Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/QHeHi7U7StFy6OIPaNMZ79CgeiI.roa
File: QHeHi7U7StFy6OIPaNMZ79CgeiI.roa (raw, json)
Hash identifier: bhBEWs8X/djAP31qvQujgWzE2im34liRWOZwVhnxzpU=
Subject key identifier: 40:77:87:8B:B5:3B:4A:D1:72:E8:E2:0F:68:D3:19:EF:D0:A0:7A:22
Certificate issuer: /CN=a5a56ebf01e00349f673019180560c9a31aea871
Certificate serial: 018D75B7CD8D3D9E2815FC0C19B398B01A97
Authority key identifier: A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/QHeHi7U7StFy6OIPaNMZ79CgeiI.roa
Signing time: Sun 04 Feb 2024 20:03:16 +0000
ROA not before: Sun 04 Feb 2024 20:03:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399976
IP address blocks: 194.54.146.0/24 maxlen: 24
2a12:c6c0::/29 maxlen: 64
2a12:c6c0::/32 maxlen: 48
2a12:c6c1::/32 maxlen: 48
2a12:c6c2::/32 maxlen: 48
2a12:c6c2::/36 maxlen: 48
2a12:c6c3::/32 maxlen: 48
2a12:c6c4::/32 maxlen: 48
2a12:c6c5::/32 maxlen: 48
2a12:c6c6::/32 maxlen: 48
2a12:c6c7::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 Feb 2024 18:20:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:75:b7:cd:8d:3d:9e:28:15:fc:0c:19:b3:98:b0:1a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a56ebf01e00349f673019180560c9a31aea871
Validity
Not Before: Feb 4 20:03:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4077878bb53b4ad172e8e20f68d319efd0a07a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5e:93:2c:1f:29:f2:f1:05:75:e4:51:12:ea:
87:03:e9:63:4f:b9:db:bd:54:33:d2:60:81:59:34:
fd:c9:e2:05:6a:ef:be:ec:81:62:b8:f6:a6:78:b1:
13:9b:64:15:eb:b3:e3:70:66:b0:4f:70:b8:97:78:
bf:84:c8:43:7f:66:c8:e5:48:b9:02:c2:88:92:ea:
34:48:a0:bf:8f:13:55:4d:92:31:2a:ad:0f:ee:e3:
26:7d:28:2d:eb:90:99:60:f7:5b:48:c8:9a:c3:bb:
31:a6:58:db:0b:e5:ad:2b:b2:47:7d:09:46:06:5c:
d3:d2:ec:20:e5:97:b9:c7:5b:c1:a5:c1:eb:c5:5c:
d7:16:45:70:6f:d9:59:0c:64:5c:e4:d1:6d:89:47:
54:6f:9e:8b:a1:27:7f:85:2c:ff:56:6a:1c:07:ea:
b7:9b:ae:13:a0:d3:d6:a7:3a:bd:1a:b0:f9:fc:84:
b4:c5:57:41:05:0b:8f:1b:27:2e:61:1c:61:94:8a:
4d:e7:7f:4d:cb:bc:db:d3:80:8e:fe:b3:31:0f:ac:
96:be:6d:79:6c:91:ec:c4:73:b1:b1:17:c2:e7:95:
ed:fd:e3:53:7f:39:9e:ad:77:1d:2b:a0:5f:61:2b:
bc:a0:c1:a2:99:69:b3:7a:73:7c:ae:6b:b8:12:2d:
03:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:77:87:8B:B5:3B:4A:D1:72:E8:E2:0F:68:D3:19:EF:D0:A0:7A:22
X509v3 Authority Key Identifier:
keyid:A5:A5:6E:BF:01:E0:03:49:F6:73:01:91:80:56:0C:9A:31:AE:A8:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paVuvwHgA0n2cwGRgFYMmjGuqHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/QHeHi7U7StFy6OIPaNMZ79CgeiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/554c35-a83c-4329-a08d-2d46d30dacbf/1/paVuvwHgA0n2cwGRgFYMmjGuqHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.146.0/24
