Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/QErd2s2zRQ9YkxnGbl406BZHzWI.roa
File: QErd2s2zRQ9YkxnGbl406BZHzWI.roa (raw, json)
Hash identifier: jTjWLdwts2mTuzQQeUzJ7Lac9Dfx6xy+hbMvhbFLNiI=
Subject key identifier: 40:4A:DD:DA:CD:B3:45:0F:58:93:19:C6:6E:5E:34:E8:16:47:CD:62
Certificate issuer: /CN=c5450afa73f0b87a420028c2b2a48cce0fe92b0a
Certificate serial: 018E80683D9D3FA8CD96D5BE4840EC3D7E70
Authority key identifier: C5:45:0A:FA:73:F0:B8:7A:42:00:28:C2:B2:A4:8C:CE:0F:E9:2B:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xUUK-nPwuHpCACjCsqSMzg_pKwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/QErd2s2zRQ9YkxnGbl406BZHzWI.roa
Signing time: Wed 27 Mar 2024 14:54:58 +0000
ROA not before: Wed 27 Mar 2024 14:54:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197451
IP address blocks: 147.229.0.0/17 maxlen: 24
147.229.128.0/18 maxlen: 24
147.229.192.0/19 maxlen: 24
147.229.224.0/19 maxlen: 24
185.62.108.0/23 maxlen: 24
2001:67c:1220::/46 maxlen: 48
2a03:2e0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:80:68:3d:9d:3f:a8:cd:96:d5:be:48:40:ec:3d:7e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5450afa73f0b87a420028c2b2a48cce0fe92b0a
Validity
Not Before: Mar 27 14:54:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=404adddacdb3450f589319c66e5e34e81647cd62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a5:d4:4d:b4:b2:7b:2e:b9:9c:6f:7e:2c:d6:
8d:85:52:9b:1c:51:1a:a4:c0:93:30:80:94:2a:df:
1b:9b:b9:f3:1a:a2:75:5c:03:00:23:b9:90:04:5f:
68:6c:ff:97:43:f8:b1:c3:f4:6f:20:cc:e7:dd:c1:
eb:3b:35:8f:a1:04:da:41:89:4c:f3:26:33:68:f6:
11:0d:0f:11:20:d4:63:ba:5a:dd:db:28:61:c5:bf:
64:d0:f7:f7:5f:0a:1a:01:d1:d3:3a:94:43:e6:6b:
66:04:4c:33:f5:ba:a1:f2:03:15:ea:b2:97:54:33:
65:0d:43:90:da:d2:df:0d:d1:83:e3:d1:cf:f2:3c:
69:52:b6:6d:c2:39:ac:cf:f5:58:bd:e2:2d:a3:73:
3a:41:83:96:e8:84:e3:53:af:55:de:d5:46:5a:e4:
0b:c3:11:d1:9f:e9:08:58:14:8a:e2:6c:b2:00:eb:
92:51:fc:68:cc:a6:4f:16:fb:4b:64:15:6d:1e:61:
76:ea:22:42:f9:a4:94:a2:66:66:d0:90:4c:e4:e8:
14:d4:8a:6f:c1:15:d9:b4:5f:5a:ba:bf:48:9f:fc:
e9:66:6b:7d:38:28:3e:28:2a:94:b3:5f:5e:42:13:
63:16:47:3a:01:6a:0a:d1:d7:e2:c9:1d:e3:a2:57:
12:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4A:DD:DA:CD:B3:45:0F:58:93:19:C6:6E:5E:34:E8:16:47:CD:62
X509v3 Authority Key Identifier:
keyid:C5:45:0A:FA:73:F0:B8:7A:42:00:28:C2:B2:A4:8C:CE:0F:E9:2B:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xUUK-nPwuHpCACjCsqSMzg_pKwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/QErd2s2zRQ9YkxnGbl406BZHzWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a2a6ad-b15f-4734-b59e-664a9926f333/1/xUUK-nPwuHpCACjCsqSMzg_pKwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.229.0.0/16
