Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/1-MQbWVsUFN3Hjk1vA9ZBXscLLGI.roa
File: 1-MQbWVsUFN3Hjk1vA9ZBXscLLGI.roa (raw, json)
Hash identifier: KCrqOXagtbpSCEvJOs+83fnv2ED8CBKdCPFxODdyu4I=
Subject key identifier: F8:C4:1B:59:5B:14:14:DD:C7:8E:4D:6F:03:D6:41:5E:C7:0B:2C:62
Certificate issuer: /CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Certificate serial: 018CC94ABEE354907BF3EC7E122F7FB187BC
Authority key identifier: 43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/1-MQbWVsUFN3Hjk1vA9ZBXscLLGI.roa
Signing time: Tue 02 Jan 2024 08:29:28 +0000
ROA not before: Tue 02 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200034
IP address blocks: 185.198.208.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:be:e3:54:90:7b:f3:ec:7e:12:2f:7f:b1:87:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Validity
Not Before: Jan 2 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8c41b595b1414ddc78e4d6f03d6415ec70b2c62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e3:4a:15:07:9c:de:09:2b:31:81:cf:db:f9:
d1:34:94:be:64:0c:5c:ae:a7:89:b9:c8:fe:dd:e1:
62:f9:41:b6:5d:c0:48:ad:03:1e:2c:67:e2:93:ef:
76:cc:e5:38:21:9f:e0:57:6e:11:6b:a4:ed:86:df:
a2:4d:1d:89:1f:a4:f3:c2:45:b5:1e:b9:6d:05:f2:
7f:d0:af:08:cf:37:b6:04:1f:d0:be:3a:9a:f8:55:
ba:0f:8c:55:3e:b8:4d:89:88:fa:f5:fe:2c:b0:d5:
22:f4:ec:7b:1e:12:63:c6:79:c2:bb:83:db:5d:e4:
a6:dc:7b:f4:5f:33:e5:9b:26:51:6c:1c:a0:4e:95:
db:57:27:20:6a:c3:59:60:64:ac:5a:4d:26:d2:8d:
a6:2d:76:b3:cc:90:64:0f:8e:a3:fb:0b:9d:1e:36:
64:e0:e1:3f:70:19:b2:ea:d7:20:c3:af:14:ad:1a:
d3:5f:10:ce:01:e4:34:a7:0b:9b:15:d9:9d:f1:26:
1b:f3:e6:77:41:4c:a4:b6:d2:71:a2:21:ae:a3:f9:
8b:a1:0c:b6:34:44:8e:ae:06:a0:3b:a1:89:e2:50:
f4:02:71:a7:cf:03:c7:2e:50:7a:22:c8:bd:7e:7f:
95:a5:11:f4:6b:d3:2c:58:2c:56:a0:d2:29:2f:8e:
c1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C4:1B:59:5B:14:14:DD:C7:8E:4D:6F:03:D6:41:5E:C7:0B:2C:62
X509v3 Authority Key Identifier:
keyid:43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/1-MQbWVsUFN3Hjk1vA9ZBXscLLGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/Q4T2-m3sztVXioWlHgvWVwHqNOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.208.0/23
Signature Algorithm: sha256WithRSAEncryption
93:e0:b0:4a:03:b8:f5:ba:41:15:f5:89:06:b9:c5:b1:41:20:
3f:7b:29:3c:96:cb:4b:89:eb:0f:82:df:ce:8e:0b:a4:1a:7a:
7b:b3:2a:e6:d6:be:ec:9d:7a:0c:4a:10:82:88:34:cb:ca:27:
ea:46:bd:42:2d:1f:19:e2:93:cf:a3:29:56:43:3b:4d:e0:ba:
08:6b:a9:e2:f2:8a:93:5c:03:5a:46:87:2b:3c:79:09:43:77:
14:98:58:87:2a:41:a9:20:1b:ae:c6:84:b0:2d:92:f8:e6:a1:
4e:a7:6d:b7:2d:26:fa:81:aa:3d:02:b6:0e:1e:c3:86:13:dc:
c0:7b:82:cd:21:b8:05:97:62:bd:0d:58:99:d0:90:b7:01:a7:
40:76:92:57:e9:ec:09:eb:85:3b:a8:3a:8c:86:cd:7b:69:4f:
ce:03:62:bf:50:74:91:03:d0:ac:4a:8f:b1:45:71:c4:48:cb:
43:49:28:8b:83:99:53:cd:52:20:0c:4d:f9:81:99:7f:e3:49:
71:23:29:9b:91:41:e0:40:2b:52:4f:24:03:9c:34:5a:1c:79:
ba:5b:f5:ad:d8:07:1d:b8:eb:50:7a:2e:03:65:ab:f8:5b:4c:
20:7c:af:8a:5e:ef:9e:fa:bc:db:30:35:83:52:98:05:e6:15:
84:0a:38:9f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJSr7jVJB78+x+Ei9/sYe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzODRmNmZhNmRlY2NlZDU1NzhhODVhNTFlMGJkNjU3MDFl
YTM0ZWMwHhcNMjQwMTAyMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGM0MWI1OTViMTQxNGRkYzc4ZTRkNmYwM2Q2NDE1ZWM3MGIyYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguNKFQec3gkrMYHP2/nRNJS+ZAxc
rqeJucj+3eFi+UG2XcBIrQMeLGfik+92zOU4IZ/gV24Ra6Ttht+iTR2JH6TzwkW1
HrltBfJ/0K8Izze2BB/Qvjqa+FW6D4xVPrhNiYj69f4ssNUi9Ox7HhJjxnnCu4Pb
XeSm3Hv0XzPlmyZRbBygTpXbVycgasNZYGSsWk0m0o2mLXazzJBkD46j+wudHjZk
4OE/cBmy6tcgw68UrRrTXxDOAeQ0pwubFdmd8SYb8+Z3QUykttJxoiGuo/mLoQy2
NESOrgagO6GJ4lD0AnGnzwPHLlB6Isi9fn+VpRH0a9MsWCxWoNIpL47BlwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjEG1lbFBTdx45NbwPWQV7HCyxiMB8GA1UdIwQY
MBaAFEOE9vpt7M7VV4qFpR4L1lcB6jTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMt
MWIxM2JkNDU2NmE1LzEvMS1NUWJXVnNVRk4zSGprMXZBOVpCWHNjTExHSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvYjY5OGJkLThkZDItNDBiZS04MmEzLTFiMTNiZDQ1NjZh
NS8xL1E0VDItbTNzenRWWGlvV2xIZ3ZXVndIcU5Pdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnG0DAN
BgkqhkiG9w0BAQsFAAOCAQEAk+CwSgO49bpBFfWJBrnFsUEgP3spPJbLS4nrD4Lf
zo4LpBp6e7Mq5ta+7J16DEoQgog0y8on6ka9Qi0fGeKTz6MpVkM7TeC6CGup4vKK
k1wDWkaHKzx5CUN3FJhYhypBqSAbrsaEsC2S+OahTqdtty0m+oGqPQK2Dh7DhhPc
wHuCzSG4BZdivQ1YmdCQtwGnQHaSV+nsCeuFO6g6jIbNe2lPzgNiv1B0kQPQrEqP
sUVxxEjLQ0koi4OZU81SIAxN+YGZf+NJcSMpm5FB4EArUk8kA5w0Whx5ulv1rdgH
HbjrUHouA2Wr+FtMIHyvil7vnvq82zA1g1KYBeYVhAo4nw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:14:00 2025 by rpki-client