Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/5d4004-aac0-4ead-a580-c664b4e86ab5/1/qRMHy5K1i3N0Uq6OGyJ9j0q6ruQ.roa
File: qRMHy5K1i3N0Uq6OGyJ9j0q6ruQ.roa (raw, json)
Hash identifier: +ffuEoU4Z+o9Ti05BqN/1hLwTEDmMpwYOOl5IGZTHqQ=
Subject key identifier: A9:13:07:CB:92:B5:8B:73:74:52:AE:8E:1B:22:7D:8F:4A:BA:AE:E4
Certificate issuer: /CN=fb751302af7b5cd6bef3717b68367e02b617d2dc
Certificate serial: 018CC8DE58F8824E971082A39765F20EE75F
Authority key identifier: FB:75:13:02:AF:7B:5C:D6:BE:F3:71:7B:68:36:7E:02:B6:17:D2:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3UTAq97XNa-83F7aDZ-ArYX0tw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/5d4004-aac0-4ead-a580-c664b4e86ab5/1/qRMHy5K1i3N0Uq6OGyJ9j0q6ruQ.roa
Signing time: Tue 02 Jan 2024 06:31:04 +0000
ROA not before: Tue 02 Jan 2024 06:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211067
IP address blocks: 185.213.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:58:f8:82:4e:97:10:82:a3:97:65:f2:0e:e7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb751302af7b5cd6bef3717b68367e02b617d2dc
Validity
Not Before: Jan 2 06:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a91307cb92b58b737452ae8e1b227d8f4abaaee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e5:3c:3c:19:4c:2b:a9:71:83:c8:ff:6c:4a:
5c:ad:89:32:fc:df:f2:eb:11:a0:4f:f7:34:5e:5e:
a5:3c:b7:5e:12:5d:dd:72:f8:83:e7:ac:a2:cb:74:
69:f0:ee:03:8b:3d:db:b4:9b:04:3c:9c:d6:76:6a:
ed:ed:c2:a4:6a:21:5b:cb:ca:d4:58:bf:42:bd:32:
35:8e:af:82:9c:b5:7d:65:de:36:73:27:17:23:73:
88:8b:ac:a9:dc:46:5a:2b:ad:08:c4:f3:56:72:96:
2c:b7:09:36:96:89:ca:0b:94:de:98:d5:d5:68:95:
cd:dc:9b:32:e7:20:46:b6:d2:2d:61:52:e7:04:d8:
b0:24:fa:91:4b:41:28:88:78:40:67:ce:54:94:80:
60:5a:35:ac:5c:79:bf:0e:c6:02:92:39:d0:d9:20:
02:50:9d:ba:3f:7c:f5:5b:f4:70:7f:a6:e6:bc:9b:
a6:f7:c8:2f:d4:09:88:9a:54:9a:b8:77:b8:7a:51:
a5:36:dc:03:66:25:4c:8c:b7:b8:fc:51:48:06:31:
46:27:14:e7:31:09:d6:3c:49:53:10:1a:35:db:46:
41:30:f8:4e:df:86:f7:7d:68:ed:18:07:58:68:a0:
51:35:86:c2:86:0d:06:80:d5:d3:a6:38:4d:e5:cc:
c2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:13:07:CB:92:B5:8B:73:74:52:AE:8E:1B:22:7D:8F:4A:BA:AE:E4
X509v3 Authority Key Identifier:
keyid:FB:75:13:02:AF:7B:5C:D6:BE:F3:71:7B:68:36:7E:02:B6:17:D2:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3UTAq97XNa-83F7aDZ-ArYX0tw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/5d4004-aac0-4ead-a580-c664b4e86ab5/1/qRMHy5K1i3N0Uq6OGyJ9j0q6ruQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/5d4004-aac0-4ead-a580-c664b4e86ab5/1/1-3UTAq97XNa-83F7aDZ-ArYX0tw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.192.0/24
