Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/3103a1-bc58-444c-8231-43d8a6fd1f45/1/Q4v9Rs_nDiTsniQCyX25IKan_hw.roa
File: Q4v9Rs_nDiTsniQCyX25IKan_hw.roa (raw, json)
Hash identifier: axxarVmcqfhsCNNH/6V4mA7v5d2iLdGaDnTWGafAWHc=
Subject key identifier: 43:8B:FD:46:CF:E7:0E:24:EC:9E:24:02:C9:7D:B9:20:A6:A7:FE:1C
Certificate issuer: /CN=f41ffe7d297ee4e1d4d23335a9ab4a0088c025d7
Certificate serial: 018CC94E0CA22CED5798C358C237F473F01E
Authority key identifier: F4:1F:FE:7D:29:7E:E4:E1:D4:D2:33:35:A9:AB:4A:00:88:C0:25:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9B_-fSl-5OHU0jM1qatKAIjAJdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/3103a1-bc58-444c-8231-43d8a6fd1f45/1/Q4v9Rs_nDiTsniQCyX25IKan_hw.roa
Signing time: Tue 02 Jan 2024 08:33:04 +0000
ROA not before: Tue 02 Jan 2024 08:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41150
IP address blocks: 195.64.191.0/24 maxlen: 24
195.64.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:0c:a2:2c:ed:57:98:c3:58:c2:37:f4:73:f0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f41ffe7d297ee4e1d4d23335a9ab4a0088c025d7
Validity
Not Before: Jan 2 08:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=438bfd46cfe70e24ec9e2402c97db920a6a7fe1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cf:99:24:76:77:1e:54:ea:3f:1f:6f:a1:60:
04:d2:87:96:51:38:7a:b2:3a:51:6f:e8:4a:4a:15:
ed:69:18:1d:6d:72:10:5c:cf:51:a9:b8:33:45:1c:
67:f7:b6:a5:cb:46:49:75:33:c5:81:85:0a:bf:8f:
dd:67:c9:d5:1a:ac:9b:76:2e:6c:a7:e0:e9:03:8c:
07:0e:b5:5b:2a:24:32:5f:0a:3b:ca:56:21:67:32:
dc:11:24:0c:96:35:fe:bb:cc:7b:8a:79:c3:12:08:
cf:62:cb:a2:b7:35:b3:25:43:8b:8d:13:84:19:d1:
a3:6f:83:fc:1d:b4:3d:d0:b0:4e:80:b1:7f:69:3d:
67:b3:75:41:43:60:d5:57:a7:a9:5b:48:d9:ba:2c:
91:89:ff:44:e7:81:40:b9:9a:5a:44:d9:e9:b8:a3:
f1:66:4e:d0:5b:d8:5a:d8:63:d9:94:3a:0f:09:de:
9f:a1:6d:f9:19:64:b4:90:e6:17:7e:61:b1:72:6f:
57:cf:06:44:85:54:99:36:d9:60:2f:69:aa:7f:43:
be:40:8e:8a:82:a1:dc:44:c8:f1:15:4f:97:85:dd:
af:b4:29:b1:c1:04:f7:ba:1e:67:97:59:2f:38:61:
44:14:a2:7f:dd:1b:fa:59:35:40:54:e5:26:34:40:
da:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8B:FD:46:CF:E7:0E:24:EC:9E:24:02:C9:7D:B9:20:A6:A7:FE:1C
X509v3 Authority Key Identifier:
keyid:F4:1F:FE:7D:29:7E:E4:E1:D4:D2:33:35:A9:AB:4A:00:88:C0:25:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9B_-fSl-5OHU0jM1qatKAIjAJdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/3103a1-bc58-444c-8231-43d8a6fd1f45/1/Q4v9Rs_nDiTsniQCyX25IKan_hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/3103a1-bc58-444c-8231-43d8a6fd1f45/1/9B_-fSl-5OHU0jM1qatKAIjAJdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.190.0/23
