Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/qOClEkSznWtkGgGJ0fJlOeVAxP8.roa
File: qOClEkSznWtkGgGJ0fJlOeVAxP8.roa (raw, json)
Hash identifier: uSga8YNNdA2UirqabkZJDer5R6cSGIOfGqkvUGbSCKY=
Subject key identifier: A8:E0:A5:12:44:B3:9D:6B:64:1A:01:89:D1:F2:65:39:E5:40:C4:FF
Certificate issuer: /CN=d45a8d91fe44f1a9639aed561c1bcafcbf10b25d
Certificate serial: 018CC8DF5071C38099686A394896B812189D
Authority key identifier: D4:5A:8D:91:FE:44:F1:A9:63:9A:ED:56:1C:1B:CA:FC:BF:10:B2:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FqNkf5E8aljmu1WHBvK_L8Qsl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/qOClEkSznWtkGgGJ0fJlOeVAxP8.roa
Signing time: Tue 02 Jan 2024 06:32:07 +0000
ROA not before: Tue 02 Jan 2024 06:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24956
IP address blocks: 194.120.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:50:71:c3:80:99:68:6a:39:48:96:b8:12:18:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45a8d91fe44f1a9639aed561c1bcafcbf10b25d
Validity
Not Before: Jan 2 06:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e0a51244b39d6b641a0189d1f26539e540c4ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:86:a1:b7:31:d0:14:27:aa:f1:2b:6a:11:44:
ee:d8:c7:53:88:86:01:a2:71:e1:38:3a:25:50:b1:
5e:1e:04:ff:88:e4:6b:44:8c:1a:cd:bb:27:a1:18:
eb:73:ed:5f:da:54:cb:82:9e:07:d5:eb:66:4f:bc:
ac:ab:00:46:10:d3:b0:de:04:a7:c9:63:fe:ee:8c:
14:31:e7:7a:0c:eb:e9:fb:ca:70:fd:18:57:d3:2c:
e5:c5:43:3c:89:5f:74:5e:d1:56:ba:69:9b:a4:56:
c8:c3:a9:ce:cf:20:9e:f0:3b:12:b7:43:9d:cd:d2:
71:d5:65:53:24:17:c0:28:01:fe:39:d7:02:2d:92:
ad:0d:c1:95:e5:e0:42:28:ff:03:4d:19:78:31:5b:
b5:65:76:bd:56:96:48:08:0a:e9:a3:39:45:f6:70:
89:af:36:39:8b:61:98:bd:ad:0d:8a:03:0e:6b:12:
89:d4:f9:e0:6e:b0:56:b7:89:12:fa:75:dd:0b:a3:
08:9d:3b:8f:c6:e5:44:6e:0b:e7:03:8f:06:73:4e:
37:52:41:9f:cf:b2:85:8a:78:bd:f6:4c:d6:0e:b2:
3c:1a:ed:80:cb:0e:53:92:ae:29:28:e3:cc:60:dc:
38:93:41:41:ea:d5:dd:c4:49:db:c8:95:4f:06:61:
f2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E0:A5:12:44:B3:9D:6B:64:1A:01:89:D1:F2:65:39:E5:40:C4:FF
X509v3 Authority Key Identifier:
keyid:D4:5A:8D:91:FE:44:F1:A9:63:9A:ED:56:1C:1B:CA:FC:BF:10:B2:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FqNkf5E8aljmu1WHBvK_L8Qsl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/qOClEkSznWtkGgGJ0fJlOeVAxP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fac406-1d9b-461d-855b-58865d1e14e0/1/1FqNkf5E8aljmu1WHBvK_L8Qsl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.234.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:25:91:92:68:6b:bb:df:ff:37:44:df:98:74:44:ae:2b:01:
