Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/QjfqhwMsX291S1dJf9rOSn_2hhw.roa
File: QjfqhwMsX291S1dJf9rOSn_2hhw.roa (raw, json)
Hash identifier: njYZsms8ryx/cEPUlm5oJi/UUVAos47erl1kLl0El28=
Subject key identifier: 42:37:EA:87:03:2C:5F:6F:75:4B:57:49:7F:DA:CE:4A:7F:F6:86:1C
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 018D836A41E044E7190824D91C0ACE5224E3
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/QjfqhwMsX291S1dJf9rOSn_2hhw.roa
Signing time: Wed 07 Feb 2024 11:53:15 +0000
ROA not before: Wed 07 Feb 2024 11:53:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48276
IP address blocks: 176.96.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 12:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:6a:41:e0:44:e7:19:08:24:d9:1c:0a:ce:52:24:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Feb 7 11:53:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4237ea87032c5f6f754b57497fdace4a7ff6861c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:26:29:3a:6e:7b:85:c2:93:4f:f1:e8:f1:73:
b3:8a:c4:d1:fa:30:79:17:9c:87:ca:65:5c:2c:b2:
56:e2:26:09:7e:d8:80:14:0a:47:c8:5b:d1:6f:31:
fd:a7:63:1e:40:bd:2c:40:43:ac:ae:34:05:9a:23:
3c:65:84:52:1d:58:36:b6:84:6a:aa:c7:a2:ba:bc:
71:3e:12:d4:ec:3a:f8:fc:71:a2:69:8e:d3:e7:d8:
48:2d:9b:a2:7a:ab:d6:c7:be:f1:01:59:53:01:85:
2c:85:e0:c1:f8:f0:d5:c1:4b:06:35:bc:ea:6d:58:
8f:38:9d:f8:7f:f2:48:c3:c4:44:86:1b:0c:aa:7b:
a7:5d:9f:29:57:c2:52:4f:f3:1a:81:b4:53:58:89:
bf:31:a8:66:d3:a6:85:c3:e3:ff:32:85:cf:f7:31:
a5:1e:4b:e5:e9:59:af:c9:51:11:37:36:82:53:b2:
a9:dd:6c:d8:4f:d9:de:01:bf:e0:37:02:87:43:f5:
98:ef:bc:de:82:83:f6:90:d1:dc:e2:da:9d:49:41:
a9:01:00:da:13:13:b0:46:56:ae:d1:c8:62:90:8b:
84:65:a0:16:09:d4:df:a1:59:43:9d:01:3c:0f:19:
18:b2:91:8f:bb:e7:5f:d7:89:46:37:45:69:b4:f1:
8a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:37:EA:87:03:2C:5F:6F:75:4B:57:49:7F:DA:CE:4A:7F:F6:86:1C
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/QjfqhwMsX291S1dJf9rOSn_2hhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.96.188.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:6a:f2:f3:e6:10:c5:30:4e:50:55:50:67:1a:00:52:6e:da:
a2:e0:8b:bb:a5:fe:1a:eb:49:b2:9c:b3:bb:6a:0f:f2:e0:68:
95:09:3d:d8:52:b4:4b:22:6d:c9:22:ab:5b:25:00:69:6f:5a:
be:8f:75:48:ab:a4:00:3b:7e:a7:bf:02:f9:4e:6b:33:90:61:
21:ed:53:97:ea:08:02:36:7d:8c:89:38:29:07:55:f8:e0:94:
5c:16:99:1b:d4:27:17:96:f9:79:ff:5e:ce:e4:d3:3f:88:8a:
05:b8:f1:96:58:66:fa:fa:ff:bc:0b:04:42:69:f1:f7:e8:8b:
10:0b:42:a0:42:f1:b9:e5:f1:c6:36:1b:78:e9:22:1b:44:48:
ec:27:e1:a3:70:de:5b:09:e3:b7:ae:42:c3:7f:ec:67:ad:7c:
2d:d6:74:32:0d:54:f2:6e:81:63:6d:f6:5a:b1:cd:f9:6f:90:
2e:d0:22:38:8e:05:d1:9b:49:97:ed:f8:7f:f1:86:e5:0d:ae:
11:ea:04:85:1c:82:ce:76:10:29:c9:b5:22:b8:bd:01:5b:b0:
ff:d8:8a:8d:3e:1d:cd:53:7a:20:93:c3:8d:9b:be:50:f4:0c:
34:d2:3d:4f:7c:3c:44:54:19:51:5e:18:cf:27:b6:b4:94:fa:
ac:f7:54:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2DakHgROcZCCTZHArOUiTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjQwMjA3MTE1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjM3ZWE4NzAzMmM1ZjZmNzU0YjU3NDk3ZmRhY2U0YTdmZjY4NjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCYpOm57hcKTT/Ho8XOzisTR+jB5
F5yHymVcLLJW4iYJftiAFApHyFvRbzH9p2MeQL0sQEOsrjQFmiM8ZYRSHVg2toRq
qseiurxxPhLU7Dr4/HGiaY7T59hILZuieqvWx77xAVlTAYUsheDB+PDVwUsGNbzq
bViPOJ34f/JIw8REhhsMqnunXZ8pV8JST/MagbRTWIm/Mahm06aFw+P/MoXP9zGl
Hkvl6VmvyVERNzaCU7Kp3WzYT9neAb/gNwKHQ/WY77zegoP2kNHc4tqdSUGpAQDa
ExOwRlau0chikIuEZaAWCdTfoVlDnQE8DxkYspGPu+df14lGN0VptPGKTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEI36ocDLF9vdUtXSX/azkp/9oYcMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvUWpmcWh3TXNYMjkxUzFkSmY5ck9Tbl8yaGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGC8MA0G
CSqGSIb3DQEBCwUAA4IBAQBKavLz5hDFME5QVVBnGgBSbtqi4Iu7pf4a60mynLO7
ag/y4GiVCT3YUrRLIm3JIqtbJQBpb1q+j3VIq6QAO36nvwL5TmszkGEh7VOX6ggC
Nn2MiTgpB1X44JRcFpkb1CcXlvl5/17O5NM/iIoFuPGWWGb6+v+8CwRCafH36IsQ
C0KgQvG55fHGNht46SIbREjsJ+GjcN5bCeO3rkLDf+xnrXwt1nQyDVTyboFjbfZa
sc35b5Au0CI4jgXRm0mX7fh/8YblDa4R6gSFHILOdhApybUiuL0BW7D/2IqNPh3N
U3ogk8ONm75Q9Aw00j1PfDxEVBlRXhjPJ7a0lPqs91Ss
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:37:48 2025 by rpki-client