Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Q7u2qQMePKLTPPIHAB8K5nERTYQ.roa
File: Q7u2qQMePKLTPPIHAB8K5nERTYQ.roa (raw, json)
Hash identifier: /GIlAHubiA9vQytGFz8Ur5lAn1J//8zX4Eybd1fzxVE=
Subject key identifier: 43:BB:B6:A9:03:1E:3C:A2:D3:3C:F2:07:00:1F:0A:E6:71:11:4D:84
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A105F01A19BE280B204601F1449B1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Q7u2qQMePKLTPPIHAB8K5nERTYQ.roa
Signing time: Tue 02 Jan 2024 12:33:23 +0000
ROA not before: Tue 02 Jan 2024 12:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51685
IP address blocks: 31.148.136.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:10:5f:01:a1:9b:e2:80:b2:04:60:1f:14:49:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43bbb6a9031e3ca2d33cf207001f0ae671114d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3d:20:6c:ec:9e:d1:29:48:66:22:86:10:50:
b0:74:27:64:06:75:15:50:89:79:74:82:b3:fe:32:
e9:a0:fe:1f:c4:4d:da:ef:4a:e1:55:4d:03:fb:6c:
cc:52:2d:fa:1c:69:60:82:5b:46:75:85:70:5d:22:
a9:66:e1:e1:4a:cd:b5:fa:46:a7:2e:ea:a4:20:1e:
1d:a9:c5:d7:e3:02:20:8d:fd:a1:f9:d9:89:46:8d:
49:4b:a8:2b:3d:a6:25:2f:1f:c4:5f:f8:e1:74:b8:
39:e2:11:86:25:69:fb:eb:90:01:b4:ac:16:d1:bd:
94:5c:d8:7c:5a:ae:94:04:7c:93:87:6a:7c:88:1f:
ed:3a:cc:9f:1b:e2:65:77:7d:01:4e:ed:f9:7d:db:
0b:ca:04:59:0e:3b:22:29:2f:0e:69:e8:72:42:bb:
03:2e:32:8e:f1:c7:2b:19:b1:45:23:8b:e0:fb:56:
d6:ad:61:3d:33:57:13:be:53:e7:a6:2a:dd:4c:c8:
dd:cd:4d:68:a0:3b:b1:4a:29:29:da:9c:75:46:b5:
7a:87:a7:2e:10:ce:4a:ab:ef:b2:be:db:bb:20:96:
46:4b:f3:5e:be:6b:ab:cc:c8:b0:2b:32:a6:d5:f0:
72:f1:9b:8b:77:c3:1b:e9:3e:3f:54:40:4e:b1:9f:
ea:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BB:B6:A9:03:1E:3C:A2:D3:3C:F2:07:00:1F:0A:E6:71:11:4D:84
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Q7u2qQMePKLTPPIHAB8K5nERTYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.136.0/22
Signature Algorithm: sha256WithRSAEncryption
36:f3:29:c8:6b:ea:f9:9c:8c:b5:20:8b:36:26:a4:c6:8f:84:
7e:58:2e:19:9b:53:60:64:28:13:6e:ea:2d:9b:a1:74:67:5c:
9b:9f:48:31:67:8f:49:d6:da:96:c4:4f:7e:31:e9:4a:b2:e6:
bf:cb:40:5f:52:75:e9:55:f5:54:83:87:50:f7:d5:7f:74:d3:
36:6b:a0:c2:9a:f8:af:b5:25:2d:cf:42:15:ce:95:60:c0:0f:
3a:e0:6c:1c:0c:ff:86:d0:02:67:d4:a4:fc:6d:9c:d7:76:8f:
11:58:87:17:44:9c:bf:2b:9f:26:e6:44:a0:4a:1d:ef:9a:8d:
56:96:d8:7b:c3:7c:76:22:b1:01:34:73:c6:b9:14:21:b4:0a:
49:70:98:41:6e:bc:0a:1c:38:6f:22:66:03:4d:ca:6b:67:1c:
19:ac:13:d4:62:32:4b:22:0b:db:9d:1b:12:04:46:61:5c:b6:
2a:93:c9:5c:1d:7e:bc:11:08:a2:32:92:7f:b7:00:8c:cc:4e:
7c:45:e1:a4:6b:3a:73:e0:33:dd:8a:17:6b:b4:4c:24:ab:5e:
7a:27:3a:94:df:93:fb:01:5d:46:3e:28:58:2a:69:85:08:bc:
e1:3f:05:59:b4:9c:ea:be:bc:5b:c0:b4:02:73:1e:4a:68:75:
26:e7:cb:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKhBfAaGb4oCyBGAfFEmxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JiYjZhOTAzMWUzY2EyZDMzY2YyMDcwMDFmMGFlNjcxMTE0ZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz0gbOye0SlIZiKGEFCwdCdkBnUV
UIl5dIKz/jLpoP4fxE3a70rhVU0D+2zMUi36HGlggltGdYVwXSKpZuHhSs21+kan
LuqkIB4dqcXX4wIgjf2h+dmJRo1JS6grPaYlLx/EX/jhdLg54hGGJWn765ABtKwW
0b2UXNh8Wq6UBHyTh2p8iB/tOsyfG+Jld30BTu35fdsLygRZDjsiKS8OaehyQrsD
LjKO8ccrGbFFI4vg+1bWrWE9M1cTvlPnpirdTMjdzU1ooDuxSikp2px1RrV6h6cu
EM5Kq++yvtu7IJZGS/NevmurzMiwKzKm1fBy8ZuLd8Mb6T4/VEBOsZ/qTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEO7tqkDHjyi0zzyBwAfCuZxEU2EMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUTd1MnFRTWVQS0xUUFBJSEFCOEs1bkVSVFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCH5SIMA0G
CSqGSIb3DQEBCwUAA4IBAQA28ynIa+r5nIy1IIs2JqTGj4R+WC4Zm1NgZCgTbuot
m6F0Z1ybn0gxZ49J1tqWxE9+MelKsua/y0BfUnXpVfVUg4dQ99V/dNM2a6DCmviv
tSUtz0IVzpVgwA864GwcDP+G0AJn1KT8bZzXdo8RWIcXRJy/K58m5kSgSh3vmo1W
lth7w3x2IrEBNHPGuRQhtApJcJhBbrwKHDhvImYDTcprZxwZrBPUYjJLIgvbnRsS
BEZhXLYqk8lcHX68EQiiMpJ/twCMzE58ReGkazpz4DPdihdrtEwkq156JzqU35P7
AV1GPihYKmmFCLzhPwVZtJzqvrxbwLQCcx5KaHUm58te
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:05 2025 by rpki-client