Signature Algorithm: sha256WithRSAEncryption
39:25:54:fd:9d:b1:46:d8:35:84:79:1e:73:6f:3e:a6:f2:72:
1a:d5:98:f0:e6:0e:92:f0:10:19:44:63:d3:5e:24:f1:71:cc:
b2:10:27:2c:92:d8:60:54:fe:0d:8c:14:aa:a6:43:30:67:f7:
82:8f:91:d6:77:13:88:e4:4a:0f:79:04:1a:64:cb:52:ee:2e:
c2:5a:0e:84:cb:c8:53:1b:71:12:d3:d1:29:48:b5:ae:32:8c:
f6:83:16:3e:41:fb:ba:12:d3:cd:f6:a1:9b:30:ae:bf:30:8d:
a5:78:33:92:04:bc:2b:9e:bb:a9:07:19:56:43:74:54:02:37:
a4:d8:c0:31:e7:3e:48:56:1f:cb:95:83:90:42:1a:83:76:5c:
0b:af:f0:9e:2d:e6:82:58:c4:0a:4a:25:7f:ee:73:f1:01:7a:
4f:eb:dd:32:f3:0d:c0:77:d2:2b:58:0f:9b:c4:bc:b7:2a:cd:
7f:13:c8:84:09:29:56:03:ea:a5:29:d9:67:82:55:92:2d:77:
82:4a:a1:60:37:51:dd:23:a3:2d:46:4e:f8:5b:26:a4:79:f3:
58:2a:43:90:38:b5:27:41:86:fa:ff:af:f4:04:78:fa:b5:a7:
1c:0c:8a:f9:2d:b6:bb:0b:53:79:9d:6a:4d:d0:46:55:8c:b2:
1d:5d:33:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTgyiLO1XmMNYwjf0c/AeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MWZmZTdkMjk3ZWU0ZTFkNGQyMzMzNWE5YWI0YTAwODhj
MDI1ZDcwHhcNMjQwMTAyMDgzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzhiZmQ0NmNmZTcwZTI0ZWM5ZTI0MDJjOTdkYjkyMGE2YTdmZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc+ZJHZ3HlTqPx9voWAE0oeWUTh6
sjpRb+hKShXtaRgdbXIQXM9RqbgzRRxn97aly0ZJdTPFgYUKv4/dZ8nVGqybdi5s
p+DpA4wHDrVbKiQyXwo7ylYhZzLcESQMljX+u8x7innDEgjPYsuitzWzJUOLjROE
GdGjb4P8HbQ90LBOgLF/aT1ns3VBQ2DVV6epW0jZuiyRif9E54FAuZpaRNnpuKPx
Zk7QW9ha2GPZlDoPCd6foW35GWS0kOYXfmGxcm9XzwZEhVSZNtlgL2mqf0O+QI6K
gqHcRMjxFU+Xhd2vtCmxwQT3uh5nl1kvOGFEFKJ/3Rv6WTVAVOUmNEDabwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEOL/UbP5w4k7J4kAsl9uSCmp/4cMB8GA1UdIwQY
MBaAFPQf/n0pfuTh1NIzNamrSgCIwCXXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUJfLWZTbC01T0hVMGpNMXFhdEtBSWpBSmRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8zMTAzYTEtYmM1OC00NDRjLTgyMzEt
NDNkOGE2ZmQxZjQ1LzEvUTR2OVJzX25EaVRzbmlRQ3lYMjVJS2FuX2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8zMTAzYTEtYmM1OC00NDRjLTgyMzEtNDNkOGE2ZmQxZjQ1
LzEvOUJfLWZTbC01T0hVMGpNMXFhdEtBSWpBSmRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0C+MA0G
CSqGSIb3DQEBCwUAA4IBAQA5JVT9nbFG2DWEeR5zbz6m8nIa1Zjw5g6S8BAZRGPT
XiTxccyyECcskthgVP4NjBSqpkMwZ/eCj5HWdxOI5EoPeQQaZMtS7i7CWg6Ey8hT
G3ES09EpSLWuMoz2gxY+Qfu6EtPN9qGbMK6/MI2leDOSBLwrnrupBxlWQ3RUAjek
2MAx5z5IVh/LlYOQQhqDdlwLr/CeLeaCWMQKSiV/7nPxAXpP690y8w3Ad9IrWA+b
xLy3Ks1/E8iECSlWA+qlKdlnglWSLXeCSqFgN1HdI6MtRk74WyakefNYKkOQOLUn
QYb6/6/0BHj6taccDIr5Lba7C1N5nWpN0EZVjLIdXTMd
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:08 2025 by rpki-client