Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/QgSxMtmpCqzDvvscGMQzLRRkiU8.roa
File: QgSxMtmpCqzDvvscGMQzLRRkiU8.roa (raw, json)
Hash identifier: CrHP+c3QpdZll4e1isS0usngbvMYnaHDrLCQQ13QBk0=
Subject key identifier: 42:04:B1:32:D9:A9:0A:AC:C3:BE:FB:1C:18:C4:33:2D:14:64:89:4F
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 019425FDE084143981E4D24A47A7FC94F562
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/QgSxMtmpCqzDvvscGMQzLRRkiU8.roa
Signing time: Thu 02 Jan 2025 07:49:42 +0000
ROA not before: Thu 02 Jan 2025 07:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205591
IP address blocks: 185.133.208.0/24 maxlen: 24
2a06:e881:2102::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Mar 2025 16:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e0:84:14:39:81:e4:d2:4a:47:a7:fc:94:f5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 07:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4204b132d9a90aacc3befb1c18c4332d1464894f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:86:24:65:81:8c:d4:f5:be:8c:20:0a:df:bc:
09:ed:a8:ce:e5:56:d8:85:73:6b:ea:3f:ef:2c:70:
16:1a:c9:e7:03:51:40:dc:7f:7a:d2:64:c5:34:a7:
ee:73:e4:35:4a:e0:6d:54:e1:36:c2:eb:63:ea:c3:
a0:39:95:76:d3:f3:16:9a:97:83:5a:28:e2:8f:21:
fc:2c:4e:61:be:a1:6f:12:0e:22:69:53:aa:45:2f:
db:4f:9f:69:75:f6:7a:07:ca:8b:9b:8d:23:9d:26:
01:6f:20:7d:3f:06:4d:60:bd:25:eb:47:b7:82:89:
24:88:b3:3b:ee:6c:3b:7e:8b:28:fe:dd:3b:c6:15:
1e:a9:94:98:63:17:3d:03:fd:d0:7e:b4:a4:63:0f:
ca:30:66:09:fb:07:ed:bb:43:ab:4f:bd:60:82:21:
7e:bc:d1:a6:e1:01:89:81:50:5c:c6:c7:3e:08:71:
1a:74:05:41:96:0d:0c:cd:f0:56:23:f1:91:2f:bb:
b2:21:03:84:53:6f:e4:9d:d9:40:03:7a:48:88:51:
e1:66:41:e0:ef:19:61:a1:86:e3:42:f9:ee:97:4a:
45:eb:c8:3f:24:9e:b6:cd:a6:5b:e2:40:f3:79:f3:
eb:80:b5:d4:f0:1e:6f:58:62:68:81:8f:78:9a:57:
26:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:04:B1:32:D9:A9:0A:AC:C3:BE:FB:1C:18:C4:33:2D:14:64:89:4F
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/QgSxMtmpCqzDvvscGMQzLRRkiU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.208.0/24
IPv6:
2a06:e881:2102::/48
Signature Algorithm: sha256WithRSAEncryption
60:b9:a0:f0:a6:64:44:38:f2:4d:cb:65:0b:bf:3b:63:ed:3d:
42:06:c2:65:bb:22:43:89:9e:19:de:d7:e0:75:6a:1b:7a:af:
ac:85:0e:26:0b:07:0c:64:05:d0:fa:5b:db:d2:76:50:8c:fe:
18:e4:34:02:03:f7:43:a3:c2:ed:b2:6e:6a:fb:07:e6:6b:5c:
98:2a:c8:74:61:b3:4e:25:95:e9:ac:91:64:d6:a3:5e:54:73:
82:c5:0e:aa:91:7a:32:f6:1a:c5:90:bb:af:76:92:f7:8a:ca:
5e:a6:c9:75:36:e1:4e:00:63:96:29:17:5f:57:55:4a:f9:a4:
51:0c:ba:0f:7f:91:62:e9:62:86:78:b4:95:8f:a1:95:54:76:
2f:63:41:a8:59:a0:ab:5b:c6:59:26:63:5e:a2:b5:3f:b7:a9:
8d:8c:24:c5:f6:f0:60:7d:75:06:57:45:d7:5c:ee:da:ca:dc:
d9:62:74:a7:d2:27:00:f3:05:51:9d:2e:e3:f6:0f:7d:0f:71:
98:78:98:28:ba:0d:d4:bf:5e:05:a0:ef:1f:18:79:99:71:e4:
bf:3d:6c:6e:cb:c8:97:03:8c:a6:b0:29:cb:53:f7:00:4b:05:
7c:77:a9:85:6e:bf:5b:53:da:fa:28:0c:96:7c:a9:bb:6a:4d:
b5:c2:79:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQl/eCEFDmB5NJKR6f8lPViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwMTAyMDc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA0YjEzMmQ5YTkwYWFjYzNiZWZiMWMxOGM0MzMyZDE0NjQ4OTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYYkZYGM1PW+jCAK37wJ7ajO5VbY
hXNr6j/vLHAWGsnnA1FA3H960mTFNKfuc+Q1SuBtVOE2wutj6sOgOZV20/MWmpeD
WijijyH8LE5hvqFvEg4iaVOqRS/bT59pdfZ6B8qLm40jnSYBbyB9PwZNYL0l60e3
gokkiLM77mw7foso/t07xhUeqZSYYxc9A/3QfrSkYw/KMGYJ+wftu0OrT71ggiF+
vNGm4QGJgVBcxsc+CHEadAVBlg0MzfBWI/GRL7uyIQOEU2/kndlAA3pIiFHhZkHg
7xlhoYbjQvnul0pF68g/JJ62zaZb4kDzefPrgLXU8B5vWGJogY94mlcmFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEIEsTLZqQqsw777HBjEMy0UZIlPMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvUWdTeE10bXBDcXpEdnZzY0dNUXpMUlJraVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYXQMA8E
AgACMAkDBwAqBuiBIQIwDQYJKoZIhvcNAQELBQADggEBAGC5oPCmZEQ48k3LZQu/
O2PtPUIGwmW7IkOJnhne1+B1aht6r6yFDiYLBwxkBdD6W9vSdlCM/hjkNAID90Oj
wu2ybmr7B+ZrXJgqyHRhs04llemskWTWo15Uc4LFDqqRejL2GsWQu692kveKyl6m
yXU24U4AY5YpF19XVUr5pFEMug9/kWLpYoZ4tJWPoZVUdi9jQahZoKtbxlkmY16i
tT+3qY2MJMX28GB9dQZXRddc7trK3NlidKfSJwDzBVGdLuP2D30PcZh4mCi6DdS/
XgWg7x8YeZlx5L89bG7LyJcDjKawKctT9wBLBXx3qYVuv1tT2vooDJZ8qbtqTbXC
eTw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:37:48 2025 by rpki-client