Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/Q4ekEWtGdfSiO_Z-bAllgU5wAQY.roa
File: Q4ekEWtGdfSiO_Z-bAllgU5wAQY.roa (raw, json)
Hash identifier: T+H5LqzgkWkc6DM5pdU/fwBdkwC3p/lnPqT3kOXs7Ds=
Subject key identifier: 43:87:A4:11:6B:46:75:F4:A2:3B:F6:7E:6C:09:65:81:4E:70:01:06
Certificate issuer: /CN=c7770135d0f0d30a868df551d8752d4b4badc2c1
Certificate serial: 018CDA215C1D6EDF8250ED8A09CA7FBA6E75
Authority key identifier: C7:77:01:35:D0:F0:D3:0A:86:8D:F5:51:D8:75:2D:4B:4B:AD:C2:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/Q4ekEWtGdfSiO_Z-bAllgU5wAQY.roa
Signing time: Fri 05 Jan 2024 14:57:48 +0000
ROA not before: Fri 05 Jan 2024 14:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 81.173.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 16:59:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:da:21:5c:1d:6e:df:82:50:ed:8a:09:ca:7f:ba:6e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7770135d0f0d30a868df551d8752d4b4badc2c1
Validity
Not Before: Jan 5 14:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4387a4116b4675f4a23bf67e6c0965814e700106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:64:c0:31:e1:52:9b:c6:ee:f2:a9:fd:be:7c:
52:b9:ae:a0:8a:5b:9d:0a:b4:ff:94:6b:ec:9b:1c:
bd:3f:00:ab:dc:9f:9f:47:fd:99:fc:a2:bc:a7:03:
ea:9a:30:b4:7f:d6:23:0b:bc:a9:1d:a6:a6:02:ac:
44:58:bb:b5:1b:e6:18:58:31:02:1d:64:6b:8b:47:
d2:8a:3c:0b:66:0b:6b:f6:0f:14:f9:2a:00:49:b7:
92:66:e2:2c:87:13:40:10:c3:59:af:ef:63:70:39:
20:31:7d:13:09:34:e6:d2:51:26:06:23:03:80:c9:
cd:99:a4:36:bd:d5:f0:a8:8d:cf:02:d8:38:f0:16:
96:21:d4:56:5e:96:9e:ba:dd:6e:bd:2c:08:68:5b:
4a:f1:c9:1e:e3:10:c0:10:41:b5:ea:09:eb:35:25:
88:f6:c0:e9:86:77:77:92:33:40:eb:d9:dc:42:f0:
a7:84:b2:9c:cf:dd:80:c6:2e:99:eb:8c:cc:a0:c2:
fc:f6:05:3a:c7:5b:40:a9:6f:df:b5:77:11:cf:0c:
14:ef:a8:fd:dc:d7:95:0e:a3:4b:c3:ca:4f:e9:23:
29:37:66:5e:b2:56:75:c7:4d:f3:cc:11:90:98:71:
03:0a:99:e1:d5:fb:64:df:de:87:df:7d:b9:b5:96:
a8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:87:A4:11:6B:46:75:F4:A2:3B:F6:7E:6C:09:65:81:4E:70:01:06
X509v3 Authority Key Identifier:
keyid:C7:77:01:35:D0:F0:D3:0A:86:8D:F5:51:D8:75:2D:4B:4B:AD:C2:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/Q4ekEWtGdfSiO_Z-bAllgU5wAQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/x3cBNdDw0wqGjfVR2HUtS0utwsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.46.0/24
Signature Algorithm: sha256WithRSAEncryption
24:4e:eb:4c:f0:ab:00:41:80:5e:ce:5d:06:14:e6:c7:2f:d0:
