Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Qyd2eSFAxj7R62XFnzCS1yvIPiA.roa
File: Qyd2eSFAxj7R62XFnzCS1yvIPiA.roa (raw, json)
Hash identifier: 4Fcx3Yez2+CFOJVJrhsBtMs6F1jDB4V8ahJDmpGBmUQ=
Subject key identifier: 43:27:76:79:21:40:C6:3E:D1:EB:65:C5:9F:30:92:D7:2B:C8:3E:20
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01939B32EAEE075308059EBECBB6D64AD23B
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Qyd2eSFAxj7R62XFnzCS1yvIPiA.roa
Signing time: Fri 06 Dec 2024 09:00:25 +0000
ROA not before: Fri 06 Dec 2024 09:00:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49187
IP address blocks: 188.253.14.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:32:ea:ee:07:53:08:05:9e:be:cb:b6:d6:4a:d2:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 6 09:00:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=432776792140c63ed1eb65c59f3092d72bc83e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:5d:11:0e:18:f6:ad:bd:b1:91:34:3b:5c:
d5:9d:71:12:46:26:e7:35:d9:bd:a6:5d:ab:e8:47:
05:ea:94:77:e6:10:ab:ce:28:18:1a:99:8c:35:0d:
d3:60:f1:e5:90:2e:83:91:65:4b:3f:ff:cf:fc:86:
89:7a:3c:30:cb:80:9f:07:1e:6c:f2:1e:dd:11:e1:
6e:73:66:7a:9a:c9:2e:69:de:53:16:75:ab:f1:cb:
02:57:e7:cf:be:1e:7d:45:e6:43:89:41:8c:db:5e:
93:a5:ff:50:88:20:d1:13:23:b3:26:56:10:f6:b4:
da:ed:06:80:22:80:fc:5a:0e:34:10:d9:56:66:1f:
f5:5e:04:5e:88:da:26:54:13:8c:24:77:fd:fc:f4:
e2:84:81:67:5c:b3:3d:08:89:6e:95:43:6b:fe:a9:
77:90:95:46:89:90:54:ab:72:22:08:4b:3e:76:75:
29:96:3f:df:7f:d1:1d:e2:a8:d3:5f:3a:9c:97:c2:
37:e7:15:c8:bd:8a:12:7e:e1:47:82:69:04:f8:42:
1d:c3:76:05:68:68:87:d4:5f:b3:6f:9c:5c:2a:f4:
d6:8f:e2:4d:36:4d:51:29:6b:89:90:85:60:ba:70:
82:1b:9f:83:d2:a1:14:a9:4d:cd:a4:81:eb:bc:98:
cb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:27:76:79:21:40:C6:3E:D1:EB:65:C5:9F:30:92:D7:2B:C8:3E:20
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Qyd2eSFAxj7R62XFnzCS1yvIPiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.253.14.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:06:a4:13:ea:c0:9a:50:02:38:4d:68:1f:7c:26:64:e2:ab:
75:9d:c4:6e:90:48:34:32:40:54:f2:42:fd:83:00:05:7e:95:
b6:0c:ba:6f:41:e5:9b:cd:60:25:03:93:90:1b:42:1d:91:61:
1b:f7:db:80:ba:dc:d5:3b:de:07:c1:92:1d:1b:78:16:7d:20:
6a:2a:bf:6d:28:ee:eb:05:f6:7b:b3:6e:d0:e2:e6:4c:38:7f:
ea:c3:32:8c:fd:be:12:38:53:42:6d:94:00:b8:49:41:c1:e9:
bf:7e:d5:a7:67:de:d9:a7:a0:85:3c:3c:ec:ea:ad:1e:74:70:
f3:38:07:0d:2b:b6:1c:b2:09:9d:a9:ae:9c:ca:c6:93:d4:fc:
d0:3d:a6:97:e7:e2:bd:97:15:d0:4a:eb:ff:6c:d0:bf:d6:b6:
fc:de:c4:65:ca:7b:76:a3:52:82:88:8c:c7:12:84:d2:e3:1a:
32:a0:38:38:d8:30:b0:ec:8f:2f:fa:65:e3:7a:13:d8:af:c7:
b2:0b:af:08:c9:d2:d4:10:7e:44:ec:6f:ec:dd:09:2a:0f:e7:
ed:3a:da:85:ba:d3:a3:84:45:8d:54:2a:78:6f:3b:d6:90:3b:
bd:7a:9f:98:85:d5:c4:33:dd:83:0e:20:e5:21:fc:c7:c8:f9:
a8:6b:27:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZObMuruB1MIBZ6+y7bWStI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMjA2MDkwMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzI3NzY3OTIxNDBjNjNlZDFlYjY1YzU5ZjMwOTJkNzJiYzgzZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lBdEQ4Y9q29sZE0O1zVnXESRibn
Ndm9pl2r6EcF6pR35hCrzigYGpmMNQ3TYPHlkC6DkWVLP//P/IaJejwwy4CfBx5s
8h7dEeFuc2Z6mskuad5TFnWr8csCV+fPvh59ReZDiUGM216Tpf9QiCDREyOzJlYQ
9rTa7QaAIoD8Wg40ENlWZh/1XgReiNomVBOMJHf9/PTihIFnXLM9CIlulUNr/ql3
kJVGiZBUq3IiCEs+dnUplj/ff9Ed4qjTXzqcl8I35xXIvYoSfuFHgmkE+EIdw3YF
aGiH1F+zb5xcKvTWj+JNNk1RKWuJkIVgunCCG5+D0qEUqU3NpIHrvJjLiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEMndnkhQMY+0etlxZ8wktcryD4gMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvUXlkMmVTRkF4ajdSNjJYRm56Q1MxeXZJUGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvP0OMA0G
CSqGSIb3DQEBCwUAA4IBAQAOBqQT6sCaUAI4TWgffCZk4qt1ncRukEg0MkBU8kL9
gwAFfpW2DLpvQeWbzWAlA5OQG0IdkWEb99uAutzVO94HwZIdG3gWfSBqKr9tKO7r
BfZ7s27Q4uZMOH/qwzKM/b4SOFNCbZQAuElBwem/ftWnZ97Zp6CFPDzs6q0edHDz
OAcNK7Ycsgmdqa6cysaT1PzQPaaX5+K9lxXQSuv/bNC/1rb83sRlynt2o1KCiIzH
EoTS4xoyoDg42DCw7I8v+mXjehPYr8eyC68IydLUEH5E7G/s3QkqD+ftOtqFutOj
hEWNVCp4bzvWkDu9ep+YhdXEM92DDiDlIfzHyPmoaye4
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:53:09 2025 by rpki-client