185.62.108.0/23
IPv6:
2001:67c:1220::/46
2a03:2e0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:3a:7e:d5:d6:a7:80:84:7c:23:82:6f:87:4e:93:e1:0c:16:
c2:3e:7b:21:56:aa:ad:75:74:b3:6f:7d:e4:27:de:20:5a:d3:
b1:7c:c5:28:42:ea:01:81:d0:c6:44:29:f4:cb:c9:ef:d1:68:
77:93:00:ee:58:61:c2:26:a1:e7:d3:15:56:9a:b6:c1:72:86:
dc:31:20:f9:dc:16:66:f9:ec:0f:cb:d6:a5:89:9f:80:ec:18:
dc:fb:c5:5a:b6:d0:8a:dd:d0:f7:29:ed:c4:d9:93:78:d9:56:
7f:aa:a0:49:9e:d6:34:fb:45:a4:7f:14:7e:19:89:82:d6:7f:
83:c7:b2:78:f8:4c:9f:cb:e4:0c:7d:78:77:7a:2c:eb:8f:88:
07:de:34:73:d1:a2:4c:09:e3:27:03:68:6c:0c:cf:35:05:27:
b6:51:cf:81:c1:b3:d3:43:ee:d3:da:4d:c2:4f:4e:06:cf:fc:
00:7a:d8:f5:11:7a:da:a3:b7:eb:2c:6e:75:c7:d5:32:53:75:
2a:c0:86:42:5c:b1:f1:90:54:a6:02:1e:f2:4e:26:35:18:b2:
79:fa:30:bc:0a:9d:c2:fa:ac:b9:9e:43:2a:5c:e9:f2:1c:72:
6f:0a:bd:ee:45:32:40:f9:72:1a:79:4a:3d:1e:3e:de:3e:3f:
a2:1c:67:05
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY6AaD2dP6jNltW+SEDsPX5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NDUwYWZhNzNmMGI4N2E0MjAwMjhjMmIyYTQ4Y2NlMGZl
OTJiMGEwHhcNMjQwMzI3MTQ1NDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRhZGRkYWNkYjM0NTBmNTg5MzE5YzY2ZTVlMzRlODE2NDdjZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaXUTbSyey65nG9+LNaNhVKbHFEa
pMCTMICUKt8bm7nzGqJ1XAMAI7mQBF9obP+XQ/ixw/RvIMzn3cHrOzWPoQTaQYlM
8yYzaPYRDQ8RINRjulrd2yhhxb9k0Pf3XwoaAdHTOpRD5mtmBEwz9bqh8gMV6rKX
VDNlDUOQ2tLfDdGD49HP8jxpUrZtwjmsz/VYveIto3M6QYOW6ITjU69V3tVGWuQL
wxHRn+kIWBSK4myyAOuSUfxozKZPFvtLZBVtHmF26iJC+aSUomZm0JBM5OgU1Ipv
wRXZtF9aur9In/zpZmt9OCg+KCqUs19eQhNjFkc6AWoK0dfiyR3jolcSJwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEBK3drNs0UPWJMZxm5eNOgWR81iMB8GA1UdIwQY
MBaAFMVFCvpz8Lh6QgAowrKkjM4P6SsKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFVVSy1uUHd1SHBDQUNqQ3NxU016Z19wS3dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hMmE2YWQtYjE1Zi00NzM0LWI1OWUt
NjY0YTk5MjZmMzMzLzEvUUVyZDJzMnpSUTlZa3huR2JsNDA2QlpIeldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hMmE2YWQtYjE1Zi00NzM0LWI1OWUtNjY0YTk5MjZmMzMz
LzEveFVVSy1uUHd1SHBDQUNqQ3NxU016Z19wS3dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzARBAIAATALAwMAk+UDBAG5
PmwwFgQCAAIwEAMHAiABBnwSIAMFAyoDAuAwDQYJKoZIhvcNAQELBQADggEBAFs6
ftXWp4CEfCOCb4dOk+EMFsI+eyFWqq11dLNvfeQn3iBa07F8xShC6gGB0MZEKfTL
ye/RaHeTAO5YYcImoefTFVaatsFyhtwxIPncFmb57A/L1qWJn4DsGNz7xVq20Ird
0Pcp7cTZk3jZVn+qoEme1jT7RaR/FH4ZiYLWf4PHsnj4TJ/L5Ax9eHd6LOuPiAfe
NHPRokwJ4ycDaGwMzzUFJ7ZRz4HBs9ND7tPaTcJPTgbP/AB62PURetqjt+ssbnXH
1TJTdSrAhkJcsfGQVKYCHvJOJjUYsnn6MLwKncL6rLmeQypc6fIccm8Kve5FMkD5
chp5Sj0ePt4+P6IcZwU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:22:40 2025 by rpki-client