Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/qM_HuIdyXZZM2b5ynyqTbqZ2FJE.roa
File: qM_HuIdyXZZM2b5ynyqTbqZ2FJE.roa (raw, json)
Hash identifier: AMsdpbOqUFZPnyQAPvfJv2jut19QOkw0nZYnvL4K/kA=
Subject key identifier: A8:CF:C7:B8:87:72:5D:96:4C:D9:BE:72:9F:2A:93:6E:A6:76:14:91
Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Certificate serial: 0193B530013EA9B6BF137098163687655054
Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/qM_HuIdyXZZM2b5ynyqTbqZ2FJE.roa
Signing time: Wed 11 Dec 2024 10:07:22 +0000
ROA not before: Wed 11 Dec 2024 10:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47232
IP address blocks: 185.151.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:30:01:3e:a9:b6:bf:13:70:98:16:36:87:65:50:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Validity
Not Before: Dec 11 10:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8cfc7b887725d964cd9be729f2a936ea6761491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:af:ea:ba:1b:ab:4d:ef:61:69:ce:01:f7:a2:
51:4f:30:2d:71:a2:97:00:1f:d1:e1:b7:50:d6:2e:
a8:00:47:6a:a1:53:72:e8:76:ea:f0:4c:37:55:0d:
5f:7f:a4:2c:06:dc:a6:89:0b:25:12:49:16:e3:c6:
35:0f:09:1c:72:46:99:d1:7f:13:3a:99:85:bd:6e:
2c:2a:3e:70:ca:26:fb:38:56:71:42:30:ae:1a:5f:
2e:e7:bd:bf:25:24:6b:7b:19:81:da:73:16:8d:bd:
a6:2e:db:1d:3e:f5:30:22:66:ed:8d:80:b1:06:41:
28:aa:ed:4b:90:82:d2:ad:cb:81:3d:e4:9f:a4:5b:
26:c9:d4:e2:8f:3d:0d:92:72:c6:01:07:ae:87:a8:
91:27:e9:36:c9:81:6d:41:f8:94:67:93:d6:6b:ab:
6b:33:ff:9b:e7:9b:1f:40:0b:b1:38:cd:ec:49:9b:
b1:7d:58:dd:67:87:6c:d2:36:c9:04:61:ef:9c:81:
fb:54:6b:d3:dd:92:eb:4b:f2:52:bf:f6:53:4b:5e:
8b:43:3e:1b:b1:31:10:7b:1a:53:82:66:88:1a:f0:
b0:bd:ec:14:8e:17:4f:5f:c5:e4:c6:f4:2a:3c:3c:
dd:3d:27:1a:e3:61:57:8f:12:91:af:15:01:c0:c1:
4b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CF:C7:B8:87:72:5D:96:4C:D9:BE:72:9F:2A:93:6E:A6:76:14:91
X509v3 Authority Key Identifier:
keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/qM_HuIdyXZZM2b5ynyqTbqZ2FJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.171.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:6f:6a:5b:81:99:3d:33:81:e7:69:43:98:a4:55:51:d2:5b:
22:fd:a7:cc:1b:a7:5e:5f:91:fa:b1:f3:f0:dd:c4:07:4a:63:
89:fe:0a:ce:be:11:83:77:c3:22:e2:ee:1d:ae:ba:62:1d:b9:
4a:68:91:84:62:28:5f:44:8f:37:bf:88:c5:7f:09:05:7c:9c:
75:37:b5:90:a4:41:4d:98:3c:e7:49:63:0d:75:c3:eb:ac:b0:
87:82:5e:9f:5c:77:7c:32:78:5d:cc:94:fe:2d:aa:dc:18:a9:
b3:9e:53:3c:11:69:d9:bd:db:d8:0d:18:c2:35:ce:88:81:b7:
29:6d:70:e7:08:d8:56:b4:da:07:42:06:40:61:ea:06:ea:82:
e3:e3:f6:7e:7c:4d:1a:aa:39:9c:15:ec:77:45:09:c9:73:73:
99:ea:12:bd:95:2e:81:b0:05:71:55:02:7d:ee:98:d2:4e:8f:
8e:f3:26:7d:be:51:e7:ec:24:e6:68:35:25:58:f7:53:ac:10:
10:6a:09:44:c1:2b:fb:43:40:73:8f:e6:b8:68:f7:75:49:73:
08:da:06:9c:1e:34:59:66:06:41:50:22:ee:cf:72:03:23:b5:
0c:71:a5:25:d5:ff:e1:20:d7:61:c9:5b:d6:c4:b4:16:e9:65:
e3:70:ee:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO1MAE+qba/E3CYFjaHZVBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj
ZmQwNjIwHhcNMjQxMjExMTAwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNmYzdiODg3NzI1ZDk2NGNkOWJlNzI5ZjJhOTM2ZWE2NzYxNDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoa/quhurTe9hac4B96JRTzAtcaKX
AB/R4bdQ1i6oAEdqoVNy6Hbq8Ew3VQ1ff6QsBtymiQslEkkW48Y1DwkcckaZ0X8T
OpmFvW4sKj5wyib7OFZxQjCuGl8u572/JSRrexmB2nMWjb2mLtsdPvUwImbtjYCx
BkEoqu1LkILSrcuBPeSfpFsmydTijz0NknLGAQeuh6iRJ+k2yYFtQfiUZ5PWa6tr
M/+b55sfQAuxOM3sSZuxfVjdZ4ds0jbJBGHvnIH7VGvT3ZLrS/JSv/ZTS16LQz4b
sTEQexpTgmaIGvCwvewUjhdPX8XkxvQqPDzdPSca42FXjxKRrxUBwMFLXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjPx7iHcl2WTNm+cp8qk26mdhSRMB8GA1UdIwQY
MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt
NjU0ZGQ2NDQyY2U0LzEvcU1fSHVJZHlYWlpNMmI1eW55cVRicVoyRkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0
LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZerMA0G
CSqGSIb3DQEBCwUAA4IBAQAub2pbgZk9M4HnaUOYpFVR0lsi/afMG6deX5H6sfPw
3cQHSmOJ/grOvhGDd8Mi4u4drrpiHblKaJGEYihfRI83v4jFfwkFfJx1N7WQpEFN
mDznSWMNdcPrrLCHgl6fXHd8MnhdzJT+LarcGKmznlM8EWnZvdvYDRjCNc6Igbcp
bXDnCNhWtNoHQgZAYeoG6oLj4/Z+fE0aqjmcFex3RQnJc3OZ6hK9lS6BsAVxVQJ9
7pjSTo+O8yZ9vlHn7CTmaDUlWPdTrBAQaglEwSv7Q0Bzj+a4aPd1SXMI2gacHjRZ
ZgZBUCLuz3IDI7UMcaUl1f/hINdhyVvWxLQW6WXjcO6v
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:44:55 2025 by rpki-client