Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/q_zVIv3ZSx5Y50mZpDM4yd3uS1w.roa
File: q_zVIv3ZSx5Y50mZpDM4yd3uS1w.roa (raw, json)
Hash identifier: zvt3Da8THyJuHO5B7Ksy/vw1qXi643t1ahcbx4oJCBI=
Subject key identifier: AB:FC:D5:22:FD:D9:4B:1E:58:E7:49:99:A4:33:38:C9:DD:EE:4B:5C
Certificate issuer: /CN=b14658fcab37032dfea96ef0ae68dc9deff6d705
Certificate serial: 018CC6B7AB730AE40306D6FD6962963C613E
Authority key identifier: B1:46:58:FC:AB:37:03:2D:FE:A9:6E:F0:AE:68:DC:9D:EF:F6:D7:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/q_zVIv3ZSx5Y50mZpDM4yd3uS1w.roa
Signing time: Mon 01 Jan 2024 20:29:34 +0000
ROA not before: Mon 01 Jan 2024 20:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38919
IP address blocks: 185.132.108.0/22 maxlen: 22
89.190.140.0/22 maxlen: 22
185.92.68.0/22 maxlen: 22
2a05:f080::/29 maxlen: 29
2a0e:f800::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:ab:73:0a:e4:03:06:d6:fd:69:62:96:3c:61:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14658fcab37032dfea96ef0ae68dc9deff6d705
Validity
Not Before: Jan 1 20:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abfcd522fdd94b1e58e74999a43338c9ddee4b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:06:70:b1:81:c3:b9:da:55:cd:ba:6c:ba:e4:
c7:96:21:67:8b:32:57:90:60:0d:0e:76:f2:e4:a8:
e1:c6:f2:f9:1f:de:34:2f:2f:df:38:aa:f5:60:c2:
49:af:ad:94:e3:91:09:99:74:94:b7:2e:ee:7b:f0:
9a:54:ec:36:bd:ad:b9:d6:e8:3b:af:a8:c2:19:4f:
6a:ac:36:7b:52:0b:b6:54:32:ae:84:8f:8e:26:b1:
f7:af:62:c7:74:b5:85:30:fc:05:82:85:e1:2f:9b:
6f:5a:37:60:31:9d:e3:70:0c:67:7a:81:d2:87:53:
5b:6a:fe:dc:8e:9e:f8:5f:3e:19:50:a7:fe:94:8f:
f1:5a:a5:de:a3:08:4d:53:07:13:9e:94:83:b0:07:
d5:0e:fe:71:10:fb:dc:88:45:82:6b:0a:13:fd:61:
64:77:5e:bd:68:88:20:5f:7b:59:a8:32:95:dd:ce:
b0:d8:c9:99:ee:60:7b:c9:63:c1:01:5a:95:f0:85:
22:d8:50:22:cc:78:60:ab:c1:1f:13:e1:a7:a6:47:
ed:8a:68:e1:4e:eb:87:92:ca:7f:8e:fc:c6:49:e2:
11:81:30:57:68:46:98:99:0a:a6:cd:ef:7a:26:4f:
fa:4e:81:dd:71:cc:0d:95:e3:fd:84:12:ce:b6:4c:
e2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:FC:D5:22:FD:D9:4B:1E:58:E7:49:99:A4:33:38:C9:DD:EE:4B:5C
X509v3 Authority Key Identifier:
keyid:B1:46:58:FC:AB:37:03:2D:FE:A9:6E:F0:AE:68:DC:9D:EF:F6:D7:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUZY_Ks3Ay3-qW7wrmjcne_21wU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/q_zVIv3ZSx5Y50mZpDM4yd3uS1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5f6566-8160-4394-875f-a7ead8ab1273/1/sUZY_Ks3Ay3-qW7wrmjcne_21wU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.140.0/22
185.92.68.0/22
185.132.108.0/22
IPv6:
2a05:f080::/29
