Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/79a64e-069f-499d-a631-8cd42cede220/1/CuqArkSqWCkwcyW8_hB-PT99xYs.roa
File: CuqArkSqWCkwcyW8_hB-PT99xYs.roa (raw, json)
Hash identifier: h81Q3PvcePc8He0B4j5vrju8gwjXnGx6ti4JmqUpoFA=
Subject key identifier: 0A:EA:80:AE:44:AA:58:29:30:73:25:BC:FE:10:7E:3D:3F:7D:C5:8B
Certificate issuer: /CN=1594f00471e248abe394d521e96cba9630d8520e
Certificate serial: 018CC94E55763EB5EC21222AA4011DBE71E5
Authority key identifier: 15:94:F0:04:71:E2:48:AB:E3:94:D5:21:E9:6C:BA:96:30:D8:52:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FZTwBHHiSKvjlNUh6Wy6ljDYUg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/79a64e-069f-499d-a631-8cd42cede220/1/CuqArkSqWCkwcyW8_hB-PT99xYs.roa
Signing time: Tue 02 Jan 2024 08:33:23 +0000
ROA not before: Tue 02 Jan 2024 08:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49619
IP address blocks: 185.252.128.0/22 maxlen: 31
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:55:76:3e:b5:ec:21:22:2a:a4:01:1d:be:71:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1594f00471e248abe394d521e96cba9630d8520e
Validity
Not Before: Jan 2 08:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aea80ae44aa5829307325bcfe107e3d3f7dc58b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:cd:77:db:86:44:f3:a3:9a:5b:0a:15:c3:7f:
96:17:ea:f7:9b:79:28:b9:32:db:77:ca:aa:d6:3a:
0f:ce:d6:1a:35:71:0b:4d:73:5e:52:10:21:67:83:
1e:76:55:0d:98:48:7b:6a:0b:8a:3a:cd:0e:81:7b:
b8:4c:17:f9:b1:90:a2:e0:d0:9f:00:91:d6:c0:e1:
da:fb:fe:d9:bb:67:3b:95:fa:b4:09:1c:52:2d:94:
50:56:bd:9a:f5:ea:6a:88:62:0e:8d:bb:26:38:5d:
fe:be:71:f9:2d:b5:59:0e:ce:c9:10:ec:ae:75:60:
c2:c5:09:6f:a0:c5:7d:1f:79:03:bf:88:9c:6b:32:
0f:8e:53:d5:4f:6d:30:12:58:c3:03:bc:29:5f:07:
54:90:56:7c:07:4c:a7:18:b0:13:99:e9:de:6e:4f:
d2:97:39:ab:66:12:7d:6d:fe:3d:90:2c:ce:5b:c0:
6f:aa:88:4e:93:3a:f6:5e:13:d1:82:85:be:df:52:
e7:2a:de:ed:21:1e:8a:17:47:15:ac:bb:bf:43:dd:
11:f8:ba:b9:56:d5:ce:38:bf:ab:88:1b:97:f0:c1:
6e:fb:6c:bf:81:f5:6c:29:3a:aa:3b:e2:e9:43:2a:
bc:a0:f6:92:df:dd:7b:6e:6a:44:d1:66:89:6c:6b:
43:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EA:80:AE:44:AA:58:29:30:73:25:BC:FE:10:7E:3D:3F:7D:C5:8B
X509v3 Authority Key Identifier:
keyid:15:94:F0:04:71:E2:48:AB:E3:94:D5:21:E9:6C:BA:96:30:D8:52:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FZTwBHHiSKvjlNUh6Wy6ljDYUg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/79a64e-069f-499d-a631-8cd42cede220/1/CuqArkSqWCkwcyW8_hB-PT99xYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/79a64e-069f-499d-a631-8cd42cede220/1/FZTwBHHiSKvjlNUh6Wy6ljDYUg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.128.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:1b:00:6d:ae:e7:ee:09:19:cd:8d:0d:09:80:17:a4:27:8a:
