Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QiPc2PaRrW7RQkCG_j_ztxLt5Xk.roa
File: QiPc2PaRrW7RQkCG_j_ztxLt5Xk.roa (raw, json)
Hash identifier: izel9K6JKBsxSoIUVcsz0Z2s8y0OmFySSWNbCKUf9g8=
Subject key identifier: 42:23:DC:D8:F6:91:AD:6E:D1:42:40:86:FE:3F:F3:B7:12:ED:E5:79
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019411E8D65AA657DA4C74A11736674741FC
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QiPc2PaRrW7RQkCG_j_ztxLt5Xk.roa
Signing time: Sun 29 Dec 2024 10:14:19 +0000
ROA not before: Sun 29 Dec 2024 10:14:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215224
IP address blocks: 89.40.70.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:11:e8:d6:5a:a6:57:da:4c:74:a1:17:36:67:47:41:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 29 10:14:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4223dcd8f691ad6ed1424086fe3ff3b712ede579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:37:2e:bf:8d:57:20:d1:d6:8a:f4:4f:89:30:
f8:5a:6a:93:01:43:26:2d:fd:42:4f:d2:25:5e:92:
d4:c3:74:2d:3e:5d:6a:f9:9d:60:8e:42:0e:22:5f:
e4:62:34:b8:81:af:65:25:09:e8:5c:19:fa:5a:89:
0f:86:57:9f:1c:b1:85:77:18:70:f5:40:ac:05:26:
cb:e3:fc:b3:d0:39:84:c7:87:db:81:e2:53:5b:f6:
78:c8:ec:7b:46:9b:0e:fd:16:00:ee:a6:9b:41:0c:
3b:ab:87:b7:8c:41:a5:95:ef:14:ac:85:f6:b1:15:
a0:0b:36:cb:dc:e3:e6:6d:34:cc:85:54:2c:9c:de:
1e:9b:00:dc:c5:77:01:1a:8e:a1:14:e0:13:8d:f2:
ca:e7:ed:a7:bc:8a:ac:d7:1e:cf:6b:63:b6:e9:ee:
e4:3d:9e:86:e7:0b:56:2b:81:0c:e9:ab:22:b1:30:
af:e0:f8:d2:a5:31:53:42:3d:6f:fb:06:ac:b9:85:
b3:5b:65:43:b3:88:10:de:51:df:ab:20:fc:d2:61:
43:ec:3d:39:f9:ff:67:7a:92:4d:64:b1:03:b4:1b:
35:31:df:b6:a0:bb:a7:b8:bf:97:6a:38:c2:8f:7f:
76:13:03:bb:d5:8b:0c:4d:22:ce:37:32:c5:6d:a3:
4e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:23:DC:D8:F6:91:AD:6E:D1:42:40:86:FE:3F:F3:B7:12:ED:E5:79
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/QiPc2PaRrW7RQkCG_j_ztxLt5Xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.70.0/24
188.64.142.0/24
Signature Algorithm: sha256WithRSAEncryption
21:6d:20:bc:f7:86:77:8c:d2:72:01:7a:bc:aa:a4:e5:63:86:
56:03:e7:2b:e3:65:f7:a9:d7:56:e3:2b:d3:c1:a7:71:a8:fa:
66:89:dd:61:ff:cb:10:d9:de:e9:54:a5:5b:fa:33:af:d2:9a:
af:fc:20:39:b3:98:b1:fb:41:89:be:8a:1a:48:08:8b:ca:fe:
78:8a:f6:54:ee:66:df:d7:c9:45:a7:e1:51:e6:c9:65:ff:63:
c3:9f:92:da:0a:4c:e6:5f:d9:29:55:ae:04:da:97:bd:41:a2:
67:9f:a9:78:82:2f:10:e9:92:d1:8c:4b:7a:59:02:d5:d2:34:
0b:85:0a:f5:f7:90:4a:2c:ea:32:77:0c:fa:01:0c:9a:9e:3e:
53:88:da:d3:94:5a:75:72:c5:35:46:ca:4c:0e:a6:62:40:0d:
e7:2c:45:3e:4c:e1:b7:40:f9:2b:f9:c2:ea:70:cc:8a:df:6f:
2f:17:b1:95:14:7d:de:df:02:22:f3:45:21:ea:2f:8b:de:08:
59:fe:03:05:26:5b:87:33:13:ff:cc:74:6c:5f:bf:f2:84:58:
74:bc:19:2d:ab:31:19:a7:09:4d:df:e0:64:c3:6c:c2:ef:14:
1c:32:50:fb:83:d4:63:ed:67:61:87:18:1d:9e:87:5b:de:c4:
f8:47:ab:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQR6NZaplfaTHShFzZnR0H8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMjI5MTAxNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjIzZGNkOGY2OTFhZDZlZDE0MjQwODZmZTNmZjNiNzEyZWRlNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzcuv41XINHWivRPiTD4WmqTAUMm
Lf1CT9IlXpLUw3QtPl1q+Z1gjkIOIl/kYjS4ga9lJQnoXBn6WokPhlefHLGFdxhw
9UCsBSbL4/yz0DmEx4fbgeJTW/Z4yOx7RpsO/RYA7qabQQw7q4e3jEGlle8UrIX2
sRWgCzbL3OPmbTTMhVQsnN4emwDcxXcBGo6hFOATjfLK5+2nvIqs1x7Pa2O26e7k
PZ6G5wtWK4EM6asisTCv4PjSpTFTQj1v+wasuYWzW2VDs4gQ3lHfqyD80mFD7D05
+f9nepJNZLEDtBs1Md+2oLunuL+XajjCj392EwO71YsMTSLONzLFbaNO1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEIj3Nj2ka1u0UJAhv4/87cS7eV5MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUWlQYzJQYVJyVzdSUWtDR19qX3p0eEx0NVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWShGAwQA
vECOMA0GCSqGSIb3DQEBCwUAA4IBAQAhbSC894Z3jNJyAXq8qqTlY4ZWA+cr42X3
qddW4yvTwadxqPpmid1h/8sQ2d7pVKVb+jOv0pqv/CA5s5ix+0GJvooaSAiLyv54
ivZU7mbf18lFp+FR5sll/2PDn5LaCkzmX9kpVa4E2pe9QaJnn6l4gi8Q6ZLRjEt6
WQLV0jQLhQr195BKLOoydwz6AQyanj5TiNrTlFp1csU1RspMDqZiQA3nLEU+TOG3
QPkr+cLqcMyK328vF7GVFH3e3wIi80Uh6i+L3ghZ/gMFJluHMxP/zHRsX7/yhFh0
vBktqzEZpwlN3+Bkw2zC7xQcMlD7g9Rj7Wdhhxgdnodb3sT4R6ue
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:24 2025 by rpki-client