Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/qOXzo4QTWiXP3RnIqb4h5nyAkWs.roa
File: qOXzo4QTWiXP3RnIqb4h5nyAkWs.roa (raw, json)
Hash identifier: t5tbgTcjKQT3TiyLpZrTPN+5DUTBgqV/Ftf6m7MYtEQ=
Subject key identifier: A8:E5:F3:A3:84:13:5A:25:CF:DD:19:C8:A9:BE:21:E6:7C:80:91:6B
Certificate issuer: /CN=7135e3894634482b08317775c79657e9b8312d4d
Certificate serial: 018CC8DEF69DE72240040A5B3E8B82089E07
Authority key identifier: 71:35:E3:89:46:34:48:2B:08:31:77:75:C7:96:57:E9:B8:31:2D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/qOXzo4QTWiXP3RnIqb4h5nyAkWs.roa
Signing time: Tue 02 Jan 2024 06:31:44 +0000
ROA not before: Tue 02 Jan 2024 06:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41354
IP address blocks: 185.127.192.0/23 maxlen: 23
185.127.194.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 12 Apr 2024 11:15:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f6:9d:e7:22:40:04:0a:5b:3e:8b:82:08:9e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7135e3894634482b08317775c79657e9b8312d4d
Validity
Not Before: Jan 2 06:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8e5f3a384135a25cfdd19c8a9be21e67c80916b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:50:a2:a7:1e:b5:3e:2a:e7:db:96:c4:7e:e7:
26:e3:50:18:9c:f5:91:aa:5e:4a:ca:2b:1c:09:29:
66:72:99:18:a5:fd:8a:5e:05:a1:bc:09:d9:cc:52:
b4:39:30:1c:12:f2:e1:e0:4f:13:44:ee:10:1a:cf:
a0:88:f9:5b:e9:7f:2c:6d:a2:7f:7b:ec:44:a4:90:
e2:cc:1c:0a:9e:32:f2:5a:0a:d9:11:b6:1d:c8:5c:
10:e2:f4:02:72:9b:a6:d1:0e:6e:3b:6f:1b:3d:7f:
5f:30:32:99:ec:50:74:1c:96:98:b1:ff:f6:05:bb:
0d:27:45:be:c5:49:fe:09:f6:1e:19:69:d3:0a:3f:
f9:3c:26:d4:8b:96:63:0e:7b:20:84:62:51:60:cc:
a7:a6:09:ab:17:19:a5:a1:78:83:08:4b:1c:1d:5a:
ab:73:57:6d:49:1d:45:4b:47:e3:8f:3a:3e:bf:ff:
af:76:a1:e5:12:85:59:32:5d:a0:36:54:d8:6c:90:
3c:95:f1:ab:25:25:67:8c:ac:1b:f3:f0:be:a1:b7:
ba:aa:70:28:9f:0a:7e:e2:ac:df:d1:71:ee:4f:43:
7a:62:c8:08:ae:0a:53:36:3a:d5:12:77:57:73:27:
65:a1:0e:92:b3:b8:5a:19:a3:b0:3e:21:75:b1:8b:
48:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E5:F3:A3:84:13:5A:25:CF:DD:19:C8:A9:BE:21:E6:7C:80:91:6B
X509v3 Authority Key Identifier:
keyid:71:35:E3:89:46:34:48:2B:08:31:77:75:C7:96:57:E9:B8:31:2D:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/qOXzo4QTWiXP3RnIqb4h5nyAkWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.192.0/22
Signature Algorithm: sha256WithRSAEncryption
36:15:6f:3b:3b:b4:bc:1b:4b:82:35:e5:41:be:22:a9:f1:ca:
