Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/3b27b0-a1a7-4bf5-8cdd-595bfa1e1a9b/1/QaVIorKxIMotcqEgIVMT9hU9fAo.roa
File: QaVIorKxIMotcqEgIVMT9hU9fAo.roa (raw, json)
Hash identifier: /HR4sSSZ5dYrzu7iAM6z42W6ddZfNsGocrJZQLyJOKY=
Subject key identifier: 41:A5:48:A2:B2:B1:20:CA:2D:72:A1:20:21:53:13:F6:15:3D:7C:0A
Certificate issuer: /CN=f90e719baa4c8310483679fb6a3cb4ce9ac00c09
Certificate serial: 018CC80160B1E107B0DFE9BAEEEC8D0B0DF0
Authority key identifier: F9:0E:71:9B:AA:4C:83:10:48:36:79:FB:6A:3C:B4:CE:9A:C0:0C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Q5xm6pMgxBINnn7ajy0zprADAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/3b27b0-a1a7-4bf5-8cdd-595bfa1e1a9b/1/QaVIorKxIMotcqEgIVMT9hU9fAo.roa
Signing time: Tue 02 Jan 2024 02:29:42 +0000
ROA not before: Tue 02 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205244
IP address blocks: 185.224.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:60:b1:e1:07:b0:df:e9:ba:ee:ec:8d:0b:0d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f90e719baa4c8310483679fb6a3cb4ce9ac00c09
Validity
Not Before: Jan 2 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41a548a2b2b120ca2d72a120215313f6153d7c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0e:a8:86:51:b5:f3:ea:21:39:d7:59:60:3a:
02:8d:e6:96:57:4f:f2:ea:05:51:2c:52:ca:11:e4:
bc:1c:b1:3a:3e:6e:45:e8:2c:9b:1c:63:f6:63:10:
4a:0f:ba:0b:74:d6:c4:0b:a6:16:d7:e5:0e:2f:b5:
20:cb:90:bc:7b:ad:91:40:ec:43:d0:cb:12:70:7a:
5a:c0:60:d2:a4:80:12:de:e1:14:cb:5b:c8:df:f6:
56:d4:03:2b:e1:da:ad:c7:a4:b2:90:3e:ed:aa:8f:
3e:13:cd:f9:a0:d7:3f:b0:63:40:d5:da:7d:9e:11:
87:7d:b7:69:f5:65:ed:da:d7:6e:0d:da:b3:3a:ef:
ce:91:fd:d5:69:39:49:24:c6:f8:c2:d3:fe:16:a7:
1d:e2:b6:6a:bc:5d:83:08:de:5c:28:08:3e:45:96:
49:53:8d:b4:40:eb:dc:33:a2:2e:03:8a:d0:3e:42:
ff:af:05:24:98:7c:10:66:8d:9a:ce:c9:f7:15:b1:
32:14:3f:66:a1:ce:c0:87:97:1f:df:d9:d6:95:03:
59:dc:f2:6f:0d:2a:61:a9:90:93:72:92:ff:aa:ee:
81:dc:f8:36:75:6c:38:e2:3e:97:24:2c:a6:d8:00:
86:94:e6:0e:13:fb:70:9f:2c:55:d1:8e:fb:ba:5e:
b1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A5:48:A2:B2:B1:20:CA:2D:72:A1:20:21:53:13:F6:15:3D:7C:0A
X509v3 Authority Key Identifier:
keyid:F9:0E:71:9B:AA:4C:83:10:48:36:79:FB:6A:3C:B4:CE:9A:C0:0C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Q5xm6pMgxBINnn7ajy0zprADAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3b27b0-a1a7-4bf5-8cdd-595bfa1e1a9b/1/QaVIorKxIMotcqEgIVMT9hU9fAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3b27b0-a1a7-4bf5-8cdd-595bfa1e1a9b/1/1-Q5xm6pMgxBINnn7ajy0zprADAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.100.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:70:45:fd:82:82:26:fb:0b:4a:c8:df:3a:76:76:ae:33:ec:
