Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/kQvEXLZXPU6LAvU8D3aIoPXGsrg.roa
File: kQvEXLZXPU6LAvU8D3aIoPXGsrg.roa (raw, json)
Hash identifier: gG0tpEXlGYAJ4KK9JwqjPg+UIgFh6U5H8jY1YMajdwE=
Subject key identifier: 91:0B:C4:5C:B6:57:3D:4E:8B:02:F5:3C:0F:76:88:A0:F5:C6:B2:B8
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0193C6908F08AFE64FA00C03007841C41C52
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/kQvEXLZXPU6LAvU8D3aIoPXGsrg.roa
Signing time: Sat 14 Dec 2024 19:06:22 +0000
ROA not before: Sat 14 Dec 2024 19:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57523
IP address blocks: 152.89.198.0/24 maxlen: 24
194.26.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c6:90:8f:08:af:e6:4f:a0:0c:03:00:78:41:c4:1c:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Dec 14 19:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=910bc45cb6573d4e8b02f53c0f7688a0f5c6b2b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ab:bb:25:4a:7e:9c:4c:57:4d:a9:e7:37:3d:
03:56:8b:7f:6b:83:be:4d:26:4c:3c:7b:d2:ce:80:
0a:86:07:72:2d:c7:63:46:dc:82:b4:c3:23:43:ec:
fb:a5:1e:a9:d0:fd:ff:a5:de:42:d4:36:47:1d:31:
be:d0:fa:81:86:19:f3:4c:35:43:88:ce:b5:43:09:
96:9f:49:6d:50:0d:b4:f4:34:3b:18:d8:15:b2:cc:
40:78:7d:5f:48:43:bb:ea:04:e9:18:0a:bd:43:84:
51:8b:f7:ac:d6:99:51:aa:25:d2:e0:fb:c7:78:65:
32:e7:e7:04:3d:fe:c9:c6:97:07:65:03:15:9a:dc:
1b:0e:13:de:41:5b:53:89:98:95:4b:d2:e4:d9:9a:
c5:79:61:7b:6e:c5:f9:40:2f:39:72:c7:2a:65:e0:
94:0f:ed:9f:e0:70:f0:74:ab:78:2b:85:3b:71:a7:
88:9f:25:98:c4:ca:de:9c:ad:05:77:19:a3:bf:17:
b6:99:8d:76:a2:12:d7:4d:4a:87:8d:a6:dc:38:a7:
c6:76:92:54:1f:d6:6d:6e:74:0b:22:60:f6:38:df:
fb:d7:bd:15:54:6d:36:53:05:80:ad:35:5b:5a:59:
7d:61:c4:a7:0c:34:aa:e6:f3:86:3b:c8:6d:b5:19:
56:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0B:C4:5C:B6:57:3D:4E:8B:02:F5:3C:0F:76:88:A0:F5:C6:B2:B8
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/kQvEXLZXPU6LAvU8D3aIoPXGsrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.198.0/24
194.26.135.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:f5:b2:7b:db:dd:cc:f7:e7:24:2c:26:5d:8e:e6:af:63:c2:
43:db:be:6d:4a:d6:21:3a:ca:a1:98:0d:08:41:1b:48:27:38:
1a:c1:09:9f:9e:c9:bb:b3:4d:a0:eb:c8:d2:76:b7:61:16:82:
2c:4a:73:c5:c9:22:44:31:8d:8a:d7:a8:9f:d0:44:2b:e5:d2:
38:28:d3:11:93:2f:85:c3:93:8d:f0:72:68:7c:07:8e:39:12:
4a:52:cb:01:06:f8:39:a2:ae:95:2e:5a:e0:46:47:fa:ff:33:
ad:20:e5:90:7e:22:d2:6d:93:f8:c1:17:07:16:f1:98:eb:f8:
a4:ef:e4:46:09:19:31:98:ce:a3:72:6f:53:c7:e8:cc:cc:d1:
03:62:1f:07:93:4f:41:58:ba:2a:3d:6d:02:ee:d6:6d:6b:12:
af:bb:49:e3:04:db:c0:7d:12:a1:67:d0:9d:c7:fb:5f:c4:d8:
f8:d6:89:2c:40:10:0f:83:ce:71:e6:e9:14:30:8c:9e:89:50:
2d:15:d3:6c:eb:f9:60:a0:2f:6b:56:7b:37:80:62:ae:25:6d:
d0:18:30:23:30:fd:37:4e:63:cc:e7:f8:77:1b:44:e5:ea:d0:
78:83:00:6e:9f:d3:4f:4d:b4:08:d2:77:e3:88:91:ef:b6:d9:
79:81:fb:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPGkI8Ir+ZPoAwDAHhBxBxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQxMjE0MTkwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBiYzQ1Y2I2NTczZDRlOGIwMmY1M2MwZjc2ODhhMGY1YzZiMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqu7JUp+nExXTannNz0DVot/a4O+
TSZMPHvSzoAKhgdyLcdjRtyCtMMjQ+z7pR6p0P3/pd5C1DZHHTG+0PqBhhnzTDVD
iM61QwmWn0ltUA209DQ7GNgVssxAeH1fSEO76gTpGAq9Q4RRi/es1plRqiXS4PvH
eGUy5+cEPf7JxpcHZQMVmtwbDhPeQVtTiZiVS9Lk2ZrFeWF7bsX5QC85cscqZeCU
D+2f4HDwdKt4K4U7caeInyWYxMrenK0Fdxmjvxe2mY12ohLXTUqHjabcOKfGdpJU
H9ZtbnQLImD2ON/7170VVG02UwWArTVbWll9YcSnDDSq5vOGO8httRlWhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJELxFy2Vz1OiwL1PA92iKD1xrK4MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEva1F2RVhMWlhQVTZMQXZVOEQzYUlvUFhHc3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmFnGAwQA
whqHMA0GCSqGSIb3DQEBCwUAA4IBAQCj9bJ7293M9+ckLCZdjuavY8JD275tStYh
OsqhmA0IQRtIJzgawQmfnsm7s02g68jSdrdhFoIsSnPFySJEMY2K16if0EQr5dI4
KNMRky+Fw5ON8HJofAeOORJKUssBBvg5oq6VLlrgRkf6/zOtIOWQfiLSbZP4wRcH
FvGY6/ik7+RGCRkxmM6jcm9Tx+jMzNEDYh8Hk09BWLoqPW0C7tZtaxKvu0njBNvA
fRKhZ9Cdx/tfxNj41oksQBAPg85x5ukUMIyeiVAtFdNs6/lgoC9rVns3gGKuJW3Q
GDAjMP03TmPM5/h3G0Tl6tB4gwBun9NPTbQI0nfjiJHvttl5gfum
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:52:07 2025 by rpki-client