Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/q2GHuf9Ixi7jSOEHaBNvc3w77os.roa
File: q2GHuf9Ixi7jSOEHaBNvc3w77os.roa (raw, json)
Hash identifier: iAi2ti6dg/Y/39JTFQBvqxdBbmCsduU6wAq747IIOcE=
Subject key identifier: AB:61:87:B9:FF:48:C6:2E:E3:48:E1:07:68:13:6F:73:7C:3B:EE:8B
Certificate issuer: /CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f
Certificate serial: 018CC492E63B4EDFBCC362214E8C47F8EF03
Authority key identifier: 84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/q2GHuf9Ixi7jSOEHaBNvc3w77os.roa
Signing time: Mon 01 Jan 2024 10:30:10 +0000
ROA not before: Mon 01 Jan 2024 10:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39396
IP address blocks: 185.251.39.0/24 maxlen: 24
85.187.216.0/23 maxlen: 24
185.138.176.0/22 maxlen: 24
2a10:bac0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 30 Aug 2024 16:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e6:3b:4e:df:bc:c3:62:21:4e:8c:47:f8:ef:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f
Validity
Not Before: Jan 1 10:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab6187b9ff48c62ee348e10768136f737c3bee8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e0:3f:22:1d:d4:20:b2:74:ac:26:6a:90:dd:
b8:e0:ef:35:8f:9a:e7:8a:d1:a8:76:18:2b:cd:11:
22:91:76:61:f5:a1:40:0d:89:e7:26:c7:e0:66:c4:
56:59:59:0d:24:2e:5c:4d:d0:b2:6c:13:7d:c2:0b:
03:73:7d:45:ef:3b:3f:cc:90:f4:62:7c:33:16:91:
de:97:1c:9c:93:d2:89:09:8f:ed:16:57:38:4d:d5:
33:d9:87:97:4b:ef:44:d1:bc:46:b3:6e:41:4b:ab:
1a:6b:0c:79:2b:31:2f:80:b7:1f:a5:67:ff:bc:68:
93:16:59:bb:f9:a7:08:18:26:f6:a1:a6:09:26:c2:
1c:d3:82:34:16:f0:b5:ef:c4:ac:c0:76:fa:ad:01:
56:5b:13:cb:c1:c3:c0:a4:27:3a:0e:e4:ea:11:b6:
3b:78:57:d4:ee:5b:40:ba:4f:ec:b8:a8:ab:62:4e:
90:d1:5e:9b:53:32:c7:f5:2d:d8:dd:e0:d5:c9:1c:
3f:c8:1f:ba:a1:23:85:96:e4:ad:57:41:5c:f1:d3:
2d:aa:0d:56:a7:6f:2f:c9:e9:af:8d:84:54:e1:55:
f0:f7:4c:4c:3e:7d:2a:68:d1:70:9b:1b:86:94:11:
7d:99:65:0d:48:46:97:0b:70:c6:0f:09:30:80:18:
2f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:61:87:B9:FF:48:C6:2E:E3:48:E1:07:68:13:6F:73:7C:3B:EE:8B
X509v3 Authority Key Identifier:
keyid:84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/q2GHuf9Ixi7jSOEHaBNvc3w77os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.216.0/23
185.138.176.0/22
185.251.39.0/24
IPv6:
2a10:bac0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:b4:b7:91:e4:4d:cf:43:02:81:b6:a8:7b:bf:3d:57:85:9f:
