Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/oQquGHtVpLfFBe1Te0ECdZW46sA.roa
File: oQquGHtVpLfFBe1Te0ECdZW46sA.roa (raw, json)
Hash identifier: ZQIuz0g5CFckz1QsZEVIi7kqpbFypvPM/8BBn/5KBpk=
Subject key identifier: A1:0A:AE:18:7B:55:A4:B7:C5:05:ED:53:7B:41:02:75:95:B8:EA:C0
Certificate issuer: /CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Certificate serial: 018CC64B7B253A061D11E89A1A737933BA42
Authority key identifier: 9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/oQquGHtVpLfFBe1Te0ECdZW46sA.roa
Signing time: Mon 01 Jan 2024 18:31:24 +0000
ROA not before: Mon 01 Jan 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 193.29.144.0/20 maxlen: 20
194.99.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7b:25:3a:06:1d:11:e8:9a:1a:73:79:33:ba:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb96ce59c59557530f0eaa44c664503d9c401ed
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a10aae187b55a4b7c505ed537b41027595b8eac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2c:38:a2:b4:ab:12:6f:7a:96:57:90:be:17:
72:aa:8a:eb:d2:75:9f:ac:34:cb:61:49:e0:20:4c:
6e:c5:20:eb:94:7b:c7:3c:26:5e:1c:bd:a1:4c:9f:
da:f2:84:40:23:4d:41:1e:cd:9f:52:0a:1c:cd:73:
5c:7c:f1:95:72:e8:6f:92:c7:21:e0:a1:6c:b1:46:
49:ee:52:22:82:fe:b5:3b:ff:95:4a:26:ce:d3:ff:
24:b6:b6:09:49:20:26:80:b1:e9:49:7d:11:18:7a:
70:64:b2:96:2a:b9:e9:0a:c9:bb:66:e9:ee:e4:68:
8d:1a:38:72:d3:0f:cf:97:49:12:8b:d8:16:3c:d1:
42:4a:b2:8f:a8:43:15:a8:56:11:70:6b:39:4a:6b:
77:33:80:7a:e1:85:ab:02:ca:e2:20:0c:40:57:5d:
30:45:af:44:c9:74:fc:2a:4a:48:2f:3e:4b:84:b1:
56:97:f9:66:2f:f5:fb:4a:0e:47:a6:d8:68:0e:32:
3b:ec:17:38:5c:bd:98:21:97:89:be:75:c0:3d:11:
28:ad:2b:8d:94:8a:37:7a:d9:d9:cb:a7:a1:60:02:
b2:10:73:e0:99:b3:78:e7:d1:83:46:c3:b4:14:00:
bd:a1:44:ae:45:44:5a:7e:2f:bb:da:37:97:a7:97:
2f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0A:AE:18:7B:55:A4:B7:C5:05:ED:53:7B:41:02:75:95:B8:EA:C0
X509v3 Authority Key Identifier:
keyid:9C:B9:6C:E5:9C:59:55:75:30:F0:EA:A4:4C:66:45:03:D9:C4:01:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLls5ZxZVXUw8OqkTGZFA9nEAe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/oQquGHtVpLfFBe1Te0ECdZW46sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5dd7b1-e337-404d-b764-ddb0b148e46b/1/nLls5ZxZVXUw8OqkTGZFA9nEAe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.144.0/20
194.99.120.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:40:15:57:65:2b:bf:07:51:fa:a5:8b:55:16:99:94:f9:51:
a8:ce:2a:12:a5:25:ed:68:18:ba:2c:56:fc:ac:fd:db:b0:93:
03:26:28:ba:9d:ca:2f:d3:83:7b:90:52:be:76:5b:25:5b:97:
be:5e:d9:e9:13:e7:44:e1:8e:de:bc:07:08:57:d2:e2:c7:31:
15:36:ba:1a:a5:cc:b0:96:1b:f4:5d:92:90:d4:89:5c:dd:8a:
5c:8b:5d:e2:c6:db:8b:48:7d:7f:6d:0a:49:e6:97:7f:d4:0d:
ac:f9:79:b6:f1:74:1b:59:04:f3:7b:48:7d:f1:39:a1:e7:28:
40:62:0a:b1:da:2f:f4:19:57:50:e4:ff:22:1f:61:c5:58:04:
b5:b8:ee:f2:e9:cc:44:29:37:b6:dc:38:66:4c:96:9c:78:32:
df:3d:74:a1:1e:83:07:21:df:0c:c9:c1:f0:da:1c:69:20:ad:
b9:37:c5:d7:13:56:13:a3:a1:77:10:27:93:b5:64:30:a1:78:
86:c2:a1:59:8d:6e:4b:3d:4f:82:9a:a8:81:68:89:08:31:4c:
a0:cf:0b:e4:a3:96:8f:35:84:c7:89:5e:8a:0b:b1:de:1f:ee:
fa:86:20:66:7c:9d:b0:90:4a:7a:c5:a5:fe:c1:de:89:34:5d:
e7:57:05:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS3slOgYdEeiaGnN5M7pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjk2Y2U1OWM1OTU1NzUzMGYwZWFhNDRjNjY0NTAzZDlj
NDAxZWQwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTBhYWUxODdiNTVhNGI3YzUwNWVkNTM3YjQxMDI3NTk1YjhlYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyw4orSrEm96lleQvhdyqorr0nWf
rDTLYUngIExuxSDrlHvHPCZeHL2hTJ/a8oRAI01BHs2fUgoczXNcfPGVcuhvksch
4KFssUZJ7lIigv61O/+VSibO0/8ktrYJSSAmgLHpSX0RGHpwZLKWKrnpCsm7Zunu
5GiNGjhy0w/Pl0kSi9gWPNFCSrKPqEMVqFYRcGs5Smt3M4B64YWrAsriIAxAV10w
Ra9EyXT8KkpILz5LhLFWl/lmL/X7Sg5HpthoDjI77Bc4XL2YIZeJvnXAPREorSuN
lIo3etnZy6ehYAKyEHPgmbN459GDRsO0FAC9oUSuRURafi+72jeXp5cv5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKEKrhh7VaS3xQXtU3tBAnWVuOrAMB8GA1UdIwQY
MBaAFJy5bOWcWVV1MPDqpExmRQPZxAHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQt
ZGRiMGIxNDhlNDZiLzEvb1FxdUdIdFZwTGZGQmUxVGUwRUNkWlc0NnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ZGQ3YjEtZTMzNy00MDRkLWI3NjQtZGRiMGIxNDhlNDZi
LzEvbkxsczVaeFpWWFV3OE9xa1RHWkZBOW5FQWUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEwR2QAwQD
wmN4MA0GCSqGSIb3DQEBCwUAA4IBAQBNQBVXZSu/B1H6pYtVFpmU+VGozioSpSXt
aBi6LFb8rP3bsJMDJii6ncov04N7kFK+dlslW5e+XtnpE+dE4Y7evAcIV9LixzEV
Nroapcywlhv0XZKQ1Ilc3Ypci13ixtuLSH1/bQpJ5pd/1A2s+Xm28XQbWQTze0h9
8Tmh5yhAYgqx2i/0GVdQ5P8iH2HFWAS1uO7y6cxEKTe23DhmTJaceDLfPXShHoMH
Id8MycHw2hxpIK25N8XXE1YTo6F3ECeTtWQwoXiGwqFZjW5LPU+CmqiBaIkIMUyg
zwvko5aPNYTHiV6KC7HeH+76hiBmfJ2wkEp6xaX+wd6JNF3nVwVc
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:41:29 2025 by rpki-client