32:a1:60:8e:fd:2d:34:8b:0e:44:13:3b:6c:42:1b:91:80:17:
df:4d:84:19:15:87:93:24:92:37:c6:9d:44:37:ee:c5:6f:b0:
90:8d:77:1f:71:de:68:f2:08:2f:7d:12:45:e2:af:57:92:c9:
10:c3:2c:ee:a2:7b:cc:f6:95:29:3c:dd:6e:95:86:68:21:78:
be:5a:a3:72:53:c5:d0:bc:30:a4:0c:e3:36:bc:6f:3c:64:9e:
bd:55:9b:75:d1:19:ae:9e:d7:5d:ae:b4:4e:37:ee:35:1a:0a:
84:e8:02:0a:0f:54:bf:51:90:46:2c:f1:0e:01:36:b8:42:44:
bd:3e:af:e5:35:1d:8a:7a:04:c2:c5:8e:ff:8a:07:55:69:1c:
a4:68:d4:ea:d2:41:b5:1f:45:26:a1:2f:65:7b:14:f9:e0:d4:
98:30:bf:d3:e9:38:da:40:e1:0e:0e:a0:c7:9d:f5:74:6d:d0:
88:3d:de:65:04:a3:df:cd:5c:6a:cd:03:55:ea:42:b2:0d:43:
37:6c:65:4e:7c:06:43:57:81:ea:cb:5e:94:b5:9d:c2:b7:1c:
28:df:e7:9d:ee:80:b4:0b:6c:57:02:ea:e6:68:4d:49:ef:66:
b4:8e:7e:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI31Bxw4CZaGo5SJa4EhidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWE4ZDkxZmU0NGYxYTk2MzlhZWQ1NjFjMWJjYWZjYmYx
MGIyNWQwHhcNMjQwMTAyMDYzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGUwYTUxMjQ0YjM5ZDZiNjQxYTAxODlkMWYyNjUzOWU1NDBjNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoahtzHQFCeq8StqEUTu2MdTiIYB
onHhODolULFeHgT/iORrRIwazbsnoRjrc+1f2lTLgp4H1etmT7ysqwBGENOw3gSn
yWP+7owUMed6DOvp+8pw/RhX0yzlxUM8iV90XtFWummbpFbIw6nOzyCe8DsSt0Od
zdJx1WVTJBfAKAH+OdcCLZKtDcGV5eBCKP8DTRl4MVu1ZXa9VpZICArpozlF9nCJ
rzY5i2GYva0NigMOaxKJ1PngbrBWt4kS+nXdC6MInTuPxuVEbgvnA48Gc043UkGf
z7KFini99kzWDrI8Gu2Ayw5Tkq4pKOPMYNw4k0FB6tXdxEnbyJVPBmHy2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjgpRJEs51rZBoBidHyZTnlQMT/MB8GA1UdIwQY
MBaAFNRajZH+RPGpY5rtVhwbyvy/ELJdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZxTmtmNUU4YWxqbXUxV0hCdktfTDhRc2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mYWM0MDYtMWQ5Yi00NjFkLTg1NWIt
NTg4NjVkMWUxNGUwLzEvcU9DbEVrU3puV3RrR2dHSjBmSmxPZVZBeFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mYWM0MDYtMWQ5Yi00NjFkLTg1NWItNTg4NjVkMWUxNGUw
LzEvMUZxTmtmNUU4YWxqbXUxV0hCdktfTDhRc2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnjqMA0G
CSqGSIb3DQEBCwUAA4IBAQANJZGSaGu73/83RN+YdESuKwEyoWCO/S00iw5EEzts
QhuRgBffTYQZFYeTJJI3xp1EN+7Fb7CQjXcfcd5o8ggvfRJF4q9XkskQwyzuonvM
9pUpPN1ulYZoIXi+WqNyU8XQvDCkDOM2vG88ZJ69VZt10RmuntddrrRON+41GgqE
6AIKD1S/UZBGLPEOATa4QkS9Pq/lNR2KegTCxY7/igdVaRykaNTq0kG1H0UmoS9l
exT54NSYML/T6TjaQOEODqDHnfV0bdCIPd5lBKPfzVxqzQNV6kKyDUM3bGVOfAZD
V4Hqy16UtZ3Ctxwo3+ed7oC0C2xXAurmaE1J72a0jn7J
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:52 2025 by rpki-client