Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/QzXMJ_D08ZLfxaS5qMpVwkF2F2U.roa
File: QzXMJ_D08ZLfxaS5qMpVwkF2F2U.roa (raw, json)
Hash identifier: kNxcEx6fkh/mbju+bOXpsxFiFPYN86KkoZlK1xVQcnA=
Subject key identifier: 43:35:CC:27:F0:F4:F1:92:DF:C5:A4:B9:A8:CA:55:C2:41:76:17:65
Certificate issuer: /CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Certificate serial: 01931B55D653D367E4AE5FB84A1D5945040A
Authority key identifier: D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/QzXMJ_D08ZLfxaS5qMpVwkF2F2U.roa
Signing time: Mon 11 Nov 2024 13:07:10 +0000
ROA not before: Mon 11 Nov 2024 13:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 178.20.208.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 17:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:55:d6:53:d3:67:e4:ae:5f:b8:4a:1d:59:45:04:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93a54f02f49f45ad5d73e5551d096181bce3f6e
Validity
Not Before: Nov 11 13:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4335cc27f0f4f192dfc5a4b9a8ca55c241761765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a4:01:b7:80:95:99:e3:58:3f:97:f5:89:b3:
96:df:8d:7c:f7:e7:c3:2b:44:40:1d:2f:15:1a:f8:
22:b9:37:04:f5:db:5c:2a:3a:fd:f2:e3:54:83:7f:
28:80:93:ad:6e:87:19:3f:8e:60:76:1e:a3:a7:26:
91:fd:00:2e:f7:21:cd:86:e5:fc:a4:95:40:02:5f:
ee:2b:97:67:ce:ed:8a:7f:1e:2b:ee:51:0c:e2:97:
ea:cc:9d:73:6a:e4:ab:2e:4a:e1:13:0b:1a:5a:fd:
b8:38:fc:8e:44:55:f2:62:63:b8:79:e1:10:db:ff:
2f:8e:06:25:b2:89:8f:69:19:e9:ce:88:0b:3e:4b:
8c:01:85:b4:2a:5a:ef:73:e5:f5:28:ed:c4:11:43:
04:8f:47:c3:d7:5a:b0:f0:21:e3:eb:4e:d6:3f:14:
f3:9d:41:ed:3d:69:60:ef:4a:33:ab:d3:58:7a:63:
4e:8a:7b:ea:3d:ac:e5:fb:d3:73:5a:6c:8a:6e:f3:
75:15:18:06:82:e3:5e:fa:cd:e9:1c:28:3f:0e:ea:
bd:2d:9a:fd:bc:d5:65:be:6d:a0:ca:5d:d2:82:6c:
b0:8e:51:e9:1c:20:36:09:48:3d:b5:91:47:37:d0:
87:d3:6b:b9:b8:72:36:e6:b6:1f:43:5b:f4:98:02:
39:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:35:CC:27:F0:F4:F1:92:DF:C5:A4:B9:A8:CA:55:C2:41:76:17:65
X509v3 Authority Key Identifier:
keyid:D9:3A:54:F0:2F:49:F4:5A:D5:D7:3E:55:51:D0:96:18:1B:CE:3F:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TpU8C9J9FrV1z5VUdCWGBvOP24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/QzXMJ_D08ZLfxaS5qMpVwkF2F2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/15fff4-966b-4e0a-abac-05d58f0cb88c/1/2TpU8C9J9FrV1z5VUdCWGBvOP24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.208.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:6a:02:2c:65:2e:2a:20:58:82:4b:9a:35:56:29:e7:ca:cd:
