Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/qZhU4u_Zy3-GIFZqf2GA5b3zN5U.roa
File: qZhU4u_Zy3-GIFZqf2GA5b3zN5U.roa (raw, json)
Hash identifier: 3F/0U35s0SLoHV6aopuB7MWidV4ogt8Qpl0lcuoWcuU=
Subject key identifier: A9:98:54:E2:EF:D9:CB:7F:86:20:56:6A:7F:61:80:E5:BD:F3:37:95
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018CF35FAE002926F7A9998D6F2EDCF1F7F4
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/qZhU4u_Zy3-GIFZqf2GA5b3zN5U.roa
Signing time: Wed 10 Jan 2024 12:36:23 +0000
ROA not before: Wed 10 Jan 2024 12:36:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205411
IP address blocks: 185.21.124.0/22 maxlen: 24
212.237.244.0/22 maxlen: 24
208.82.72.0/22 maxlen: 24
2a00:5560::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:5f:ae:00:29:26:f7:a9:99:8d:6f:2e:dc:f1:f7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 10 12:36:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a99854e2efd9cb7f8620566a7f6180e5bdf33795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d1:c8:ce:23:0f:22:4d:27:3c:87:de:bd:1e:
49:91:f0:8f:9c:93:d5:81:21:3d:4d:18:3e:1c:b1:
47:f9:75:a2:f3:d6:14:07:18:d3:c5:ae:3c:3c:e6:
f7:f7:2f:cb:87:24:aa:93:a7:78:2d:10:77:7c:e0:
29:3a:4e:90:af:20:82:f5:c3:05:6a:a2:26:67:15:
18:f2:db:2f:5e:8c:00:33:90:52:c9:9d:c9:2d:2c:
47:65:b5:ee:56:f9:45:d1:5d:34:8f:b7:96:b8:b7:
a2:36:41:fc:43:da:3c:1a:e9:58:ad:86:41:2c:a8:
b1:84:57:5f:37:1f:9f:81:30:74:96:1c:71:2a:fd:
5f:2e:c1:ac:12:29:32:df:8e:05:0b:99:29:6f:7a:
e0:cd:e0:30:52:60:15:2e:57:21:de:0e:c1:91:e2:
04:b5:88:6e:b2:a4:46:67:72:6c:e3:a3:67:1f:26:
eb:9e:43:ee:46:7d:86:3d:d2:f0:fa:cd:e5:1f:e1:
58:34:81:71:ce:a7:d0:bd:c9:2e:25:bd:1e:6c:88:
38:5d:63:40:db:5d:fd:a9:c4:16:8f:72:48:ae:10:
2f:e4:1e:82:65:f0:40:9a:15:32:93:0c:7c:f7:ce:
b3:e2:81:8e:07:72:16:37:d3:5c:0a:fb:31:48:77:
c4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:98:54:E2:EF:D9:CB:7F:86:20:56:6A:7F:61:80:E5:BD:F3:37:95
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/qZhU4u_Zy3-GIFZqf2GA5b3zN5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.124.0/22
208.82.72.0/22
212.237.244.0/22
IPv6:
2a00:5560::/32
Signature Algorithm: sha256WithRSAEncryption
47:85:29:a6:5b:a0:9a:3e:d9:ee:73:e7:e3:b7:40:0c:9d:bd:
25:4d:d0:9e:32:f9:bc:8e:56:31:3a:a9:63:b0:58:cc:a5:b9:
59:bb:24:4b:71:55:f8:b8:c9:7f:f3:a2:ae:a0:9d:4c:c9:df:
0c:14:df:23:b2:47:70:3f:d2:71:4c:c5:cc:67:4c:a6:6d:e6:
e7:5d:3a:60:06:2a:94:d3:64:3e:e4:04:3c:a4:4d:37:6a:ea:
8a:5f:5f:85:6f:b0:30:06:72:6c:0e:93:98:89:42:3e:6a:5d:
25:b9:ab:63:ce:a4:14:36:76:6d:6e:3d:bc:d7:d0:ae:6c:91:
91:10:fa:56:db:c2:3a:41:f3:33:b5:31:12:fd:c2:43:95:16:
32:43:f7:3f:9f:66:0b:77:28:2d:10:65:ad:1d:8e:1b:18:51:
82:cd:22:c5:6a:6a:86:b0:7d:4c:9d:46:a0:95:5f:99:61:c6:
d9:5c:fe:78:30:08:80:19:37:88:db:d9:41:96:91:f0:0f:db:
9b:72:74:cb:e6:20:ca:af:4b:6b:7e:0f:17:f3:1b:9c:5f:46:
b4:1e:a3:04:e6:2f:d6:79:3c:4b:6c:86:fc:4f:01:5d:be:b2:
01:ad:81:a4:a4:fe:03:d9:0e:17:da:0a:94:76:d3:f0:8b:3b:
0a:a7:ff:1d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzzX64AKSb3qZmNby7c8ff0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwMTEwMTIzNjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTk4NTRlMmVmZDljYjdmODYyMDU2NmE3ZjYxODBlNWJkZjMzNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9HIziMPIk0nPIfevR5JkfCPnJPV
gSE9TRg+HLFH+XWi89YUBxjTxa48POb39y/LhySqk6d4LRB3fOApOk6QryCC9cMF
aqImZxUY8tsvXowAM5BSyZ3JLSxHZbXuVvlF0V00j7eWuLeiNkH8Q9o8GulYrYZB
LKixhFdfNx+fgTB0lhxxKv1fLsGsEiky344FC5kpb3rgzeAwUmAVLlch3g7BkeIE
tYhusqRGZ3Js46NnHybrnkPuRn2GPdLw+s3lH+FYNIFxzqfQvckuJb0ebIg4XWNA
2139qcQWj3JIrhAv5B6CZfBAmhUykwx8986z4oGOB3IWN9NcCvsxSHfEEQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKmYVOLv2ct/hiBWan9hgOW98zeVMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvcVpoVTR1X1p5My1HSUZacWYyR0E1YjN6TjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuRV8AwQC
0FJIAwQC1O30MA0EAgACMAcDBQAqAFVgMA0GCSqGSIb3DQEBCwUAA4IBAQBHhSmm
W6CaPtnuc+fjt0AMnb0lTdCeMvm8jlYxOqljsFjMpblZuyRLcVX4uMl/86KuoJ1M
yd8MFN8jskdwP9JxTMXMZ0ymbebnXTpgBiqU02Q+5AQ8pE03auqKX1+Fb7AwBnJs
DpOYiUI+al0luatjzqQUNnZtbj2819CubJGREPpW28I6QfMztTES/cJDlRYyQ/c/
n2YLdygtEGWtHY4bGFGCzSLFamqGsH1MnUaglV+ZYcbZXP54MAiAGTeI29lBlpHw
D9ubcnTL5iDKr0trfg8X8xucX0a0HqME5i/WeTxLbIb8TwFdvrIBrYGkpP4D2Q4X
2gqUdtPwizsKp/8d
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:59:45 2025 by rpki-client