Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/36a9af-0d6a-45e3-9ca5-40858b95fcf5/1/q2QhCHxdEbhnorzun6Pd-lsuiIM.roa
File: q2QhCHxdEbhnorzun6Pd-lsuiIM.roa (raw, json)
Hash identifier: jH8JuUIrhI3KRx0Cx0S0WCyyFiv8qToKMgVEh4WihoY=
Subject key identifier: AB:64:21:08:7C:5D:11:B8:67:A2:BC:EE:9F:A3:DD:FA:5B:2E:88:83
Certificate issuer: /CN=345b4f7b4a16db9e924f0908cee3da26f22ad481
Certificate serial: 018CC4923F206814C22B294C3A342524BF0E
Authority key identifier: 34:5B:4F:7B:4A:16:DB:9E:92:4F:09:08:CE:E3:DA:26:F2:2A:D4:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFtPe0oW256STwkIzuPaJvIq1IE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/36a9af-0d6a-45e3-9ca5-40858b95fcf5/1/q2QhCHxdEbhnorzun6Pd-lsuiIM.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8298
IP address blocks: 92.119.38.0/24 maxlen: 24
2a0b:dd80::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3f:20:68:14:c2:2b:29:4c:3a:34:25:24:bf:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345b4f7b4a16db9e924f0908cee3da26f22ad481
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab6421087c5d11b867a2bcee9fa3ddfa5b2e8883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e5:0a:4a:91:0e:1d:4d:14:93:59:0a:a0:53:
de:15:d0:57:99:e0:3b:e2:c0:64:11:d0:6f:5b:d5:
87:6c:10:fc:0a:5b:80:ad:ab:87:4f:e0:b7:7f:b5:
51:05:31:29:65:95:0b:54:a4:3e:73:61:0a:df:e1:
ed:56:de:61:77:3d:34:eb:6f:e9:0b:55:ee:86:f6:
b4:1a:d9:bd:c0:e7:59:d3:0b:b5:3d:7e:13:d9:32:
5e:68:27:b8:5a:87:51:79:b8:d9:d5:5b:06:f5:fd:
75:58:66:70:27:ba:0f:82:ca:b4:cd:00:94:9e:cb:
95:14:05:fc:20:d7:40:af:b4:0c:21:6c:3f:10:85:
33:b4:92:49:cc:0e:10:e7:d3:1c:bb:78:a4:e6:df:
9a:90:db:c2:b4:35:85:ae:27:8b:89:56:72:e4:b3:
84:86:9b:27:54:0a:e1:d6:06:c6:57:78:d4:ce:81:
b3:99:1a:ef:10:85:27:84:62:6d:ac:58:b6:5f:28:
37:e9:ff:7b:e8:00:75:17:6a:ea:5e:e8:98:05:50:
58:53:23:ad:41:e1:c2:85:86:de:96:22:c2:c3:33:
f0:bc:22:e5:22:c6:a4:78:64:49:2e:bc:ac:37:84:
e1:55:46:ca:c3:fa:93:e6:9e:2b:71:01:c1:3f:df:
ab:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:64:21:08:7C:5D:11:B8:67:A2:BC:EE:9F:A3:DD:FA:5B:2E:88:83
X509v3 Authority Key Identifier:
keyid:34:5B:4F:7B:4A:16:DB:9E:92:4F:09:08:CE:E3:DA:26:F2:2A:D4:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFtPe0oW256STwkIzuPaJvIq1IE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/36a9af-0d6a-45e3-9ca5-40858b95fcf5/1/q2QhCHxdEbhnorzun6Pd-lsuiIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/36a9af-0d6a-45e3-9ca5-40858b95fcf5/1/NFtPe0oW256STwkIzuPaJvIq1IE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.38.0/24