7b:5c:bd:50:57:8a:a9:15:35:d5:f1:93:0c:04:ab:51:5e:f0:
6d:1e:ac:5c:f0:63:98:1f:c0:b5:fd:3a:92:d1:2c:5f:90:f7:
7d:52:a4:d4:a4:0e:80:a0:79:f6:1a:b3:7f:01:ff:ae:43:b0:
a6:3c:70:ce:ad:f4:dc:ae:5b:5b:97:67:c7:5c:44:e3:d1:33:
eb:30:af:ab:e0:f8:88:ce:96:e1:9a:11:ee:f9:09:88:13:13:
f4:cc:04:56:d9:58:08:9e:bb:bd:2f:a5:ed:00:09:12:5b:35:
bf:c7:28:c7:d2:13:c9:a1:0d:49:bb:91:25:7e:0e:b2:81:42:
ce:34:91:68:25:9c:75:83:29:3e:66:8a:21:15:05:fd:37:23:
f4:c2:74:49:8b:5b:99:e2:80:b1:92:b2:64:f5:40:4f:40:26:
66:7d:aa:56:c2:28:9a:43:dc:b1:d1:57:97:c5:c5:5c:ae:3b:
e7:3a:e2:c6:b1:23:f8:ad:f4:ed:ff:7f:16:2b:9b:0f:b2:94:
0c:3e:8b:45:0a:f0:8c:17:c0:16:eb:c3:cb:e8:4f:4a:bf:58:
80:13:9a:0d:ef:e3:e3:9b:e8:d9:57:7b:96:ea:09:44:fb:3e:
1c:f7:fa:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzaIVwdbt+CUO2KCcp/um51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzcwMTM1ZDBmMGQzMGE4NjhkZjU1MWQ4NzUyZDRiNGJh
ZGMyYzEwHhcNMjQwMTA1MTQ1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzg3YTQxMTZiNDY3NWY0YTIzYmY2N2U2YzA5NjU4MTRlNzAwMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWTAMeFSm8bu8qn9vnxSua6gilud
CrT/lGvsmxy9PwCr3J+fR/2Z/KK8pwPqmjC0f9YjC7ypHaamAqxEWLu1G+YYWDEC
HWRri0fSijwLZgtr9g8U+SoASbeSZuIshxNAEMNZr+9jcDkgMX0TCTTm0lEmBiMD
gMnNmaQ2vdXwqI3PAtg48BaWIdRWXpaeut1uvSwIaFtK8cke4xDAEEG16gnrNSWI
9sDphnd3kjNA69ncQvCnhLKcz92Axi6Z64zMoML89gU6x1tAqW/ftXcRzwwU76j9
3NeVDqNLw8pP6SMpN2ZeslZ1x03zzBGQmHEDCpnh1ftk396H3325tZaoMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOHpBFrRnX0ojv2fmwJZYFOcAEGMB8GA1UdIwQY
MBaAFMd3ATXQ8NMKho31Udh1LUtLrcLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNjQk5kRHcwd3FHamZWUjJIVXRTMHV0d3NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9iOTcwNzAtYzVmNC00NDEwLTk0YjUt
ZDY0ZDc1Mzk0MDM3LzEvUTRla0VXdEdkZlNpT19aLWJBbGxnVTV3QVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9iOTcwNzAtYzVmNC00NDEwLTk0YjUtZDY0ZDc1Mzk0MDM3
LzEveDNjQk5kRHcwd3FHamZWUjJIVXRTMHV0d3NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUa0uMA0G
CSqGSIb3DQEBCwUAA4IBAQAkTutM8KsAQYBezl0GFObHL9B7XL1QV4qpFTXV8ZMM
BKtRXvBtHqxc8GOYH8C1/TqS0SxfkPd9UqTUpA6AoHn2GrN/Af+uQ7CmPHDOrfTc
rltbl2fHXETj0TPrMK+r4PiIzpbhmhHu+QmIExP0zARW2VgInru9L6XtAAkSWzW/
xyjH0hPJoQ1Ju5Elfg6ygULONJFoJZx1gyk+ZoohFQX9NyP0wnRJi1uZ4oCxkrJk
9UBPQCZmfapWwiiaQ9yx0VeXxcVcrjvnOuLGsSP4rfTt/38WK5sPspQMPotFCvCM
F8AW68PL6E9Kv1iAE5oN7+Pjm+jZV3uW6glE+z4c9/oE
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:46 2025 by rpki-client