Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/64ae31-d1c8-4004-a778-06df1dc03367/1/qcbW45hMUUDkN1SFS9fKJFnfffo.roa
File: qcbW45hMUUDkN1SFS9fKJFnfffo.roa (raw, json)
Hash identifier: 7/NlVd7vigmbC3TlMhhfkt0hP9Hn/R98oDeDTjdl4Nk=
Subject key identifier: A9:C6:D6:E3:98:4C:51:40:E4:37:54:85:4B:D7:CA:24:59:DF:7D:FA
Certificate issuer: /CN=5813e26d71ac5b6a601156d90ce0dccec5986243
Certificate serial: 0192542E896399F6C2747E68E8762848C025
Authority key identifier: 58:13:E2:6D:71:AC:5B:6A:60:11:56:D9:0C:E0:DC:CE:C5:98:62:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WBPibXGsW2pgEVbZDODczsWYYkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/64ae31-d1c8-4004-a778-06df1dc03367/1/qcbW45hMUUDkN1SFS9fKJFnfffo.roa
Signing time: Thu 03 Oct 2024 20:59:48 +0000
ROA not before: Thu 03 Oct 2024 20:59:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207388
IP address blocks: 185.224.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:54:2e:89:63:99:f6:c2:74:7e:68:e8:76:28:48:c0:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5813e26d71ac5b6a601156d90ce0dccec5986243
Validity
Not Before: Oct 3 20:59:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9c6d6e3984c5140e43754854bd7ca2459df7dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bd:26:58:48:22:06:4f:19:7c:61:c8:b3:a6:
28:4f:b4:c9:7f:42:15:cd:84:e7:f3:f4:00:5f:23:
5e:c3:5f:b3:61:5f:67:ee:6d:d4:27:d8:4e:77:13:
f8:97:8b:64:84:9b:ea:de:e9:db:e6:a6:f9:39:0a:
80:88:0b:f9:7e:e2:e0:7b:63:b7:1a:df:a7:44:87:
7f:79:7b:cb:66:a7:48:af:02:04:b9:93:9d:4d:0a:
c5:31:fb:7a:62:38:90:02:c1:da:ac:70:71:7a:3e:
71:61:13:47:84:b0:e8:f0:25:66:6b:a6:5b:3a:ff:
9b:2d:05:e4:25:3e:7a:fd:5c:94:23:f2:36:b8:cd:
80:0b:f7:88:4b:fa:1f:c1:ce:d3:db:c0:8b:38:90:
5b:74:72:6b:90:a0:0b:70:94:44:0d:73:56:d3:9e:
33:56:f3:48:b8:50:55:bb:b9:66:38:5c:40:36:61:
99:31:9e:f2:10:12:fb:f6:08:0c:57:48:4f:7c:3c:
3c:60:9f:71:66:fb:da:d0:2e:a3:e2:05:ad:c2:e8:
19:c2:1e:2e:c4:0e:db:09:95:f7:37:b2:5e:ef:84:
d0:07:04:14:60:96:a8:d0:5f:1d:3a:64:6e:9f:4f:
97:88:84:7d:00:58:63:3a:a6:a8:4c:fb:dd:d2:ac:
13:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C6:D6:E3:98:4C:51:40:E4:37:54:85:4B:D7:CA:24:59:DF:7D:FA
X509v3 Authority Key Identifier:
keyid:58:13:E2:6D:71:AC:5B:6A:60:11:56:D9:0C:E0:DC:CE:C5:98:62:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WBPibXGsW2pgEVbZDODczsWYYkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/64ae31-d1c8-4004-a778-06df1dc03367/1/qcbW45hMUUDkN1SFS9fKJFnfffo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/64ae31-d1c8-4004-a778-06df1dc03367/1/WBPibXGsW2pgEVbZDODczsWYYkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.2.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:28:88:82:1c:66:5c:4f:5f:21:52:c3:f8:30:53:ec:00:4b:
