Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/QdfR9iUMnYD8AlTHlh_b8VY_aBE.roa
File: QdfR9iUMnYD8AlTHlh_b8VY_aBE.roa (raw, json)
Hash identifier: +FeGcJEiyByl8u9YdPCozmrfst681vLk5Ogv13uR8/0=
Subject key identifier: 41:D7:D1:F6:25:0C:9D:80:FC:02:54:C7:96:1F:DB:F1:56:3F:68:11
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01924B2E273F7A3980E58296322895B66654
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/QdfR9iUMnYD8AlTHlh_b8VY_aBE.roa
Signing time: Wed 02 Oct 2024 03:02:48 +0000
ROA not before: Wed 02 Oct 2024 03:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 109.203.176.0/21 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4b:2e:27:3f:7a:39:80:e5:82:96:32:28:95:b6:66:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 2 03:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41d7d1f6250c9d80fc0254c7961fdbf1563f6811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:58:cd:b3:79:03:6f:c0:6a:62:64:eb:b3:c6:
17:ec:24:54:e1:5c:1f:0b:0b:b9:67:b8:4f:02:4d:
7e:29:b4:30:6e:37:ba:93:87:a1:11:c0:e3:45:15:
c3:de:a8:13:dd:74:03:dc:06:c3:e8:22:a2:19:f8:
75:1d:4c:01:7b:92:87:5f:1d:aa:e7:ea:37:a4:40:
a8:17:11:34:d1:5f:fe:e1:50:58:0c:8a:de:d1:3a:
9e:bd:c6:48:f0:d2:83:01:a0:3e:f7:e5:b9:d3:da:
7e:67:af:a7:d2:db:ce:3e:87:5b:8b:54:ca:bc:67:
a1:66:fe:af:2a:b1:4b:5a:17:8d:3f:59:5e:8b:83:
84:5e:65:cd:84:8d:bb:df:4c:a8:20:05:07:c2:7b:
6a:29:72:e1:3f:1b:be:ae:dd:fc:cf:ce:7a:07:4a:
d4:54:a0:f3:f3:96:d5:77:c7:6e:69:87:12:29:12:
a4:6b:bf:69:d4:2b:e6:c4:b7:e4:32:f3:a9:72:bd:
d8:15:38:94:1f:63:10:54:f5:9c:bd:4e:73:a1:89:
93:38:4a:4a:49:3b:8e:d1:7f:20:0d:33:6d:01:3b:
40:f8:58:eb:12:5a:64:fb:22:70:cc:9a:05:c5:d6:
3d:0b:2b:96:d5:0c:9b:a0:df:27:f5:9a:0d:6b:dd:
d8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D7:D1:F6:25:0C:9D:80:FC:02:54:C7:96:1F:DB:F1:56:3F:68:11
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/QdfR9iUMnYD8AlTHlh_b8VY_aBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.203.176.0/21
176.46.132.0/24
176.46.140.0/24
176.46.145.0/24
176.46.151.0/24
Signature Algorithm: sha256WithRSAEncryption
99:56:dc:b0:51:8c:84:a1:e0:32:3d:23:23:20:f3:67:25:97:
98:e0:95:27:3a:83:88:95:c9:5e:b2:76:d2:75:29:81:71:cf:
6e:d5:f4:3c:57:66:85:19:4f:25:9a:84:ca:ea:ed:a3:ec:83:
23:5d:0c:cd:9c:82:96:3a:9d:46:7b:3d:22:dc:bc:6d:d5:f8:
5e:37:51:e0:e4:ed:96:dc:ce:a7:0d:ac:1d:a7:06:34:1f:58:
05:4a:7b:3e:3b:f7:2d:b0:64:41:59:c8:8c:c4:d6:af:d5:6f:
ec:28:24:b7:3b:be:a1:1e:03:79:6c:c7:55:e4:31:48:a4:c7:
25:02:c3:48:6a:4d:42:71:4c:14:dd:89:56:f7:f4:88:bd:52:
52:c6:5c:62:bd:28:92:79:53:68:96:9f:c0:45:56:f4:d2:8d:
51:d7:d3:1d:c1:51:bd:6c:57:cd:4f:cf:09:13:6a:52:fa:d0:
62:ea:1b:e7:91:11:90:83:09:2d:ef:34:01:f8:2e:ae:82:fe:
61:77:63:8d:76:9d:55:2e:96:cb:54:da:e4:fe:9b:ee:16:dd:
35:0b:aa:35:4c:e6:65:c7:51:5c:a7:66:0a:f1:d7:d2:10:b6:
72:b6:af:80:0f:2a:fd:5d:3e:6e:09:80:5e:b8:67:6e:d1:9d:
b0:69:10:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJLLic/ejmA5YKWMiiVtmZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQxMDAyMDMwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQ3ZDFmNjI1MGM5ZDgwZmMwMjU0Yzc5NjFmZGJmMTU2M2Y2ODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyljNs3kDb8BqYmTrs8YX7CRU4Vwf
Cwu5Z7hPAk1+KbQwbje6k4ehEcDjRRXD3qgT3XQD3AbD6CKiGfh1HUwBe5KHXx2q
5+o3pECoFxE00V/+4VBYDIre0TqevcZI8NKDAaA+9+W509p+Z6+n0tvOPodbi1TK
vGehZv6vKrFLWheNP1lei4OEXmXNhI2730yoIAUHwntqKXLhPxu+rt38z856B0rU
VKDz85bVd8duaYcSKRKka79p1CvmxLfkMvOpcr3YFTiUH2MQVPWcvU5zoYmTOEpK
STuO0X8gDTNtATtA+FjrElpk+yJwzJoFxdY9CyuW1QyboN8n9ZoNa93YLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEHX0fYlDJ2A/AJUx5Yf2/FWP2gRMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvUWRmUjlpVU1uWUQ4QWxUSGxoX2I4VllfYUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDbcuwAwQA
sC6EAwQAsC6MAwQAsC6RAwQAsC6XMA0GCSqGSIb3DQEBCwUAA4IBAQCZVtywUYyE
oeAyPSMjIPNnJZeY4JUnOoOIlclesnbSdSmBcc9u1fQ8V2aFGU8lmoTK6u2j7IMj
XQzNnIKWOp1Gez0i3Lxt1fheN1Hg5O2W3M6nDawdpwY0H1gFSns+O/ctsGRBWciM
xNav1W/sKCS3O76hHgN5bMdV5DFIpMclAsNIak1CcUwU3YlW9/SIvVJSxlxivSiS
eVNolp/ARVb00o1R19MdwVG9bFfNT88JE2pS+tBi6hvnkRGQgwkt7zQB+C6ugv5h
d2ONdp1VLpbLVNrk/pvuFt01C6o1TOZlx1Fcp2YK8dfSELZytq+ADyr9XT5uCYBe
uGdu0Z2waRAt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:04 2025 by rpki-client