Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/qJTZw0xfSE_eLcICPZKr_o9V0z4.roa
File: qJTZw0xfSE_eLcICPZKr_o9V0z4.roa (raw, json)
Hash identifier: xOkh9nw9tWjhmeCS11/wDWwgaGTaBstuETZf1svnWWE=
Subject key identifier: A8:94:D9:C3:4C:5F:48:4F:DE:2D:C2:02:3D:92:AB:FE:8F:55:D3:3E
Certificate issuer: /CN=1bfc7738cd0fd0e0447f9d749ce6a39047fdcbac
Certificate serial: 018CC8DCD399CA0B449ADBB2415C880037DB
Authority key identifier: 1B:FC:77:38:CD:0F:D0:E0:44:7F:9D:74:9C:E6:A3:90:47:FD:CB:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_x3OM0P0OBEf510nOajkEf9y6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/qJTZw0xfSE_eLcICPZKr_o9V0z4.roa
Signing time: Tue 02 Jan 2024 06:29:24 +0000
ROA not before: Tue 02 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204694
IP address blocks: 185.243.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d3:99:ca:0b:44:9a:db:b2:41:5c:88:00:37:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bfc7738cd0fd0e0447f9d749ce6a39047fdcbac
Validity
Not Before: Jan 2 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a894d9c34c5f484fde2dc2023d92abfe8f55d33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f2:28:ed:aa:e6:d6:ae:ec:b4:cc:20:27:66:
79:28:95:a7:63:e5:09:4f:b1:4a:97:34:2c:c9:33:
ee:40:8a:2e:63:a2:82:92:c2:87:a4:c9:3a:e4:8f:
42:1d:ff:e3:59:7b:77:8d:8b:7f:75:21:78:da:0d:
c0:b0:67:9d:bd:fe:d5:d4:b6:04:fe:43:4a:7b:7b:
c0:2a:70:c5:6b:f6:76:1c:b9:4f:3a:58:db:32:9b:
51:1e:01:fa:b9:0f:9d:d1:26:a6:64:a3:93:cb:f2:
de:9e:5e:d9:b0:79:6b:f1:03:9b:88:88:3e:15:69:
8f:40:9b:6a:3b:c1:9f:82:38:b8:83:d2:cf:5a:bc:
08:65:fc:d8:cb:af:28:dc:05:d8:81:79:a5:50:1f:
20:bf:80:cf:ca:89:c0:24:52:01:a9:5d:43:85:43:
66:ed:1b:78:cb:e7:35:7e:53:6b:4f:fa:5e:b4:0a:
8a:36:df:40:0b:9b:1f:6c:5b:52:88:16:f7:4f:56:
d7:10:b0:4c:1d:6c:8e:5e:0a:fb:09:6d:ae:8f:4e:
07:33:82:06:78:20:06:f4:2a:a9:81:2f:6d:53:23:
b5:e6:1c:b7:80:ca:69:89:7a:73:81:57:c2:0f:fb:
83:ff:e0:c5:8f:2d:70:10:d4:b8:cb:87:de:5e:15:
34:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:94:D9:C3:4C:5F:48:4F:DE:2D:C2:02:3D:92:AB:FE:8F:55:D3:3E
X509v3 Authority Key Identifier:
keyid:1B:FC:77:38:CD:0F:D0:E0:44:7F:9D:74:9C:E6:A3:90:47:FD:CB:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_x3OM0P0OBEf510nOajkEf9y6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/qJTZw0xfSE_eLcICPZKr_o9V0z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/708b4d-a63f-439d-9cce-148abff919ad/1/G_x3OM0P0OBEf510nOajkEf9y6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.72.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:cb:47:3a:08:61:f5:af:7d:5a:dd:e4:c2:e0:c0:e4:51:40:
