Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/767bd0-b0ef-4114-a58e-ff86bf881648/1/QJ0Hc9_aZSOZ8b5y5ifBukiKBp4.roa
File: QJ0Hc9_aZSOZ8b5y5ifBukiKBp4.roa (raw, json)
Hash identifier: PlXDn7+NX6dszUtDE8X7i9w2squx8M9Y5SWpS1kxJGs=
Subject key identifier: 40:9D:07:73:DF:DA:65:23:99:F1:BE:72:E6:27:C1:BA:48:8A:06:9E
Certificate issuer: /CN=839a9a1b7e11fde77e4e1f57ff11864cee21f165
Certificate serial: 019252812732D00106D27EF93BFEBF8BD39F
Authority key identifier: 83:9A:9A:1B:7E:11:FD:E7:7E:4E:1F:57:FF:11:86:4C:EE:21:F1:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5qaG34R_ed-Th9X_xGGTO4h8WU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/767bd0-b0ef-4114-a58e-ff86bf881648/1/QJ0Hc9_aZSOZ8b5y5ifBukiKBp4.roa
Signing time: Thu 03 Oct 2024 13:10:48 +0000
ROA not before: Thu 03 Oct 2024 13:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60277
IP address blocks: 195.5.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:81:27:32:d0:01:06:d2:7e:f9:3b:fe:bf:8b:d3:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=839a9a1b7e11fde77e4e1f57ff11864cee21f165
Validity
Not Before: Oct 3 13:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=409d0773dfda652399f1be72e627c1ba488a069e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:10:60:6e:05:28:c0:d5:a4:ef:69:98:3b:9b:
8c:3e:a4:47:8e:a3:78:b9:41:7d:f0:45:76:be:0e:
43:dc:f8:0a:31:7a:ee:68:2c:dd:0c:59:e3:a7:b3:
29:e1:31:a6:2c:c2:d7:31:26:2e:62:2e:bb:4b:a8:
ea:41:4b:b5:12:11:3e:19:9a:2d:17:c5:ce:77:b5:
25:24:1d:2f:41:0f:86:23:41:22:28:08:44:19:dc:
6e:3f:90:a5:70:1b:66:84:61:78:b8:8a:24:fa:45:
03:ae:3a:ea:58:1b:62:80:84:c1:b3:d2:fb:7f:63:
0c:ea:e5:32:5b:fc:3a:7a:23:4f:f2:0f:b8:54:97:
76:95:ae:13:ba:41:e9:fa:72:d1:5a:fd:83:f9:6b:
05:9f:f1:93:9e:50:83:78:db:6f:19:26:03:f4:ad:
43:ae:49:67:aa:1e:b2:9c:b2:63:b9:73:85:06:33:
17:e2:0a:ac:2c:cb:72:26:ee:6c:c5:df:35:9c:0c:
ae:82:ee:c6:1b:6b:74:60:60:40:5d:9b:45:c4:96:
05:21:b8:4e:d6:8b:6b:1b:0b:fe:91:62:3e:39:5e:
21:29:0e:63:d1:8e:bc:ee:f8:15:a2:90:d2:b9:d9:
e9:a2:89:32:cf:cf:c8:03:7b:6e:e1:75:32:72:3b:
2f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9D:07:73:DF:DA:65:23:99:F1:BE:72:E6:27:C1:BA:48:8A:06:9E
X509v3 Authority Key Identifier:
keyid:83:9A:9A:1B:7E:11:FD:E7:7E:4E:1F:57:FF:11:86:4C:EE:21:F1:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5qaG34R_ed-Th9X_xGGTO4h8WU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/767bd0-b0ef-4114-a58e-ff86bf881648/1/QJ0Hc9_aZSOZ8b5y5ifBukiKBp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/767bd0-b0ef-4114-a58e-ff86bf881648/1/g5qaG34R_ed-Th9X_xGGTO4h8WU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.172.0/24
