Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/qzXIptL5DM9u4nFjtIyyxAhFA6I.roa
File: qzXIptL5DM9u4nFjtIyyxAhFA6I.roa (raw, json)
Hash identifier: 3N7firtLU2tbShL0UdWIcnX91QIlSVdKySpDEyOVMB0=
Subject key identifier: AB:35:C8:A6:D2:F9:0C:CF:6E:E2:71:63:B4:8C:B2:C4:08:45:03:A2
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 018CC7949F1FF03D7F3DA58A49B274649914
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/qzXIptL5DM9u4nFjtIyyxAhFA6I.roa
Signing time: Tue 02 Jan 2024 00:30:55 +0000
ROA not before: Tue 02 Jan 2024 00:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43075
IP address blocks: 109.229.192.0/19 maxlen: 19
88.135.128.0/19 maxlen: 19
213.110.64.0/19 maxlen: 19
176.106.48.0/20 maxlen: 20
176.106.160.0/20 maxlen: 20
171.25.218.0/23 maxlen: 23
176.106.176.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:9f:1f:f0:3d:7f:3d:a5:8a:49:b2:74:64:99:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 00:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab35c8a6d2f90ccf6ee27163b48cb2c4084503a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:37:64:60:3e:24:58:4b:d5:80:4b:62:ec:a9:
2e:d5:95:c5:1f:a0:a6:24:c5:59:ee:30:b9:68:be:
86:80:7b:80:c5:ef:58:e9:41:67:b8:56:bd:5d:b5:
67:b4:fc:34:fc:41:44:e1:c5:a4:13:94:36:50:54:
de:57:f8:7a:85:25:75:0f:d3:ab:e2:b3:7f:cc:4a:
ac:77:32:2d:0d:81:7a:61:ab:ff:f3:a7:e4:e1:b6:
ea:55:bd:ca:9e:8b:db:b9:8d:ce:d2:d4:9e:68:87:
04:96:3c:c2:31:23:9c:26:c8:58:aa:c7:b5:66:f0:
9f:55:fe:64:81:71:79:20:e1:56:fd:55:3c:3e:b8:
f3:62:95:34:6b:c4:0b:f1:7d:42:a8:90:18:37:a8:
05:32:37:c0:46:87:2e:cd:28:43:61:a6:70:1d:32:
23:f5:13:60:f4:60:c4:7d:39:fe:14:d0:a3:48:c3:
98:df:f8:c1:64:16:94:70:22:f8:80:80:5c:ad:39:
ff:78:d2:70:48:ca:3e:0b:e3:45:f2:f6:64:f8:4a:
c1:99:19:96:fc:66:ff:86:cf:ed:6a:ce:71:3c:38:
20:7b:c9:48:05:c9:e2:56:bd:9b:03:86:2d:e6:16:
59:fb:ba:74:6e:63:fa:4b:a7:dd:3f:db:81:fd:8a:
96:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:35:C8:A6:D2:F9:0C:CF:6E:E2:71:63:B4:8C:B2:C4:08:45:03:A2
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/qzXIptL5DM9u4nFjtIyyxAhFA6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.128.0/19
109.229.192.0/19
171.25.218.0/23
176.106.48.0/20
176.106.160.0-176.106.183.255
213.110.64.0/19
Signature Algorithm: sha256WithRSAEncryption
64:d3:f8:a6:d5:25:2e:2a:95:8d:93:7c:15:a6:e6:a8:e8:99:
11:f6:61:5a:ad:20:2b:03:13:eb:57:cc:64:e1:d8:f1:29:21:
df:aa:28:04:b0:11:c1:ec:7d:13:39:62:36:f5:de:85:77:a9:
78:1d:e5:81:32:20:b9:94:41:b5:fd:30:cc:f2:57:ae:60:d7:
d3:d3:1e:ce:43:95:3e:51:16:8f:49:a9:4d:78:8f:44:99:74:
47:d1:cf:ac:3c:0f:ff:ff:74:7c:99:8d:50:b8:02:8e:89:fb:
be:86:f9:a9:1a:60:f4:7a:fa:79:04:92:a3:ae:55:f0:36:60:
4e:41:48:71:22:91:85:16:17:eb:90:ea:bf:2f:3a:9f:53:2b:
01:87:aa:c9:02:1d:dd:34:7b:9c:9a:e5:2c:31:0b:bd:dc:24:
69:e5:4a:96:e0:2e:f7:2b:f0:8a:be:86:ba:28:bc:cc:a5:6c:
2a:7f:b0:bc:5f:bf:17:01:81:e4:c8:9f:bf:e3:36:7b:f2:c0:
a7:ad:94:a6:f7:bd:87:61:17:3c:b7:c8:a3:18:d9:49:e0:b9:
aa:81:e8:d2:a4:7c:66:f9:d5:53:3f:16:d2:82:ed:16:b4:91:
5a:b1:78:08:e0:6b:f7:94:05:96:45:0d:f4:a7:8e:7d:3b:e9:
ef:0c:01:99
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzHlJ8f8D1/PaWKSbJ0ZJkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjQwMTAyMDAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjM1YzhhNmQyZjkwY2NmNmVlMjcxNjNiNDhjYjJjNDA4NDUwM2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDdkYD4kWEvVgEti7Kku1ZXFH6Cm
JMVZ7jC5aL6GgHuAxe9Y6UFnuFa9XbVntPw0/EFE4cWkE5Q2UFTeV/h6hSV1D9Or
4rN/zEqsdzItDYF6Yav/86fk4bbqVb3KnovbuY3O0tSeaIcEljzCMSOcJshYqse1
ZvCfVf5kgXF5IOFW/VU8PrjzYpU0a8QL8X1CqJAYN6gFMjfARocuzShDYaZwHTIj
9RNg9GDEfTn+FNCjSMOY3/jBZBaUcCL4gIBcrTn/eNJwSMo+C+NF8vZk+ErBmRmW
/Gb/hs/tas5xPDgge8lIBcniVr2bA4Yt5hZZ+7p0bmP6S6fdP9uB/YqWHwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKs1yKbS+QzPbuJxY7SMssQIRQOiMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvcXpYSXB0TDVETTl1NG5GanRJeXl4QWhGQTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQFWIeAAwQF
beXAAwQBqxnaAwQEsGowMAwDBAWwaqADBAOwarADBAXVbkAwDQYJKoZIhvcNAQEL
BQADggEBAGTT+KbVJS4qlY2TfBWm5qjomRH2YVqtICsDE+tXzGTh2PEpId+qKASw
EcHsfRM5Yjb13oV3qXgd5YEyILmUQbX9MMzyV65g19PTHs5DlT5RFo9JqU14j0SZ
dEfRz6w8D///dHyZjVC4Ao6J+76G+akaYPR6+nkEkqOuVfA2YE5BSHEikYUWF+uQ
6r8vOp9TKwGHqskCHd00e5ya5SwxC73cJGnlSpbgLvcr8Iq+hroovMylbCp/sLxf
vxcBgeTIn7/jNnvywKetlKb3vYdhFzy3yKMY2UnguaqB6NKkfGb51VM/FtKC7Ra0
kVqxeAjga/eUBZZFDfSnjn076e8MAZk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:56 2025 by rpki-client