Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/65985b-55b7-4cb7-a4f4-998783c6841d/1/qgcV9PYlEXSJr4G4mkmp3rAaVEg.roa
File: qgcV9PYlEXSJr4G4mkmp3rAaVEg.roa (raw, json)
Hash identifier: wWTL9D8gHwlhS/bvHL6+uv+GvqhzrJws4uWdWe/3r1Q=
Subject key identifier: AA:07:15:F4:F6:25:11:74:89:AF:81:B8:9A:49:A9:DE:B0:1A:54:48
Certificate issuer: /CN=453b84e8e0e5617c34260d768f440a5131f2dcf4
Certificate serial: 0192043116701F323C131277454FE9EA4D9B
Authority key identifier: 45:3B:84:E8:E0:E5:61:7C:34:26:0D:76:8F:44:0A:51:31:F2:DC:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RTuE6ODlYXw0Jg12j0QKUTHy3PQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/65985b-55b7-4cb7-a4f4-998783c6841d/1/qgcV9PYlEXSJr4G4mkmp3rAaVEg.roa
Signing time: Wed 18 Sep 2024 08:12:58 +0000
ROA not before: Wed 18 Sep 2024 08:12:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207535
IP address blocks: 5.154.180.0/24 maxlen: 24
91.192.11.0/24 maxlen: 24
91.250.242.0/24 maxlen: 24
2a10:ab40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:31:16:70:1f:32:3c:13:12:77:45:4f:e9:ea:4d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453b84e8e0e5617c34260d768f440a5131f2dcf4
Validity
Not Before: Sep 18 08:12:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa0715f4f625117489af81b89a49a9deb01a5448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:81:72:9c:64:98:09:15:ef:70:19:91:5c:b0:
01:f0:e2:4a:65:92:f5:c0:14:3b:ae:dc:46:9f:36:
26:f1:0c:60:8b:6e:0d:ed:9b:96:c5:d9:28:e6:33:
55:4d:17:77:80:d3:20:00:f9:19:3c:fb:2d:37:9e:
f0:8f:25:b3:d9:db:1b:6f:41:0e:eb:a8:75:fe:07:
f8:b3:53:d8:d2:b1:05:00:6d:16:d6:aa:64:5a:9c:
00:92:48:8b:9a:d2:e0:f2:0b:74:7f:09:8f:36:d2:
c7:be:bc:5c:e8:61:d9:45:c9:b4:08:9c:34:42:1d:
36:3c:3b:ca:19:1e:f2:94:ae:69:c2:93:66:86:b1:
07:95:96:44:59:bd:ff:bd:41:21:56:0e:50:57:ac:
8f:5e:9c:4f:c3:f2:25:66:25:1f:5b:33:d1:ec:f0:
a3:76:3a:e2:e7:85:9b:27:e3:7d:5e:6c:34:c4:a5:
75:bb:b8:05:1c:35:5d:59:df:b4:3a:02:2c:4f:78:
8f:4a:c3:9e:5e:0c:3a:8e:df:cb:ea:ee:d5:24:d6:
8e:98:ad:6c:cc:68:91:16:ad:c8:1b:d3:75:42:53:
8d:ac:de:b1:27:1d:c0:54:fa:8f:22:38:f7:4a:b7:
2b:49:fc:5f:cf:45:c6:40:48:f3:cb:ad:90:9f:a2:
95:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:07:15:F4:F6:25:11:74:89:AF:81:B8:9A:49:A9:DE:B0:1A:54:48
X509v3 Authority Key Identifier:
keyid:45:3B:84:E8:E0:E5:61:7C:34:26:0D:76:8F:44:0A:51:31:F2:DC:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RTuE6ODlYXw0Jg12j0QKUTHy3PQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/65985b-55b7-4cb7-a4f4-998783c6841d/1/qgcV9PYlEXSJr4G4mkmp3rAaVEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/65985b-55b7-4cb7-a4f4-998783c6841d/1/RTuE6ODlYXw0Jg12j0QKUTHy3PQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.180.0/24