6d:d9:b9:c1:c7:72:33:c8:81:31:01:1d:db:90:0b:04:52:47:
eb:7c:db:5d:7e:96:75:58:53:52:b1:24:16:dd:a3:b2:e4:40:
d3:64:f2:16:dd:d0:39:35:13:db:33:90:7d:71:88:de:61:0e:
2a:b4:6c:ab:fc:42:d9:df:06:66:69:ca:15:9a:51:27:34:9b:
07:8e:3c:e6:16:8f:28:9e:e2:7e:ed:be:ee:0c:42:d4:a1:93:
d8:01:67:4d:d8:0f:ef:bd:6f:23:f8:7d:29:b6:4f:e4:65:9e:
08:83:bd:0b:56:7e:54:6b:71:2f:fd:db:3e:b2:d4:a5:59:68:
80:88:13:16:7f:77:c3:9a:4e:21:1b:3b:87:ec:aa:3f:c1:e9:
4e:12:73:18:25:11:06:3b:1a:81:9d:5b:71:e1:ad:1f:6c:bc:
fa:62:c1:19:48:18:96:b1:3b:d5:c6:86:b4:e5:01:29:db:e6:
b8:46:21:78:b1:23:79:6d:55:bf:4c:2e:ba:91:a8:47:87:8c:
24:46:09:c9:82:3c:b1:7e:a6:3f:78:31:e1:24:59:78:ff:ee:
97:b8:25:be:8c:d8:d0:68:bb:ed:93:65:db:f1:95:a5:9a:22:
74:c7:4c:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJULoljmfbCdH5o6HYoSMAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MTNlMjZkNzFhYzViNmE2MDExNTZkOTBjZTBkY2NlYzU5
ODYyNDMwHhcNMjQxMDAzMjA1OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWM2ZDZlMzk4NGM1MTQwZTQzNzU0ODU0YmQ3Y2EyNDU5ZGY3ZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA070mWEgiBk8ZfGHIs6YoT7TJf0IV
zYTn8/QAXyNew1+zYV9n7m3UJ9hOdxP4l4tkhJvq3unb5qb5OQqAiAv5fuLge2O3
Gt+nRId/eXvLZqdIrwIEuZOdTQrFMft6YjiQAsHarHBxej5xYRNHhLDo8CVma6Zb
Ov+bLQXkJT56/VyUI/I2uM2AC/eIS/ofwc7T28CLOJBbdHJrkKALcJREDXNW054z
VvNIuFBVu7lmOFxANmGZMZ7yEBL79ggMV0hPfDw8YJ9xZvva0C6j4gWtwugZwh4u
xA7bCZX3N7Je74TQBwQUYJao0F8dOmRun0+XiIR9AFhjOqaoTPvd0qwTjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnG1uOYTFFA5DdUhUvXyiRZ3336MB8GA1UdIwQY
MBaAFFgT4m1xrFtqYBFW2Qzg3M7FmGJDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0JQaWJYR3NXMnBnRVZiWkRPRGN6c1dZWWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82NGFlMzEtZDFjOC00MDA0LWE3Nzgt
MDZkZjFkYzAzMzY3LzEvcWNiVzQ1aE1VVURrTjFTRlM5ZktKRm5mZmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82NGFlMzEtZDFjOC00MDA0LWE3NzgtMDZkZjFkYzAzMzY3
LzEvV0JQaWJYR3NXMnBnRVZiWkRPRGN6c1dZWWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueACMA0G
CSqGSIb3DQEBCwUAA4IBAQDHKIiCHGZcT18hUsP4MFPsAEtt2bnBx3IzyIExAR3b
kAsEUkfrfNtdfpZ1WFNSsSQW3aOy5EDTZPIW3dA5NRPbM5B9cYjeYQ4qtGyr/ELZ
3wZmacoVmlEnNJsHjjzmFo8onuJ+7b7uDELUoZPYAWdN2A/vvW8j+H0ptk/kZZ4I
g70LVn5Ua3Ev/ds+stSlWWiAiBMWf3fDmk4hGzuH7Ko/welOEnMYJREGOxqBnVtx
4a0fbLz6YsEZSBiWsTvVxoa05QEp2+a4RiF4sSN5bVW/TC66kahHh4wkRgnJgjyx
fqY/eDHhJFl4/+6XuCW+jNjQaLvtk2Xb8ZWlmiJ0x0xj
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:56 2025 by rpki-client