Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/qyd-5Rpd4GKjX8cHk8TDcjRakBA.roa
File: qyd-5Rpd4GKjX8cHk8TDcjRakBA.roa (raw, json)
Hash identifier: D84cXW66nK1cNXPaNCPNXpicXn2pJeEDsFABn4yjmVI=
Subject key identifier: AB:27:7E:E5:1A:5D:E0:62:A3:5F:C7:07:93:C4:C3:72:34:5A:90:10
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018CC6B7FB6C9035EA77F3EB59D4F5761AF9
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/qyd-5Rpd4GKjX8cHk8TDcjRakBA.roa
Signing time: Mon 01 Jan 2024 20:29:55 +0000
ROA not before: Mon 01 Jan 2024 20:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47823
IP address blocks: 185.94.196.0/22 maxlen: 24
193.219.101.0/24 maxlen: 24
193.219.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:fb:6c:90:35:ea:77:f3:eb:59:d4:f5:76:1a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Jan 1 20:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab277ee51a5de062a35fc70793c4c372345a9010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a1:94:9d:3c:5f:4c:a6:d1:cf:fb:87:4a:3f:
f3:77:83:4a:55:0e:4b:89:fa:14:78:bd:b7:8f:8f:
cf:a4:2a:9c:80:75:d5:f4:82:cb:b2:79:e6:d1:08:
c1:a7:b2:3c:2c:d9:de:92:dc:5f:21:a9:6c:bd:c6:
ab:f0:98:fe:0f:bc:66:ea:bb:30:1e:67:26:45:d0:
f4:e4:b1:64:b9:78:c0:07:4a:99:fb:c4:79:b2:0b:
88:1f:3a:c1:61:13:b6:41:2b:51:9b:70:b8:87:45:
29:cd:0e:aa:eb:5d:33:f7:84:c9:f0:3e:91:c8:21:
20:38:69:93:fd:13:73:4a:e4:e3:6c:fa:eb:d6:f2:
27:57:6c:fc:6c:37:e1:e3:30:e1:45:10:08:0c:59:
01:9d:ed:0f:8a:cf:bd:99:12:48:a4:03:fc:88:de:
f8:48:00:34:00:ff:52:4b:9b:a3:02:bb:fb:13:0d:
ff:e3:3e:37:5e:4b:57:b9:08:bb:b6:40:f7:4f:22:
eb:ad:b1:8b:81:12:49:b3:e9:3c:3e:48:72:69:ba:
e6:20:f4:e9:0f:94:0c:17:87:70:3c:d7:34:55:80:
cd:11:8b:43:fd:52:5e:02:6c:f5:de:04:af:15:21:
cc:71:f3:f4:75:6e:7d:14:72:27:5b:3f:a2:0b:81:
22:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:27:7E:E5:1A:5D:E0:62:A3:5F:C7:07:93:C4:C3:72:34:5A:90:10
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/qyd-5Rpd4GKjX8cHk8TDcjRakBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.196.0/22
193.219.101.0/24
193.219.121.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:ff:84:cc:bb:79:b4:a3:62:6e:ce:25:e9:8b:56:12:41:a6:
35:f4:b4:58:ef:5e:82:83:7b:0c:e9:18:0b:c9:fc:19:98:1f:
74:47:0c:6e:d9:b6:6c:cd:7e:58:4f:0f:aa:ce:8b:1b:7d:18:
a3:7b:3c:a8:ee:32:98:c0:d7:24:74:08:74:c8:72:1a:8d:15:
5e:6b:4b:52:99:3e:58:70:2c:c7:ea:53:ad:ca:7e:44:97:24:
cc:b7:6b:91:48:a1:e8:92:92:37:1b:8b:70:4b:8c:a0:8c:81:
f8:a9:b6:7c:75:26:66:45:10:4f:3d:18:37:d7:4d:97:5e:93:
38:b7:dc:ea:ef:c0:5b:34:d0:d7:50:da:18:d3:fa:f3:da:1c:
75:b7:d8:4c:96:bf:bd:e0:bf:98:f4:94:cb:80:ec:a6:71:1c:
19:4b:39:32:c3:8c:2e:2c:63:d0:c7:d8:38:d5:3c:1c:24:ec:
27:eb:62:97:00:d3:54:70:65:36:26:1a:c8:fc:ec:39:a2:68:
e7:d1:87:0f:78:ca:c1:45:8d:ea:5e:5f:f9:4c:4d:bd:94:70:
2c:9c:79:fc:ac:3c:68:8e:17:2c:59:f3:29:3b:25:e3:e4:8d:
06:20:fd:cd:0f:3e:eb:fa:f1:2f:4a:6a:c2:66:f8:07:56:f0:
21:ae:5b:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGt/tskDXqd/PrWdT1dhr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjQwMTAxMjAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjI3N2VlNTFhNWRlMDYyYTM1ZmM3MDc5M2M0YzM3MjM0NWE5MDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6GUnTxfTKbRz/uHSj/zd4NKVQ5L
ifoUeL23j4/PpCqcgHXV9ILLsnnm0QjBp7I8LNnektxfIalsvcar8Jj+D7xm6rsw
HmcmRdD05LFkuXjAB0qZ+8R5sguIHzrBYRO2QStRm3C4h0UpzQ6q610z94TJ8D6R
yCEgOGmT/RNzSuTjbPrr1vInV2z8bDfh4zDhRRAIDFkBne0Pis+9mRJIpAP8iN74
SAA0AP9SS5ujArv7Ew3/4z43XktXuQi7tkD3TyLrrbGLgRJJs+k8PkhyabrmIPTp
D5QMF4dwPNc0VYDNEYtD/VJeAmz13gSvFSHMcfP0dW59FHInWz+iC4EipwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKsnfuUaXeBio1/HB5PEw3I0WpAQMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvcXlkLTVScGQ0R0tqWDhjSGs4VERjalJha0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuV7EAwQA
wdtlAwQAwdt5MA0GCSqGSIb3DQEBCwUAA4IBAQCK/4TMu3m0o2JuziXpi1YSQaY1
9LRY716Cg3sM6RgLyfwZmB90Rwxu2bZszX5YTw+qzosbfRijezyo7jKYwNckdAh0
yHIajRVea0tSmT5YcCzH6lOtyn5ElyTMt2uRSKHokpI3G4twS4ygjIH4qbZ8dSZm
RRBPPRg3102XXpM4t9zq78BbNNDXUNoY0/rz2hx1t9hMlr+94L+Y9JTLgOymcRwZ
Szkyw4wuLGPQx9g41TwcJOwn62KXANNUcGU2JhrI/Ow5omjn0YcPeMrBRY3qXl/5
TE29lHAsnHn8rDxojhcsWfMpOyXj5I0GIP3NDz7r+vEvSmrCZvgHVvAhrluC
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:03:42 2025 by rpki-client