Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/Q0LKl_MEJXz0U6Pq78jk75iq0SY.roa
File: Q0LKl_MEJXz0U6Pq78jk75iq0SY.roa (raw, json)
Hash identifier: dRV9YdycyWEv26thF+aXmLZsBG1hwPj+7LMe+MUQkBs=
Subject key identifier: 43:42:CA:97:F3:04:25:7C:F4:53:A3:EA:EF:C8:E4:EF:98:AA:D1:26
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018CC794153D10538861DEA4D3C758C3C247
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/Q0LKl_MEJXz0U6Pq78jk75iq0SY.roa
Signing time: Tue 02 Jan 2024 00:30:19 +0000
ROA not before: Tue 02 Jan 2024 00:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12389
IP address blocks: 95.182.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:15:3d:10:53:88:61:de:a4:d3:c7:58:c3:c2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 00:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4342ca97f304257cf453a3eaefc8e4ef98aad126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:46:0d:a4:82:71:59:84:47:c7:15:7a:bd:95:
b7:93:b7:a1:be:f6:81:2f:b4:12:10:97:84:fc:90:
5a:a4:45:b9:65:82:00:bb:1a:5a:07:1b:0f:fd:98:
63:4e:b9:8b:7c:f2:45:47:43:09:fd:f0:7c:b9:e4:
23:1a:f9:7b:79:c3:9e:ea:4e:77:91:bc:3a:a1:c8:
41:06:66:17:60:67:32:5f:36:d4:8d:80:67:90:f3:
4f:6c:c1:38:fe:d8:47:a7:43:8e:e1:2c:3f:61:bd:
cd:f1:e5:35:76:da:a2:84:a4:41:d6:e1:a3:b1:4d:
68:64:d1:55:2a:5b:91:d0:89:a0:4d:02:af:e6:4c:
ef:f5:8b:2e:cd:4a:c6:a1:bb:a6:55:34:b3:dd:47:
51:2e:66:55:98:5d:67:89:c3:76:cc:25:69:5c:d0:
58:27:f6:cf:74:51:69:b5:48:e8:a0:84:01:00:b4:
83:03:00:ab:ab:8f:4d:c3:d9:22:8b:61:b6:15:69:
c1:78:f2:76:d6:cc:97:d2:d6:40:a2:f5:db:4d:c4:
ee:2c:0f:71:8a:1c:cb:14:25:38:d3:7e:39:2d:33:
43:85:6e:e4:1c:ac:6d:e8:a0:53:b4:44:3a:56:b6:
d9:c2:10:69:df:0d:14:23:11:89:bb:e3:e0:d5:57:
76:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:42:CA:97:F3:04:25:7C:F4:53:A3:EA:EF:C8:E4:EF:98:AA:D1:26
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/Q0LKl_MEJXz0U6Pq78jk75iq0SY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.111.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:24:e8:70:f5:34:c7:49:58:6d:05:19:0b:f4:32:e3:10:c6:
f9:75:b6:49:03:20:46:a7:42:7e:40:9f:52:19:0f:d9:9e:c9:
36:d7:16:2f:63:06:4a:59:26:7a:d4:95:c8:cb:e8:0b:d4:77:
6f:e3:90:e8:02:88:35:e4:5f:0a:5b:f2:1e:20:93:e5:2b:e8:
49:e6:6f:73:d6:d5:1b:81:c0:24:37:11:e7:a2:dd:f7:c2:ea:
6b:b3:a0:e1:b0:13:80:39:f8:a9:90:c5:fb:23:f8:96:bb:65:
fa:3e:bf:64:05:3d:b8:55:4c:3d:7f:5d:92:b3:f8:07:9f:77:
4e:50:be:61:58:61:ae:fa:7d:3f:7a:de:0e:51:ab:a3:d3:95:
0d:16:9a:b5:bb:0f:e0:cb:13:56:c7:89:22:49:c2:e1:47:25:
10:65:52:fe:5f:b6:c8:33:10:47:2c:aa:44:2e:65:b1:ea:67:
1d:04:2f:c5:d6:f5:92:5f:7b:b7:b9:d4:da:56:c5:51:0e:b5:
e7:06:e5:e5:ae:47:6d:90:6c:e6:f4:42:7e:98:e4:f8:82:fd:
a9:26:48:99:c0:29:14:74:49:2b:75:53:6a:a8:2e:5d:6d:89:
01:ca:fa:32:b5:f5:e3:48:43:ee:f7:d5:a7:00:89:97:33:84:
02:6a:c9:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlBU9EFOIYd6k08dYw8JHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzQyY2E5N2YzMDQyNTdjZjQ1M2EzZWFlZmM4ZTRlZjk4YWFkMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0YNpIJxWYRHxxV6vZW3k7ehvvaB
L7QSEJeE/JBapEW5ZYIAuxpaBxsP/ZhjTrmLfPJFR0MJ/fB8ueQjGvl7ecOe6k53
kbw6ochBBmYXYGcyXzbUjYBnkPNPbME4/thHp0OO4Sw/Yb3N8eU1dtqihKRB1uGj
sU1oZNFVKluR0ImgTQKv5kzv9YsuzUrGobumVTSz3UdRLmZVmF1nicN2zCVpXNBY
J/bPdFFptUjooIQBALSDAwCrq49Nw9kii2G2FWnBePJ21syX0tZAovXbTcTuLA9x
ihzLFCU40345LTNDhW7kHKxt6KBTtEQ6VrbZwhBp3w0UIxGJu+Pg1Vd29wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFENCypfzBCV89FOj6u/I5O+YqtEmMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvUTBMS2xfTUVKWHowVTZQcTc4ams3NWlxMFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX7ZvMA0G
CSqGSIb3DQEBCwUAA4IBAQA9JOhw9TTHSVhtBRkL9DLjEMb5dbZJAyBGp0J+QJ9S
GQ/Znsk21xYvYwZKWSZ61JXIy+gL1Hdv45DoAog15F8KW/IeIJPlK+hJ5m9z1tUb
gcAkNxHnot33wuprs6DhsBOAOfipkMX7I/iWu2X6Pr9kBT24VUw9f12Ss/gHn3dO
UL5hWGGu+n0/et4OUauj05UNFpq1uw/gyxNWx4kiScLhRyUQZVL+X7bIMxBHLKpE
LmWx6mcdBC/F1vWSX3u3udTaVsVRDrXnBuXlrkdtkGzm9EJ+mOT4gv2pJkiZwCkU
dEkrdVNqqC5dbYkByvoytfXjSEPu99WnAImXM4QCaslC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:03 2025 by rpki-client