2a0e:f800::/29
Signature Algorithm: sha256WithRSAEncryption
39:4d:bf:d1:2b:93:ec:35:01:20:e2:1b:24:01:ab:91:7d:0a:
76:4c:21:2b:1a:b4:d9:f0:b2:26:b3:e3:09:63:50:64:e2:1e:
40:64:08:70:13:9a:f5:26:7e:db:5e:7e:5f:29:5f:1b:8c:c3:
7b:20:25:98:bf:84:a4:6e:d3:87:c3:09:5e:25:af:f1:8f:0e:
80:68:93:9f:60:e2:b2:d1:f8:f3:66:d5:9f:ea:cf:b5:32:aa:
79:a0:4e:41:98:85:e9:75:7d:2a:cc:e4:d0:af:1e:60:36:ad:
70:c4:b3:92:83:6f:96:3b:19:ed:4b:1d:d1:b0:1f:fb:10:ba:
3e:22:ec:d7:38:4f:f1:40:a8:ac:58:9e:c0:bf:fb:f6:fa:73:
75:92:0e:47:09:6b:b7:dd:73:f9:12:8f:38:0b:7a:e5:7f:3b:
a8:c9:c4:86:54:e6:71:b0:52:66:bf:f6:7a:05:f6:01:48:05:
0e:a5:29:1f:17:ca:c8:21:82:60:8c:6b:3c:e1:a2:3d:3c:bd:
a6:2e:1b:bc:d0:15:23:e4:d8:d2:c1:8f:82:d7:69:9d:cc:8f:
d0:7f:36:c6:86:e2:a6:4c:b1:be:a6:29:05:6b:15:23:81:87:
17:d7:db:2b:51:20:c1:28:c6:e0:45:5e:a5:45:18:91:4b:2b:
ed:de:73:3d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzGt6tzCuQDBtb9aWKWPGE+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDY1OGZjYWIzNzAzMmRmZWE5NmVmMGFlNjhkYzlkZWZm
NmQ3MDUwHhcNMjQwMTAxMjAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmZjZDUyMmZkZDk0YjFlNThlNzQ5OTlhNDMzMzhjOWRkZWU0YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAZwsYHDudpVzbpsuuTHliFnizJX
kGANDnby5KjhxvL5H940Ly/fOKr1YMJJr62U45EJmXSUty7ue/CaVOw2va251ug7
r6jCGU9qrDZ7Ugu2VDKuhI+OJrH3r2LHdLWFMPwFgoXhL5tvWjdgMZ3jcAxneoHS
h1Nbav7cjp74Xz4ZUKf+lI/xWqXeowhNUwcTnpSDsAfVDv5xEPvciEWCawoT/WFk
d169aIggX3tZqDKV3c6w2MmZ7mB7yWPBAVqV8IUi2FAizHhgq8EfE+Gnpkftimjh
TuuHksp/jvzGSeIRgTBXaEaYmQqmze96Jk/6ToHdccwNleP9hBLOtkzivwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKv81SL92UseWOdJmaQzOMnd7ktcMB8GA1UdIwQY
MBaAFLFGWPyrNwMt/qlu8K5o3J3v9tcFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VaWV9LczNBeTMtcVc3d3JtamNuZV8yMXdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81ZjY1NjYtODE2MC00Mzk0LTg3NWYt
YTdlYWQ4YWIxMjczLzEvcV96Vkl2M1pTeDVZNTBtWnBETTR5ZDN1UzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS81ZjY1NjYtODE2MC00Mzk0LTg3NWYtYTdlYWQ4YWIxMjcz
LzEvc1VaWV9LczNBeTMtcVc3d3JtamNuZV8yMXdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCWb6MAwQC
uVxEAwQCuYRsMBQEAgACMA4DBQMqBfCAAwUDKg74ADANBgkqhkiG9w0BAQsFAAOC
AQEAOU2/0SuT7DUBIOIbJAGrkX0KdkwhKxq02fCyJrPjCWNQZOIeQGQIcBOa9SZ+
215+XylfG4zDeyAlmL+EpG7Th8MJXiWv8Y8OgGiTn2DistH482bVn+rPtTKqeaBO
QZiF6XV9Kszk0K8eYDatcMSzkoNvljsZ7Usd0bAf+xC6PiLs1zhP8UCorFiewL/7
9vpzdZIORwlrt91z+RKPOAt65X87qMnEhlTmcbBSZr/2egX2AUgFDqUpHxfKyCGC
YIxrPOGiPTy9pi4bvNAVI+TY0sGPgtdpncyP0H82xobipkyxvqYpBWsVI4GHF9fb
K1EgwSjG4EVepUUYkUsr7d5zPQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:13 2025 by rpki-client