Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/QSjWOlmunixr-NKnJQBJxMdk8sc.roa
File: QSjWOlmunixr-NKnJQBJxMdk8sc.roa (raw, json)
Hash identifier: mLSCr/qQ0+EsCUBLDANCUQTNsVCwNLI1JXqnbrro2t8=
Subject key identifier: 41:28:D6:3A:59:AE:9E:2C:6B:F8:D2:A7:25:00:49:C4:C7:64:F2:C7
Certificate issuer: /CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Certificate serial: 018CEA9EBE4743D0824B9C83BA7D88EDE479
Authority key identifier: AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/QSjWOlmunixr-NKnJQBJxMdk8sc.roa
Signing time: Mon 08 Jan 2024 19:48:41 +0000
ROA not before: Mon 08 Jan 2024 19:48:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.206.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ea:9e:be:47:43:d0:82:4b:9c:83:ba:7d:88:ed:e4:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9092bbc2cacae247774f62b0fdbdc44a974cf2
Validity
Not Before: Jan 8 19:48:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4128d63a59ae9e2c6bf8d2a7250049c4c764f2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d0:d9:39:a9:09:67:7d:27:d8:4e:bd:cb:d6:
b1:da:16:25:e4:67:13:7f:f1:5d:e9:83:2f:bf:8f:
76:68:ea:02:ee:13:79:cc:a2:d2:b4:d2:6d:4e:93:
13:b3:66:74:1e:84:e5:34:8b:be:2d:bf:f9:42:ad:
45:4b:1d:21:0b:c5:91:16:8a:78:a9:1d:4f:e7:7e:
9a:8d:31:93:ef:17:50:b1:22:db:0d:f5:98:5b:28:
29:8a:1f:ad:9a:82:c2:c8:a3:16:b1:71:8c:02:23:
bf:17:2a:77:8f:48:7e:e5:61:21:88:43:cf:24:1e:
88:e8:81:c1:7a:08:64:45:d0:e8:fd:92:28:91:d9:
f5:b0:ab:31:30:85:87:fa:26:d6:6c:9f:20:a0:7e:
95:2f:73:88:cb:2b:72:40:6d:b3:12:d1:9c:52:97:
02:a4:69:ee:5d:11:be:3a:ef:bc:c3:ed:f5:d4:81:
df:dd:f1:75:88:84:25:25:03:d8:d1:5e:d8:fa:b8:
a6:2e:79:ba:0f:19:a4:1e:62:6c:f5:83:48:67:9e:
08:fd:32:f4:17:ce:31:83:d6:f6:48:1b:ec:f1:8e:
6a:a4:da:6a:8f:98:4b:65:06:c2:38:5f:4e:51:bd:
e4:0b:7d:28:8e:94:fb:c7:20:f8:37:e6:27:07:1a:
3e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:28:D6:3A:59:AE:9E:2C:6B:F8:D2:A7:25:00:49:C4:C7:64:F2:C7
X509v3 Authority Key Identifier:
keyid:AC:90:92:BB:C2:CA:CA:E2:47:77:4F:62:B0:FD:BD:C4:4A:97:4C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJCSu8LKyuJHd09isP29xEqXTPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/QSjWOlmunixr-NKnJQBJxMdk8sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/c96349-0a22-4247-9943-a3fc196aabb3/1/rJCSu8LKyuJHd09isP29xEqXTPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.125.0/24
