Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/QMn9nz9ERYFn56l4UXPeNNiUV2Y.roa
File: QMn9nz9ERYFn56l4UXPeNNiUV2Y.roa (raw, json)
Hash identifier: L7XePPAOeRe2N5kjt4z/hqPFuszdN0YjiGvApCpPBOM=
Subject key identifier: 40:C9:FD:9F:3F:44:45:81:67:E7:A9:78:51:73:DE:34:D8:94:57:66
Certificate issuer: /CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Certificate serial: 018CC49306125C7A2DC7D4ED0C568C3E7EFE
Authority key identifier: A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/QMn9nz9ERYFn56l4UXPeNNiUV2Y.roa
Signing time: Mon 01 Jan 2024 10:30:18 +0000
ROA not before: Mon 01 Jan 2024 10:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28952
IP address blocks: 151.236.224.0/20 maxlen: 20
37.58.0.0/20 maxlen: 20
46.34.224.0/19 maxlen: 19
37.152.96.0/19 maxlen: 19
31.3.32.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:06:12:5c:7a:2d:c7:d4:ed:0c:56:8c:3e:7e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a57d4cfe60f8a30a4d0ff94b94ebadfc88c9ac11
Validity
Not Before: Jan 1 10:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40c9fd9f3f44458167e7a9785173de34d8945766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:52:27:5a:39:30:34:81:06:b3:bb:a8:1f:84:
79:3f:72:62:b8:61:18:0f:5c:3a:55:01:4a:68:b1:
7b:38:27:73:28:dc:c9:c6:01:ba:b2:54:b8:ac:f2:
d3:b9:f0:a1:b8:e0:a4:c8:5b:ad:af:26:92:4d:5c:
e3:34:cc:93:70:a1:37:5b:72:0b:3d:27:3a:0e:7b:
6b:60:ee:ee:86:0c:49:06:e9:a5:38:ed:60:41:60:
ab:f0:b0:66:03:04:ff:ee:34:d5:8e:c2:1b:7d:4a:
67:75:0d:a5:9e:bd:50:5a:64:8b:48:1f:ae:8f:0c:
47:0a:c2:d3:ec:a1:f7:8d:fc:e0:2c:e7:17:0d:4e:
22:d3:ba:ae:41:c2:cc:69:9c:0d:81:d4:bf:e5:0c:
7f:a7:c1:aa:ff:7a:a9:2a:bb:7b:9e:41:17:e8:6b:
8a:de:d7:d1:b0:22:b5:cb:ef:37:2f:cb:31:fd:e7:
5d:5e:ff:b4:75:67:5a:26:f2:ca:a1:3b:21:f8:cb:
6c:ae:ed:75:72:6e:8e:3a:ed:d8:ba:2a:b5:0b:45:
d9:02:55:3e:1b:ed:84:bd:68:76:3f:04:59:6f:13:
18:3b:cb:8f:0c:89:61:d5:86:39:7d:f8:f8:73:11:
99:73:51:6f:00:07:01:3b:df:46:e2:23:fc:23:35:
39:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C9:FD:9F:3F:44:45:81:67:E7:A9:78:51:73:DE:34:D8:94:57:66
X509v3 Authority Key Identifier:
keyid:A5:7D:4C:FE:60:F8:A3:0A:4D:0F:F9:4B:94:EB:AD:FC:88:C9:AC:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pX1M_mD4owpND_lLlOut_IjJrBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/QMn9nz9ERYFn56l4UXPeNNiUV2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48c072-22de-44d7-bed8-e80f32073f3d/1/pX1M_mD4owpND_lLlOut_IjJrBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.32.0/19
37.58.0.0/20
37.152.96.0/19
46.34.224.0/19
