Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/qundwjGOSYNdDvyax0C82NaqOPI.roa
File: qundwjGOSYNdDvyax0C82NaqOPI.roa (raw, json)
Hash identifier: 2XXJPzRcJWPcl+V43ZhCJas1Ta9s1nA4j68ZOBimwV8=
Subject key identifier: AA:E9:DD:C2:31:8E:49:83:5D:0E:FC:9A:C7:40:BC:D8:D6:AA:38:F2
Certificate issuer: /CN=b872da0f9c6c5686a3db9ee124a99042b0a882d1
Certificate serial: 018CC64B5A90A2668F820C86A27E0079915E
Authority key identifier: B8:72:DA:0F:9C:6C:56:86:A3:DB:9E:E1:24:A9:90:42:B0:A8:82:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uHLaD5xsVoaj257hJKmQQrCogtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/qundwjGOSYNdDvyax0C82NaqOPI.roa
Signing time: Mon 01 Jan 2024 18:31:16 +0000
ROA not before: Mon 01 Jan 2024 18:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58291
IP address blocks: 213.156.28.0/22 maxlen: 24
185.102.68.0/22 maxlen: 22
2a01:4c01::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5a:90:a2:66:8f:82:0c:86:a2:7e:00:79:91:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b872da0f9c6c5686a3db9ee124a99042b0a882d1
Validity
Not Before: Jan 1 18:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aae9ddc2318e49835d0efc9ac740bcd8d6aa38f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c8:5f:94:f7:48:f7:ba:ad:f2:f2:a3:d6:36:
fc:ca:da:6c:3d:a7:94:81:bf:a4:22:cf:d8:5d:60:
4b:1a:02:e5:ce:29:8d:75:86:55:72:1c:16:c7:8f:
a9:19:5e:d1:a0:cf:eb:c2:53:10:12:c5:36:9e:b9:
1e:58:59:b5:70:19:ed:40:d3:a9:bf:e9:61:b5:33:
65:93:6f:75:45:ab:d1:8b:82:9f:8f:57:bf:80:8f:
f1:50:78:e9:56:01:a3:7f:d6:d4:14:a2:54:c8:e1:
15:9f:e3:20:c0:45:1e:98:ab:d9:51:c5:ab:16:6e:
04:41:c2:da:56:92:89:bf:e4:9d:83:60:ff:7f:eb:
0b:44:90:e2:52:37:99:c0:42:e6:88:72:ad:60:12:
b3:78:72:76:6b:c2:fa:b9:e6:1e:8a:61:50:59:08:
e4:d0:38:ea:28:da:cc:4b:97:5d:14:5a:da:26:68:
b7:f2:1d:aa:b6:72:39:8a:f3:b8:ec:57:09:f9:35:
e6:62:84:76:b2:26:0e:fa:e5:e5:c4:91:07:93:68:
20:ab:6e:3b:ff:5f:d0:1b:89:5e:5a:58:32:59:a8:
c8:72:29:2b:26:8f:26:e0:81:fb:7a:5c:ef:d4:3a:
42:ce:1b:98:aa:0c:0f:91:84:2d:a5:22:15:c8:a9:
55:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E9:DD:C2:31:8E:49:83:5D:0E:FC:9A:C7:40:BC:D8:D6:AA:38:F2
X509v3 Authority Key Identifier:
keyid:B8:72:DA:0F:9C:6C:56:86:A3:DB:9E:E1:24:A9:90:42:B0:A8:82:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uHLaD5xsVoaj257hJKmQQrCogtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/qundwjGOSYNdDvyax0C82NaqOPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/2716ec-5657-4f56-8f43-e23103a88052/1/uHLaD5xsVoaj257hJKmQQrCogtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.68.0/22
213.156.28.0/22