cb:ba:da:96:dd:6d:c0:01:b7:3e:4d:06:b5:53:29:b4:d6:2a:
b6:48:58:b5:72:63:a0:a2:37:53:d8:f8:6b:a9:49:e1:46:a0:
92:46:13:59:ee:78:4b:c4:b5:cc:f5:50:97:7e:fa:a2:00:f3:
f7:83:af:40:5b:26:1b:90:4f:c5:fa:12:be:bc:97:a0:e9:5e:
1d:7d:a6:ca:af:9d:9c:67:f6:11:d2:0c:db:1c:4d:7b:d6:3f:
97:e5:55:ee:56:17:e8:be:a6:7a:bf:c2:5c:de:1e:a4:8b:80:
27:11:e6:33:23:21:23:48:8f:93:c9:38:44:d7:36:22:c2:3e:
54:e9:83:ae:ea:26:63:d9:26:06:1e:4d:36:2b:7d:bd:32:f6:
4d:47:22:81:93:3e:b8:57:d8:4e:f2:2c:e3:a0:6a:25:cf:21:
ca:ae:80:af:1c:77:bf:d7:7b:76:7c:4d:f9:b6:34:fe:b5:30:
bc:30:83:3f:5a:0f:60:12:29:37:fe:08:77:d8:56:db:72:8c:
c1:15:73:80:49:8e:7f:15:26:10:04:e1:19:d9:47:49:d2:c0:
29:a9:a8:25:08:a2:a8:8d:17:56:72:69:c8:83:b4:a9:44:38:
01:8f:33:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3vad5yJABApbPouCCJ4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMzVlMzg5NDYzNDQ4MmIwODMxNzc3NWM3OTY1N2U5Yjgz
MTJkNGQwHhcNMjQwMTAyMDYzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU1ZjNhMzg0MTM1YTI1Y2ZkZDE5YzhhOWJlMjFlNjdjODA5MTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVCipx61Pirn25bEfucm41AYnPWR
ql5KyiscCSlmcpkYpf2KXgWhvAnZzFK0OTAcEvLh4E8TRO4QGs+giPlb6X8sbaJ/
e+xEpJDizBwKnjLyWgrZEbYdyFwQ4vQCcpum0Q5uO28bPX9fMDKZ7FB0HJaYsf/2
BbsNJ0W+xUn+CfYeGWnTCj/5PCbUi5ZjDnsghGJRYMynpgmrFxmloXiDCEscHVqr
c1dtSR1FS0fjjzo+v/+vdqHlEoVZMl2gNlTYbJA8lfGrJSVnjKwb8/C+obe6qnAo
nwp+4qzf0XHuT0N6YsgIrgpTNjrVEndXcydloQ6Ss7haGaOwPiF1sYtIywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjl86OEE1olz90ZyKm+IeZ8gJFrMB8GA1UdIwQY
MBaAFHE144lGNEgrCDF3dceWV+m4MS1NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1RYamlVWTBTQ3NJTVhkMXg1Wlg2Ymd4TFUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xY2I5ZmMtNmIzMy00MmQ1LTk0MjMt
NzllY2Q4YTliNmQ2LzEvcU9Yem80UVRXaVhQM1JuSXFiNGg1bnlBa1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xY2I5ZmMtNmIzMy00MmQ1LTk0MjMtNzllY2Q4YTliNmQ2
LzEvY1RYamlVWTBTQ3NJTVhkMXg1Wlg2Ymd4TFUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX/AMA0G
CSqGSIb3DQEBCwUAA4IBAQA2FW87O7S8G0uCNeVBviKp8crLutqW3W3AAbc+TQa1
Uym01iq2SFi1cmOgojdT2PhrqUnhRqCSRhNZ7nhLxLXM9VCXfvqiAPP3g69AWyYb
kE/F+hK+vJeg6V4dfabKr52cZ/YR0gzbHE171j+X5VXuVhfovqZ6v8Jc3h6ki4An
EeYzIyEjSI+TyThE1zYiwj5U6YOu6iZj2SYGHk02K329MvZNRyKBkz64V9hO8izj
oGolzyHKroCvHHe/13t2fE35tjT+tTC8MIM/Wg9gEik3/gh32FbbcozBFXOASY5/
FSYQBOEZ2UdJ0sApqaglCKKojRdWcmnIg7SpRDgBjzMs
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:53:36 2025 by rpki-client