Signature Algorithm: sha256WithRSAEncryption
08:1e:e7:13:35:8f:09:b3:ff:6e:9c:d5:b3:39:10:03:77:24:
9a:05:a1:c9:00:22:65:d7:1a:ac:3d:7e:a8:33:97:c5:a2:fa:
b4:5c:51:28:28:fd:f5:46:6f:f1:d4:46:fb:c1:db:86:5d:86:
24:44:8a:0e:92:bb:4b:a4:19:d7:c4:5f:ee:63:a7:eb:10:c8:
e7:ac:20:b2:bd:1b:79:8c:32:78:64:aa:fc:fe:3c:d6:fd:df:
0b:bb:55:f1:1c:7b:6c:99:a6:82:f2:ef:ad:cb:96:6b:e6:f8:
41:81:27:06:82:82:a7:c4:c4:19:7f:30:ff:e5:17:69:2f:2a:
3b:29:58:e2:14:d4:8d:bf:60:a5:5b:c7:af:89:52:b5:ae:2f:
53:57:54:6d:74:ac:77:d9:e3:e7:92:96:7e:5d:08:56:c5:25:
c5:90:bf:a6:8a:6b:7e:4c:da:d8:f2:8d:d5:89:2d:95:df:4e:
88:19:d2:0f:b5:66:86:28:a5:90:4b:82:20:95:b8:81:25:c6:
8a:64:d4:88:1e:ec:47:85:63:89:de:08:2d:b9:18:c6:dd:e8:
6c:88:07:8a:db:b4:cb:67:94:9f:45:fa:6b:5b:69:d1:d5:4a:
1c:21:43:8f:7c:5b:03:e5:6e:12:1f:ac:7d:43:c1:49:6f:25:
31:e5:3d:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzqnr5HQ9CCS5yDun2I7eR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTA5MmJiYzJjYWNhZTI0Nzc3NGY2MmIwZmRiZGM0NGE5
NzRjZjIwHhcNMjQwMTA4MTk0ODQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTI4ZDYzYTU5YWU5ZTJjNmJmOGQyYTcyNTAwNDljNGM3NjRmMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtDZOakJZ30n2E69y9ax2hYl5GcT
f/Fd6YMvv492aOoC7hN5zKLStNJtTpMTs2Z0HoTlNIu+Lb/5Qq1FSx0hC8WRFop4
qR1P536ajTGT7xdQsSLbDfWYWygpih+tmoLCyKMWsXGMAiO/Fyp3j0h+5WEhiEPP
JB6I6IHBeghkRdDo/ZIokdn1sKsxMIWH+ibWbJ8goH6VL3OIyytyQG2zEtGcUpcC
pGnuXRG+Ou+8w+311IHf3fF1iIQlJQPY0V7Y+rimLnm6DxmkHmJs9YNIZ54I/TL0
F84xg9b2SBvs8Y5qpNpqj5hLZQbCOF9OUb3kC30ojpT7xyD4N+YnBxo+MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEo1jpZrp4sa/jSpyUAScTHZPLHMB8GA1UdIwQY
MBaAFKyQkrvCysriR3dPYrD9vcRKl0zyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMt
YTNmYzE5NmFhYmIzLzEvUVNqV09sbXVuaXhyLU5LbkpRQkp4TWRrOHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9jOTYzNDktMGEyMi00MjQ3LTk5NDMtYTNmYzE5NmFhYmIz
LzEvckpDU3U4TEt5dUpIZDA5aXNQMjl4RXFYVFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc59MA0G
CSqGSIb3DQEBCwUAA4IBAQAIHucTNY8Js/9unNWzORADdySaBaHJACJl1xqsPX6o
M5fFovq0XFEoKP31Rm/x1Eb7wduGXYYkRIoOkrtLpBnXxF/uY6frEMjnrCCyvRt5
jDJ4ZKr8/jzW/d8Lu1XxHHtsmaaC8u+ty5Zr5vhBgScGgoKnxMQZfzD/5RdpLyo7
KVjiFNSNv2ClW8eviVK1ri9TV1RtdKx32ePnkpZ+XQhWxSXFkL+mimt+TNrY8o3V
iS2V306IGdIPtWaGKKWQS4IglbiBJcaKZNSIHuxHhWOJ3ggtuRjG3ehsiAeK27TL
Z5SfRfprW2nR1UocIUOPfFsD5W4SH6x9Q8FJbyUx5T3s
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:23 2025 by rpki-client