Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/QYJ91Ob9n2WxBD97KkvaRI4bBrU.roa
File: QYJ91Ob9n2WxBD97KkvaRI4bBrU.roa (raw, json)
Hash identifier: ebsBTQsoG8i9TbazUcPHNumpwSdzYtDjnbmM9zu6icc=
Subject key identifier: 41:82:7D:D4:E6:FD:9F:65:B1:04:3F:7B:2A:4B:DA:44:8E:1B:06:B5
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 018F856FC0860976436D84CE30DE0486F2E0
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/QYJ91Ob9n2WxBD97KkvaRI4bBrU.roa
Signing time: Fri 17 May 2024 07:24:04 +0000
ROA not before: Fri 17 May 2024 07:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 5.181.201.0/24 maxlen: 24
185.225.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 16:55:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:6f:c0:86:09:76:43:6d:84:ce:30:de:04:86:f2:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: May 17 07:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41827dd4e6fd9f65b1043f7b2a4bda448e1b06b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:da:7d:18:ca:5b:98:42:25:7d:08:1e:a1:d4:
de:6d:60:e8:4a:3b:19:19:65:f4:82:23:82:ed:8e:
67:11:c9:73:d1:63:4f:71:06:99:ac:89:bf:e7:25:
29:d0:01:70:be:f7:fa:4c:99:ab:0a:c3:38:d1:9d:
0e:ad:f8:44:ab:40:b1:ba:cc:2f:64:33:1b:54:0e:
14:d8:e8:31:59:a0:16:cc:94:b3:09:15:d5:e5:f3:
99:96:d8:70:34:9e:4d:2f:a8:e8:15:b7:52:4c:e9:
9f:4f:c4:d7:87:b7:7b:a0:21:9d:3b:29:fd:8f:59:
46:8d:61:c9:98:0b:b4:4c:ce:a8:ac:fc:dc:1b:e6:
e8:f9:e3:9e:1b:de:7e:bf:71:a2:10:d3:8c:ff:17:
62:10:d1:d8:a0:92:a6:ab:f2:60:98:ce:1c:f9:26:
c4:0d:ab:20:df:cd:0e:17:ae:07:6e:74:f8:f8:6b:
17:af:eb:b3:7b:c2:ac:2f:de:12:ca:65:c7:fe:2d:
1b:7b:c3:3f:ed:1c:d1:31:9b:8f:9c:17:3a:59:83:
3e:16:6a:ea:81:f5:cc:d4:56:12:6a:76:59:ef:73:
8a:9e:f5:9f:40:2f:9b:dd:15:37:07:6d:34:eb:85:
13:b8:45:d6:b8:9c:ed:31:c0:08:82:6e:f8:7f:e9:
9d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:82:7D:D4:E6:FD:9F:65:B1:04:3F:7B:2A:4B:DA:44:8E:1B:06:B5
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/QYJ91Ob9n2WxBD97KkvaRI4bBrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.201.0/24
185.225.206.0/24
Signature Algorithm: sha256WithRSAEncryption
02:b8:0d:96:cf:df:cc:bb:7c:78:68:ad:fb:03:8b:ad:35:6a:
ec:89:e0:ec:0b:a1:f1:ab:59:dc:e6:95:8b:eb:9e:6b:b2:2d:
be:01:42:7e:a3:4b:56:17:eb:f0:8e:ac:2a:b1:72:2a:b8:da:
f6:b3:ea:78:63:72:f0:64:3b:14:ab:da:11:cf:4d:f9:83:83:
ee:b4:c1:f4:d9:46:87:8f:a1:a5:77:af:92:bd:84:6f:80:5f:
ea:21:b0:16:f5:b1:a0:9e:b2:1e:00:d2:ba:a9:36:50:06:84:
15:f5:39:12:3d:54:74:c2:63:f6:6c:0f:d7:91:78:ee:7b:1d:
8d:8f:ce:ca:08:16:0e:af:46:59:24:13:37:50:3c:3c:68:e0:
1c:6c:01:32:d0:6d:59:0c:15:7a:27:4d:84:82:3a:4f:d6:8e:
99:f8:0c:44:c5:ab:7b:ec:e2:97:33:ed:dd:95:cd:7d:e4:5c:
a1:9e:1e:3f:c1:8c:7b:9d:e7:31:d5:30:19:56:a6:2b:ca:26:
5e:22:20:8b:13:f2:6d:e8:d0:10:18:3d:2f:c9:64:4b:c1:36:
b2:1d:52:5d:bd:7f:ef:62:07:7e:e1:6c:42:dc:0e:71:8d:61:
54:d7:d2:ca:16:c9:57:f9:51:bd:20:54:90:66:62:a5:24:05:
a0:08:c8:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+Fb8CGCXZDbYTOMN4EhvLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwNTE3MDcyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTgyN2RkNGU2ZmQ5ZjY1YjEwNDNmN2IyYTRiZGE0NDhlMWIwNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9p9GMpbmEIlfQgeodTebWDoSjsZ
GWX0giOC7Y5nEclz0WNPcQaZrIm/5yUp0AFwvvf6TJmrCsM40Z0OrfhEq0Cxuswv
ZDMbVA4U2OgxWaAWzJSzCRXV5fOZlthwNJ5NL6joFbdSTOmfT8TXh7d7oCGdOyn9
j1lGjWHJmAu0TM6orPzcG+bo+eOeG95+v3GiENOM/xdiENHYoJKmq/JgmM4c+SbE
Dasg380OF64HbnT4+GsXr+uze8KsL94SymXH/i0be8M/7RzRMZuPnBc6WYM+Fmrq
gfXM1FYSanZZ73OKnvWfQC+b3RU3B20064UTuEXWuJztMcAIgm74f+mdpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEGCfdTm/Z9lsQQ/eypL2kSOGwa1MB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvUVlKOTFPYjluMld4QkQ5N0trdmFSSTRiQnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbXJAwQA
ueHOMA0GCSqGSIb3DQEBCwUAA4IBAQACuA2Wz9/Mu3x4aK37A4utNWrsieDsC6Hx
q1nc5pWL655rsi2+AUJ+o0tWF+vwjqwqsXIquNr2s+p4Y3LwZDsUq9oRz035g4Pu
tMH02UaHj6Gld6+SvYRvgF/qIbAW9bGgnrIeANK6qTZQBoQV9TkSPVR0wmP2bA/X
kXjuex2Nj87KCBYOr0ZZJBM3UDw8aOAcbAEy0G1ZDBV6J02EgjpP1o6Z+AxExat7
7OKXM+3dlc195Fyhnh4/wYx7necx1TAZVqYryiZeIiCLE/Jt6NAQGD0vyWRLwTay
HVJdvX/vYgd+4WxC3A5xjWFU19LKFslX+VG9IFSQZmKlJAWgCMhi
-----END CERTIFICATE-----
Generated at Wed May 29 20:13:49 2024 by rpki-client on console-fra.rpki-client.org