Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/q1-OJesLtI9-VzChwpTyZzQ9pNo.roa
File: q1-OJesLtI9-VzChwpTyZzQ9pNo.roa (raw, json)
Hash identifier: mUMbh4dkcwZmBPGcTSdF9XhuyI0RaAJ4FUTQwoD43Js=
Subject key identifier: AB:5F:8E:25:EB:0B:B4:8F:7E:57:30:A1:C2:94:F2:67:34:3D:A4:DA
Certificate issuer: /CN=9e34b186271ccb89c5e58b30e70bd74109cc284a
Certificate serial: 018FECB6B480EB7E93B9C50224045770D309
Authority key identifier: 9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/q1-OJesLtI9-VzChwpTyZzQ9pNo.roa
Signing time: Thu 06 Jun 2024 08:42:27 +0000
ROA not before: Thu 06 Jun 2024 08:42:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206406
IP address blocks: 185.187.92.0/24 maxlen: 24
185.187.93.0/24 maxlen: 24
185.187.94.0/24 maxlen: 24
185.187.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 14:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ec:b6:b4:80:eb:7e:93:b9:c5:02:24:04:57:70:d3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e34b186271ccb89c5e58b30e70bd74109cc284a
Validity
Not Before: Jun 6 08:42:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab5f8e25eb0bb48f7e5730a1c294f267343da4da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ca:8d:f0:b2:2d:b9:11:2a:cc:bb:ab:76:3e:
fd:50:73:56:54:d6:5b:03:26:1d:d3:24:79:99:ff:
d9:81:fa:1b:33:fb:a9:ee:7c:a7:89:01:a1:70:2d:
41:a9:1d:16:2d:73:85:5d:4a:ad:02:6a:cf:00:a8:
03:36:79:93:1b:8b:20:aa:02:f0:a1:5d:a5:53:64:
9c:22:04:f6:e1:c3:a3:c5:22:8f:79:e5:b2:50:00:
9b:a3:bb:9f:64:68:c0:71:97:c2:57:f8:dd:9e:89:
64:42:f9:94:0c:9d:a9:01:d7:19:ca:48:8c:b9:05:
39:07:48:ac:2c:49:d4:de:1a:8c:7e:08:23:ab:42:
48:52:b5:c7:67:2b:76:ca:f9:c7:94:f7:55:83:ac:
6a:15:19:20:dd:be:7b:e7:24:9c:7f:e5:87:fa:5a:
ca:9c:da:35:20:b4:eb:56:43:ef:e2:c7:e9:4f:59:
b4:e0:eb:f0:ba:79:e7:0e:34:69:50:9e:68:a4:d6:
8c:58:d6:9b:57:fb:a3:9b:6a:29:fe:b6:3d:44:ed:
bc:e5:f6:63:b9:55:2a:c4:64:a7:37:c9:0f:27:4a:
a0:e0:be:1f:00:a4:16:df:d5:d7:86:b2:e2:0a:aa:
1a:a5:ad:45:8a:03:28:f1:4a:ea:a1:b0:6e:0e:bd:
ee:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5F:8E:25:EB:0B:B4:8F:7E:57:30:A1:C2:94:F2:67:34:3D:A4:DA
X509v3 Authority Key Identifier:
keyid:9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/q1-OJesLtI9-VzChwpTyZzQ9pNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/njSxhiccy4nF5Ysw5wvXQQnMKEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.92.0/22
Signature Algorithm: sha256WithRSAEncryption
02:34:d6:ca:23:87:29:62:dc:5d:3e:80:7d:76:3b:ef:5c:ba:
1d:fa:f1:34:f9:ce:07:5f:3c:4c:0d:49:16:0f:51:99:39:9c:
f5:1e:65:1b:c6:57:61:7a:0e:e8:9a:db:6c:8b:bf:29:4c:2c:
da:84:03:9d:db:86:b6:7b:e9:68:48:52:6e:71:34:fd:15:62:
1c:bf:ac:ca:7c:ce:d7:f7:eb:82:f4:f5:6c:ea:d7:a7:2d:ad:
1a:5a:da:79:c6:9f:7f:b1:6f:d0:0b:a6:17:e4:20:56:84:68:
bd:1e:04:44:e0:c5:15:0d:32:eb:58:41:e8:88:9b:ae:61:63:
d6:21:ac:4b:e5:06:f8:30:2d:2b:be:36:ff:8f:2f:ad:7d:5c:
98:90:ec:be:79:38:f1:8d:43:3e:b8:c0:2a:64:82:c0:1c:95:
9d:22:e5:9a:de:11:41:b9:a2:1c:a4:9f:cc:34:61:5f:54:03:
f9:8c:1f:18:32:47:9d:1f:2b:b7:78:29:e8:13:ca:dc:fd:71:
fc:81:29:84:00:3c:05:55:34:0b:8d:a6:51:88:65:4c:e2:ff:
cb:ac:1f:48:50:85:40:b4:33:3d:ea:74:b6:61:77:54:a7:b9:
f1:7c:a3:45:a9:04:33:ec:24:3e:15:0a:59:0f:c4:ac:b5:e2:
1e:3a:70:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/strSA636TucUCJARXcNMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzRiMTg2MjcxY2NiODljNWU1OGIzMGU3MGJkNzQxMDlj
YzI4NGEwHhcNMjQwNjA2MDg0MjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjVmOGUyNWViMGJiNDhmN2U1NzMwYTFjMjk0ZjI2NzM0M2RhNGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sqN8LItuREqzLurdj79UHNWVNZb
AyYd0yR5mf/ZgfobM/up7nyniQGhcC1BqR0WLXOFXUqtAmrPAKgDNnmTG4sgqgLw
oV2lU2ScIgT24cOjxSKPeeWyUACbo7ufZGjAcZfCV/jdnolkQvmUDJ2pAdcZykiM
uQU5B0isLEnU3hqMfggjq0JIUrXHZyt2yvnHlPdVg6xqFRkg3b575yScf+WH+lrK
nNo1ILTrVkPv4sfpT1m04OvwunnnDjRpUJ5opNaMWNabV/ujm2op/rY9RO285fZj
uVUqxGSnN8kPJ0qg4L4fAKQW39XXhrLiCqoapa1FigMo8UrqobBuDr3uGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtfjiXrC7SPflcwocKU8mc0PaTaMB8GA1UdIwQY
MBaAFJ40sYYnHMuJxeWLMOcL10EJzChKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTkt
ZGQ1ZmZkNTMxNTcxLzEvcTEtT0plc0x0STktVnpDaHdwVHlaelE5cE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTktZGQ1ZmZkNTMxNTcx
LzEvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubtcMA0G
CSqGSIb3DQEBCwUAA4IBAQACNNbKI4cpYtxdPoB9djvvXLod+vE0+c4HXzxMDUkW
D1GZOZz1HmUbxldheg7omttsi78pTCzahAOd24a2e+loSFJucTT9FWIcv6zKfM7X
9+uC9PVs6tenLa0aWtp5xp9/sW/QC6YX5CBWhGi9HgRE4MUVDTLrWEHoiJuuYWPW
IaxL5Qb4MC0rvjb/jy+tfVyYkOy+eTjxjUM+uMAqZILAHJWdIuWa3hFBuaIcpJ/M
NGFfVAP5jB8YMkedHyu3eCnoE8rc/XH8gSmEADwFVTQLjaZRiGVM4v/LrB9IUIVA
tDM96nS2YXdUp7nxfKNFqQQz7CQ+FQpZD8SsteIeOnAu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:59 2025 by rpki-client