Signature Algorithm: sha256WithRSAEncryption
61:cc:46:62:d7:28:d2:4b:35:50:ad:8c:77:a9:75:3e:f5:8a:
21:b0:e2:82:be:e1:6f:ee:16:7b:d0:a6:f5:1c:6f:dc:c7:11:
72:4d:d2:c5:3b:9c:ec:4a:20:bb:01:ab:1d:7f:ed:b8:30:5b:
e5:a3:18:6a:b3:28:f0:81:d1:c7:74:ab:bf:5d:21:60:8a:48:
47:c9:63:c3:55:80:59:b5:ea:b7:37:82:55:39:51:46:91:b7:
c3:12:f5:f9:26:81:17:e6:b6:66:83:3f:d6:60:d9:5d:a2:5d:
9d:08:2c:96:77:69:14:e4:98:62:c9:a7:96:c1:eb:a1:69:ba:
4c:08:26:52:d5:01:b7:1c:00:5a:98:2e:9a:ab:53:27:87:59:
5c:82:a2:3b:8c:16:e0:93:00:43:ea:9f:e6:50:66:81:4a:1b:
9e:fb:aa:64:87:42:7c:5a:cb:aa:53:c7:44:ff:4b:93:59:93:
a0:21:7a:fe:36:3e:62:ef:fe:7b:e8:41:47:95:f0:94:2a:02:
c8:83:02:08:41:22:59:4f:f1:b7:da:65:6d:0b:f0:42:3e:f5:
6b:a2:67:28:1c:b8:25:c2:b5:8d:75:a4:af:88:b5:ab:1d:66:
9d:e0:11:f9:9f:ef:c8:ce:78:13:d3:e0:b7:ed:c6:c3:0b:a8:
5f:13:2d:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJSgScy0AEG0n75O/6/i9OfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOWE5YTFiN2UxMWZkZTc3ZTRlMWY1N2ZmMTE4NjRjZWUy
MWYxNjUwHhcNMjQxMDAzMTMxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDlkMDc3M2RmZGE2NTIzOTlmMWJlNzJlNjI3YzFiYTQ4OGEwNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhBgbgUowNWk72mYO5uMPqRHjqN4
uUF98EV2vg5D3PgKMXruaCzdDFnjp7Mp4TGmLMLXMSYuYi67S6jqQUu1EhE+GZot
F8XOd7UlJB0vQQ+GI0EiKAhEGdxuP5ClcBtmhGF4uIok+kUDrjrqWBtigITBs9L7
f2MM6uUyW/w6eiNP8g+4VJd2la4TukHp+nLRWv2D+WsFn/GTnlCDeNtvGSYD9K1D
rklnqh6ynLJjuXOFBjMX4gqsLMtyJu5sxd81nAyugu7GG2t0YGBAXZtFxJYFIbhO
1otrGwv+kWI+OV4hKQ5j0Y687vgVopDSudnpookyz8/IA3tu4XUycjsvVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECdB3Pf2mUjmfG+cuYnwbpIigaeMB8GA1UdIwQY
MBaAFIOamht+Ef3nfk4fV/8RhkzuIfFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVxYUczNFJfZWQtVGg5WF94R0dUTzRoOFdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NjdiZDAtYjBlZi00MTE0LWE1OGUt
ZmY4NmJmODgxNjQ4LzEvUUowSGM5X2FaU09aOGI1eTVpZkJ1a2lLQnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NjdiZDAtYjBlZi00MTE0LWE1OGUtZmY4NmJmODgxNjQ4
LzEvZzVxYUczNFJfZWQtVGg5WF94R0dUTzRoOFdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwWsMA0G
CSqGSIb3DQEBCwUAA4IBAQBhzEZi1yjSSzVQrYx3qXU+9YohsOKCvuFv7hZ70Kb1
HG/cxxFyTdLFO5zsSiC7Aasdf+24MFvloxhqsyjwgdHHdKu/XSFgikhHyWPDVYBZ
teq3N4JVOVFGkbfDEvX5JoEX5rZmgz/WYNldol2dCCyWd2kU5JhiyaeWweuhabpM
CCZS1QG3HABamC6aq1Mnh1lcgqI7jBbgkwBD6p/mUGaBShue+6pkh0J8WsuqU8dE
/0uTWZOgIXr+Nj5i7/576EFHlfCUKgLIgwIIQSJZT/G32mVtC/BCPvVromcoHLgl
wrWNdaSviLWrHWad4BH5n+/IzngT0+C37cbDC6hfEy3a
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:37 2025 by rpki-client