IPv6:
2a01:4c01::/32
Signature Algorithm: sha256WithRSAEncryption
60:34:d0:b1:48:5a:82:32:3a:a5:8f:0f:2b:45:86:9c:a2:e0:
35:37:cc:df:90:2f:60:36:aa:10:28:2f:df:24:60:0f:67:b1:
4c:03:6a:d5:6f:2a:05:2d:72:1c:40:31:25:69:45:33:22:f1:
ac:22:9f:41:8b:34:2d:cd:bb:e4:ab:d2:00:eb:5e:3f:95:d5:
e5:ee:93:eb:4d:f6:c7:9e:e6:1f:97:a5:c9:74:09:ab:16:36:
dc:be:9e:1c:b0:c2:c3:d8:73:82:e2:ef:c0:33:6a:d4:90:ad:
e3:f0:9d:d8:38:44:db:ec:b1:a2:bd:ce:33:b3:87:e8:95:b1:
4d:fc:9d:91:a6:95:96:22:6f:76:91:bd:9b:51:b5:1b:b5:7e:
5f:53:33:ff:bf:65:da:27:94:4e:35:01:ee:d7:d1:81:2b:36:
71:c9:a8:84:19:19:cd:14:0b:3f:11:26:ea:73:cf:93:08:2c:
27:b8:1e:6c:e3:04:7d:2c:d8:74:88:a2:39:b6:4e:e7:1f:01:
3a:0f:5a:aa:55:26:60:94:ac:5e:12:f6:b7:17:23:8e:f4:8b:
a3:38:74:67:66:01:29:cb:88:36:d2:a8:b3:a1:7c:29:58:e4:
50:81:b1:98:e9:69:3f:86:4c:08:05:6a:9b:6c:a9:4f:b0:6b:
38:d3:7f:f1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGS1qQomaPggyGon4AeZFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NzJkYTBmOWM2YzU2ODZhM2RiOWVlMTI0YTk5MDQyYjBh
ODgyZDEwHhcNMjQwMTAxMTgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWU5ZGRjMjMxOGU0OTgzNWQwZWZjOWFjNzQwYmNkOGQ2YWEzOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAishflPdI97qt8vKj1jb8ytpsPaeU
gb+kIs/YXWBLGgLlzimNdYZVchwWx4+pGV7RoM/rwlMQEsU2nrkeWFm1cBntQNOp
v+lhtTNlk291RavRi4Kfj1e/gI/xUHjpVgGjf9bUFKJUyOEVn+MgwEUemKvZUcWr
Fm4EQcLaVpKJv+Sdg2D/f+sLRJDiUjeZwELmiHKtYBKzeHJ2a8L6ueYeimFQWQjk
0DjqKNrMS5ddFFraJmi38h2qtnI5ivO47FcJ+TXmYoR2siYO+uXlxJEHk2ggq247
/1/QG4leWlgyWajIcikrJo8m4IH7elzv1DpCzhuYqgwPkYQtpSIVyKlVPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKrp3cIxjkmDXQ78msdAvNjWqjjyMB8GA1UdIwQY
MBaAFLhy2g+cbFaGo9ue4SSpkEKwqILRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUhMYUQ1eHNWb2FqMjU3aEpLbVFRckNvZ3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8yNzE2ZWMtNTY1Ny00ZjU2LThmNDMt
ZTIzMTAzYTg4MDUyLzEvcXVuZHdqR09TWU5kRHZ5YXgwQzgyTmFxT1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8yNzE2ZWMtNTY1Ny00ZjU2LThmNDMtZTIzMTAzYTg4MDUy
LzEvdUhMYUQ1eHNWb2FqMjU3aEpLbVFRckNvZ3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWZEAwQC
1ZwcMA0EAgACMAcDBQAqAUwBMA0GCSqGSIb3DQEBCwUAA4IBAQBgNNCxSFqCMjql
jw8rRYacouA1N8zfkC9gNqoQKC/fJGAPZ7FMA2rVbyoFLXIcQDElaUUzIvGsIp9B
izQtzbvkq9IA614/ldXl7pPrTfbHnuYfl6XJdAmrFjbcvp4csMLD2HOC4u/AM2rU
kK3j8J3YOETb7LGivc4zs4folbFN/J2RppWWIm92kb2bUbUbtX5fUzP/v2XaJ5RO
NQHu19GBKzZxyaiEGRnNFAs/ESbqc8+TCCwnuB5s4wR9LNh0iKI5tk7nHwE6D1qq
VSZglKxeEva3FyOO9IujOHRnZgEpy4g20qizoXwpWORQgbGY6Wk/hkwIBWqbbKlP
sGs403/x
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:04 2025 by rpki-client