Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/a5f931-6fa8-4cf0-8f97-23b28f39a602/1/qjD5UoPRmJy4VCs_6AHCZyWT-dU.roa
File: qjD5UoPRmJy4VCs_6AHCZyWT-dU.roa (raw, json)
Hash identifier: 5dme5cSENJJ2ltXwBhf7CqmzQ1OE2YO+oVmEGj4ce04=
Subject key identifier: AA:30:F9:52:83:D1:98:9C:B8:54:2B:3F:E8:01:C2:67:25:93:F9:D5
Certificate issuer: /CN=da27113db55b63b67a4a627a7008a8afc2bcc42c
Certificate serial: 018CC42521A2698F7EECD7E78D4530825562
Authority key identifier: DA:27:11:3D:B5:5B:63:B6:7A:4A:62:7A:70:08:A8:AF:C2:BC:C4:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2icRPbVbY7Z6SmJ6cAior8K8xCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/a5f931-6fa8-4cf0-8f97-23b28f39a602/1/qjD5UoPRmJy4VCs_6AHCZyWT-dU.roa
Signing time: Mon 01 Jan 2024 08:30:16 +0000
ROA not before: Mon 01 Jan 2024 08:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 146.66.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:21:a2:69:8f:7e:ec:d7:e7:8d:45:30:82:55:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da27113db55b63b67a4a627a7008a8afc2bcc42c
Validity
Not Before: Jan 1 08:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa30f95283d1989cb8542b3fe801c2672593f9d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8e:89:4e:a0:5e:91:5b:24:8b:ef:9a:31:ac:
3b:59:74:06:0a:e8:8b:54:9c:e3:77:d1:60:11:11:
c0:13:c6:f0:67:d0:d0:f4:45:51:c6:16:f8:f9:a4:
16:cf:b0:12:d9:db:68:42:1a:ec:03:05:9b:69:4a:
33:77:bc:f6:72:c8:35:a1:f6:bf:e3:fd:6b:82:30:
c3:0b:8d:56:4e:5c:12:f6:4c:17:cd:f6:31:ad:d9:
b2:64:b9:ca:ff:12:9d:f0:52:89:f5:5e:79:5f:e8:
59:94:fa:3a:c1:db:41:4d:4f:e6:69:a4:71:5f:e0:
72:9e:f0:12:ba:ba:e1:a4:d5:a4:ea:db:68:03:3e:
29:b8:26:72:65:bc:b6:c5:f7:f7:a4:5d:de:4e:9a:
fb:2b:6f:16:63:21:92:3c:45:be:d0:12:87:f7:ed:
23:d0:a2:74:5c:7f:53:d6:62:28:44:9c:ba:45:03:
cb:1d:d2:69:a6:8c:2c:2d:b2:44:6b:63:e6:69:78:
49:3c:8b:da:24:f1:70:04:5e:ce:61:40:93:40:c5:
c3:4d:78:30:b3:60:f1:38:9d:78:17:46:d1:ac:7f:
c5:8f:5e:a7:c1:64:e1:39:23:f6:67:40:dc:ab:92:
28:72:35:95:af:0e:1e:d7:04:7b:a1:20:a7:49:de:
71:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:30:F9:52:83:D1:98:9C:B8:54:2B:3F:E8:01:C2:67:25:93:F9:D5
X509v3 Authority Key Identifier:
keyid:DA:27:11:3D:B5:5B:63:B6:7A:4A:62:7A:70:08:A8:AF:C2:BC:C4:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2icRPbVbY7Z6SmJ6cAior8K8xCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a5f931-6fa8-4cf0-8f97-23b28f39a602/1/qjD5UoPRmJy4VCs_6AHCZyWT-dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a5f931-6fa8-4cf0-8f97-23b28f39a602/1/2icRPbVbY7Z6SmJ6cAior8K8xCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.3.0/24