Signature Algorithm: sha256WithRSAEncryption
35:23:7a:d5:bb:ac:1f:57:6b:ff:31:b6:34:b3:67:f0:0a:56:
c4:82:7a:af:8b:d1:79:10:20:e0:23:76:21:99:6b:71:9a:eb:
84:cb:4d:44:2e:a3:e9:61:24:00:cc:1c:f7:a7:19:29:ca:f3:
ff:17:b5:65:21:44:93:65:cc:85:2c:37:b9:39:2a:32:1e:58:
93:a5:b3:0a:d2:77:16:95:ca:30:41:9e:12:06:90:3a:23:b4:
1d:c6:76:59:f6:07:ec:0c:0a:27:0a:ae:78:41:2c:55:06:47:
11:03:e5:6b:e7:3f:dd:2d:fa:ec:70:52:30:e0:62:0d:33:22:
27:9a:42:8a:60:38:39:71:80:5d:8f:7a:ef:a0:b1:1b:ef:5d:
a7:2d:04:b2:83:71:32:82:68:a8:b8:ae:7c:8c:1c:44:8b:04:
3c:03:21:a3:58:f5:7c:e8:74:06:a7:e5:26:9f:ec:97:1c:61:
56:b3:a3:5d:bc:ec:ce:b0:68:c4:37:e6:38:96:c3:88:72:43:
fc:1c:f6:c5:e2:0a:f8:b0:db:d9:dc:fa:ba:ef:86:7c:7e:1c:
f3:46:83:96:b8:cd:9f:2f:d4:bd:2f:b3:2c:81:40:32:7d:49:
1c:79:b5:93:08:65:87:7f:a3:f2:9c:c4:51:ee:9e:f1:e7:1f:
6f:06:96:c0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzI3lj4gk6XEIKjl2XyDudfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzUxMzAyYWY3YjVjZDZiZWYzNzE3YjY4MzY3ZTAyYjYx
N2QyZGMwHhcNMjQwMTAyMDYzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTEzMDdjYjkyYjU4YjczNzQ1MmFlOGUxYjIyN2Q4ZjRhYmFhZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+U8PBlMK6lxg8j/bEpcrYky/N/y
6xGgT/c0Xl6lPLdeEl3dcviD56yiy3Rp8O4Diz3btJsEPJzWdmrt7cKkaiFby8rU
WL9CvTI1jq+CnLV9Zd42cycXI3OIi6yp3EZaK60IxPNWcpYstwk2lonKC5TemNXV
aJXN3Jsy5yBGttItYVLnBNiwJPqRS0EoiHhAZ85UlIBgWjWsXHm/DsYCkjnQ2SAC
UJ26P3z1W/Rwf6bmvJum98gv1AmImlSauHe4elGlNtwDZiVMjLe4/FFIBjFGJxTn
MQnWPElTEBo120ZBMPhO34b3fWjtGAdYaKBRNYbChg0GgNXTpjhN5czCIQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKkTB8uStYtzdFKujhsifY9Kuq7kMB8GA1UdIwQY
MBaAFPt1EwKve1zWvvNxe2g2fgK2F9LcMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zVVRBcTk3WE5hLTgzRjdhRFotQXJZWDB0dy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUvNWQ0MDA0LWFhYzAtNGVhZC1hNTgw
LWM2NjRiNGU4NmFiNS8xL3FSTUh5NUsxaTNOMFVxNk9HeUo5ajBxNnJ1US5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjUvNWQ0MDA0LWFhYzAtNGVhZC1hNTgwLWM2NjRiNGU4NmFi
NS8xLzEtM1VUQXE5N1hOYS04M0Y3YURaLUFyWVgwdHcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC51cAw
DQYJKoZIhvcNAQELBQADggEBADUjetW7rB9Xa/8xtjSzZ/AKVsSCeq+L0XkQIOAj
diGZa3Ga64TLTUQuo+lhJADMHPenGSnK8/8XtWUhRJNlzIUsN7k5KjIeWJOlswrS
dxaVyjBBnhIGkDojtB3Gdln2B+wMCicKrnhBLFUGRxED5WvnP90t+uxwUjDgYg0z
IieaQopgODlxgF2Peu+gsRvvXactBLKDcTKCaKi4rnyMHESLBDwDIaNY9XzodAan
5Saf7JccYVazo1287M6waMQ35jiWw4hyQ/wc9sXiCviw29nc+rrvhnx+HPNGg5a4
zZ8v1L0vsyyBQDJ9SRx5tZMIZYd/o/KcxFHunvHnH28GlsA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:44 2025 by rpki-client