Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/08377f-f232-44b0-a3b5-98246a4cb6f8/1/q6cdxWG7Tkotc-JP0nTK1-BDV0o.roa
File: q6cdxWG7Tkotc-JP0nTK1-BDV0o.roa (raw, json)
Hash identifier: HnOPTjWChsqOf/PIvWVGn4U6i+VZygKf+l3PjNOA7wA=
Subject key identifier: AB:A7:1D:C5:61:BB:4E:4A:2D:73:E2:4F:D2:74:CA:D7:E0:43:57:4A
Certificate issuer: /CN=cdf68ec127fb32c679218afc76e1b6eaa59521bb
Certificate serial: 018CC7271D1B436A2F4D1086A8266AD50A3F
Authority key identifier: CD:F6:8E:C1:27:FB:32:C6:79:21:8A:FC:76:E1:B6:EA:A5:95:21:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfaOwSf7MsZ5IYr8duG26qWVIbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/08377f-f232-44b0-a3b5-98246a4cb6f8/1/q6cdxWG7Tkotc-JP0nTK1-BDV0o.roa
Signing time: Mon 01 Jan 2024 22:31:18 +0000
ROA not before: Mon 01 Jan 2024 22:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8678
IP address blocks: 185.22.248.0/22 maxlen: 22
5.23.120.0/21 maxlen: 21
46.182.64.0/21 maxlen: 21
92.61.0.0/20 maxlen: 20
80.251.32.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:1d:1b:43:6a:2f:4d:10:86:a8:26:6a:d5:0a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdf68ec127fb32c679218afc76e1b6eaa59521bb
Validity
Not Before: Jan 1 22:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aba71dc561bb4e4a2d73e24fd274cad7e043574a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9b:19:8e:98:e4:ac:33:a4:ad:0d:8a:6e:b2:
b8:d8:b8:5e:a8:ca:39:6b:95:93:00:03:8d:0b:ff:
63:2d:f2:1d:6e:d1:4d:07:41:16:88:19:53:f0:b0:
1b:d2:a2:b2:8e:13:9a:25:1f:84:23:79:46:4d:08:
81:30:f9:c0:52:21:02:9b:f7:86:1f:18:d3:86:2b:
de:d5:39:8b:71:82:0e:8a:d6:a5:ca:d6:17:95:96:
92:14:f1:8d:dd:da:8b:79:f7:0b:91:74:b8:1a:f8:
ac:ce:f5:2d:01:8d:32:fb:d9:c9:ec:cb:db:21:8b:
41:bf:81:ca:a3:60:a6:d6:d5:35:1b:ed:f7:d8:34:
63:16:d1:89:7a:64:3a:3d:1b:a9:f9:28:c8:19:46:
ef:da:66:fb:0a:47:51:5e:0d:d1:9d:e4:f7:b7:94:
ea:87:45:84:8c:c7:6f:93:b8:15:6b:d8:2a:f6:c3:
02:96:a4:31:06:0d:17:f2:0d:86:e6:1a:9a:2d:ee:
01:82:4a:94:b8:a2:0b:da:41:cd:a9:e6:b1:2b:fa:
72:e5:ae:6c:81:33:18:b1:ca:03:66:d3:7b:36:4f:
a6:b7:c9:18:85:92:1e:9c:a3:0c:f6:2d:80:09:a9:
66:d2:e5:06:62:5f:ff:c5:86:6d:9e:3b:bb:fe:2f:
9a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A7:1D:C5:61:BB:4E:4A:2D:73:E2:4F:D2:74:CA:D7:E0:43:57:4A
X509v3 Authority Key Identifier:
keyid:CD:F6:8E:C1:27:FB:32:C6:79:21:8A:FC:76:E1:B6:EA:A5:95:21:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfaOwSf7MsZ5IYr8duG26qWVIbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/08377f-f232-44b0-a3b5-98246a4cb6f8/1/q6cdxWG7Tkotc-JP0nTK1-BDV0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/08377f-f232-44b0-a3b5-98246a4cb6f8/1/zfaOwSf7MsZ5IYr8duG26qWVIbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.120.0/21