06:99:84:af:40:25:40:9e:a0:a8:35:93:6b:52:a8:b0:d2:1a:
1e:9c:63:1d:78:10:6a:d2:e5:89:9f:39:d0:80:e3:bd:70:b6:
ce:ee:0b:1b:6e:d1:28:7e:cc:b0:dc:cc:41:c4:52:19:55:73:
d6:af:dd:b3:95:8d:c8:db:f4:d3:9f:0a:0b:2d:42:1c:b8:d1:
42:ba:15:33:28:b1:6a:27:79:07:d5:e0:33:1b:4b:de:1e:96:
0c:7a:6a:59:64:94:0c:a4:2e:3f:88:bf:df:1c:da:ae:2a:db:
bf:a2:d2:e3:e4:b8:e9:8e:dc:33:25:02:3b:a2:81:6b:33:4f:
1a:f0:79:cd:9a:70:87:f9:81:48:ac:d1:c4:21:d6:fb:aa:e9:
54:dd:9f:75:d0:dd:be:dc:5a:84:51:53:05:56:f1:02:29:5f:
b6:6d:3a:00:00:d4:cc:1c:ab:2a:9d:4b:26:02:09:7a:b9:74:
40:b3:31:d1:17:f9:23:91:46:2d:5c:05:cd:68:83:8f:d0:ba:
2e:4a:be:1e:1f:83:5a:fe:6f:58:b8:9a:f9:fe:02:2b:f6:86:
3d:c7:f2:ac:2f:d4:06:2e:f2:57:d6:11:23:7a:aa:b2:b2:06:
e2:3b:b6:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMbVdZT02fkrl+4Sh1ZRQQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2E1NGYwMmY0OWY0NWFkNWQ3M2U1NTUxZDA5NjE4MWJj
ZTNmNmUwHhcNMjQxMTExMTMwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM1Y2MyN2YwZjRmMTkyZGZjNWE0YjlhOGNhNTVjMjQxNzYxNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqQBt4CVmeNYP5f1ibOW34189+fD
K0RAHS8VGvgiuTcE9dtcKjr98uNUg38ogJOtbocZP45gdh6jpyaR/QAu9yHNhuX8
pJVAAl/uK5dnzu2Kfx4r7lEM4pfqzJ1zauSrLkrhEwsaWv24OPyORFXyYmO4eeEQ
2/8vjgYlsomPaRnpzogLPkuMAYW0Klrvc+X1KO3EEUMEj0fD11qw8CHj607WPxTz
nUHtPWlg70ozq9NYemNOinvqPazl+9NzWmyKbvN1FRgGguNe+s3pHCg/Duq9LZr9
vNVlvm2gyl3SgmywjlHpHCA2CUg9tZFHN9CH02u5uHI25rYfQ1v0mAI5OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEM1zCfw9PGS38WkuajKVcJBdhdlMB8GA1UdIwQY
MBaAFNk6VPAvSfRa1dc+VVHQlhgbzj9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMt
MDVkNThmMGNiODhjLzEvUXpYTUpfRDA4WkxmeGFTNXFNcFZ3a0YyRjJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xNWZmZjQtOTY2Yi00ZTBhLWFiYWMtMDVkNThmMGNiODhj
LzEvMlRwVThDOUo5RnJWMXo1VlVkQ1dHQnZPUDI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBshTQMA0G
CSqGSIb3DQEBCwUAA4IBAQC8agIsZS4qIFiCS5o1Vinnys0GmYSvQCVAnqCoNZNr
Uqiw0hoenGMdeBBq0uWJnznQgOO9cLbO7gsbbtEofsyw3MxBxFIZVXPWr92zlY3I
2/TTnwoLLUIcuNFCuhUzKLFqJ3kH1eAzG0veHpYMempZZJQMpC4/iL/fHNquKtu/
otLj5LjpjtwzJQI7ooFrM08a8HnNmnCH+YFIrNHEIdb7qulU3Z910N2+3FqEUVMF
VvECKV+2bToAANTMHKsqnUsmAgl6uXRAszHRF/kjkUYtXAXNaIOP0LouSr4eH4Na
/m9YuJr5/gIr9oY9x/KsL9QGLvJX1hEjeqqysgbiO7b+
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:20 2025 by rpki-client