91.192.11.0/24
91.250.242.0/24
IPv6:
2a10:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
0b:53:47:60:aa:7a:93:dc:ca:74:58:ee:a5:e3:7c:07:a4:48:
2b:ea:da:31:88:2e:91:80:30:04:0e:c9:b6:e0:f7:d8:39:be:
c1:3c:8b:b0:ec:33:b3:04:ea:08:34:21:42:5c:7d:5c:7c:46:
fc:5e:e1:54:89:d4:9a:8b:8d:96:f9:63:0d:77:ec:ac:ad:38:
f7:94:97:18:e3:41:5f:c4:11:11:0d:1c:30:22:22:e5:db:a3:
26:e5:b6:67:04:49:38:c2:b4:99:29:9e:6f:4d:b1:10:f9:0a:
63:f0:b7:8f:bd:99:07:b4:eb:3a:53:2d:b3:e6:cd:b7:59:e2:
63:79:d7:4a:54:cf:dd:7b:2e:5a:f2:dc:bc:b4:dc:94:32:03:
85:2e:7b:af:40:c2:1a:9f:5c:8c:e2:46:a8:bf:28:b1:ba:f0:
25:0d:5e:5d:3a:bd:27:d6:77:32:fb:29:7e:1f:13:c3:47:ed:
76:18:89:c5:b7:ca:80:54:f6:29:81:30:50:37:24:3b:12:7d:
32:f7:9c:a6:5b:49:01:8d:9b:72:58:9f:6a:93:82:e9:dd:e7:
a0:eb:77:87:d7:e4:ba:e6:05:bc:11:78:36:12:05:10:bc:dd:
c2:61:1c:b0:47:4d:af:9c:ba:fa:ae:80:81:ea:27:9f:53:1f:
f2:43:c6:3b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZIEMRZwHzI8ExJ3RU/p6k2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1M2I4NGU4ZTBlNTYxN2MzNDI2MGQ3NjhmNDQwYTUxMzFm
MmRjZjQwHhcNMjQwOTE4MDgxMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA3MTVmNGY2MjUxMTc0ODlhZjgxYjg5YTQ5YTlkZWIwMWE1NDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoFynGSYCRXvcBmRXLAB8OJKZZL1
wBQ7rtxGnzYm8Qxgi24N7ZuWxdko5jNVTRd3gNMgAPkZPPstN57wjyWz2dsbb0EO
66h1/gf4s1PY0rEFAG0W1qpkWpwAkkiLmtLg8gt0fwmPNtLHvrxc6GHZRcm0CJw0
Qh02PDvKGR7ylK5pwpNmhrEHlZZEWb3/vUEhVg5QV6yPXpxPw/IlZiUfWzPR7PCj
djri54WbJ+N9Xmw0xKV1u7gFHDVdWd+0OgIsT3iPSsOeXgw6jt/L6u7VJNaOmK1s
zGiRFq3IG9N1QlONrN6xJx3AVPqPIjj3SrcrSfxfz0XGQEjzy62Qn6KVGwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKoHFfT2JRF0ia+BuJpJqd6wGlRIMB8GA1UdIwQY
MBaAFEU7hOjg5WF8NCYNdo9EClEx8tz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlR1RTZPRGxZWHcwSmcxMmowUUtVVEh5M1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NTk4NWItNTViNy00Y2I3LWE0ZjQt
OTk4NzgzYzY4NDFkLzEvcWdjVjlQWWxFWFNKcjRHNG1rbXAzckFhVkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NTk4NWItNTViNy00Y2I3LWE0ZjQtOTk4NzgzYzY4NDFk
LzEvUlR1RTZPRGxZWHcwSmcxMmowUUtVVEh5M1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABZq0AwQA
W8ALAwQAW/ryMA0EAgACMAcDBQAqEKtAMA0GCSqGSIb3DQEBCwUAA4IBAQALU0dg
qnqT3Mp0WO6l43wHpEgr6toxiC6RgDAEDsm24PfYOb7BPIuw7DOzBOoINCFCXH1c
fEb8XuFUidSai42W+WMNd+ysrTj3lJcY40FfxBERDRwwIiLl26Mm5bZnBEk4wrSZ
KZ5vTbEQ+Qpj8LePvZkHtOs6Uy2z5s23WeJjeddKVM/dey5a8ty8tNyUMgOFLnuv
QMIan1yM4kaovyixuvAlDV5dOr0n1ncy+yl+HxPDR+12GInFt8qAVPYpgTBQNyQ7
En0y95ymW0kBjZtyWJ9qk4Lp3eeg63eH1+S65gW8EXg2EgUQvN3CYRywR02vnLr6
roCB6iefUx/yQ8Y7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:40 2025 by rpki-client