Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/dPF2KrDQq_J5lFn9t5N1owY43Kk.roa
File: dPF2KrDQq_J5lFn9t5N1owY43Kk.roa (raw, json)
Hash identifier: WM7S/OSCx5F2uOmW0qi48VtLb4jnMBn6QQo5siHBnoM=
Subject key identifier: 74:F1:76:2A:B0:D0:AB:F2:79:94:59:FD:B7:93:75:A3:06:38:DC:A9
Certificate issuer: /CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
Certificate serial: 018CC9BCF8084551AD06955BF91E7D5A055E
Authority key identifier: 40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/dPF2KrDQq_J5lFn9t5N1owY43Kk.roa
Signing time: Tue 02 Jan 2024 10:34:13 +0000
ROA not before: Tue 02 Jan 2024 10:34:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207697
IP address blocks: 193.22.137.0/24 maxlen: 24
193.22.138.0/24 maxlen: 24
193.22.139.0/24 maxlen: 24
193.22.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 11:40:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f8:08:45:51:ad:06:95:5b:f9:1e:7d:5a:05:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400f942eb07335ca3e7fbd18f06c158db37cfd4b
Validity
Not Before: Jan 2 10:34:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74f1762ab0d0abf2799459fdb79375a30638dca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4d:3c:fa:c6:47:cd:5e:df:2c:fc:6b:41:de:
47:bd:18:24:cd:fa:bb:e7:81:5a:18:3b:ca:64:77:
04:4e:5f:a4:06:ff:35:08:fd:29:d6:aa:6d:bf:57:
c6:42:71:1e:ca:d7:22:3c:aa:c5:86:7a:05:c2:60:
eb:e1:76:c4:ae:0f:3b:d2:aa:21:0c:01:f9:5b:e1:
53:fa:49:67:29:c9:fe:44:73:0f:8f:f6:6b:93:b9:
b1:66:66:13:91:01:49:29:c1:ea:9b:16:c0:f4:aa:
b7:05:8e:26:6d:d1:a8:4e:35:25:6b:72:46:66:b7:
ce:32:40:17:70:fa:e1:21:88:4d:1d:df:be:30:42:
91:07:bc:19:f9:60:a6:1e:36:31:6a:06:6f:ba:df:
be:36:3c:cf:ba:4c:6e:e8:24:af:ec:f7:56:44:91:
ef:16:2b:84:07:42:36:e2:8e:12:d6:f0:e8:e4:d3:
39:22:5f:b1:7b:71:eb:f6:21:2f:6d:25:3f:3b:cf:
4f:5b:b7:16:41:a3:29:55:11:96:23:f1:0c:93:80:
36:66:46:8a:16:c8:ca:90:05:71:68:81:32:c7:27:
80:f7:8e:81:15:7f:cc:4d:03:bc:6b:39:8f:33:e0:
65:cb:94:4c:49:dc:97:02:6c:5c:85:e0:52:85:69:
57:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F1:76:2A:B0:D0:AB:F2:79:94:59:FD:B7:93:75:A3:06:38:DC:A9
X509v3 Authority Key Identifier:
keyid:40:0F:94:2E:B0:73:35:CA:3E:7F:BD:18:F0:6C:15:8D:B3:7C:FD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA-ULrBzNco-f70Y8GwVjbN8_Us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/dPF2KrDQq_J5lFn9t5N1owY43Kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/2098ac-c2de-4362-a255-acd72d2c6cb6/1/QA-ULrBzNco-f70Y8GwVjbN8_Us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.136.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:0b:75:8a:84:a9:a0:cc:7c:39:c9:e9:a0:e8:85:f8:fb:86:
