Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Q1xY1xyhAoa7IhnuIhcAzYs83qk.roa
File: Q1xY1xyhAoa7IhnuIhcAzYs83qk.roa (raw, json)
Hash identifier: CeANsCpOypHE1NQ00cm3076hM4KxQN9CBQc42Uff41A=
Subject key identifier: 43:5C:58:D7:1C:A1:02:86:BB:22:19:EE:22:17:00:CD:8B:3C:DE:A9
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018EC225FA15E8BEADBECE518B6B4EC9DA34
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Q1xY1xyhAoa7IhnuIhcAzYs83qk.roa
Signing time: Tue 09 Apr 2024 09:17:32 +0000
ROA not before: Tue 09 Apr 2024 09:17:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209178
IP address blocks: 103.100.168.0/24 maxlen: 24
185.233.19.0/24 maxlen: 24
185.235.165.0/24 maxlen: 24
2a02:afc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Apr 2024 09:20:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:25:fa:15:e8:be:ad:be:ce:51:8b:6b:4e:c9:da:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Apr 9 09:17:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=435c58d71ca10286bb2219ee221700cd8b3cdea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:84:05:f6:12:70:b3:e0:ed:a6:4b:f1:08:84:
6d:05:83:24:0f:05:37:fc:cf:f0:d6:81:d4:74:2b:
33:7c:19:e2:03:ff:fd:58:27:1d:02:2f:9f:ff:c5:
cc:69:12:09:5d:2b:1b:f4:9b:85:ae:c0:e4:1a:17:
1e:fa:dd:a0:76:06:a9:87:c4:98:82:35:84:6f:f2:
40:67:83:e3:09:c0:89:d6:aa:d1:8a:a3:bb:13:b6:
fc:1b:d0:fb:62:71:5a:24:f1:79:8d:a2:c1:63:8f:
4e:ec:6f:3e:43:a2:c6:5c:0d:20:3d:aa:49:11:47:
b4:63:f3:e5:7a:da:31:3e:66:ec:04:d1:29:ee:53:
ed:a1:46:63:57:6c:03:83:46:30:06:ea:13:f7:66:
0c:af:6b:2e:02:81:52:22:fc:d5:5f:27:4d:82:c9:
42:0f:1f:63:09:78:d6:4c:39:f7:c6:0a:43:97:66:
5d:3e:ae:7d:0a:b5:2b:2b:4f:40:11:ff:24:fd:54:
1a:e6:b0:09:98:5f:39:0e:10:28:ec:9b:35:28:48:
69:36:00:2a:e1:d2:23:e5:ff:b5:fb:b4:3d:1e:74:
c6:32:59:71:33:e6:0f:c7:31:4a:54:f1:9b:42:f4:
d8:43:30:cd:70:d1:ff:af:8f:87:0a:d7:d6:40:f1:
dc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5C:58:D7:1C:A1:02:86:BB:22:19:EE:22:17:00:CD:8B:3C:DE:A9
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/Q1xY1xyhAoa7IhnuIhcAzYs83qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.100.168.0/24
185.233.19.0/24
185.235.165.0/24
IPv6:
2a02:afc0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:0e:4a:75:a7:b6:12:69:e4:ac:c6:60:14:27:bd:77:92:fe:
52:57:4f:05:e0:ab:c7:d1:f1:d2:07:46:69:37:09:d2:b1:86:
cf:10:2c:1f:d0:5c:5a:8e:7f:25:e5:16:4e:03:a8:cd:1b:04:
1d:d4:5e:30:ce:6d:f2:f9:a6:e4:11:93:45:32:95:82:64:25:
d0:d7:2c:9b:1f:3f:d8:47:a3:51:56:d7:c6:40:f0:97:b0:23:
11:0e:a0:90:51:7d:b9:d5:b8:66:24:54:c4:73:32:b8:1b:14:
c7:ff:37:f0:3f:a9:e4:1b:a1:56:47:3a:23:88:46:73:7f:fd:
9e:cf:d5:07:73:5c:7f:b7:36:ac:74:95:80:c6:b4:06:db:e1:
6b:e8:fd:2b:1c:bd:70:fe:3c:84:7f:3b:19:88:0f:9e:81:66:
a9:cb:f4:79:35:b7:ec:a8:6d:30:1e:c8:12:9c:1c:ee:07:cf:
ac:3f:24:1a:4b:6a:d8:a5:37:f7:30:f1:ab:90:7f:43:23:c9:
ac:13:52:00:20:5c:59:32:ef:45:1d:74:6d:be:63:66:3e:cb:
81:0f:27:39:9d:98:4e:f3:4a:a8:4d:ac:ea:7a:2a:52:cc:a7:
ed:c3:57:0a:ed:1f:e6:3e:de:dc:ee:36:57:f4:6e:6d:31:89:
de:80:ea:07
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY7CJfoV6L6tvs5Ri2tOydo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwNDA5MDkxNzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzVjNThkNzFjYTEwMjg2YmIyMjE5ZWUyMjE3MDBjZDhiM2NkZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4QF9hJws+DtpkvxCIRtBYMkDwU3
/M/w1oHUdCszfBniA//9WCcdAi+f/8XMaRIJXSsb9JuFrsDkGhce+t2gdgaph8SY
gjWEb/JAZ4PjCcCJ1qrRiqO7E7b8G9D7YnFaJPF5jaLBY49O7G8+Q6LGXA0gPapJ
EUe0Y/PletoxPmbsBNEp7lPtoUZjV2wDg0YwBuoT92YMr2suAoFSIvzVXydNgslC
Dx9jCXjWTDn3xgpDl2ZdPq59CrUrK09AEf8k/VQa5rAJmF85DhAo7Js1KEhpNgAq
4dIj5f+1+7Q9HnTGMllxM+YPxzFKVPGbQvTYQzDNcNH/r4+HCtfWQPHcNwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFENcWNccoQKGuyIZ7iIXAM2LPN6pMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvUTF4WTF4eWhBb2E3SWhudUloY0F6WXM4M3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAZ2SoAwQA
uekTAwQAueulMA0EAgACMAcDBQMqAq/AMA0GCSqGSIb3DQEBCwUAA4IBAQArDkp1
p7YSaeSsxmAUJ713kv5SV08F4KvH0fHSB0ZpNwnSsYbPECwf0Fxajn8l5RZOA6jN
GwQd1F4wzm3y+abkEZNFMpWCZCXQ1yybHz/YR6NRVtfGQPCXsCMRDqCQUX251bhm
JFTEczK4GxTH/zfwP6nkG6FWRzojiEZzf/2ez9UHc1x/tzasdJWAxrQG2+Fr6P0r
HL1w/jyEfzsZiA+egWapy/R5NbfsqG0wHsgSnBzuB8+sPyQaS2rYpTf3MPGrkH9D
I8msE1IAIFxZMu9FHXRtvmNmPsuBDyc5nZhO80qoTazqeipSzKftw1cK7R/mPt7c
7jZX9G5tMYnegOoH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:34 2025 by rpki-client