1b:0e:8b:25:9e:fb:1c:51:6f:46:49:bc:8d:9d:03:04:f8:90:
04:9d:10:d6:a6:46:24:42:82:07:2e:9e:01:90:82:8d:27:f0:
a2:c7:20:f3:69:a6:b1:72:28:35:ed:89:29:cc:d7:23:ae:7e:
1f:d3:64:0a:16:83:96:9a:6c:b5:78:5a:f4:1f:7d:8e:21:bc:
2b:80:17:1c:0d:03:55:b1:2e:f0:da:77:6a:6e:5b:84:a1:fa:
3e:ed:99:ba:7a:54:4e:d3:c9:4b:54:9c:07:8b:b9:26:37:89:
91:fb:60:9b:1d:6c:04:85:e1:e9:11:bd:76:c0:71:2c:50:2c:
b5:dd:1e:ce:40:12:43:51:33:d3:02:4f:95:10:13:63:b0:95:
c8:c2:83:0d:38:c7:af:45:48:d5:e5:ac:1e:34:b1:bb:49:93:
ad:fd:e6:46:1b:70:7f:6d:a0:49:21:50:4b:68:ad:ee:50:60:
d2:41:0b:30:d5:ee:c0:b7:b8:6c:47:29:0e:6d:4c:10:ab:2d:
c5:13:27:61:24:42:fe:75:74:3c:3a:6e:8d:c6:3d:f7:f5:3a:
73:e4:7d:30:6d:ed:c2:dd:0d:76:18:02:e8:45:c0:48:61:ce:
6b:bf:da:91
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEkuY7Tt+8w2IhToxH+O8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjQzMGQ5YWQ5Y2I5YzQyYzRiZDY2OTBlOWY1ODEyYTQ1
N2EwMmYwHhcNMjQwMTAxMTAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjYxODdiOWZmNDhjNjJlZTM0OGUxMDc2ODEzNmY3MzdjM2JlZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+A/Ih3UILJ0rCZqkN244O81j5rn
itGodhgrzREikXZh9aFADYnnJsfgZsRWWVkNJC5cTdCybBN9wgsDc31F7zs/zJD0
YnwzFpHelxyck9KJCY/tFlc4TdUz2YeXS+9E0bxGs25BS6saawx5KzEvgLcfpWf/
vGiTFlm7+acIGCb2oaYJJsIc04I0FvC178SswHb6rQFWWxPLwcPApCc6DuTqEbY7
eFfU7ltAuk/suKirYk6Q0V6bUzLH9S3Y3eDVyRw/yB+6oSOFluStV0Fc8dMtqg1W
p28vyemvjYRU4VXw90xMPn0qaNFwmxuGlBF9mWUNSEaXC3DGDwkwgBgvNwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKthh7n/SMYu40jhB2gTb3N8O+6LMB8GA1UdIwQY
MBaAFIT0MNmtnLnELEvWaQ6fWBKkV6AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBRdzJhMmN1Y1FzUzlacERwOVlFcVJYb0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hYmQwMDQtYzY4Zi00OWIxLWEyYzQt
YjkwNTZlYmJjNTc2LzEvcTJHSHVmOUl4aTdqU09FSGFCTnZjM3c3N29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hYmQwMDQtYzY4Zi00OWIxLWEyYzQtYjkwNTZlYmJjNTc2
LzEvaFBRdzJhMmN1Y1FzUzlacERwOVlFcVJYb0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBVbvYAwQC
uYqwAwQAufsnMA0EAgACMAcDBQAqELrAMA0GCSqGSIb3DQEBCwUAA4IBAQCbtLeR
5E3PQwKBtqh7vz1XhZ8bDoslnvscUW9GSbyNnQME+JAEnRDWpkYkQoIHLp4BkIKN
J/CixyDzaaaxcig17YkpzNcjrn4f02QKFoOWmmy1eFr0H32OIbwrgBccDQNVsS7w
2ndqbluEofo+7Zm6elRO08lLVJwHi7kmN4mR+2CbHWwEheHpEb12wHEsUCy13R7O
QBJDUTPTAk+VEBNjsJXIwoMNOMevRUjV5aweNLG7SZOt/eZGG3B/baBJIVBLaK3u
UGDSQQsw1e7At7hsRykObUwQqy3FEydhJEL+dXQ8Om6Nxj339Tpz5H0wbe3C3Q12
GALoRcBIYc5rv9qR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:26 2025 by rpki-client