Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qAWWDCiVJyMmTTFwUkWq6Zq_wPU.roa
File: qAWWDCiVJyMmTTFwUkWq6Zq_wPU.roa (raw, json)
Hash identifier: 3LfsI8N58KFAF4owM4mtJBTum8pQciZ2hRMi5JVtA+w=
Subject key identifier: A8:05:96:0C:28:95:27:23:26:4D:31:70:52:45:AA:E9:9A:BF:C0:F5
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019375EEE3ED83380FD70E3CF63C6691873C
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qAWWDCiVJyMmTTFwUkWq6Zq_wPU.roa
Signing time: Fri 29 Nov 2024 03:20:10 +0000
ROA not before: Fri 29 Nov 2024 03:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213122
IP address blocks: 188.253.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 22:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:75:ee:e3:ed:83:38:0f:d7:0e:3c:f6:3c:66:91:87:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 29 03:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a805960c28952723264d31705245aae99abfc0f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6e:6d:9c:b6:af:c7:6f:ef:bd:21:e2:9b:52:
06:c4:53:54:cd:da:12:1b:f7:b3:af:3e:e4:43:b3:
9a:82:1a:ea:5c:0a:c1:e6:76:d8:2a:f3:b5:5f:7f:
8a:74:15:80:92:72:85:dd:c5:18:a8:a4:34:13:94:
1e:8c:24:57:66:e3:ea:6c:4e:52:5c:06:65:1b:49:
15:aa:d2:4a:87:a9:e9:be:df:59:ce:df:46:f4:6c:
9d:cc:96:8d:85:0b:6d:f0:9f:42:fb:10:df:87:d3:
35:f5:f0:8a:cf:0c:d1:0d:7f:e7:68:2c:d6:9c:d8:
1a:66:22:a2:fd:36:09:b8:95:dc:5f:2f:16:85:50:
11:ac:b7:49:6f:8c:86:30:0c:03:3e:e2:f8:49:31:
99:20:0f:00:ac:96:1a:47:a1:88:e3:af:e6:8d:9d:
62:f9:a1:21:03:fb:e1:cd:30:5c:d1:42:f2:9f:12:
3a:36:9e:f5:6f:4e:f2:12:06:0e:c5:b7:a6:48:e8:
96:c6:6c:45:88:37:f8:8c:15:b8:6f:b0:ce:c0:96:
87:ca:39:78:eb:74:10:81:63:97:02:94:d0:d4:20:
3d:4d:bf:ec:41:39:ae:3c:08:37:4c:56:dd:2c:09:
75:c7:95:ba:ab:c1:59:27:c2:c3:c2:55:9a:5c:0d:
9f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:05:96:0C:28:95:27:23:26:4D:31:70:52:45:AA:E9:9A:BF:C0:F5
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/qAWWDCiVJyMmTTFwUkWq6Zq_wPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.253.28.0/22
Signature Algorithm: sha256WithRSAEncryption
95:59:a6:bf:10:dc:58:44:e7:5f:72:dd:65:d0:10:29:fd:9e:
22:ee:b8:3e:9c:fc:2a:14:c4:28:00:76:f3:b7:8b:02:a5:3b:
83:04:63:ed:0d:cf:50:fd:47:8a:e9:32:bd:9d:f2:4c:d5:f3:
9f:a4:69:a7:0b:02:f2:dc:f2:20:29:a6:a0:7e:be:1a:05:61:
c5:04:c7:b5:de:fd:f7:93:bc:47:62:f7:01:3e:de:a8:8c:4d:
74:65:86:45:ab:79:0f:a8:bd:80:b9:fe:eb:c5:4f:51:31:f8:
f6:8e:44:26:3a:51:cf:47:b7:dc:64:08:fa:80:52:92:de:16:
da:ec:5e:8c:92:9e:46:3f:41:32:ff:57:ae:d9:35:b9:e7:46:
59:d9:11:65:2f:3f:bf:e6:a7:02:03:28:eb:09:00:8c:c9:a5:
ab:c5:ec:56:ae:cc:2e:18:38:8d:2a:9f:7c:db:c0:11:ec:dd:
c8:24:14:1b:ea:81:35:30:57:db:31:98:61:74:43:dd:68:0b:
5f:4c:b3:1c:42:a9:a2:92:eb:3f:e0:f2:ef:34:bd:7e:c0:1f:
63:ca:b5:b2:b3:9c:5a:b7:02:5e:50:70:dd:6b:49:78:12:b4:
82:d0:67:3e:51:39:66:0a:a7:a1:f0:57:4b:dd:50:f3:bc:70:
8c:5c:eb:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZN17uPtgzgP1w489jxmkYc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMTI5MDMyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA1OTYwYzI4OTUyNzIzMjY0ZDMxNzA1MjQ1YWFlOTlhYmZjMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm5tnLavx2/vvSHim1IGxFNUzdoS
G/ezrz7kQ7OaghrqXArB5nbYKvO1X3+KdBWAknKF3cUYqKQ0E5QejCRXZuPqbE5S
XAZlG0kVqtJKh6npvt9Zzt9G9GydzJaNhQtt8J9C+xDfh9M19fCKzwzRDX/naCzW
nNgaZiKi/TYJuJXcXy8WhVARrLdJb4yGMAwDPuL4STGZIA8ArJYaR6GI46/mjZ1i
+aEhA/vhzTBc0ULynxI6Np71b07yEgYOxbemSOiWxmxFiDf4jBW4b7DOwJaHyjl4
63QQgWOXApTQ1CA9Tb/sQTmuPAg3TFbdLAl1x5W6q8FZJ8LDwlWaXA2f0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgFlgwolScjJk0xcFJFqumav8D1MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcUFXV0RDaVZKeU1tVFRGd1VrV3E2WnFfd1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvP0cMA0G
CSqGSIb3DQEBCwUAA4IBAQCVWaa/ENxYROdfct1l0BAp/Z4i7rg+nPwqFMQoAHbz
t4sCpTuDBGPtDc9Q/UeK6TK9nfJM1fOfpGmnCwLy3PIgKaagfr4aBWHFBMe13v33
k7xHYvcBPt6ojE10ZYZFq3kPqL2Auf7rxU9RMfj2jkQmOlHPR7fcZAj6gFKS3hba
7F6Mkp5GP0Ey/1eu2TW550ZZ2RFlLz+/5qcCAyjrCQCMyaWrxexWrswuGDiNKp98
28AR7N3IJBQb6oE1MFfbMZhhdEPdaAtfTLMcQqmikus/4PLvNL1+wB9jyrWys5xa
twJeUHDda0l4ErSC0Gc+UTlmCqeh8FdL3VDzvHCMXOvQ
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:45:33 2025 by rpki-client