IPv6:
2a0b:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
57:cc:1f:c0:22:5a:a5:67:bc:4b:ea:38:1c:d4:0c:fd:0f:81:
1f:9e:d9:1e:80:29:a1:24:60:2e:ba:b6:52:0f:ac:69:30:ca:
db:43:54:4b:97:9a:f5:9e:70:b4:59:89:37:07:56:67:aa:59:
ec:80:8b:2e:88:cc:11:28:3c:90:8e:ec:29:be:ec:db:a9:08:
d7:73:e8:cc:1f:4e:5c:1f:5e:d2:fb:e6:7c:80:1c:74:40:6c:
bc:3d:b8:5f:9d:00:09:b3:f1:0a:0c:3b:40:bd:8b:62:e5:46:
28:6c:44:b8:a3:98:c1:fa:49:a2:aa:4b:6b:1d:b0:35:0e:63:
f9:01:f4:e5:17:03:70:ad:40:00:ba:c2:18:dd:2f:aa:d5:01:
96:44:67:ba:fa:4c:63:19:cb:26:cd:45:23:86:e6:47:d2:e0:
92:9b:04:2c:1e:ac:b0:26:e2:4d:3c:59:6e:93:7a:46:2a:69:
ed:58:5b:63:c4:52:ef:60:2a:8b:2d:7f:e7:cf:08:11:f7:dd:
3e:24:42:d6:2f:7c:d8:60:ed:b5:b8:e7:b6:91:8f:48:03:af:
a7:7b:23:6f:a3:14:c4:94:ad:3c:58:68:01:1e:f7:a9:0e:bc:
c0:2f:fa:e7:56:d0:d4:af:a0:ff:73:25:bf:75:9e:d9:d5:4f:
ea:59:4f:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkj8gaBTCKylMOjQlJL8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWI0ZjdiNGExNmRiOWU5MjRmMDkwOGNlZTNkYTI2ZjIy
YWQ0ODEwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjY0MjEwODdjNWQxMWI4NjdhMmJjZWU5ZmEzZGRmYTViMmU4ODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OUKSpEOHU0Uk1kKoFPeFdBXmeA7
4sBkEdBvW9WHbBD8CluArauHT+C3f7VRBTEpZZULVKQ+c2EK3+HtVt5hdz0062/p
C1Xuhva0Gtm9wOdZ0wu1PX4T2TJeaCe4WodRebjZ1VsG9f11WGZwJ7oPgsq0zQCU
nsuVFAX8INdAr7QMIWw/EIUztJJJzA4Q59Mcu3ik5t+akNvCtDWFrieLiVZy5LOE
hpsnVArh1gbGV3jUzoGzmRrvEIUnhGJtrFi2Xyg36f976AB1F2rqXuiYBVBYUyOt
QeHChYbeliLCwzPwvCLlIsakeGRJLrysN4ThVUbKw/qT5p4rcQHBP9+r/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKtkIQh8XRG4Z6K87p+j3fpbLoiDMB8GA1UdIwQY
MBaAFDRbT3tKFtuekk8JCM7j2ibyKtSBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZ0UGUwb1cyNTZTVHdrSXp1UGFKdklxMUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8zNmE5YWYtMGQ2YS00NWUzLTljYTUt
NDA4NThiOTVmY2Y1LzEvcTJRaENIeGRFYmhub3J6dW42UGQtbHN1aUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8zNmE5YWYtMGQ2YS00NWUzLTljYTUtNDA4NThiOTVmY2Y1
LzEvTkZ0UGUwb1cyNTZTVHdrSXp1UGFKdklxMUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXHcmMA0E
AgACMAcDBQMqC92AMA0GCSqGSIb3DQEBCwUAA4IBAQBXzB/AIlqlZ7xL6jgc1Az9
D4EfntkegCmhJGAuurZSD6xpMMrbQ1RLl5r1nnC0WYk3B1ZnqlnsgIsuiMwRKDyQ
juwpvuzbqQjXc+jMH05cH17S++Z8gBx0QGy8PbhfnQAJs/EKDDtAvYti5UYobES4
o5jB+kmiqktrHbA1DmP5AfTlFwNwrUAAusIY3S+q1QGWRGe6+kxjGcsmzUUjhuZH
0uCSmwQsHqywJuJNPFluk3pGKmntWFtjxFLvYCqLLX/nzwgR990+JELWL3zYYO21
uOe2kY9IA6+neyNvoxTElK08WGgBHvepDrzAL/rnVtDUr6D/cyW/dZ7Z1U/qWU82
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:19 2025 by rpki-client