Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/QJH9Uv3R8CCILolCJ-X9xXD4HvA.roa
File: QJH9Uv3R8CCILolCJ-X9xXD4HvA.roa (raw, json)
Hash identifier: ugnzTQnCX6GxWJJ0GgADj76kawjXJZ6lqY8kCBu+Sk4=
Subject key identifier: 40:91:FD:52:FD:D1:F0:20:88:2E:89:42:27:E5:FD:C5:70:F8:1E:F0
Certificate issuer: /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial: 0192BA61FD9B287E56D51CAC262C0A94FDBD
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/QJH9Uv3R8CCILolCJ-X9xXD4HvA.roa
Signing time: Wed 23 Oct 2024 17:17:16 +0000
ROA not before: Wed 23 Oct 2024 17:17:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.18.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ba:61:fd:9b:28:7e:56:d5:1c:ac:26:2c:0a:94:fd:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
Validity
Not Before: Oct 23 17:17:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4091fd52fdd1f020882e894227e5fdc570f81ef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5f:2c:00:2b:97:eb:c0:14:82:46:1e:65:f4:
3e:41:98:6c:92:2a:2f:3f:bc:2a:31:72:94:3f:c7:
c9:30:ad:58:11:7a:59:ca:42:47:b2:d9:9b:e1:05:
dc:ba:4f:98:84:a9:94:02:19:bd:b1:3b:d4:8f:6c:
ce:3e:47:39:ab:3e:9d:3b:6d:a3:f9:c1:e8:df:31:
5a:c4:7f:8d:ef:3e:bb:1b:51:f8:e0:30:ed:30:99:
03:f2:4b:b4:4f:8b:9a:12:87:1f:f7:46:bc:ff:3c:
4b:9a:9a:99:c1:d9:03:10:21:8d:1d:ca:f8:4b:57:
00:5c:80:de:e8:04:b3:cc:52:cc:b2:92:ca:97:b1:
4d:f9:4c:13:f5:a7:61:8e:c3:6a:2b:39:b0:fd:7b:
24:fb:26:c0:d8:65:1e:27:5c:52:06:6d:5e:74:3e:
67:ee:b3:ad:ed:d3:83:c3:25:8a:8d:47:35:b2:44:
9f:30:b2:c9:6a:b0:68:60:73:7b:59:3c:92:14:6a:
b8:97:5a:ca:25:e3:2c:0d:ea:41:d5:1d:4d:2d:1d:
a5:75:da:cc:02:f2:cb:d7:15:18:e3:1f:13:a0:38:
c6:b0:bb:67:5e:dd:fe:49:f5:a1:f6:56:c8:e0:4f:
26:57:3a:a7:b4:80:1c:8a:45:10:76:8c:ea:8b:66:
4a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:91:FD:52:FD:D1:F0:20:88:2E:89:42:27:E5:FD:C5:70:F8:1E:F0
X509v3 Authority Key Identifier:
keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/QJH9Uv3R8CCILolCJ-X9xXD4HvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.123.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d4:44:6c:82:eb:9c:18:ae:f9:73:c2:ed:19:6b:bd:91:7d:
ec:82:f8:ea:b9:0a:d1:f0:43:c0:85:a1:23:a1:90:d2:a3:d0:
dd:05:2c:d5:40:f9:5e:9a:19:64:52:35:96:ab:7f:69:ff:4c:
b4:65:15:83:a9:32:70:14:6b:69:22:8c:fe:be:39:1a:b2:dd:
4f:f5:f0:02:e7:58:86:79:af:c0:c1:ff:2c:4b:5f:1f:4c:ed:
15:c0:2a:15:49:1f:23:de:9e:ca:d1:cb:76:18:38:1d:27:f5:
16:83:ca:91:04:a1:6b:b7:ea:b9:0d:b0:76:f4:6f:0e:7d:b5:
30:72:a1:d9:80:f2:5b:71:e3:4b:e0:a2:7f:32:ff:2c:81:6a:
c7:55:f8:31:cd:c7:c0:7c:cd:87:25:be:1e:36:68:34:50:61:
1c:1a:73:c7:ed:db:3e:7a:5d:6f:29:cb:35:02:28:6b:82:2e:
ac:43:c1:6e:64:98:ce:2e:bb:d9:bd:ba:6a:dd:ec:7d:7e:08:
ef:40:c9:f7:1a:ba:12:78:c2:0e:11:03:eb:9f:1e:cf:49:12:
dd:33:34:a8:99:f1:50:75:cd:6f:be:70:1b:ca:fe:42:95:e2:
ab:01:32:87:7b:09:09:83:80:3d:61:c3:a2:54:0c:68:72:b6:
f7:b0:29:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZK6Yf2bKH5W1RysJiwKlP29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2MzOWQxODk5ZTY5OWJmNTE3NzQxOGVlMzgxNDg5ZWRm
ZjQzODAwHhcNMjQxMDIzMTcxNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDkxZmQ1MmZkZDFmMDIwODgyZTg5NDIyN2U1ZmRjNTcwZjgxZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl8sACuX68AUgkYeZfQ+QZhskiov
P7wqMXKUP8fJMK1YEXpZykJHstmb4QXcuk+YhKmUAhm9sTvUj2zOPkc5qz6dO22j
+cHo3zFaxH+N7z67G1H44DDtMJkD8ku0T4uaEocf90a8/zxLmpqZwdkDECGNHcr4
S1cAXIDe6ASzzFLMspLKl7FN+UwT9adhjsNqKzmw/Xsk+ybA2GUeJ1xSBm1edD5n
7rOt7dODwyWKjUc1skSfMLLJarBoYHN7WTySFGq4l1rKJeMsDepB1R1NLR2lddrM
AvLL1xUY4x8ToDjGsLtnXt3+SfWh9lbI4E8mVzqntIAcikUQdozqi2ZKIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFECR/VL90fAgiC6JQifl/cVw+B7wMB8GA1UdIwQY
MBaAFHw8OdGJnmmb9Rd0GO44FInt/0OAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAt
MDYzZmNkZDNhMDU3LzEvUUpIOVV2M1I4Q0NJTG9sQ0otWDl4WEQ0SHZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAtMDYzZmNkZDNhMDU3
LzEvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRJ7MA0G
CSqGSIb3DQEBCwUAA4IBAQBZ1ERsguucGK75c8LtGWu9kX3sgvjquQrR8EPAhaEj
oZDSo9DdBSzVQPlemhlkUjWWq39p/0y0ZRWDqTJwFGtpIoz+vjkast1P9fAC51iG
ea/Awf8sS18fTO0VwCoVSR8j3p7K0ct2GDgdJ/UWg8qRBKFrt+q5DbB29G8OfbUw
cqHZgPJbceNL4KJ/Mv8sgWrHVfgxzcfAfM2HJb4eNmg0UGEcGnPH7ds+el1vKcs1
Aihrgi6sQ8FuZJjOLrvZvbpq3ex9fgjvQMn3GroSeMIOEQPrnx7PSRLdMzSomfFQ
dc1vvnAbyv5CleKrATKHewkJg4A9YcOiVAxocrb3sClh
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:14 2025 by rpki-client