Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/d5e5cb-5b27-47f6-8acb-0350787225c8/1/qcSEVDd_kKlMzhB3tfWVBcBPBag.roa
File: qcSEVDd_kKlMzhB3tfWVBcBPBag.roa (raw, json)
Hash identifier: oNTaYH2Gm9t9x/z5W+NK9HRzh2LuBbXE4ExluAgMbfA=
Subject key identifier: A9:C4:84:54:37:7F:90:A9:4C:CE:10:77:B5:F5:95:05:C0:4F:05:A8
Certificate issuer: /CN=bc903403c20a6cdb22366cc7acf48e9f99be34ff
Certificate serial: 018CC94AD8BF83699E5F72E1614A80CDDB02
Authority key identifier: BC:90:34:03:C2:0A:6C:DB:22:36:6C:C7:AC:F4:8E:9F:99:BE:34:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJA0A8IKbNsiNmzHrPSOn5m-NP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/d5e5cb-5b27-47f6-8acb-0350787225c8/1/qcSEVDd_kKlMzhB3tfWVBcBPBag.roa
Signing time: Tue 02 Jan 2024 08:29:34 +0000
ROA not before: Tue 02 Jan 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39385
IP address blocks: 195.254.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:d8:bf:83:69:9e:5f:72:e1:61:4a:80:cd:db:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc903403c20a6cdb22366cc7acf48e9f99be34ff
Validity
Not Before: Jan 2 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9c48454377f90a94cce1077b5f59505c04f05a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:eb:78:e5:89:f0:ab:33:7f:55:80:aa:68:49:
06:9a:1c:d3:28:1b:d5:08:a6:6d:8e:4a:ee:a8:8e:
ad:31:e9:23:fa:e4:93:82:97:50:9d:19:c8:a0:f1:
20:69:81:9a:ba:26:66:21:e3:bc:8d:b4:7f:05:eb:
8b:58:15:77:52:c8:38:f3:56:35:be:94:89:7b:0d:
b1:c1:38:ad:ed:76:a3:79:b5:cf:2b:8a:a9:b0:6f:
c7:a0:8c:8a:15:33:72:1f:df:9e:56:a3:f0:55:12:
8e:51:a9:35:67:e4:38:fd:b5:e8:28:40:cd:2b:49:
4a:89:8e:c0:22:3a:d2:e9:a9:86:19:a8:3c:b0:4e:
80:a4:16:6c:69:13:52:06:f5:96:68:b5:dd:47:b2:
d8:e7:1e:35:bf:ba:e1:eb:f1:5c:e7:00:f2:e1:3c:
29:23:b3:f9:75:9d:72:6b:6e:8b:ff:96:55:c5:5e:
6e:6e:fd:9f:63:7c:74:cb:84:7e:11:9e:d1:88:89:
c0:8b:ba:b1:2f:52:d2:65:37:ab:e8:17:db:89:57:
58:d0:f7:c6:64:bb:26:7f:bd:8a:1f:c0:fb:85:d7:
de:c4:65:15:b5:6f:b9:6a:b6:d6:c2:cd:05:71:2c:
96:aa:8d:f4:e8:48:d9:12:6a:aa:3e:9b:6e:67:af:
0b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C4:84:54:37:7F:90:A9:4C:CE:10:77:B5:F5:95:05:C0:4F:05:A8
X509v3 Authority Key Identifier:
keyid:BC:90:34:03:C2:0A:6C:DB:22:36:6C:C7:AC:F4:8E:9F:99:BE:34:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJA0A8IKbNsiNmzHrPSOn5m-NP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d5e5cb-5b27-47f6-8acb-0350787225c8/1/qcSEVDd_kKlMzhB3tfWVBcBPBag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/d5e5cb-5b27-47f6-8acb-0350787225c8/1/vJA0A8IKbNsiNmzHrPSOn5m-NP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.133.0/24