IPv6:
2a12:c6c0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:7b:17:44:b4:80:a6:3b:73:95:83:57:2f:7d:f8:df:cc:da:
8b:fd:3a:47:7b:9e:d5:3b:87:51:6c:77:c9:2c:4b:34:bc:83:
44:98:0d:2b:8f:28:be:e8:3b:0a:53:c8:2c:c2:3d:26:fe:a6:
9f:af:00:20:c5:14:96:60:58:1b:d3:7b:aa:03:33:a3:75:31:
94:c7:b0:03:2c:9c:a6:80:2f:2e:05:17:7d:25:8e:e6:40:a6:
46:c2:81:e0:cc:54:e7:91:60:4b:89:3b:90:ed:37:f5:e1:f4:
ef:16:7c:ca:52:f7:2e:df:68:8e:16:27:ca:be:28:c0:f8:ad:
78:b3:87:9f:fa:7a:59:e8:08:59:88:dd:19:b9:cf:5a:31:db:
51:54:e1:66:a9:98:84:f9:5b:c7:c0:1f:f8:d9:fd:0b:c3:e4:
8b:7a:4b:0b:93:c1:bf:d1:0c:76:b6:03:e9:45:41:f8:13:95:
82:00:15:1b:db:a7:d7:b5:88:59:af:49:89:43:15:0a:1b:35:
57:ad:31:6d:79:a0:cd:13:4c:d2:22:1c:92:24:1e:b7:a2:26:
80:22:2e:bf:f0:59:5c:88:ae:23:b3:6b:f7:57:2e:6e:04:52:
30:65:b5:c1:88:7a:69:5d:7e:60:db:b6:4e:57:40:67:0f:5d:
e1:60:da:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY11t82NPZ4oFfwMGbOYsBqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTU2ZWJmMDFlMDAzNDlmNjczMDE5MTgwNTYwYzlhMzFh
ZWE4NzEwHhcNMjQwMjA0MjAwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDc3ODc4YmI1M2I0YWQxNzJlOGUyMGY2OGQzMTllZmQwYTA3YTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl6TLB8p8vEFdeRREuqHA+ljT7nb
vVQz0mCBWTT9yeIFau++7IFiuPameLETm2QV67PjcGawT3C4l3i/hMhDf2bI5Ui5
AsKIkuo0SKC/jxNVTZIxKq0P7uMmfSgt65CZYPdbSMiaw7sxpljbC+WtK7JHfQlG
BlzT0uwg5Ze5x1vBpcHrxVzXFkVwb9lZDGRc5NFtiUdUb56LoSd/hSz/VmocB+q3
m64ToNPWpzq9GrD5/IS0xVdBBQuPGycuYRxhlIpN539Ny7zb04CO/rMxD6yWvm15
bJHsxHOxsRfC55Xt/eNTfzmerXcdK6BfYSu8oMGimWmzenN8rmu4Ei0DHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEB3h4u1O0rRcujiD2jTGe/QoHoiMB8GA1UdIwQY
MBaAFKWlbr8B4ANJ9nMBkYBWDJoxrqhxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQt
MmQ0NmQzMGRhY2JmLzEvUUhlSGk3VTdTdEZ5Nk9JUGFOTVo3OUNnZWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS81NTRjMzUtYTgzYy00MzI5LWEwOGQtMmQ0NmQzMGRhY2Jm
LzEvcGFWdXZ3SGdBMG4yY3dHUmdGWU1takd1cUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwjaSMA0E
AgACMAcDBQMqEsbAMA0GCSqGSIb3DQEBCwUAA4IBAQCMexdEtICmO3OVg1cvffjf
zNqL/TpHe57VO4dRbHfJLEs0vINEmA0rjyi+6DsKU8gswj0m/qafrwAgxRSWYFgb
03uqAzOjdTGUx7ADLJymgC8uBRd9JY7mQKZGwoHgzFTnkWBLiTuQ7Tf14fTvFnzK
Uvcu32iOFifKvijA+K14s4ef+npZ6AhZiN0Zuc9aMdtRVOFmqZiE+VvHwB/42f0L
w+SLeksLk8G/0Qx2tgPpRUH4E5WCABUb26fXtYhZr0mJQxUKGzVXrTFteaDNE0zS
IhySJB63oiaAIi6/8FlciK4js2v3Vy5uBFIwZbXBiHppXX5g27ZOV0BnD13hYNpZ
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:18:32 2025 by rpki-client