46.182.64.0/21
80.251.32.0/20
92.61.0.0/20
185.22.248.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:2d:90:f2:43:96:29:12:26:2d:a9:e8:56:2b:e0:e7:b9:a9:
d3:fc:89:4a:24:fa:2f:5d:86:95:8a:65:e3:5b:57:b2:02:e1:
c9:b5:1e:83:71:35:4e:f0:d2:1d:aa:a1:48:c8:d1:98:2d:77:
e0:56:1a:a9:73:74:da:31:84:09:5a:2f:87:29:1a:01:1b:a0:
c2:8d:41:9d:52:bf:86:5e:07:61:3d:d4:85:73:e7:18:ad:88:
73:2f:30:04:c0:a0:14:c7:b2:df:a0:4d:32:94:66:aa:bc:f7:
1a:12:3d:75:68:4d:80:e3:76:18:f1:a7:80:a1:32:fe:eb:a6:
68:be:84:9b:c2:f8:5c:0d:73:33:a5:b2:ac:11:0d:ba:33:bb:
42:89:61:d3:82:94:47:f9:40:55:cd:2a:86:9e:80:56:d9:c8:
c5:a6:53:56:61:c2:53:c6:ea:57:44:ab:84:da:23:e8:e8:93:
6b:88:23:d5:2b:a8:53:8d:b9:28:30:a4:c1:f4:b6:c4:98:bb:
1e:46:9f:82:e8:e5:43:27:22:00:76:9f:7b:2a:a8:97:83:f0:
05:92:b5:28:9b:80:9a:fb:54:bd:b8:1a:39:22:2d:04:70:a6:
ae:bd:7d:35:67:43:4c:83:79:05:4c:c8:c6:69:c5:d2:ed:0e:
8c:32:9c:c8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHJx0bQ2ovTRCGqCZq1Qo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjY4ZWMxMjdmYjMyYzY3OTIxOGFmYzc2ZTFiNmVhYTU5
NTIxYmIwHhcNMjQwMTAxMjIzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmE3MWRjNTYxYmI0ZTRhMmQ3M2UyNGZkMjc0Y2FkN2UwNDM1NzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpsZjpjkrDOkrQ2KbrK42LheqMo5
a5WTAAONC/9jLfIdbtFNB0EWiBlT8LAb0qKyjhOaJR+EI3lGTQiBMPnAUiECm/eG
HxjThive1TmLcYIOitalytYXlZaSFPGN3dqLefcLkXS4GviszvUtAY0y+9nJ7Mvb
IYtBv4HKo2Cm1tU1G+332DRjFtGJemQ6PRup+SjIGUbv2mb7CkdRXg3RneT3t5Tq
h0WEjMdvk7gVa9gq9sMClqQxBg0X8g2G5hqaLe4BgkqUuKIL2kHNqeaxK/py5a5s
gTMYscoDZtN7Nk+mt8kYhZIenKMM9i2ACalm0uUGYl//xYZtnju7/i+aewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKunHcVhu05KLXPiT9J0ytfgQ1dKMB8GA1UdIwQY
MBaAFM32jsEn+zLGeSGK/HbhtuqllSG7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZhT3dTZjdNc1o1SVlyOGR1RzI2cVdWSWJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wODM3N2YtZjIzMi00NGIwLWEzYjUt
OTgyNDZhNGNiNmY4LzEvcTZjZHhXRzdUa290Yy1KUDBuVEsxLUJEVjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wODM3N2YtZjIzMi00NGIwLWEzYjUtOTgyNDZhNGNiNmY4
LzEvemZhT3dTZjdNc1o1SVlyOGR1RzI2cVdWSWJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBRd4AwQD
LrZAAwQEUPsgAwQEXD0AAwQCuRb4MA0GCSqGSIb3DQEBCwUAA4IBAQCoLZDyQ5Yp
EiYtqehWK+DnuanT/IlKJPovXYaVimXjW1eyAuHJtR6DcTVO8NIdqqFIyNGYLXfg
Vhqpc3TaMYQJWi+HKRoBG6DCjUGdUr+GXgdhPdSFc+cYrYhzLzAEwKAUx7LfoE0y
lGaqvPcaEj11aE2A43YY8aeAoTL+66ZovoSbwvhcDXMzpbKsEQ26M7tCiWHTgpRH
+UBVzSqGnoBW2cjFplNWYcJTxupXRKuE2iPo6JNriCPVK6hTjbkoMKTB9LbEmLse
Rp+C6OVDJyIAdp97KqiXg/AFkrUom4Ca+1S9uBo5Ii0EcKauvX01Z0NMg3kFTMjG
acXS7Q6MMpzI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:07 2025 by rpki-client