151.236.224.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:a7:46:6b:76:74:a1:82:94:f2:6e:fd:56:98:02:24:3d:6c:
c3:3e:c8:f8:3a:94:ec:9b:18:80:f6:67:3e:77:10:c3:d9:0f:
8f:4f:cc:f3:e8:ce:00:aa:f8:81:5a:44:25:d6:9b:56:d5:2c:
16:af:bc:a3:aa:57:04:33:8e:3d:31:57:f2:4e:e8:7f:fe:fa:
93:12:1a:a8:df:48:24:e9:9f:84:38:67:eb:cf:dd:03:91:31:
b7:6d:b9:96:d0:48:fd:39:2a:13:74:c5:e6:cf:d7:fd:4e:e4:
10:ea:14:b1:3b:5d:9d:43:3f:8f:af:37:e3:25:07:fa:b0:25:
64:a5:53:ff:08:7f:ab:67:04:d9:a7:56:00:d2:bd:67:b6:61:
e0:af:02:a6:c5:14:19:21:fe:82:2d:0c:f7:8f:3f:09:ee:77:
71:5d:45:f0:df:8d:cb:84:3e:b6:5f:95:78:23:3b:64:32:ed:
2e:7b:30:f7:fe:7d:53:75:9a:41:81:c3:c6:bb:61:08:14:53:
62:56:12:4f:de:67:30:6c:82:a0:f2:99:e7:d9:ce:a4:62:63:
37:3a:06:fa:94:30:0b:13:b8:df:b9:8f:15:b9:a0:5f:7f:da:
76:35:8a:54:92:8d:6e:a1:00:7f:66:d5:17:72:0f:6d:7f:72:
94:11:0f:5e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEkwYSXHotx9TtDFaMPn7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1N2Q0Y2ZlNjBmOGEzMGE0ZDBmZjk0Yjk0ZWJhZGZjODhj
OWFjMTEwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM5ZmQ5ZjNmNDQ0NTgxNjdlN2E5Nzg1MTczZGUzNGQ4OTQ1NzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylInWjkwNIEGs7uoH4R5P3JiuGEY
D1w6VQFKaLF7OCdzKNzJxgG6slS4rPLTufChuOCkyFutryaSTVzjNMyTcKE3W3IL
PSc6DntrYO7uhgxJBumlOO1gQWCr8LBmAwT/7jTVjsIbfUpndQ2lnr1QWmSLSB+u
jwxHCsLT7KH3jfzgLOcXDU4i07quQcLMaZwNgdS/5Qx/p8Gq/3qpKrt7nkEX6GuK
3tfRsCK1y+83L8sx/eddXv+0dWdaJvLKoTsh+Mtsru11cm6OOu3Yuiq1C0XZAlU+
G+2EvWh2PwRZbxMYO8uPDIlh1YY5ffj4cxGZc1FvAAcBO99G4iP8IzU5BQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEDJ/Z8/REWBZ+epeFFz3jTYlFdmMB8GA1UdIwQY
MBaAFKV9TP5g+KMKTQ/5S5TrrfyIyawRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFgxTV9tRDRvd3BORF9sTGxPdXRfSWpKckJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80OGMwNzItMjJkZS00NGQ3LWJlZDgt
ZTgwZjMyMDczZjNkLzEvUU1uOW56OUVSWUZuNTZsNFVYUGVOTmlVVjJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80OGMwNzItMjJkZS00NGQ3LWJlZDgtZTgwZjMyMDczZjNk
LzEvcFgxTV9tRDRvd3BORF9sTGxPdXRfSWpKckJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFHwMgAwQE
JToAAwQFJZhgAwQFLiLgAwQEl+zgMA0GCSqGSIb3DQEBCwUAA4IBAQCmp0ZrdnSh
gpTybv1WmAIkPWzDPsj4OpTsmxiA9mc+dxDD2Q+PT8zz6M4AqviBWkQl1ptW1SwW
r7yjqlcEM449MVfyTuh//vqTEhqo30gk6Z+EOGfrz90DkTG3bbmW0Ej9OSoTdMXm
z9f9TuQQ6hSxO12dQz+PrzfjJQf6sCVkpVP/CH+rZwTZp1YA0r1ntmHgrwKmxRQZ
If6CLQz3jz8J7ndxXUXw343LhD62X5V4IztkMu0uezD3/n1TdZpBgcPGu2EIFFNi
VhJP3mcwbIKg8pnn2c6kYmM3Ogb6lDALE7jfuY8VuaBff9p2NYpUko1uoQB/ZtUX
cg9tf3KUEQ9e
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:27 2025 by rpki-client