d9:24:c9:9c:51:f0:bb:b2:cf:da:9e:c4:5e:a2:a1:
a3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:42:6D:CA:A4:1F:84:38:73:A2:C9:85:06:D5:17:8A:8B:27:63:3E
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/QEJtyqQfhDhzosmFBtUXiosnYz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.211.0/24
Signature Algorithm: sha256WithRSAEncryption
27:a7:b4:d2:e5:91:1f:4b:1f:b5:39:3d:30:94:7e:4b:43:3c:
d8:91:63:e7:28:e2:6c:21:43:3b:8d:31:5c:04:fa:7f:87:24:
5d:2f:5a:08:39:df:6f:b0:2d:63:14:cc:86:ab:f2:a5:53:3b:
27:00:6c:bf:42:25:8c:b9:3d:04:61:96:28:35:dc:39:70:55:
c6:fc:57:36:8b:7c:2c:47:5c:b5:8e:16:9c:58:9a:51:84:09:
d6:9d:c5:21:57:fb:0a:58:ff:93:ef:cb:be:2b:eb:03:a5:b3:
bb:db:a5:90:ef:bf:38:83:08:dc:84:76:62:ad:e9:4e:93:1c:
6f:b8:2c:0a:0b:29:83:56:d2:53:ee:ab:f6:25:8f:7e:a3:b9:
0c:6a:e1:0b:dc:39:4f:d1:05:a8:a2:d0:c1:13:7e:47:3f:b6:
c4:1a:fc:f7:e3:e8:f7:f2:35:f4:4e:f4:84:07:a6:70:a3:ce:
24:e6:81:69:c5:a9:6a:ea:9e:7c:18:2a:e1:39:11:8e:52:f5:
b6:d3:26:c9:07:17:11:8c:0f:3e:f9:28:cc:d6:95:b2:7e:94:
17:bf:17:71:6d:25:74:3d:da:65:16:11:08:aa:80:bd:b0:07:
91:b5:0c:47:af:00:9b:f0:b3:e8:9c:f9:63:09:6e:38:6c:1f:
93:7e:59:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPeLmnZPT2J7bnViD8XDfg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQxMjE5MDkxMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQyNmRjYWE0MWY4NDM4NzNhMmM5ODUwNmQ1MTc4YThiMjc2MzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3XtzzJJF+uAjLQj5NOxkhOsr7I8
lTZdgbRFnl8ILw6gYj/7S28l2bkgh0afsdFoZ1XR6OIjH0chiSydlh6GUWD25BwI
zIdWvQiWB67uYuxPl5vRZclym4qZ5xRtHUMubLmVKVYkbS2pMzo25S7z+G2/615G
7upmCEepUwTj5FsFBJ/mqbR/n2wRii3t3bV75SuU9eGCWNn5NXRL+RlY6psq0+wX
PgGR1vJu7XeoEAsy2sJGnY4/sxb09m/OuQo/LQJjHZwi7tN7PQExE3mdHcY2Of8+
wrZ45c/0Q0+bqK8i8ZzhxxCkyGXwONSd4uDZJMmcUfC7ss/ansReoqGj4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBCbcqkH4Q4c6LJhQbVF4qLJ2M+MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvUUVKdHlxUWZoRGh6b3NtRkJ0VVhpb3NuWXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1jTMA0G
CSqGSIb3DQEBCwUAA4IBAQAnp7TS5ZEfSx+1OT0wlH5LQzzYkWPnKOJsIUM7jTFc
BPp/hyRdL1oIOd9vsC1jFMyGq/KlUzsnAGy/QiWMuT0EYZYoNdw5cFXG/Fc2i3ws
R1y1jhacWJpRhAnWncUhV/sKWP+T78u+K+sDpbO726WQ7784gwjchHZirelOkxxv
uCwKCymDVtJT7qv2JY9+o7kMauEL3DlP0QWootDBE35HP7bEGvz34+j38jX0TvSE
B6Zwo84k5oFpxalq6p58GCrhORGOUvW20ybJBxcRjA8++SjM1pWyfpQXvxdxbSV0
PdplFhEIqoC9sAeRtQxHrwCb8LPonPljCW44bB+TflmZ
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:53:17 2025 by rpki-client