Signature Algorithm: sha256WithRSAEncryption
38:ba:fc:2e:b2:9a:fb:60:02:f4:e5:21:63:6c:9d:98:df:f4:
28:0c:9f:3e:0d:9c:75:1e:95:cf:ba:ac:85:35:7c:a9:d0:2b:
c5:10:a3:26:ed:25:b5:9b:24:57:d0:29:48:2b:1d:3e:c2:44:
15:b1:57:bc:47:b5:e5:be:d7:23:c3:32:b0:74:96:f0:92:ec:
c6:a5:75:59:f2:ae:e1:c7:0e:e7:b0:1e:63:15:69:55:f1:63:
94:ab:93:45:36:60:34:24:18:d0:4b:d0:6b:c3:57:cc:68:5e:
66:3b:51:54:f5:da:65:5d:2d:42:97:42:5f:ee:eb:45:55:da:
45:b3:b1:11:9c:8e:59:7a:9a:fe:11:96:69:99:d8:60:f7:33:
5b:c1:55:6b:47:c7:70:4f:c9:3e:e6:14:52:e2:dd:bc:46:95:
6d:9b:d7:7d:49:cb:8c:27:1f:4c:fe:02:25:36:a2:1d:9a:01:
3f:aa:63:9a:29:ba:96:cf:6d:36:55:94:a0:50:f1:79:8c:e1:
e0:6b:3c:f9:3a:7b:94:68:4e:5c:6b:6d:ec:76:a1:b7:bd:2b:
3e:45:a1:1c:8b:25:06:a0:f1:8e:bd:fb:1c:9a:4f:dc:49:0e:
49:bd:b9:67:c0:b8:16:52:c6:85:b4:3a:c2:73:53:66:d1:58:
02:c6:ea:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSti/g2meX3LhYUqAzdsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOTAzNDAzYzIwYTZjZGIyMjM2NmNjN2FjZjQ4ZTlmOTli
ZTM0ZmYwHhcNMjQwMTAyMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWM0ODQ1NDM3N2Y5MGE5NGNjZTEwNzdiNWY1OTUwNWMwNGYwNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+t45YnwqzN/VYCqaEkGmhzTKBvV
CKZtjkruqI6tMekj+uSTgpdQnRnIoPEgaYGauiZmIeO8jbR/BeuLWBV3Usg481Y1
vpSJew2xwTit7XajebXPK4qpsG/HoIyKFTNyH9+eVqPwVRKOUak1Z+Q4/bXoKEDN
K0lKiY7AIjrS6amGGag8sE6ApBZsaRNSBvWWaLXdR7LY5x41v7rh6/Fc5wDy4Twp
I7P5dZ1ya26L/5ZVxV5ubv2fY3x0y4R+EZ7RiInAi7qxL1LSZTer6BfbiVdY0PfG
ZLsmf72KH8D7hdfexGUVtW+5arbWws0FcSyWqo306EjZEmqqPptuZ68LRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnEhFQ3f5CpTM4Qd7X1lQXATwWoMB8GA1UdIwQY
MBaAFLyQNAPCCmzbIjZsx6z0jp+ZvjT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkpBMEE4SUtiTnNpTm16SHJQU09uNW0tTlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9kNWU1Y2ItNWIyNy00N2Y2LThhY2It
MDM1MDc4NzIyNWM4LzEvcWNTRVZEZF9rS2xNemhCM3RmV1ZCY0JQQmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9kNWU1Y2ItNWIyNy00N2Y2LThhY2ItMDM1MDc4NzIyNWM4
LzEvdkpBMEE4SUtiTnNpTm16SHJQU09uNW0tTlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/6FMA0G
CSqGSIb3DQEBCwUAA4IBAQA4uvwuspr7YAL05SFjbJ2Y3/QoDJ8+DZx1HpXPuqyF
NXyp0CvFEKMm7SW1myRX0ClIKx0+wkQVsVe8R7XlvtcjwzKwdJbwkuzGpXVZ8q7h
xw7nsB5jFWlV8WOUq5NFNmA0JBjQS9Brw1fMaF5mO1FU9dplXS1Cl0Jf7utFVdpF
s7ERnI5Zepr+EZZpmdhg9zNbwVVrR8dwT8k+5hRS4t28RpVtm9d9ScuMJx9M/gIl
NqIdmgE/qmOaKbqWz202VZSgUPF5jOHgazz5OnuUaE5ca23sdqG3vSs+RaEciyUG
oPGOvfscmk/cSQ5JvblnwLgWUsaFtDrCc1Nm0VgCxuoB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:52 2025 by rpki-client