Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/qJpeJyrJKFvebGETpB6Va8ybIos.roa
File: qJpeJyrJKFvebGETpB6Va8ybIos.roa (raw, json)
Hash identifier: PaVeQ7Dc93chjDIH4KPraymh3HT7kzh3M5m12oSfzhA=
Subject key identifier: A8:9A:5E:27:2A:C9:28:5B:DE:6C:61:13:A4:1E:95:6B:CC:9B:22:8B
Certificate issuer: /CN=08b147d39e43bb75f9f7aff45e7bf2b83530f874
Certificate serial: 0191BD1345F1BC8921E4825CDE40BB749FED
Authority key identifier: 08:B1:47:D3:9E:43:BB:75:F9:F7:AF:F4:5E:7B:F2:B8:35:30:F8:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/qJpeJyrJKFvebGETpB6Va8ybIos.roa
Signing time: Wed 04 Sep 2024 12:47:22 +0000
ROA not before: Wed 04 Sep 2024 12:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25526
IP address blocks: 109.197.216.0/21 maxlen: 21
193.254.220.0/23 maxlen: 23
195.39.242.0/23 maxlen: 23
2001:678:b44::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:13:45:f1:bc:89:21:e4:82:5c:de:40:bb:74:9f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08b147d39e43bb75f9f7aff45e7bf2b83530f874
Validity
Not Before: Sep 4 12:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a89a5e272ac9285bde6c6113a41e956bcc9b228b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:53:0e:10:83:c6:23:0f:66:7b:9f:ca:11:30:
e3:e7:cb:5a:64:84:76:5d:5b:3d:9c:f6:2f:bd:d3:
ca:99:82:d6:38:1f:a4:da:f7:ad:ae:35:16:5a:9f:
8b:ca:e2:73:2c:d5:d0:ad:25:6f:bb:82:4d:cb:4a:
19:6a:8e:03:27:92:b4:f9:7e:e6:a6:b9:69:7b:1f:
95:8a:52:7f:d5:7c:54:87:64:77:99:ed:20:c2:94:
e7:eb:bb:12:6c:4b:98:93:7a:22:62:cd:d1:3a:1e:
84:5d:e0:d2:6a:e0:73:d9:b3:08:80:96:e1:c2:28:
7e:c6:bf:ff:a2:2e:e8:b8:9a:71:5d:6b:8a:0a:01:
fe:0f:3f:a0:06:1b:ac:3e:85:1d:21:76:53:3a:22:
98:60:76:ee:44:6b:f7:9f:6c:47:34:c1:d2:e0:8e:
28:41:b5:99:4f:22:15:d2:93:09:ce:3b:f1:db:9a:
a3:dd:ca:ba:1e:16:24:47:92:b4:6a:85:ea:b4:31:
67:fd:be:cf:30:b4:92:0e:af:88:a2:8a:f5:2c:f8:
79:e5:64:1d:95:b4:d1:33:b8:06:16:22:a7:bc:95:
a2:0e:6b:7b:c2:58:03:a6:68:bb:dc:fc:90:1c:6e:
a6:90:92:d3:52:aa:31:0e:7e:5a:ff:02:1c:fe:0f:
de:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9A:5E:27:2A:C9:28:5B:DE:6C:61:13:A4:1E:95:6B:CC:9B:22:8B
X509v3 Authority Key Identifier:
keyid:08:B1:47:D3:9E:43:BB:75:F9:F7:AF:F4:5E:7B:F2:B8:35:30:F8:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/qJpeJyrJKFvebGETpB6Va8ybIos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.216.0/21
193.254.220.0/23
195.39.242.0/23
IPv6:
2001:678:b44::/48
Signature Algorithm: sha256WithRSAEncryption