a7:f4:e6:73:9f:3f:5a:05:6d:25:aa:6e:78:77:82:0d:8c:46:
75:42:f7:87:c7:60:22:6e:b1:0c:1a:6c:67:55:32:e4:3e:a2:
ff:60:4a:5f:ca:48:82:88:ca:f6:dd:51:19:af:11:11:ca:de:
8e:8c:03:1f:bd:dc:f5:05:a8:cf:e6:00:19:3f:da:a1:6a:25:
83:bf:ab:e7:45:a3:2b:62:85:49:de:70:b6:a8:ee:f5:7f:c9:
4c:f2:42:ef:e5:57:02:c1:73:22:57:eb:ff:d2:65:c0:83:5c:
d4:db:cc:a1:5e:e6:5f:d6:91:63:8a:53:b7:b1:84:2b:c5:53:
81:2b:1f:20:0d:eb:9d:da:2f:d6:9e:37:da:aa:8a:82:fc:d5:
22:71:26:3e:32:39:df:34:1b:44:58:cb:bb:2f:04:b3:bd:b2:
e6:d1:8d:ab:c2:9f:53:43:f0:20:d8:de:5c:02:e9:84:b7:cf:
e3:d3:9b:bd:c7:8b:85:ae:58:87:a9:8f:d6:4e:34:92:2f:be:
db:6f:1c:25:3d:f5:d8:64:7d:b6:74:48:82:66:1e:fb:a9:a6:
fa:bb:6d:77:a4:7b:cd:89:ba:7e:4a:92:ef:3e:b5:31:d1:12:
a2:0d:37:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTlV2PrXsISIqpAEdvnHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1OTRmMDA0NzFlMjQ4YWJlMzk0ZDUyMWU5NmNiYTk2MzBk
ODUyMGUwHhcNMjQwMTAyMDgzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWVhODBhZTQ0YWE1ODI5MzA3MzI1YmNmZTEwN2UzZDNmN2RjNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA481324ZE86OaWwoVw3+WF+r3m3ko
uTLbd8qq1joPztYaNXELTXNeUhAhZ4MedlUNmEh7aguKOs0OgXu4TBf5sZCi4NCf
AJHWwOHa+/7Zu2c7lfq0CRxSLZRQVr2a9epqiGIOjbsmOF3+vnH5LbVZDs7JEOyu
dWDCxQlvoMV9H3kDv4icazIPjlPVT20wEljDA7wpXwdUkFZ8B0ynGLATmenebk/S
lzmrZhJ9bf49kCzOW8BvqohOkzr2XhPRgoW+31LnKt7tIR6KF0cVrLu/Q90R+Lq5
VtXOOL+riBuX8MFu+2y/gfVsKTqqO+LpQyq8oPaS3917bmpE0WaJbGtDtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArqgK5EqlgpMHMlvP4Qfj0/fcWLMB8GA1UdIwQY
MBaAFBWU8ARx4kir45TVIelsupYw2FIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlpUd0JISGlTS3ZqbE5VaDZXeTZsakRZVWc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi83OWE2NGUtMDY5Zi00OTlkLWE2MzEt
OGNkNDJjZWRlMjIwLzEvQ3VxQXJrU3FXQ2t3Y3lXOF9oQi1QVDk5eFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi83OWE2NGUtMDY5Zi00OTlkLWE2MzEtOGNkNDJjZWRlMjIw
LzEvRlpUd0JISGlTS3ZqbE5VaDZXeTZsakRZVWc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufyAMA0G
CSqGSIb3DQEBCwUAA4IBAQAbGwBtrufuCRnNjQ0JgBekJ4qn9OZznz9aBW0lqm54
d4INjEZ1QveHx2AibrEMGmxnVTLkPqL/YEpfykiCiMr23VEZrxERyt6OjAMfvdz1
BajP5gAZP9qhaiWDv6vnRaMrYoVJ3nC2qO71f8lM8kLv5VcCwXMiV+v/0mXAg1zU
28yhXuZf1pFjilO3sYQrxVOBKx8gDeud2i/WnjfaqoqC/NUicSY+MjnfNBtEWMu7
LwSzvbLm0Y2rwp9TQ/Ag2N5cAumEt8/j05u9x4uFrliHqY/WTjSSL77bbxwlPfXY
ZH22dEiCZh77qab6u213pHvNibp+SpLvPrUx0RKiDTdK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:50 2025 by rpki-client