Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/bqCVZpKVqbaM5FetsVkW7TIV3x8.roa
File: bqCVZpKVqbaM5FetsVkW7TIV3x8.roa (raw, json)
Hash identifier: P1R0wophtx74hRmtEyqxTrdXg8b4bk/BoOBOZgSKnS4=
Subject key identifier: 6E:A0:95:66:92:95:A9:B6:8C:E4:57:AD:B1:59:16:ED:32:15:DF:1F
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 018CC5DBEC68CF40AD4D39DEFCEA8C7405A0
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/bqCVZpKVqbaM5FetsVkW7TIV3x8.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57815
IP address blocks: 91.235.165.0/24 maxlen: 24
194.40.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ec:68:cf:40:ad:4d:39:de:fc:ea:8c:74:05:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ea095669295a9b68ce457adb15916ed3215df1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ea:96:67:1e:ce:a2:b4:b5:c7:f1:a3:81:40:
6a:11:b0:22:e0:1a:15:35:3b:12:57:0e:78:2e:7a:
d9:87:44:ce:6e:4d:69:72:dd:a7:89:40:e1:97:a7:
71:ec:07:48:8a:35:68:a2:a9:26:4d:29:fc:d3:9c:
b4:0a:7f:24:cb:03:b8:f1:8c:b0:3c:ae:ab:52:1b:
67:a1:c0:00:03:70:b6:3e:b8:2c:42:6c:28:90:d5:
e2:12:33:4a:0f:83:ac:95:36:ca:cd:31:4f:ae:a4:
48:01:ae:08:b5:36:b8:93:07:18:c0:6e:3a:54:e9:
64:bb:dd:08:9f:2c:d3:dd:35:e1:f1:9a:ee:0a:41:
b4:71:a4:bc:37:dd:45:40:9f:a4:96:ae:6a:92:4e:
6a:ad:a1:c7:aa:18:eb:d6:9a:0c:b5:69:3e:d8:d7:
ab:99:9d:b7:f4:0e:be:70:4d:d8:ef:b8:c6:60:c2:
0f:38:2f:b7:0a:23:c7:3e:70:91:a1:73:c5:aa:58:
52:c8:9b:70:48:94:5d:d2:93:9e:d1:45:22:16:66:
c2:16:72:36:8b:9e:ea:d4:c5:87:b2:8c:e8:14:29:
1c:96:74:e8:5f:e7:80:69:33:51:68:1d:d0:a9:f9:
d9:6c:ed:53:54:7f:27:da:9f:1a:85:01:02:ef:1a:
2d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A0:95:66:92:95:A9:B6:8C:E4:57:AD:B1:59:16:ED:32:15:DF:1F
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/bqCVZpKVqbaM5FetsVkW7TIV3x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.165.0/24
194.40.210.0/24
Signature Algorithm: sha256WithRSAEncryption
67:22:d6:10:e8:41:0d:3b:a7:8d:25:2e:f6:94:8e:15:bc:e0:
1b:9a:72:e3:21:14:8c:95:41:1f:01:88:d0:f7:ac:51:78:ff:
ca:83:f8:4a:a5:cf:d5:56:6c:08:78:9e:fc:a4:16:6c:0c:44:
ba:c2:bf:a4:0d:93:d8:57:b6:7f:c5:57:70:68:7a:bf:29:fb:
32:ed:36:79:dc:be:a5:e0:ff:b1:6c:1e:b6:14:dc:d6:77:1d:
29:c4:6f:72:b2:3e:d1:66:01:34:1a:33:c6:0f:5b:3c:cc:15:
07:8a:ef:68:67:2b:86:05:80:b0:11:49:60:b7:eb:ad:a8:74:
27:9c:2f:9c:d5:8a:8f:86:98:8c:ab:72:44:20:2b:94:e3:2a:
f6:99:a0:a3:a6:4b:fa:ca:38:45:47:8a:17:cb:b0:c8:41:e3:
2e:6e:74:d9:fb:8d:0e:60:ed:1b:f6:75:da:09:99:93:a0:4f:
3b:b2:90:4e:44:13:7b:b5:a5:8d:cc:47:75:b4:9f:dc:0b:dd:
d2:23:d7:c5:14:8e:d7:c7:f7:a1:98:b1:0e:0c:e2:47:00:30:
a2:02:24:36:b9:65:7a:5e:00:6f:04:9b:5e:2a:a1:9c:08:20:
03:4a:2b:97:e6:55:f8:26:d3:bb:98:56:7e:d7:50:d5:f2:6b:
15:a6:77:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF2+xoz0CtTTne/OqMdAWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWEwOTU2NjkyOTVhOWI2OGNlNDU3YWRiMTU5MTZlZDMyMTVkZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+qWZx7OorS1x/GjgUBqEbAi4BoV
NTsSVw54LnrZh0TObk1pct2niUDhl6dx7AdIijVooqkmTSn805y0Cn8kywO48Yyw
PK6rUhtnocAAA3C2PrgsQmwokNXiEjNKD4OslTbKzTFPrqRIAa4ItTa4kwcYwG46
VOlku90InyzT3TXh8ZruCkG0caS8N91FQJ+klq5qkk5qraHHqhjr1poMtWk+2Ner
mZ239A6+cE3Y77jGYMIPOC+3CiPHPnCRoXPFqlhSyJtwSJRd0pOe0UUiFmbCFnI2
i57q1MWHsozoFCkclnToX+eAaTNRaB3QqfnZbO1TVH8n2p8ahQEC7xotwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG6glWaSlam2jORXrbFZFu0yFd8fMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvYnFDVlpwS1ZxYmFNNUZldHNWa1c3VElWM3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+ulAwQA
wijSMA0GCSqGSIb3DQEBCwUAA4IBAQBnItYQ6EENO6eNJS72lI4VvOAbmnLjIRSM
lUEfAYjQ96xReP/Kg/hKpc/VVmwIeJ78pBZsDES6wr+kDZPYV7Z/xVdwaHq/Kfsy
7TZ53L6l4P+xbB62FNzWdx0pxG9ysj7RZgE0GjPGD1s8zBUHiu9oZyuGBYCwEUlg
t+utqHQnnC+c1YqPhpiMq3JEICuU4yr2maCjpkv6yjhFR4oXy7DIQeMubnTZ+40O
YO0b9nXaCZmToE87spBORBN7taWNzEd1tJ/cC93SI9fFFI7Xx/ehmLEODOJHADCi
AiQ2uWV6XgBvBJteKqGcCCADSiuX5lX4JtO7mFZ+11DV8msVpnec
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:17 2025 by rpki-client