e1:ee:71:f1:54:f2:f1:f8:0e:d2:75:d5:73:bb:ea:7a:6f:51:
47:05:e3:69:b7:be:e6:fe:b3:85:8d:82:6e:2d:92:6d:c0:58:
0b:f5:5e:47:29:6d:03:f9:ff:53:2c:ca:43:7c:7f:b5:79:2a:
a9:cb:52:32:08:85:6f:38:ba:b1:33:96:e4:11:5a:48:0c:b4:
ed:00:af:8d:7c:19:c0:94:ac:01:6c:03:56:d9:83:e2:99:b8:
d6:7e:b2:8b:d2:b9:a0:99:77:5d:f7:77:e7:87:83:28:a2:14:
80:f7:6b:c1:3c:b4:ea:1f:57:a8:b8:ad:ba:58:7b:67:22:4c:
43:24:53:b8:90:d7:54:c8:ee:5f:c3:59:0a:18:78:a6:ec:76:
7a:16:81:c0:15:98:bb:01:0b:f0:d5:b5:f1:36:fa:1f:d9:33:
4e:7f:ce:6f:97:8a:28:bb:63:ce:47:b7:31:e3:aa:75:d1:ad:
80:0d:9f:7b:df:77:08:77:78:92:3f:e3:16:13:7e:11:0f:97:
58:c9:94:a8:12:cd:ac:4e:85:3b:bb:3c:5c:35:c7:2c:4d:77:
ed:9c:4b:5e:61:2c:fe:57:15:df:f4:43:5c:a2:0d:7c:e9:cc:
ea:42:0b:84
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzIAWCx4Qew3+m67uyNCw3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MGU3MTliYWE0YzgzMTA0ODM2NzlmYjZhM2NiNGNlOWFj
MDBjMDkwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE1NDhhMmIyYjEyMGNhMmQ3MmExMjAyMTUzMTNmNjE1M2Q3YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1w6ohlG18+ohOddZYDoCjeaWV0/y
6gVRLFLKEeS8HLE6Pm5F6CybHGP2YxBKD7oLdNbEC6YW1+UOL7Ugy5C8e62RQOxD
0MsScHpawGDSpIAS3uEUy1vI3/ZW1AMr4dqtx6SykD7tqo8+E835oNc/sGNA1dp9
nhGHfbdp9WXt2tduDdqzOu/Okf3VaTlJJMb4wtP+Fqcd4rZqvF2DCN5cKAg+RZZJ
U420QOvcM6IuA4rQPkL/rwUkmHwQZo2azsn3FbEyFD9moc7Ah5cf39nWlQNZ3PJv
DSphqZCTcpL/qu6B3Pg2dWw44j6XJCym2ACGlOYOE/twnyxV0Y77ul6x7QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEGlSKKysSDKLXKhICFTE/YVPXwKMB8GA1UdIwQY
MBaAFPkOcZuqTIMQSDZ5+2o8tM6awAwJMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1RNXhtNnBNZ3hCSU5ubjdhankwenByQURBay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvM2IyN2IwLWExYTctNGJmNS04Y2Rk
LTU5NWJmYTFlMWE5Yi8xL1FhVklvckt4SU1vdGNxRWdJVk1UOWhVOWZBby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvM2IyN2IwLWExYTctNGJmNS04Y2RkLTU5NWJmYTFlMWE5
Yi8xLzEtUTV4bTZwTWd4QklObm43YWp5MHpwckFEQWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK54GQw
DQYJKoZIhvcNAQELBQADggEBAI5wRf2Cgib7C0rI3zp2dq4z7OHucfFU8vH4DtJ1
1XO76npvUUcF42m3vub+s4WNgm4tkm3AWAv1XkcpbQP5/1MsykN8f7V5KqnLUjII
hW84urEzluQRWkgMtO0Ar418GcCUrAFsA1bZg+KZuNZ+sovSuaCZd133d+eHgyii
FID3a8E8tOofV6i4rbpYe2ciTEMkU7iQ11TI7l/DWQoYeKbsdnoWgcAVmLsBC/DV
tfE2+h/ZM05/zm+Xiii7Y85HtzHjqnXRrYANn3vfdwh3eJI/4xYTfhEPl1jJlKgS
zaxOhTu7PFw1xyxNd+2cS15hLP5XFd/0Q1yiDXzpzOpCC4Q=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:37 2025 by rpki-client