Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/QbEVBhzIqyqVVYYdiX36Fzai7II.roa
File: QbEVBhzIqyqVVYYdiX36Fzai7II.roa (raw, json)
Hash identifier: KkzY5+GFOtUxec3THfOpb7P3NzNjcvp/JufzlbTEbec=
Subject key identifier: 41:B1:15:06:1C:C8:AB:2A:95:55:86:1D:89:7D:FA:17:36:A2:EC:82
Certificate issuer: /CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Certificate serial: 0193210B027439FA65D0ED35140E86856055
Authority key identifier: 90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/QbEVBhzIqyqVVYYdiX36Fzai7II.roa
Signing time: Tue 12 Nov 2024 15:43:09 +0000
ROA not before: Tue 12 Nov 2024 15:43:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57129
IP address blocks: 185.128.32.0/22 maxlen: 24
185.202.200.0/22 maxlen: 24
2a06:cd00::/29 maxlen: 48
2a0d:5900::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:21:0b:02:74:39:fa:65:d0:ed:35:14:0e:86:85:60:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Validity
Not Before: Nov 12 15:43:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41b115061cc8ab2a9555861d897dfa1736a2ec82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fd:6b:01:6d:64:4d:00:21:f2:4d:4d:a1:93:
f0:e4:b4:3e:98:02:ce:c0:36:a5:f9:88:8f:d6:59:
e3:80:79:48:8b:38:c1:22:cf:c1:45:6e:cb:b1:4d:
28:9c:79:fd:dd:06:09:5e:8b:5e:a5:eb:ab:ff:c1:
85:c5:28:0d:26:62:e7:3c:e1:a1:fa:24:98:7f:35:
1c:22:bb:ca:ba:df:60:3f:31:1f:51:94:4e:38:4c:
52:4e:0e:aa:f9:e5:b1:e8:c8:e3:47:ee:6b:b9:3e:
99:63:67:67:7f:22:f0:48:b8:d3:53:69:37:9f:19:
c4:de:92:ff:f2:78:8e:9b:f0:53:96:ea:9a:c2:10:
e6:10:ed:21:3a:4a:96:2a:2e:57:da:bb:46:c8:62:
74:d7:fc:15:30:79:e0:b7:b1:47:79:0c:ec:0a:59:
67:21:0a:4a:29:64:e7:d2:c4:d5:8c:c9:15:52:b3:
9d:31:b2:29:f9:32:0c:77:f6:e1:22:d2:a9:e3:11:
82:b7:af:22:4c:79:8b:93:e5:2f:89:0e:a3:80:07:
58:6f:26:18:af:64:4a:f2:6b:82:84:bf:bb:92:a4:
61:7f:9a:b1:74:04:53:ba:74:93:6f:93:85:23:a2:
75:67:e6:ec:44:67:7b:ee:b9:82:3b:69:bc:db:b3:
68:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B1:15:06:1C:C8:AB:2A:95:55:86:1D:89:7D:FA:17:36:A2:EC:82
X509v3 Authority Key Identifier:
keyid:90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/QbEVBhzIqyqVVYYdiX36Fzai7II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.32.0/22
185.202.200.0/22
IPv6:
2a06:cd00::/29
2a0d:5900::/29
Signature Algorithm: sha256WithRSAEncryption
7b:4a:f8:4a:fb:63:0c:05:fb:b9:e2:fe:b7:ef:b4:fb:25:06:
7a:5d:87:17:f9:2d:a8:c0:d1:53:bc:d1:2b:88:f5:8e:32:e2:
da:16:b4:d1:55:9c:46:2c:86:de:c3:b8:e6:a0:ed:09:8e:13:
65:1b:ad:50:98:38:3c:26:67:df:dc:c2:a7:3b:54:dd:ec:8a:
18:c8:ea:8d:e4:f7:1e:ed:bd:07:24:3f:cd:88:a7:64:4f:85:
80:ef:5f:fb:c9:28:e2:8e:e1:a2:55:81:a2:99:d9:95:b1:42:
67:02:8c:33:f2:f7:cc:38:6c:09:76:fc:8d:53:2b:85:0d:d6:
ad:47:63:07:a6:81:eb:2e:e8:84:10:1c:d3:0c:f0:45:7d:77:
c5:b2:09:c9:26:0c:03:9f:57:76:b6:35:a3:a1:94:b0:71:73:
82:fa:8b:c0:0b:3f:36:45:f7:cf:c8:6a:5c:14:e1:5d:b2:bf:
ef:8d:37:e6:12:18:03:96:7c:ee:48:66:5e:56:b4:30:db:e5:
be:4d:28:a4:7e:e7:7f:a9:bb:75:18:46:a8:78:05:d2:4a:ef:
0e:c1:c8:c8:d6:72:d3:ea:ab:00:bc:1c:be:e5:c9:0a:9c:d1:
75:6c:d7:bf:42:cb:97:8a:82:09:bc:2a:38:18:d9:64:fa:c5:
9e:c7:00:e7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZMhCwJ0Ofpl0O01FA6GhWBVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWU1MzhlMmE5MTM0NmYwNDAyNTk4YjBmZjJmYjlhOTVj
MDdjMzkwHhcNMjQxMTEyMTU0MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWIxMTUwNjFjYzhhYjJhOTU1NTg2MWQ4OTdkZmExNzM2YTJlYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvf1rAW1kTQAh8k1NoZPw5LQ+mALO
wDal+YiP1lnjgHlIizjBIs/BRW7LsU0onHn93QYJXotepeur/8GFxSgNJmLnPOGh
+iSYfzUcIrvKut9gPzEfUZROOExSTg6q+eWx6MjjR+5ruT6ZY2dnfyLwSLjTU2k3
nxnE3pL/8niOm/BTluqawhDmEO0hOkqWKi5X2rtGyGJ01/wVMHngt7FHeQzsClln
IQpKKWTn0sTVjMkVUrOdMbIp+TIMd/bhItKp4xGCt68iTHmLk+UviQ6jgAdYbyYY
r2RK8muChL+7kqRhf5qxdARTunSTb5OFI6J1Z+bsRGd77rmCO2m827NoGQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEGxFQYcyKsqlVWGHYl9+hc2ouyCMB8GA1UdIwQY
MBaAFJCuU44qkTRvBAJZiw/y+5qVwHw5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4Mzkt
YzVlNzgyMTU3OWYxLzEvUWJFVkJoeklxeXFWVllZZGlYMzZGemFpN0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4MzktYzVlNzgyMTU3OWYx
LzEva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuYAgAwQC
ucrIMBQEAgACMA4DBQMqBs0AAwUDKg1ZADANBgkqhkiG9w0BAQsFAAOCAQEAe0r4
SvtjDAX7ueL+t++0+yUGel2HF/ktqMDRU7zRK4j1jjLi2ha00VWcRiyG3sO45qDt
CY4TZRutUJg4PCZn39zCpztU3eyKGMjqjeT3Hu29ByQ/zYinZE+FgO9f+8ko4o7h
olWBopnZlbFCZwKMM/L3zDhsCXb8jVMrhQ3WrUdjB6aB6y7ohBAc0wzwRX13xbIJ
ySYMA59XdrY1o6GUsHFzgvqLwAs/NkX3z8hqXBThXbK/74035hIYA5Z87khmXla0
MNvlvk0opH7nf6m7dRhGqHgF0krvDsHIyNZy0+qrALwcvuXJCpzRdWzXv0LLl4qC
CbwqOBjZZPrFnscA5w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:43 2025 by rpki-client