7d:a4:c1:74:76:45:46:14:21:ab:cb:bd:76:64:35:30:d0:c6:
98:0d:5e:09:d2:28:52:45:bd:e1:ff:4b:24:a6:b1:5f:61:19:
f8:cd:58:c1:13:bf:0b:29:0f:f3:9e:1c:dd:aa:d7:e2:94:94:
ce:bb:73:bd:ff:6a:64:41:52:38:75:0f:38:20:04:3e:a8:97:
e9:4c:c3:0d:7e:72:84:6d:9c:ce:a8:e5:ff:6b:69:da:ed:de:
d1:62:98:f3:42:bc:b1:5d:63:0a:94:07:5c:0b:4c:1e:84:72:
f6:b1:76:94:5a:ff:47:40:5a:03:fd:9f:cc:ec:cf:8c:ea:a7:
18:0c:b9:65:ef:e0:c5:51:be:69:9b:a6:e4:11:07:a6:15:f7:
f2:b0:5a:e2:c2:49:09:f5:d5:0f:1f:6a:dc:2b:e0:c9:8f:e6:
84:a3:72:23:dd:5e:cc:06:88:10:e4:fc:37:d0:bf:ac:8d:25:
de:e4:fc:60:32:7e:07:35:30:85:23:9a:f5:f2:3f:22:dc:fe:
39:3a:f8:af:7f:ae:33:61:c2:53:98:07:94:e5:56:cb:62:d5:
9e:6e:bb:f1:44:dc:9b:28:4b:78:67:1b:1f:ba:70:69:66:b9:
c2:7f:d6:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3NOZygtEmtuyQVyIADfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZmM3NzM4Y2QwZmQwZTA0NDdmOWQ3NDljZTZhMzkwNDdm
ZGNiYWMwHhcNMjQwMTAyMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODk0ZDljMzRjNWY0ODRmZGUyZGMyMDIzZDkyYWJmZThmNTVkMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPIo7arm1q7stMwgJ2Z5KJWnY+UJ
T7FKlzQsyTPuQIouY6KCksKHpMk65I9CHf/jWXt3jYt/dSF42g3AsGedvf7V1LYE
/kNKe3vAKnDFa/Z2HLlPOljbMptRHgH6uQ+d0SamZKOTy/Lenl7ZsHlr8QObiIg+
FWmPQJtqO8Gfgji4g9LPWrwIZfzYy68o3AXYgXmlUB8gv4DPyonAJFIBqV1DhUNm
7Rt4y+c1flNrT/petAqKNt9AC5sfbFtSiBb3T1bXELBMHWyOXgr7CW2uj04HM4IG
eCAG9CqpgS9tUyO15hy3gMppiXpzgVfCD/uD/+DFjy1wENS4y4feXhU0fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKiU2cNMX0hP3i3CAj2Sq/6PVdM+MB8GA1UdIwQY
MBaAFBv8dzjND9DgRH+ddJzmo5BH/cusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR194M09NMFAwT0JFZjUxMG5PYWprRWY5eTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83MDhiNGQtYTYzZi00MzlkLTljY2Ut
MTQ4YWJmZjkxOWFkLzEvcUpUWncweGZTRV9lTGNJQ1BaS3JfbzlWMHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83MDhiNGQtYTYzZi00MzlkLTljY2UtMTQ4YWJmZjkxOWFk
LzEvR194M09NMFAwT0JFZjUxMG5PYWprRWY5eTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufNIMA0G
CSqGSIb3DQEBCwUAA4IBAQA8y0c6CGH1r31a3eTC4MDkUUB9pMF0dkVGFCGry712
ZDUw0MaYDV4J0ihSRb3h/0skprFfYRn4zVjBE78LKQ/znhzdqtfilJTOu3O9/2pk
QVI4dQ84IAQ+qJfpTMMNfnKEbZzOqOX/a2na7d7RYpjzQryxXWMKlAdcC0wehHL2
sXaUWv9HQFoD/Z/M7M+M6qcYDLll7+DFUb5pm6bkEQemFffysFriwkkJ9dUPH2rc
K+DJj+aEo3Ij3V7MBogQ5Pw30L+sjSXe5PxgMn4HNTCFI5r18j8i3P45Ovivf64z
YcJTmAeU5VbLYtWebrvxRNybKEt4ZxsfunBpZrnCf9ah
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:16:22 2025 by rpki-client