Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/qa4lavQtk9p-CVX2qSJUSQOJ6o8.roa
File: qa4lavQtk9p-CVX2qSJUSQOJ6o8.roa (raw, json)
Hash identifier: YCRU54ROaa2SC/ZbLZK8LlV9pQNZOyQw/6XCOKTmpp4=
Subject key identifier: A9:AE:25:6A:F4:2D:93:DA:7E:09:55:F6:A9:22:54:49:03:89:EA:8F
Certificate issuer: /CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Certificate serial: 018CC492387C035C6AB349D4D5A2B1684142
Authority key identifier: 1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/qa4lavQtk9p-CVX2qSJUSQOJ6o8.roa
Signing time: Mon 01 Jan 2024 10:29:26 +0000
ROA not before: Mon 01 Jan 2024 10:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206637
IP address blocks: 185.180.172.0/22 maxlen: 24
2a0a:ab80::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Jun 2024 10:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:38:7c:03:5c:6a:b3:49:d4:d5:a2:b1:68:41:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Validity
Not Before: Jan 1 10:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9ae256af42d93da7e0955f6a92254490389ea8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2d:55:d4:19:5b:bb:bf:a5:44:41:36:cc:f2:
3c:4e:8b:32:d1:b9:b2:69:5e:28:21:b1:57:43:7e:
67:02:3a:79:bc:8c:42:15:4e:5e:64:20:ce:10:85:
39:8f:0b:12:c0:e9:09:a8:b3:e1:5c:f8:10:24:86:
06:e3:27:56:ba:ff:7f:76:8d:40:30:41:c7:62:c0:
da:91:55:25:3b:58:99:fb:a4:91:6a:e1:77:a1:3b:
71:d6:f5:bd:7d:b2:28:c0:3f:51:1c:b7:2b:dc:dc:
2a:66:eb:07:a2:05:5e:dd:6b:c3:7d:38:46:20:21:
d9:b4:14:fc:f5:5e:93:22:89:d1:0a:ab:d3:26:ae:
0a:ae:80:86:85:0a:5b:58:d1:dd:73:d7:0c:bc:66:
84:1e:b3:4e:e2:02:db:3a:b6:1f:24:54:6b:47:a3:
95:eb:eb:c3:57:bc:e9:a4:e2:47:b0:c4:f8:3f:2e:
8d:04:35:94:5d:5b:cd:2a:b3:c9:d4:28:67:8f:08:
66:16:0f:7e:8a:e7:bb:4c:50:24:c2:58:f5:a8:6c:
4a:38:0f:9a:a6:b0:60:d5:88:94:29:48:bd:da:74:
61:7e:c9:97:8d:6b:7a:c3:c8:08:57:c4:26:65:21:
46:79:c8:a9:23:d8:1c:4d:d2:3e:90:3d:8a:1c:f4:
ef:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AE:25:6A:F4:2D:93:DA:7E:09:55:F6:A9:22:54:49:03:89:EA:8F
X509v3 Authority Key Identifier:
keyid:1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/qa4lavQtk9p-CVX2qSJUSQOJ6o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.172.0/22
IPv6:
2a0a:ab80::/32
Signature Algorithm: sha256WithRSAEncryption
87:74:dd:be:a6:9d:7f:bf:7b:a5:83:8a:0d:58:09:de:a6:5e:
cc:b8:f3:2d:b4:a5:2f:e9:57:55:32:3e:30:f4:07:b2:c9:ce:
23:d9:bc:bb:63:9d:6d:96:c6:8d:24:5b:a0:18:31:61:8f:5a:
c1:af:a1:16:d5:d2:60:69:d5:db:a7:47:4e:bd:7d:35:c1:1a:
be:46:57:3d:0c:bc:3e:f1:70:72:f4:7b:6f:dd:1c:29:a1:c0:
b5:bc:7c:06:7d:ce:04:52:a2:72:ca:6f:ec:44:bd:de:12:62:
9e:b0:32:ea:2b:c3:2e:6c:84:ba:e1:70:e0:5a:cb:32:9d:58:
34:77:b6:74:f2:b2:ef:15:4a:94:d7:1a:3d:81:a5:84:f5:a8:
b4:b6:f2:db:11:ea:fc:a5:d4:8d:06:43:ee:73:29:93:24:63:
98:a4:11:83:d6:91:64:79:0c:a4:5c:bc:46:9d:ad:9d:6a:67:
ea:9d:c3:96:6b:63:e6:8c:d7:30:ac:77:f1:47:76:40:25:b5:
77:73:62:d5:b9:4c:f5:34:92:54:31:ed:36:ed:dc:bf:3e:86:
39:76:1c:8c:19:d7:bb:11:89:b6:2d:84:c4:9e:dc:f6:19:88:
9c:2b:0c:cd:37:3f:2f:67:a5:4e:5b:f8:24:86:7d:d9:e5:e4:
5d:61:55:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkjh8A1xqs0nU1aKxaEFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZTVlZmJmNjU4OTcxNjBkNTVhNTJkYzNhMjJjMDE3ODc2
Y2QwNmMwHhcNMjQwMTAxMTAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFlMjU2YWY0MmQ5M2RhN2UwOTU1ZjZhOTIyNTQ0OTAzODllYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC1V1Blbu7+lREE2zPI8Tosy0bmy
aV4oIbFXQ35nAjp5vIxCFU5eZCDOEIU5jwsSwOkJqLPhXPgQJIYG4ydWuv9/do1A
MEHHYsDakVUlO1iZ+6SRauF3oTtx1vW9fbIowD9RHLcr3NwqZusHogVe3WvDfThG
ICHZtBT89V6TIonRCqvTJq4KroCGhQpbWNHdc9cMvGaEHrNO4gLbOrYfJFRrR6OV
6+vDV7zppOJHsMT4Py6NBDWUXVvNKrPJ1ChnjwhmFg9+iue7TFAkwlj1qGxKOA+a
prBg1YiUKUi92nRhfsmXjWt6w8gIV8QmZSFGecipI9gcTdI+kD2KHPTviQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKmuJWr0LZPafglV9qkiVEkDieqPMB8GA1UdIwQY
MBaAFB7l779liXFg1VpS3DoiwBeHbNBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUt
N2MwZGI3YmFlMTM1LzEvcWE0bGF2UXRrOXAtQ1ZYMnFTSlVTUU9KNm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUtN2MwZGI3YmFlMTM1
LzEvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubSsMA0E
AgACMAcDBQAqCquAMA0GCSqGSIb3DQEBCwUAA4IBAQCHdN2+pp1/v3ulg4oNWAne
pl7MuPMttKUv6VdVMj4w9Aeyyc4j2by7Y51tlsaNJFugGDFhj1rBr6EW1dJgadXb
p0dOvX01wRq+Rlc9DLw+8XBy9Htv3RwpocC1vHwGfc4EUqJyym/sRL3eEmKesDLq
K8MubIS64XDgWssynVg0d7Z08rLvFUqU1xo9gaWE9ai0tvLbEer8pdSNBkPucymT
JGOYpBGD1pFkeQykXLxGna2damfqncOWa2PmjNcwrHfxR3ZAJbV3c2LVuUz1NJJU
Me027dy/PoY5dhyMGde7EYm2LYTEntz2GYicKwzNNz8vZ6VOW/gkhn3Z5eRdYVUe
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:03:45 2025 by rpki-client