Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Q1WD1lWmRiHx0EpFuVH-FnL-ysI.roa
File: Q1WD1lWmRiHx0EpFuVH-FnL-ysI.roa (raw, json)
Hash identifier: egmqN6jIod6fkXKVxu+ngTQOMZrEsXI0H1gOZVB5ET4=
Subject key identifier: 43:55:83:D6:55:A6:46:21:F1:D0:4A:45:B9:51:FE:16:72:FE:CA:C2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190EABF02BB922887B02237D345CD8DBC5A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Q1WD1lWmRiHx0EpFuVH-FnL-ysI.roa
Signing time: Thu 25 Jul 2024 16:35:04 +0000
ROA not before: Thu 25 Jul 2024 16:35:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10103
IP address blocks: 194.105.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 28 Jul 2024 17:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ea:bf:02:bb:92:28:87:b0:22:37:d3:45:cd:8d:bc:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 25 16:35:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=435583d655a64621f1d04a45b951fe1672fecac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0a:11:0b:7e:0c:84:9d:b6:e1:2f:9e:56:cb:
e5:f2:bc:8a:70:76:b8:ee:a7:c3:9f:0a:e9:bf:df:
56:b5:85:60:20:2e:28:e1:72:aa:b5:ba:de:c1:8f:
3b:f7:92:f6:0f:1d:7e:8a:60:5b:73:ee:03:cf:ba:
25:de:8c:d8:9c:ff:6d:b8:da:f4:be:9b:49:09:a2:
2f:ec:e4:6b:23:35:16:94:3e:59:0d:24:7e:76:bb:
8f:c0:bd:54:e0:bb:6a:73:5d:fa:bb:85:5f:9d:bc:
51:d4:d1:bb:b0:3b:0d:d9:74:11:59:c8:74:82:e9:
9f:fb:f2:39:6b:c8:6b:c3:b3:23:ec:3e:b1:2d:ad:
6f:dd:ca:af:27:23:6c:00:d5:43:8f:02:f9:ba:aa:
e2:24:6f:93:0b:c5:25:b2:0c:f3:d2:ec:a7:15:b3:
7d:b5:b7:d3:08:f6:bd:16:23:dc:af:7b:79:45:95:
7f:3b:df:cb:cb:c0:92:aa:99:c1:fa:95:52:c9:31:
6e:48:f2:3b:ba:4c:21:ef:05:63:39:07:5f:0f:6d:
cd:c4:bf:c0:38:98:4a:93:8e:19:5e:65:74:da:8b:
01:37:31:22:9e:85:a5:60:e7:cf:73:b2:5f:bc:44:
ee:38:3e:d3:69:f8:ea:28:a3:21:29:42:23:7e:fd:
37:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:55:83:D6:55:A6:46:21:F1:D0:4A:45:B9:51:FE:16:72:FE:CA:C2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Q1WD1lWmRiHx0EpFuVH-FnL-ysI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.105.76.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:87:9e:52:1b:b8:10:cc:52:d9:e3:d8:c6:98:5e:a3:c9:16:
a1:ec:ac:c7:e5:04:ac:d7:f9:87:31:fb:3f:b3:7f:a6:2f:ca:
78:99:05:bb:d5:a5:69:71:57:1d:22:66:2a:17:bb:94:89:e6:
8c:7e:b0:f7:f5:b0:ca:9c:0e:14:ba:64:b2:85:b0:10:ab:1f:
25:93:7b:19:a5:96:6c:8e:eb:02:d8:ff:8d:a2:17:80:0e:4b:
f7:69:12:b3:74:ee:1f:32:1c:6f:40:f1:94:63:a6:81:e8:39:
c3:44:d1:d1:6a:34:6f:a0:93:50:57:41:30:2e:f4:5b:72:27:
a0:b9:13:22:78:05:3d:e8:59:a1:8e:48:7b:70:f7:bc:3d:15:
f3:42:c7:0d:68:19:6d:18:46:a2:7e:e9:2e:2f:d5:91:6d:53:
79:6d:a0:eb:5f:49:11:14:3a:e2:c0:41:3c:46:1c:a2:51:44:
05:05:4e:8f:d7:06:12:af:23:6f:9d:b6:9d:ad:e5:d5:d2:b3:
f8:53:60:cb:dc:8e:ad:36:c1:87:54:fa:7b:35:1b:38:80:4e:
10:34:9f:2c:8f:7d:a4:42:73:e9:53:6f:94:9b:62:d5:44:8f:
35:62:b0:82:96:ca:44:50:17:b3:b6:73:57:df:bc:22:72:84:
20:fd:dd:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDqvwK7kiiHsCI300XNjbxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzI1MTYzNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzU1ODNkNjU1YTY0NjIxZjFkMDRhNDViOTUxZmUxNjcyZmVjYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgoRC34MhJ224S+eVsvl8ryKcHa4
7qfDnwrpv99WtYVgIC4o4XKqtbrewY8795L2Dx1+imBbc+4Dz7ol3ozYnP9tuNr0
vptJCaIv7ORrIzUWlD5ZDSR+druPwL1U4Ltqc136u4VfnbxR1NG7sDsN2XQRWch0
gumf+/I5a8hrw7Mj7D6xLa1v3cqvJyNsANVDjwL5uqriJG+TC8Ulsgzz0uynFbN9
tbfTCPa9FiPcr3t5RZV/O9/Ly8CSqpnB+pVSyTFuSPI7ukwh7wVjOQdfD23NxL/A
OJhKk44ZXmV02osBNzEinoWlYOfPc7JfvETuOD7TafjqKKMhKUIjfv03WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFENVg9ZVpkYh8dBKRblR/hZy/srCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUTFXRDFsV21SaUh4MEVwRnVWSC1GbkwteXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwmlMMA0G
CSqGSIb3DQEBCwUAA4IBAQBuh55SG7gQzFLZ49jGmF6jyRah7KzH5QSs1/mHMfs/
s3+mL8p4mQW71aVpcVcdImYqF7uUieaMfrD39bDKnA4UumSyhbAQqx8lk3sZpZZs
jusC2P+NoheADkv3aRKzdO4fMhxvQPGUY6aB6DnDRNHRajRvoJNQV0EwLvRbcieg
uRMieAU96Fmhjkh7cPe8PRXzQscNaBltGEaifukuL9WRbVN5baDrX0kRFDriwEE8
RhyiUUQFBU6P1wYSryNvnbadreXV0rP4U2DL3I6tNsGHVPp7NRs4gE4QNJ8sj32k
QnPpU2+Um2LVRI81YrCClspEUBeztnNX37wicoQg/d3a
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:04 2025 by rpki-client