Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/QML8pzL9Iu-fY699i8MX4_vOfog.roa
File: QML8pzL9Iu-fY699i8MX4_vOfog.roa (raw, json)
Hash identifier: Y4Ew0D9xxn+fFK0UC4D/O/SPpLzTfVMCs8gHL8EqCn0=
Subject key identifier: 40:C2:FC:A7:32:FD:22:EF:9F:63:AF:7D:8B:C3:17:E3:FB:CE:7E:88
Certificate issuer: /CN=d9f200e2d38683a7cb1ce5cabbee34c068834a0b
Certificate serial: 018CC86F2A78DD42728D25D5EEB73B4587E2
Authority key identifier: D9:F2:00:E2:D3:86:83:A7:CB:1C:E5:CA:BB:EE:34:C0:68:83:4A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fIA4tOGg6fLHOXKu-40wGiDSgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/QML8pzL9Iu-fY699i8MX4_vOfog.roa
Signing time: Tue 02 Jan 2024 04:29:37 +0000
ROA not before: Tue 02 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.134.240.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:2a:78:dd:42:72:8d:25:d5:ee:b7:3b:45:87:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f200e2d38683a7cb1ce5cabbee34c068834a0b
Validity
Not Before: Jan 2 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40c2fca732fd22ef9f63af7d8bc317e3fbce7e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:db:f4:0d:a1:1a:94:7a:9b:e7:66:9f:7c:5d:
23:57:fa:f3:44:2c:9b:65:00:27:05:d9:b9:02:b6:
f2:02:83:b3:52:32:b6:f9:bf:b5:ae:b7:8b:50:cf:
63:26:13:85:72:d9:b3:5a:b5:d7:83:fb:4b:fc:07:
40:df:30:80:17:1e:db:08:67:6a:d1:7c:f6:f1:91:
d2:b8:c7:12:d1:f3:38:37:37:1a:0b:58:cc:75:42:
a6:8e:c6:47:30:1a:95:4d:26:08:a2:16:19:50:64:
68:e9:c5:81:39:0e:9c:43:c6:9d:18:df:91:e3:0b:
67:ba:63:f5:46:1b:2d:fe:5c:9b:be:a6:71:c0:28:
e2:d9:5e:dc:83:46:f0:bd:14:17:c2:c9:54:fe:47:
8b:c5:6b:2f:2c:1d:2b:f4:b9:bd:92:a2:d2:4b:78:
74:d1:48:90:9a:db:1c:31:72:16:1d:fa:ab:71:48:
e2:b0:90:bf:c2:ec:5c:dd:fd:99:98:54:51:1a:b6:
d6:1c:9e:f7:ce:b8:8d:51:b3:be:93:bd:d1:bc:d2:
36:80:52:4c:09:67:1a:3f:47:d6:e1:24:80:fa:ac:
02:f0:9d:3a:e8:33:5e:82:f6:f7:31:f1:51:38:e9:
c1:c1:82:fa:87:52:52:2a:e8:40:44:eb:62:7e:85:
07:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C2:FC:A7:32:FD:22:EF:9F:63:AF:7D:8B:C3:17:E3:FB:CE:7E:88
X509v3 Authority Key Identifier:
keyid:D9:F2:00:E2:D3:86:83:A7:CB:1C:E5:CA:BB:EE:34:C0:68:83:4A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fIA4tOGg6fLHOXKu-40wGiDSgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/QML8pzL9Iu-fY699i8MX4_vOfog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/2fIA4tOGg6fLHOXKu-40wGiDSgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.240.0/21
Signature Algorithm: sha256WithRSAEncryption
