Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QTCZgtAj0QzTDJvn2Pi0p7v3hl0.roa
File: QTCZgtAj0QzTDJvn2Pi0p7v3hl0.roa (raw, json)
Hash identifier: 4CvzkAmehpsVIyVOyWikLpfl94VbmVrwIpLaM6W3Kqo=
Subject key identifier: 41:30:99:82:D0:23:D1:0C:D3:0C:9B:E7:D8:F8:B4:A7:BB:F7:86:5D
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 0193A74A92676ECD2BC480B91B6BF18AF8C8
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QTCZgtAj0QzTDJvn2Pi0p7v3hl0.roa
Signing time: Sun 08 Dec 2024 17:21:42 +0000
ROA not before: Sun 08 Dec 2024 17:21:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214083
IP address blocks: 217.147.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a7:4a:92:67:6e:cd:2b:c4:80:b9:1b:6b:f1:8a:f8:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Dec 8 17:21:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41309982d023d10cd30c9be7d8f8b4a7bbf7865d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f0:6c:76:5b:3c:43:33:a8:2c:cd:53:71:55:
e8:8d:3d:4b:6c:b5:c0:06:e9:b7:14:23:1c:33:84:
25:32:bc:3a:45:93:e5:7f:35:f0:a2:c3:f9:a5:47:
5f:80:26:12:47:40:16:17:b5:e1:78:bc:c5:5e:78:
10:8f:cc:7f:e0:fe:ac:a0:89:20:5e:17:43:69:83:
58:14:38:91:48:37:ba:bd:ba:5e:af:46:b1:8b:90:
b9:8c:31:3b:85:a2:b6:ff:3b:6d:43:35:a0:47:94:
ca:0c:32:0b:44:f3:82:a9:6a:bc:99:c3:75:fb:f7:
d6:0f:c4:e8:7a:86:33:c5:f5:6e:aa:44:0a:79:f4:
c7:8b:e8:a0:b5:dd:30:8a:67:3c:c8:9a:0f:86:b9:
ac:3f:a8:6c:86:30:07:7c:7e:c9:84:58:e2:10:ea:
85:45:38:b5:e5:c6:45:0b:31:f0:86:7c:05:6a:0c:
fa:c3:7d:97:be:fc:b9:64:38:44:c7:37:bc:41:a4:
22:2f:10:eb:10:b5:d9:f4:02:65:8f:92:39:7e:e1:
7d:95:96:82:8d:cf:24:9b:a5:06:91:64:ca:f3:4a:
73:6d:56:b9:5b:d9:ac:1c:27:fd:b4:05:08:56:cd:
7c:f1:8f:ea:46:88:c1:a7:af:b5:62:4e:67:21:35:
9f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:30:99:82:D0:23:D1:0C:D3:0C:9B:E7:D8:F8:B4:A7:BB:F7:86:5D
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QTCZgtAj0QzTDJvn2Pi0p7v3hl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.168.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:07:8e:fc:a5:20:6c:a9:91:ba:b0:84:f9:db:fc:2d:6e:89:
43:b9:09:76:16:f5:d5:a1:41:ab:99:1a:09:64:1d:0c:85:26:
70:e1:ea:01:36:b1:a7:9f:7f:fc:c5:31:25:d6:88:0b:d1:a2:
01:b3:c4:ea:79:76:66:6d:47:e7:34:1a:6a:c6:32:b5:1a:b9:
b5:06:0e:98:d5:c0:36:c0:8d:e4:7d:11:17:76:da:9e:25:d6:
43:a1:f4:e0:e2:70:e9:e8:65:66:b0:0b:fe:4d:69:ad:98:c3:
8a:af:16:c3:ba:b4:1f:45:f1:39:e0:5d:29:f4:84:8a:d3:58:
92:4b:8c:cd:4d:99:16:ce:a8:4f:1d:d3:8c:a8:f6:42:89:ea:
e4:d7:c4:2a:85:e1:76:7a:3e:17:8d:0f:17:19:4b:1c:77:6d:
71:cc:f9:4a:11:07:94:fd:17:77:e5:d9:4e:54:43:b5:7e:2c:
6d:a4:67:86:79:c5:88:9e:95:ff:eb:69:44:26:ce:94:7d:a2:
53:cf:21:f3:75:51:d2:fb:7f:7c:65:f5:42:3e:c4:cd:6c:de:
44:92:1d:85:46:ac:5d:9c:b3:43:ad:9a:23:0f:db:81:ea:d6:
5e:66:76:c5:90:b7:21:09:6d:48:e1:69:6f:2c:0c:6f:91:ed:
92:eb:ed:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOnSpJnbs0rxIC5G2vxivjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjQxMjA4MTcyMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTMwOTk4MmQwMjNkMTBjZDMwYzliZTdkOGY4YjRhN2JiZjc4NjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/Bsdls8QzOoLM1TcVXojT1LbLXA
Bum3FCMcM4QlMrw6RZPlfzXwosP5pUdfgCYSR0AWF7XheLzFXngQj8x/4P6soIkg
XhdDaYNYFDiRSDe6vbper0axi5C5jDE7haK2/zttQzWgR5TKDDILRPOCqWq8mcN1
+/fWD8ToeoYzxfVuqkQKefTHi+igtd0wimc8yJoPhrmsP6hshjAHfH7JhFjiEOqF
RTi15cZFCzHwhnwFagz6w32Xvvy5ZDhExze8QaQiLxDrELXZ9AJlj5I5fuF9lZaC
jc8km6UGkWTK80pzbVa5W9msHCf9tAUIVs188Y/qRojBp6+1Yk5nITWfgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEwmYLQI9EM0wyb59j4tKe794ZdMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvUVRDWmd0QWowUXpUREp2bjJQaTBwN3YzaGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOoMA0G
CSqGSIb3DQEBCwUAA4IBAQCkB478pSBsqZG6sIT52/wtbolDuQl2FvXVoUGrmRoJ
ZB0MhSZw4eoBNrGnn3/8xTEl1ogL0aIBs8TqeXZmbUfnNBpqxjK1Grm1Bg6Y1cA2
wI3kfREXdtqeJdZDofTg4nDp6GVmsAv+TWmtmMOKrxbDurQfRfE54F0p9ISK01iS
S4zNTZkWzqhPHdOMqPZCierk18QqheF2ej4XjQ8XGUscd21xzPlKEQeU/Rd35dlO
VEO1fixtpGeGecWInpX/62lEJs6UfaJTzyHzdVHS+398ZfVCPsTNbN5Ekh2FRqxd
nLNDrZojD9uB6tZeZnbFkLchCW1I4WlvLAxvke2S6+0T
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:43 2025 by rpki-client