42:47:5a:3e:c5:17:36:b0:d7:94:99:3a:31:3b:ec:c8:5d:67:
4f:7b:18:5b:9a:3c:83:03:32:fd:c8:52:9e:87:99:0e:c7:a2:
d3:e8:44:5f:bf:3f:f3:c0:37:68:26:18:a1:47:9b:f7:80:43:
e5:6b:0b:18:fe:c1:88:79:22:fe:26:f9:85:7e:0e:35:dc:89:
c8:08:da:46:f0:96:ba:25:92:cd:c8:07:81:80:31:6c:14:e3:
c8:21:2c:48:78:54:a3:cc:9e:c3:c5:19:67:79:c1:8c:fe:9b:
42:4e:14:cd:d0:e8:41:66:19:a5:3e:72:0f:a0:96:01:97:36:
14:af:e3:dc:40:a9:d1:95:d3:6c:6a:34:b1:0d:ae:1e:0a:d5:
6c:a6:71:19:ea:2a:a4:ad:48:22:d3:5c:57:d5:9c:8d:23:ec:
2d:22:6f:6a:48:e2:0a:2b:81:f8:32:d1:d3:0d:48:67:4e:b4:
23:7f:c6:40:ba:cf:3a:e4:88:58:fb:b8:89:d5:da:75:94:ad:
62:83:da:f8:21:15:2a:db:52:88:ab:0d:f6:6e:eb:81:85:49:
9e:0a:d5:49:a5:32:09:50:cb:c5:25:7f:eb:ac:e2:a5:e0:0a:
8b:e3:2f:32:a7:a1:90:2f:a7:e8:22:7e:e6:20:aa:65:96:fd:
1b:11:c6:44
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZG9E0XxvIkh5IJc3kC7dJ/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YjE0N2QzOWU0M2JiNzVmOWY3YWZmNDVlN2JmMmI4MzUz
MGY4NzQwHhcNMjQwOTA0MTI0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODlhNWUyNzJhYzkyODViZGU2YzYxMTNhNDFlOTU2YmNjOWIyMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlMOEIPGIw9me5/KETDj58taZIR2
XVs9nPYvvdPKmYLWOB+k2vetrjUWWp+LyuJzLNXQrSVvu4JNy0oZao4DJ5K0+X7m
prlpex+VilJ/1XxUh2R3me0gwpTn67sSbEuYk3oiYs3ROh6EXeDSauBz2bMIgJbh
wih+xr//oi7ouJpxXWuKCgH+Dz+gBhusPoUdIXZTOiKYYHbuRGv3n2xHNMHS4I4o
QbWZTyIV0pMJzjvx25qj3cq6HhYkR5K0aoXqtDFn/b7PMLSSDq+Ioor1LPh55WQd
lbTRM7gGFiKnvJWiDmt7wlgDpmi73PyQHG6mkJLTUqoxDn5a/wIc/g/etwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKiaXicqyShb3mxhE6QelWvMmyKLMB8GA1UdIwQY
MBaAFAixR9OeQ7t1+fev9F578rg1MPh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82YWM3M2EtNmI1Zi00MjMyLTliOGMt
MzA1ZTMzZWY4YjI5LzEvcUpwZUp5ckpLRnZlYkdFVHBCNlZhOHliSW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82YWM3M2EtNmI1Zi00MjMyLTliOGMtMzA1ZTMzZWY4YjI5
LzEvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDbcXYAwQB
wf7cAwQBwyfyMA8EAgACMAkDBwAgAQZ4C0QwDQYJKoZIhvcNAQELBQADggEBAEJH
Wj7FFzaw15SZOjE77MhdZ097GFuaPIMDMv3IUp6HmQ7HotPoRF+/P/PAN2gmGKFH
m/eAQ+VrCxj+wYh5Iv4m+YV+DjXcicgI2kbwlrolks3IB4GAMWwU48ghLEh4VKPM
nsPFGWd5wYz+m0JOFM3Q6EFmGaU+cg+glgGXNhSv49xAqdGV02xqNLENrh4K1Wym
cRnqKqStSCLTXFfVnI0j7C0ib2pI4gorgfgy0dMNSGdOtCN/xkC6zzrkiFj7uInV
2nWUrWKD2vghFSrbUoirDfZu64GFSZ4K1UmlMglQy8Ulf+us4qXgCovjLzKnoZAv
p+gifuYgqmWW/RsRxkQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:04 2025 by rpki-client