Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/cQzV18BJVNOsGQg6NM_rfO5tTgo.roa
File: cQzV18BJVNOsGQg6NM_rfO5tTgo.roa (raw, json)
Hash identifier: k/gZB7VdkxxVucTRiR2T5OhIO3AFSIoFmB1+gruiZVQ=
Subject key identifier: 71:0C:D5:D7:C0:49:54:D3:AC:19:08:3A:34:CF:EB:7C:EE:6D:4E:0A
Certificate issuer: /CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Certificate serial: 018CC9BBA73A071EC972A9D42056C5080995
Authority key identifier: CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/cQzV18BJVNOsGQg6NM_rfO5tTgo.roa
Signing time: Tue 02 Jan 2024 10:32:47 +0000
ROA not before: Tue 02 Jan 2024 10:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43116
IP address blocks: 213.144.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:a7:3a:07:1e:c9:72:a9:d4:20:56:c5:08:09:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca96218c20efd8fe53fca9990b725dd7963c885c
Validity
Not Before: Jan 2 10:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=710cd5d7c04954d3ac19083a34cfeb7cee6d4e0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:34:bf:12:31:fd:c3:03:1d:32:1c:83:60:02:
71:7f:e8:7a:98:37:8f:90:84:f7:9b:d3:da:f4:8c:
e6:4c:87:86:dc:8c:13:bc:04:4e:05:bd:62:74:57:
ec:0c:cb:c3:18:98:42:38:36:96:e6:1a:b8:15:5e:
08:c4:9a:d8:e9:0f:c4:57:a5:9e:1a:bf:4c:dc:ee:
31:2b:26:6b:51:a6:b2:69:1b:62:21:92:4b:72:ac:
c7:cc:cc:19:b3:83:69:1a:cb:46:01:f0:aa:41:36:
80:00:2a:58:28:97:16:98:6a:8a:5e:c3:e8:d5:33:
bb:90:5f:29:af:b1:0c:af:8c:63:aa:7b:8c:4d:7a:
76:b3:f1:d1:ad:10:29:17:be:21:d7:e9:e5:9d:77:
1b:ce:bf:97:e3:02:38:a1:af:63:22:12:72:d0:ca:
9b:1b:14:bb:40:65:b7:8d:f1:d7:e7:ed:5b:e1:17:
66:ae:e9:77:c1:70:a2:70:00:6a:21:86:b6:b0:6f:
d4:46:e4:3c:3f:f2:46:bd:d8:1d:b8:75:eb:50:16:
cc:1e:d1:32:57:1f:6e:3a:ab:aa:24:eb:f4:97:c7:
c1:0c:bd:6f:8e:05:3c:83:86:09:cf:f0:80:3c:78:
40:91:1c:e2:cf:97:62:6a:fa:29:20:32:fd:49:43:
8c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0C:D5:D7:C0:49:54:D3:AC:19:08:3A:34:CF:EB:7C:EE:6D:4E:0A
X509v3 Authority Key Identifier:
keyid:CA:96:21:8C:20:EF:D8:FE:53:FC:A9:99:0B:72:5D:D7:96:3C:88:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/cQzV18BJVNOsGQg6NM_rfO5tTgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/9755d5-7f0b-427f-afe0-d712d4738046/1/ypYhjCDv2P5T_KmZC3Jd15Y8iFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.144.102.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:c4:99:9b:ad:5b:9c:57:18:f6:11:91:08:f1:7b:5b:da:6f:
45:28:a7:9f:21:63:13:d3:ed:5c:aa:78:8f:af:10:35:f2:0b:
a8:d2:16:41:a0:5b:6e:c4:cd:40:fd:d1:5b:73:3e:74:51:27:
f8:c3:dc:1e:2a:d0:13:29:f5:cc:8e:c6:4f:14:ff:b4:f6:34:
1a:54:e1:68:f1:7e:dc:25:b4:29:16:07:d9:c0:fb:24:5b:00:
b7:f8:74:19:a3:dc:ba:1f:8e:ea:11:11:1e:85:7e:e0:f0:09:
64:a0:e2:7c:ed:0a:bf:e7:89:11:02:10:3d:67:b3:10:df:90:
a9:65:d4:04:9b:19:7f:e5:86:67:0c:ce:20:2c:d6:03:23:13:
14:fd:09:07:f4:58:c6:78:f8:b5:49:b3:13:2b:c5:8a:02:46:
93:98:2d:97:91:46:02:c6:e7:5c:1e:29:ae:e7:5c:04:72:8f:
a9:1c:1e:b1:aa:d0:c7:6e:1e:56:b5:cd:0f:92:30:62:21:6b:
65:8d:c8:42:8e:19:b0:9e:c8:d9:61:3c:7d:97:a4:7e:7b:4b:
ac:c9:ac:73:54:61:51:86:f0:fe:70:07:55:2d:d3:50:db:1c:
ac:34:e5:1a:0b:8f:7c:28:75:30:02:49:c2:b8:a4:b8:60:dd:
82:2f:b9:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu6c6Bx7JcqnUIFbFCAmVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTYyMThjMjBlZmQ4ZmU1M2ZjYTk5OTBiNzI1ZGQ3OTYz
Yzg4NWMwHhcNMjQwMTAyMTAzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTBjZDVkN2MwNDk1NGQzYWMxOTA4M2EzNGNmZWI3Y2VlNmQ0ZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jS/EjH9wwMdMhyDYAJxf+h6mDeP
kIT3m9Pa9IzmTIeG3IwTvAROBb1idFfsDMvDGJhCODaW5hq4FV4IxJrY6Q/EV6We
Gr9M3O4xKyZrUaayaRtiIZJLcqzHzMwZs4NpGstGAfCqQTaAACpYKJcWmGqKXsPo
1TO7kF8pr7EMr4xjqnuMTXp2s/HRrRApF74h1+nlnXcbzr+X4wI4oa9jIhJy0Mqb
GxS7QGW3jfHX5+1b4Rdmrul3wXCicABqIYa2sG/URuQ8P/JGvdgduHXrUBbMHtEy
Vx9uOquqJOv0l8fBDL1vjgU8g4YJz/CAPHhAkRziz5diavopIDL9SUOMBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHEM1dfASVTTrBkIOjTP63zubU4KMB8GA1UdIwQY
MBaAFMqWIYwg79j+U/ypmQtyXdeWPIhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAt
ZDcxMmQ0NzM4MDQ2LzEvY1F6VjE4QkpWTk9zR1FnNk5NX3JmTzV0VGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NzU1ZDUtN2YwYi00MjdmLWFmZTAtZDcxMmQ0NzM4MDQ2
LzEveXBZaGpDRHYyUDVUX0ttWkMzSmQxNVk4aUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZBmMA0G
CSqGSIb3DQEBCwUAA4IBAQA7xJmbrVucVxj2EZEI8Xtb2m9FKKefIWMT0+1cqniP
rxA18guo0hZBoFtuxM1A/dFbcz50USf4w9weKtATKfXMjsZPFP+09jQaVOFo8X7c
JbQpFgfZwPskWwC3+HQZo9y6H47qEREehX7g8AlkoOJ87Qq/54kRAhA9Z7MQ35Cp
ZdQEmxl/5YZnDM4gLNYDIxMU/QkH9FjGePi1SbMTK8WKAkaTmC2XkUYCxudcHimu
51wEco+pHB6xqtDHbh5Wtc0PkjBiIWtljchCjhmwnsjZYTx9l6R+e0usyaxzVGFR
hvD+cAdVLdNQ2xysNOUaC498KHUwAknCuKS4YN2CL7lB
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:42:44 2025 by rpki-client