Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/q9t6fBWJsntzsVu340P3lnhQU-k.roa
File: q9t6fBWJsntzsVu340P3lnhQU-k.roa (raw, json)
Hash identifier: dbexGChLaE24QJESQmwfItzmss/gmLv85N3PJpqMxY8=
Subject key identifier: AB:DB:7A:7C:15:89:B2:7B:73:B1:5B:B7:E3:43:F7:96:78:50:53:E9
Certificate issuer: /CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Certificate serial: 0191DD1DE1ADA5EE1CB415C91A8715B698B5
Authority key identifier: 13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/q9t6fBWJsntzsVu340P3lnhQU-k.roa
Signing time: Tue 10 Sep 2024 18:06:48 +0000
ROA not before: Tue 10 Sep 2024 18:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 194.150.220.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 16:04:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dd:1d:e1:ad:a5:ee:1c:b4:15:c9:1a:87:15:b6:98:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Validity
Not Before: Sep 10 18:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=abdb7a7c1589b27b73b15bb7e343f796785053e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:97:21:9f:95:cf:27:52:2f:4f:06:7d:55:16:
0a:59:9a:ae:a4:28:1f:db:46:44:47:98:83:e1:34:
58:3d:ac:7c:ce:4b:fd:32:03:07:03:10:94:5b:52:
6c:ee:5c:72:11:e1:6c:eb:29:6f:10:21:4b:2b:2c:
98:58:3c:f0:94:0b:ac:7b:31:19:b1:31:f1:d9:4d:
57:00:2f:5e:10:f0:b9:de:64:df:b8:10:d2:65:9b:
a9:7b:56:a2:46:04:bd:0b:25:c2:96:8a:b8:21:62:
81:93:ed:fd:72:94:9f:a3:8a:00:5f:0b:16:ce:63:
a2:6e:d6:fa:bc:52:43:c3:f1:0b:f1:33:a6:bf:c9:
ee:ec:a9:90:d0:9a:13:5b:f0:60:37:69:d2:c1:f5:
a0:cc:60:c2:9d:be:bf:3b:fd:db:94:de:37:b1:fc:
34:cc:f7:45:6d:7b:f2:c2:14:02:e6:34:c6:fe:dc:
bf:89:b8:82:4a:83:d0:23:94:af:64:4f:e3:93:09:
7b:65:10:20:38:fc:45:61:21:66:df:c7:8f:fd:a4:
6c:91:b9:19:0d:64:3e:9b:d6:72:15:36:0f:71:d1:
84:3e:87:b0:95:53:76:c2:70:5b:51:4a:6c:37:6c:
13:fd:58:9b:92:11:56:04:df:4f:30:02:7b:8b:f2:
1b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:DB:7A:7C:15:89:B2:7B:73:B1:5B:B7:E3:43:F7:96:78:50:53:E9
X509v3 Authority Key Identifier:
keyid:13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/q9t6fBWJsntzsVu340P3lnhQU-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.220.0/23
Signature Algorithm: sha256WithRSAEncryption
16:9e:11:44:1e:7b:6a:7a:ae:3f:4c:55:45:39:da:6c:60:19:
4f:ef:99:67:55:d4:0f:1b:6d:34:f8:bc:41:df:1d:c3:82:43:
d4:79:34:6e:3a:9a:a6:dc:51:a5:c6:6d:2e:ed:d1:af:67:6e:
96:62:ac:87:d2:4b:09:01:e3:ec:81:eb:58:8f:8c:8d:1b:01:
df:ee:39:4f:7c:6a:ca:26:2c:61:17:9d:e7:2a:04:e3:6c:8a:
f3:1a:eb:53:04:d6:ef:4d:fd:ab:ac:81:e2:be:18:6f:be:26:
d3:63:19:c2:8e:f9:4e:c1:7f:cc:77:53:be:9a:92:e0:95:3e:
f4:31:da:79:38:10:76:d3:b2:e5:35:40:57:a1:f6:c3:27:d3:
29:0e:76:4a:c3:64:5d:07:60:1a:d7:6c:99:b6:4b:50:9b:b0:
8d:4d:52:f9:0b:17:14:f4:82:b2:11:55:e5:23:ce:d0:80:96:
7d:54:e5:96:57:18:27:57:91:7a:a4:b4:9a:d8:20:2a:8e:e4:
da:ca:1b:5f:84:a9:94:1d:ba:b3:1d:72:08:f9:a7:c0:d5:bb:
b6:48:a4:a9:24:4c:35:e8:ee:9e:67:86:37:6c:d7:19:cb:15:
5d:0b:e2:a0:b4:ef:21:d5:fe:81:17:9b:65:d1:05:e8:9a:80:
5c:cf:aa:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHdHeGtpe4ctBXJGocVtpi1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjZiOTYwYTZmMWYwNDQzOWYwOTE4NmY5ZWNmNTMxYTlj
ZTI2NDgwHhcNMjQwOTEwMTgwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmRiN2E3YzE1ODliMjdiNzNiMTViYjdlMzQzZjc5Njc4NTA1M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Jchn5XPJ1IvTwZ9VRYKWZqupCgf
20ZER5iD4TRYPax8zkv9MgMHAxCUW1Js7lxyEeFs6ylvECFLKyyYWDzwlAusezEZ
sTHx2U1XAC9eEPC53mTfuBDSZZupe1aiRgS9CyXCloq4IWKBk+39cpSfo4oAXwsW
zmOibtb6vFJDw/EL8TOmv8nu7KmQ0JoTW/BgN2nSwfWgzGDCnb6/O/3blN43sfw0
zPdFbXvywhQC5jTG/ty/ibiCSoPQI5SvZE/jkwl7ZRAgOPxFYSFm38eP/aRskbkZ
DWQ+m9ZyFTYPcdGEPoewlVN2wnBbUUpsN2wT/VibkhFWBN9PMAJ7i/IbYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvbenwVibJ7c7Fbt+ND95Z4UFPpMB8GA1UdIwQY
MBaAFBNmuWCm8fBEOfCRhvns9TGpziZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjIt
YTk2NzE1OWY4ODdkLzEvcTl0NmZCV0pzbnR6c1Z1MzQwUDNsbmhRVS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjItYTk2NzE1OWY4ODdk
LzEvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpbcMA0G
CSqGSIb3DQEBCwUAA4IBAQAWnhFEHntqeq4/TFVFOdpsYBlP75lnVdQPG200+LxB
3x3DgkPUeTRuOpqm3FGlxm0u7dGvZ26WYqyH0ksJAePsgetYj4yNGwHf7jlPfGrK
JixhF53nKgTjbIrzGutTBNbvTf2rrIHivhhvvibTYxnCjvlOwX/Md1O+mpLglT70
Mdp5OBB207LlNUBXofbDJ9MpDnZKw2RdB2Aa12yZtktQm7CNTVL5CxcU9IKyEVXl
I87QgJZ9VOWWVxgnV5F6pLSa2CAqjuTayhtfhKmUHbqzHXII+afA1bu2SKSpJEw1
6O6eZ4Y3bNcZyxVdC+KgtO8h1f6BF5tl0QXomoBcz6rL
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:10:22 2025 by rpki-client