Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/CQE6hNytJnq6OYO5DnfCtEN9X4A.roa
File: CQE6hNytJnq6OYO5DnfCtEN9X4A.roa (raw, json)
Hash identifier: qk/GG1NK7Z4+x4uNQEflVwvctq9umlSwpZJU37w8Tg8=
Subject key identifier: 09:01:3A:84:DC:AD:26:7A:BA:39:83:B9:0E:77:C2:B4:43:7D:5F:80
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018D6DA3A09FB8347F893E41555A1D53B4DD
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/CQE6hNytJnq6OYO5DnfCtEN9X4A.roa
Signing time: Sat 03 Feb 2024 06:24:16 +0000
ROA not before: Sat 03 Feb 2024 06:24:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.187.0/24 maxlen: 24
94.74.190.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Feb 2024 07:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6d:a3:a0:9f:b8:34:7f:89:3e:41:55:5a:1d:53:b4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Feb 3 06:24:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09013a84dcad267aba3983b90e77c2b4437d5f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3d:07:76:5e:0b:4a:2e:77:a0:62:3c:b9:1d:
c8:24:ac:74:b8:ae:fc:31:a0:b7:72:98:df:c0:97:
c7:36:9c:4a:63:dc:90:ce:6e:1d:44:3d:38:89:cb:
01:ca:ed:8b:6d:e7:a5:57:47:17:48:07:09:dd:33:
a3:0b:b2:d2:03:53:1a:06:4c:06:37:8b:91:3b:42:
32:05:35:51:87:ad:29:03:b6:cb:0c:4c:fb:de:7c:
ed:14:6b:75:f3:66:38:0a:42:1f:eb:1c:4b:f2:6e:
5e:e1:0e:08:16:04:11:74:ae:47:60:fb:f5:af:89:
39:6e:68:9c:ca:bb:50:34:78:a5:b7:b5:97:be:a3:
8e:68:ce:03:9d:6b:e4:bd:14:35:48:17:c4:ff:2e:
a9:67:e5:a8:20:e8:d6:6c:ab:5b:c7:f4:01:07:ad:
30:cc:f9:ba:b8:06:85:8e:d4:a1:27:b7:0c:4f:4a:
b3:c4:10:d9:79:df:15:e6:e8:85:ed:fc:45:ee:1f:
5f:ee:dd:ad:3d:5c:b0:88:a4:a3:53:24:4a:e3:77:
af:f8:fe:9b:f1:13:1c:5f:15:9d:ac:4c:12:d6:44:
5c:3f:51:e4:1f:fa:e5:6d:74:f8:a9:0d:ba:0f:7a:
a6:5e:f6:e3:3b:5b:b0:dd:03:d2:d5:1f:08:16:38:
7e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:01:3A:84:DC:AD:26:7A:BA:39:83:B9:0E:77:C2:B4:43:7D:5F:80
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/CQE6hNytJnq6OYO5DnfCtEN9X4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
176.46.136.0/24
176.46.138.0/23
Signature Algorithm: sha256WithRSAEncryption
67:2e:b1:1e:ca:41:fe:97:37:ea:6e:38:a0:93:dc:89:20:24:
f5:dd:63:bb:b5:f4:84:13:a2:e4:c0:23:7e:66:f8:bc:b8:c4:
3d:dd:95:86:a0:55:de:5a:4c:b6:87:0d:8d:3f:10:ee:36:65:
14:03:88:35:e1:79:6b:6b:99:d2:d2:07:3a:af:e7:e2:b8:b0:
e9:bd:99:17:51:3c:bc:ae:0d:81:04:45:b3:cf:35:5b:4e:d0:
86:ec:cf:81:ee:d4:63:02:e8:84:5a:bd:5a:c9:b6:26:36:33:
b4:93:e1:81:dd:d7:71:43:9d:50:34:34:48:c8:9a:d9:ab:d4:
e8:7a:99:ba:aa:3d:d8:a6:18:83:dc:7e:35:8d:56:93:01:a4:
7e:29:65:dc:0f:d6:ba:ff:47:1f:b0:85:f6:1f:cc:b0:73:f6:
f8:76:03:6a:0a:85:fc:64:77:60:9b:0f:23:f2:24:88:f3:4b:
80:dc:d6:dc:aa:57:f9:c2:cf:a1:32:e8:a5:7b:60:51:33:d8:
f3:4a:39:ac:b7:2a:3a:4a:1d:6c:82:14:f6:cc:16:8f:b4:61:
63:5e:3c:ab:b8:6b:67:3b:72:6a:71:10:5f:ab:f3:8b:9b:84:
60:92:bc:3f:82:1e:9d:fe:49:39:85:f6:46:80:bc:ae:bf:5f:
79:0e:f6:55
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1to6CfuDR/iT5BVVodU7TdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMjAzMDYyNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAxM2E4NGRjYWQyNjdhYmEzOTgzYjkwZTc3YzJiNDQzN2Q1ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT0Hdl4LSi53oGI8uR3IJKx0uK78
MaC3cpjfwJfHNpxKY9yQzm4dRD04icsByu2LbeelV0cXSAcJ3TOjC7LSA1MaBkwG
N4uRO0IyBTVRh60pA7bLDEz73nztFGt182Y4CkIf6xxL8m5e4Q4IFgQRdK5HYPv1
r4k5bmicyrtQNHilt7WXvqOOaM4DnWvkvRQ1SBfE/y6pZ+WoIOjWbKtbx/QBB60w
zPm6uAaFjtShJ7cMT0qzxBDZed8V5uiF7fxF7h9f7t2tPVywiKSjUyRK43ev+P6b
8RMcXxWdrEwS1kRcP1HkH/rlbXT4qQ26D3qmXvbjO1uw3QPS1R8IFjh+UQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAkBOoTcrSZ6ujmDuQ53wrRDfV+AMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvQ1FFNmhOeXRKbnE2T1lPNURuZkN0RU45WDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEH6owAwQG
XkqAAwQAsC6IAwQBsC6KMA0GCSqGSIb3DQEBCwUAA4IBAQBnLrEeykH+lzfqbjig
k9yJICT13WO7tfSEE6LkwCN+Zvi8uMQ93ZWGoFXeWky2hw2NPxDuNmUUA4g14Xlr
a5nS0gc6r+fiuLDpvZkXUTy8rg2BBEWzzzVbTtCG7M+B7tRjAuiEWr1aybYmNjO0
k+GB3ddxQ51QNDRIyJrZq9Toepm6qj3YphiD3H41jVaTAaR+KWXcD9a6/0cfsIX2
H8ywc/b4dgNqCoX8ZHdgmw8j8iSI80uA3Nbcqlf5ws+hMuile2BRM9jzSjmstyo6
Sh1sghT2zBaPtGFjXjyruGtnO3JqcRBfq/OLm4Rgkrw/gh6d/kk5hfZGgLyuv195
DvZV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:36 2025 by rpki-client