Signature Algorithm: sha256WithRSAEncryption
11:14:e7:a6:29:a8:b8:50:e6:9e:f2:47:1c:7b:d1:5f:6d:16:
4d:b7:71:b8:b3:f8:a0:32:af:56:cb:b5:f6:d9:1a:33:e2:c9:
63:22:6d:0f:02:70:48:52:3b:be:2f:08:0e:e8:6c:ef:bf:b6:
ae:07:1e:42:42:46:5d:25:45:b3:cb:38:4a:19:6f:7d:3d:00:
69:db:a4:7f:ca:ee:28:00:b0:4b:98:8a:4f:72:e7:06:a6:9e:
60:bf:82:ae:f3:af:03:85:ba:95:51:1d:4f:7a:f0:98:57:25:
72:64:f8:a5:d3:e8:04:77:dd:2c:01:23:b7:52:e6:e5:80:43:
ca:ca:76:a8:55:87:c4:fd:8a:a5:91:4c:2d:e6:61:36:5e:9c:
6b:79:66:6b:62:ab:c5:05:a3:24:dd:2a:eb:05:52:9a:70:b9:
4c:cd:eb:84:8c:c2:b0:a4:5d:63:89:4e:fa:28:41:5f:56:f2:
bb:72:26:57:76:83:1d:1f:ee:c3:ac:07:e9:f3:6b:dd:3c:14:
3e:0b:30:ad:cd:65:2c:c2:d6:d9:ce:ab:c5:52:48:74:00:2f:
3e:d5:5e:d6:28:9b:24:18:b0:38:49:10:e7:45:8a:e0:5b:00:
fc:81:d2:0e:cc:29:f8:0c:b3:4a:4c:78:54:82:89:46:05:ce:
4d:fb:1d:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJSGiaY9+7NfnjUUwglViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjcxMTNkYjU1YjYzYjY3YTRhNjI3YTcwMDhhOGFmYzJi
Y2M0MmMwHhcNMjQwMTAxMDgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTMwZjk1MjgzZDE5ODljYjg1NDJiM2ZlODAxYzI2NzI1OTNmOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxY6JTqBekVski++aMaw7WXQGCuiL
VJzjd9FgERHAE8bwZ9DQ9EVRxhb4+aQWz7AS2dtoQhrsAwWbaUozd7z2csg1ofa/
4/1rgjDDC41WTlwS9kwXzfYxrdmyZLnK/xKd8FKJ9V55X+hZlPo6wdtBTU/maaRx
X+BynvASurrhpNWk6ttoAz4puCZyZby2xff3pF3eTpr7K28WYyGSPEW+0BKH9+0j
0KJ0XH9T1mIoRJy6RQPLHdJppowsLbJEa2PmaXhJPIvaJPFwBF7OYUCTQMXDTXgw
s2DxOJ14F0bRrH/Fj16nwWThOSP2Z0Dcq5IocjWVrw4e1wR7oSCnSd5xmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKow+VKD0ZicuFQrP+gBwmclk/nVMB8GA1UdIwQY
MBaAFNonET21W2O2ekpienAIqK/CvMQsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmljUlBiVmJZN1o2U21KNmNBaW9yOEs4eEN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hNWY5MzEtNmZhOC00Y2YwLThmOTct
MjNiMjhmMzlhNjAyLzEvcWpENVVvUFJtSnk0VkNzXzZBSENaeVdULWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hNWY5MzEtNmZhOC00Y2YwLThmOTctMjNiMjhmMzlhNjAy
LzEvMmljUlBiVmJZN1o2U21KNmNBaW9yOEs4eEN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkkIDMA0G
CSqGSIb3DQEBCwUAA4IBAQARFOemKai4UOae8kcce9FfbRZNt3G4s/igMq9Wy7X2
2Roz4sljIm0PAnBIUju+LwgO6Gzvv7auBx5CQkZdJUWzyzhKGW99PQBp26R/yu4o
ALBLmIpPcucGpp5gv4Ku868DhbqVUR1PevCYVyVyZPil0+gEd90sASO3UublgEPK
ynaoVYfE/YqlkUwt5mE2XpxreWZrYqvFBaMk3SrrBVKacLlMzeuEjMKwpF1jiU76
KEFfVvK7ciZXdoMdH+7DrAfp82vdPBQ+CzCtzWUswtbZzqvFUkh0AC8+1V7WKJsk
GLA4SRDnRYrgWwD8gdIOzCn4DLNKTHhUgolGBc5N+x0H
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:46:02 2025 by rpki-client