14:d6:7d:40:71:ab:82:62:4b:e5:45:62:84:d3:b2:55:94:8e:
ec:c6:09:eb:16:f5:a1:81:23:48:e9:83:14:10:e8:e0:56:3d:
fb:7b:63:cd:a8:91:73:66:21:17:d4:1d:a0:5a:2b:7b:21:74:
ac:ff:0e:a2:c7:ec:c4:0c:0d:14:4a:c7:7a:4c:24:5c:89:83:
ce:86:61:e1:34:2d:53:63:2f:30:18:a7:dd:5d:01:b1:40:08:
4f:43:7c:2b:0a:d6:b9:77:18:f9:c2:49:44:33:82:61:8a:fc:
0c:10:3e:57:c1:68:fd:56:6c:ff:c7:08:00:86:68:e7:80:29:
0d:4f:8c:7a:1e:2e:20:47:04:ec:b0:1f:ed:eb:10:01:5f:6d:
04:39:ff:a7:ad:14:f2:c3:05:4f:13:5d:30:43:c6:bf:d0:b4:
21:08:e7:08:5c:31:5f:e2:6b:a7:d2:e3:00:4b:0e:55:68:de:
42:6a:1c:c9:46:68:01:f4:32:ca:6b:71:08:0c:82:9a:5e:3f:
7e:2a:22:69:41:56:56:9c:ba:1b:3a:ab:6c:12:f9:82:01:a4:
07:1b:97:6d:bd:c0:5e:e8:db:d4:d3:a2:af:67:72:5c:b6:48:
14:7e:ca:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvPgIRVGtBpVb+R59WgVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMGY5NDJlYjA3MzM1Y2EzZTdmYmQxOGYwNmMxNThkYjM3
Y2ZkNGIwHhcNMjQwMTAyMTAzNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGYxNzYyYWIwZDBhYmYyNzk5NDU5ZmRiNzkzNzVhMzA2MzhkY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE08+sZHzV7fLPxrQd5HvRgkzfq7
54FaGDvKZHcETl+kBv81CP0p1qptv1fGQnEeytciPKrFhnoFwmDr4XbErg870qoh
DAH5W+FT+klnKcn+RHMPj/Zrk7mxZmYTkQFJKcHqmxbA9Kq3BY4mbdGoTjUla3JG
ZrfOMkAXcPrhIYhNHd++MEKRB7wZ+WCmHjYxagZvut++NjzPukxu6CSv7PdWRJHv
FiuEB0I24o4S1vDo5NM5Il+xe3Hr9iEvbSU/O89PW7cWQaMpVRGWI/EMk4A2ZkaK
FsjKkAVxaIEyxyeA946BFX/MTQO8azmPM+Bly5RMSdyXAmxcheBShWlXjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHTxdiqw0KvyeZRZ/beTdaMGONypMB8GA1UdIwQY
MBaAFEAPlC6wczXKPn+9GPBsFY2zfP1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUt
YWNkNzJkMmM2Y2I2LzEvZFBGMktyRFFxX0o1bEZuOXQ1TjFvd1k0M0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8yMDk4YWMtYzJkZS00MzYyLWEyNTUtYWNkNzJkMmM2Y2I2
LzEvUUEtVUxyQnpOY28tZjcwWThHd1ZqYk44X1VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwRaIMA0G
CSqGSIb3DQEBCwUAA4IBAQCLC3WKhKmgzHw5yemg6IX4+4YU1n1AcauCYkvlRWKE
07JVlI7sxgnrFvWhgSNI6YMUEOjgVj37e2PNqJFzZiEX1B2gWit7IXSs/w6ix+zE
DA0USsd6TCRciYPOhmHhNC1TYy8wGKfdXQGxQAhPQ3wrCta5dxj5wklEM4JhivwM
ED5XwWj9Vmz/xwgAhmjngCkNT4x6Hi4gRwTssB/t6xABX20EOf+nrRTywwVPE10w
Q8a/0LQhCOcIXDFf4mun0uMASw5VaN5CahzJRmgB9DLKa3EIDIKaXj9+KiJpQVZW
nLobOqtsEvmCAaQHG5dtvcBe6NvU06KvZ3JctkgUfsrI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:56 2025 by rpki-client