71:72:1a:5a:67:22:3a:cc:26:61:94:67:d7:4e:56:8f:d5:b2:
10:6c:f6:27:63:b6:7b:ad:59:cb:69:a5:04:36:72:b2:ac:e9:
ef:a9:79:62:10:cb:32:a1:3d:7f:24:8b:fb:57:12:54:42:15:
59:9b:80:ec:6e:11:3d:a6:19:e4:16:42:55:de:6e:14:bd:08:
cf:91:b4:3c:b9:73:1e:50:01:7a:f1:b2:c9:f6:ea:91:21:3e:
af:fe:db:f0:a5:e8:4d:3a:cf:46:5a:ea:c4:d4:b0:ec:a0:22:
0d:f8:f2:4f:a3:06:eb:0a:a4:40:11:dd:f7:4b:fa:09:ee:0a:
ea:6c:ca:d0:6a:f3:46:47:7d:8b:4d:09:1b:ae:ad:1e:23:01:
ee:13:40:87:77:83:c1:c3:bc:4e:e0:74:ec:d2:ef:47:ae:fa:
7a:25:65:68:56:61:7a:e9:22:e2:96:79:48:f0:b9:87:48:58:
c7:9e:67:b2:58:e6:91:80:3b:fa:f8:0c:52:20:f4:5e:8e:ce:
6c:1e:40:37:6e:b8:f7:8c:2e:4b:fa:f4:e1:a8:eb:9c:fc:14:
1b:f1:06:4a:6b:d3:4a:5e:2b:41:a0:60:de:b6:80:77:c5:e9:
48:7e:56:df:92:20:e2:a0:12:76:49:24:7a:52:1f:e1:2a:f0:
4a:0d:99:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbyp43UJyjSXV7rc7RYfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjIwMGUyZDM4NjgzYTdjYjFjZTVjYWJiZWUzNGMwNjg4
MzRhMGIwHhcNMjQwMTAyMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGMyZmNhNzMyZmQyMmVmOWY2M2FmN2Q4YmMzMTdlM2ZiY2U3ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Nv0DaEalHqb52affF0jV/rzRCyb
ZQAnBdm5ArbyAoOzUjK2+b+1rreLUM9jJhOFctmzWrXXg/tL/AdA3zCAFx7bCGdq
0Xz28ZHSuMcS0fM4NzcaC1jMdUKmjsZHMBqVTSYIohYZUGRo6cWBOQ6cQ8adGN+R
4wtnumP1Rhst/lybvqZxwCji2V7cg0bwvRQXwslU/keLxWsvLB0r9Lm9kqLSS3h0
0UiQmtscMXIWHfqrcUjisJC/wuxc3f2ZmFRRGrbWHJ73zriNUbO+k73RvNI2gFJM
CWcaP0fW4SSA+qwC8J066DNegvb3MfFROOnBwYL6h1JSKuhAROtifoUHbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDC/Kcy/SLvn2OvfYvDF+P7zn6IMB8GA1UdIwQY
MBaAFNnyAOLThoOnyxzlyrvuNMBog0oLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZJQTR0T0dnNmZMSE9YS3UtNDB3R2lEU2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMDdiOTgtYzIyMi00ODM1LTgzODEt
MDljOGZlNzI0Y2Q3LzEvUU1MOHB6TDlJdS1mWTY5OWk4TVg0X3ZPZm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMDdiOTgtYzIyMi00ODM1LTgzODEtMDljOGZlNzI0Y2Q3
LzEvMmZJQTR0T0dnNmZMSE9YS3UtNDB3R2lEU2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwYbwMA0G
CSqGSIb3DQEBCwUAA4IBAQBxchpaZyI6zCZhlGfXTlaP1bIQbPYnY7Z7rVnLaaUE
NnKyrOnvqXliEMsyoT1/JIv7VxJUQhVZm4DsbhE9phnkFkJV3m4UvQjPkbQ8uXMe
UAF68bLJ9uqRIT6v/tvwpehNOs9GWurE1LDsoCIN+PJPowbrCqRAEd33S/oJ7grq
bMrQavNGR32LTQkbrq0eIwHuE0CHd4PBw7xO4HTs0u9Hrvp6JWVoVmF66SLilnlI
8LmHSFjHnmeyWOaRgDv6+AxSIPRejs5sHkA3brj3jC5L+vThqOuc/BQb8QZKa9NK
XitBoGDetoB3xelIflbfkiDioBJ2SSR6Uh/hKvBKDZkJ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:53 2025 by rpki-client