Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Q_Bt3KaZI1Mjeho2GTD_qaMkpsA.roa
File: Q_Bt3KaZI1Mjeho2GTD_qaMkpsA.roa (raw, json)
Hash identifier: uHn5hGQgJVbETSL2DrScRm9fNHPJAFywGey7hCtvmLU=
Subject key identifier: 43:F0:6D:DC:A6:99:23:53:23:7A:1A:36:19:30:FF:A9:A3:24:A6:C0
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC80131025B0ECB080D7C2117E310F70A
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Q_Bt3KaZI1Mjeho2GTD_qaMkpsA.roa
Signing time: Tue 02 Jan 2024 02:29:30 +0000
ROA not before: Tue 02 Jan 2024 02:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200709
IP address blocks: 85.254.72.0/24 maxlen: 24
2a02:610:fffa::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 25 Mar 2024 19:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:31:02:5b:0e:cb:08:0d:7c:21:17:e3:10:f7:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43f06ddca6992353237a1a361930ffa9a324a6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7c:0f:f8:3f:bf:f8:92:e3:b1:67:55:9d:a2:
39:84:7c:94:49:f2:d6:5b:55:ed:f7:a1:5a:72:15:
9b:7b:30:5a:09:c8:f1:58:ad:1a:7b:cc:00:2c:9d:
df:8f:0b:3e:32:78:77:bd:d6:22:a9:cc:64:fc:e2:
af:6b:eb:7e:fc:e6:ad:75:7b:8e:c9:f2:6a:b5:9b:
c6:a8:20:54:64:2b:50:1c:85:41:7d:f8:71:6b:d8:
80:30:89:fd:90:b3:ed:e5:d4:73:55:ed:1b:7b:a6:
bd:8f:d9:09:66:a6:be:c8:b4:53:95:3e:3c:8a:d6:
af:f2:90:ad:11:26:e8:f8:0d:6d:75:2a:46:fe:37:
be:7e:9e:3f:85:49:59:24:f9:29:58:e8:ba:fd:67:
7c:3a:de:17:6c:1a:5b:bd:32:5f:a2:61:a7:c1:58:
3e:2b:0d:01:b0:e0:17:b9:4c:7f:3d:e6:71:8b:b8:
fa:da:51:ab:3b:67:48:2e:3d:ec:48:32:fa:3a:b4:
1c:77:da:52:cf:c8:63:ad:4a:dd:fd:9b:96:26:93:
06:b8:55:72:cd:e2:96:88:c7:0d:b8:20:11:d9:46:
cf:fc:b4:c2:0a:79:03:14:78:ed:e4:8b:42:d2:b2:
cc:14:60:1f:ae:3d:65:8d:bd:4a:c4:99:09:92:a0:
a9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F0:6D:DC:A6:99:23:53:23:7A:1A:36:19:30:FF:A9:A3:24:A6:C0
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Q_Bt3KaZI1Mjeho2GTD_qaMkpsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.72.0/24
IPv6:
2a02:610:fffa::/48
Signature Algorithm: sha256WithRSAEncryption
86:10:4b:1b:fb:35:e7:31:f8:16:35:a9:01:c6:39:6c:b8:2d:
1e:e4:2d:a5:d9:fc:b2:0c:a8:b8:7a:91:f7:c4:cb:1b:04:15:
89:96:23:76:61:fa:e9:8d:25:84:58:eb:e5:a9:1c:ed:6e:4d:
34:7d:ba:3d:5b:9d:d8:37:1f:88:73:83:46:ef:5c:c3:3a:c9:
9f:ac:56:a1:c4:ec:c3:32:08:c4:79:b5:97:ef:bc:d5:1a:35:
db:80:f0:cc:1c:a9:05:d1:47:34:16:8d:87:7c:8d:46:71:5a:
09:59:1f:e4:72:8f:22:e0:bc:59:15:cd:95:eb:c3:df:90:45:
21:6e:9e:bd:7b:ac:0f:20:e0:6f:6c:bd:e9:eb:59:e3:c4:02:
ea:99:6d:63:cb:0a:57:11:e4:c9:2b:9a:fb:b2:a6:ba:52:e6:
e7:66:bc:82:e8:55:ae:61:67:1f:23:ca:14:e5:78:d3:23:6a:
ed:af:6a:7c:ce:ce:99:26:68:ee:d9:0d:4c:4d:83:18:f7:37:
cc:89:73:a6:63:26:5c:fe:d2:09:c1:4c:e0:a3:f1:7c:a0:45:
ce:4c:0c:c4:9b:5b:5d:d9:d4:1e:fc:5e:0f:ba:5b:50:1a:c9:
8c:45:dd:4a:4d:8e:96:38:f6:3c:41:c5:db:36:48:21:b7:e0:
b4:2a:39:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIATECWw7LCA18IRfjEPcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2YwNmRkY2E2OTkyMzUzMjM3YTFhMzYxOTMwZmZhOWEzMjRhNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3wP+D+/+JLjsWdVnaI5hHyUSfLW
W1Xt96FachWbezBaCcjxWK0ae8wALJ3fjws+Mnh3vdYiqcxk/OKva+t+/OatdXuO
yfJqtZvGqCBUZCtQHIVBffhxa9iAMIn9kLPt5dRzVe0be6a9j9kJZqa+yLRTlT48
itav8pCtESbo+A1tdSpG/je+fp4/hUlZJPkpWOi6/Wd8Ot4XbBpbvTJfomGnwVg+
Kw0BsOAXuUx/PeZxi7j62lGrO2dILj3sSDL6OrQcd9pSz8hjrUrd/ZuWJpMGuFVy
zeKWiMcNuCAR2UbP/LTCCnkDFHjt5ItC0rLMFGAfrj1ljb1KxJkJkqCprQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEPwbdymmSNTI3oaNhkw/6mjJKbAMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvUV9CdDNLYVpJMU1qZWhvMkdURF9xYU1rcHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVf5IMA8E
AgACMAkDBwAqAgYQ//owDQYJKoZIhvcNAQELBQADggEBAIYQSxv7Necx+BY1qQHG
OWy4LR7kLaXZ/LIMqLh6kffEyxsEFYmWI3Zh+umNJYRY6+WpHO1uTTR9uj1bndg3
H4hzg0bvXMM6yZ+sVqHE7MMyCMR5tZfvvNUaNduA8MwcqQXRRzQWjYd8jUZxWglZ
H+RyjyLgvFkVzZXrw9+QRSFunr17rA8g4G9svenrWePEAuqZbWPLClcR5Mkrmvuy
prpS5udmvILoVa5hZx8jyhTleNMjau2vanzOzpkmaO7ZDUxNgxj3N8yJc6ZjJlz+
0gnBTOCj8XygRc5MDMSbW13Z1B78Xg+6W1AayYxF3UpNjpY49jxBxds2SCG34LQq
OcA=
-----END CERTIFICATE-----
Generated at Mon Mar 25 21:47:54 2024 by rpki-client on console-ams.rpki-client.org