Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/101c05-a91c-4fbd-bd07-f950420b9e06/1/WqqfD4xq94XtwCq8WLSZRrGNpMQ.roa
File: WqqfD4xq94XtwCq8WLSZRrGNpMQ.roa (raw, json)
Hash identifier: 8PXtJ1GJhVIylBGiwFQtTlMmVeYEE+VwC5XRXuy/iMI=
Subject key identifier: 5A:AA:9F:0F:8C:6A:F7:85:ED:C0:2A:BC:58:B4:99:46:B1:8D:A4:C4
Certificate issuer: /CN=df6412c5ddf128ec714afaea483e87b1bc74d41f
Certificate serial: 018F2E47B61C2F00839DB8B525BA51143AFE
Authority key identifier: DF:64:12:C5:DD:F1:28:EC:71:4A:FA:EA:48:3E:87:B1:BC:74:D4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/32QSxd3xKOxxSvrqSD6Hsbx01B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/101c05-a91c-4fbd-bd07-f950420b9e06/1/WqqfD4xq94XtwCq8WLSZRrGNpMQ.roa
Signing time: Tue 30 Apr 2024 09:13:22 +0000
ROA not before: Tue 30 Apr 2024 09:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51849
IP address blocks: 194.107.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:47:b6:1c:2f:00:83:9d:b8:b5:25:ba:51:14:3a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df6412c5ddf128ec714afaea483e87b1bc74d41f
Validity
Not Before: Apr 30 09:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5aaa9f0f8c6af785edc02abc58b49946b18da4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:02:00:ad:c3:ed:5b:43:b7:9d:07:f8:85:8e:
f4:1a:96:2f:33:c8:11:4b:b1:20:ce:34:35:05:22:
5f:3b:b6:4f:d1:65:64:40:85:1f:7e:c9:68:52:bb:
ca:63:e4:78:68:de:80:28:5f:23:9f:91:71:3e:fe:
e2:cc:95:e3:1b:c7:f0:61:53:9c:89:26:04:08:69:
da:f9:a6:64:51:91:91:17:76:2d:60:94:47:63:40:
68:93:ed:20:a2:be:99:12:6e:0d:2d:d6:24:27:c3:
ba:99:cf:c0:58:e0:eb:f4:15:61:bf:b4:78:51:5f:
8e:83:b3:43:c2:97:ab:3e:7e:06:34:a7:ab:30:ab:
fc:01:e3:6d:d9:83:d4:25:75:14:ac:73:df:8f:8a:
50:36:05:0c:fb:ae:e4:89:c0:50:39:4a:67:72:e8:
51:25:44:eb:5f:96:82:82:91:8c:36:cb:6b:88:84:
e2:87:e1:ca:26:66:23:fa:aa:8c:1a:78:89:06:c2:
1c:bd:46:e9:05:07:22:26:8e:a7:ab:01:2b:29:15:
c0:a4:31:7a:ce:68:93:58:8d:8e:44:5c:a7:96:04:
f5:3c:af:78:bb:f4:38:70:97:9b:57:85:20:17:6c:
87:27:77:40:7f:98:e3:2a:d6:50:ba:89:d4:f6:e1:
29:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:AA:9F:0F:8C:6A:F7:85:ED:C0:2A:BC:58:B4:99:46:B1:8D:A4:C4
X509v3 Authority Key Identifier:
keyid:DF:64:12:C5:DD:F1:28:EC:71:4A:FA:EA:48:3E:87:B1:BC:74:D4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/32QSxd3xKOxxSvrqSD6Hsbx01B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/101c05-a91c-4fbd-bd07-f950420b9e06/1/WqqfD4xq94XtwCq8WLSZRrGNpMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/101c05-a91c-4fbd-bd07-f950420b9e06/1/32QSxd3xKOxxSvrqSD6Hsbx01B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.121.0/24
Signature Algorithm: sha256WithRSAEncryption
34:f3:93:67:e2:3b:c0:c1:30:a2:ac:93:cc:83:8c:79:90:91:
7d:5a:b9:9d:d5:0e:55:27:95:f5:b3:36:86:2c:f0:fa:3f:23:
7a:ad:29:de:7f:2a:7f:00:00:9a:63:ae:9a:00:f9:75:94:4d:
e6:78:3f:e5:2c:ec:40:f0:4c:50:4a:eb:50:9e:13:33:0a:77:
e6:ba:8d:9e:7c:46:60:a3:cc:63:65:4e:6f:6f:9e:50:06:b2:
0b:e2:4a:8e:1a:b6:f4:b2:ec:d3:1c:8e:ab:fd:67:8b:96:22:
f4:7f:09:36:8b:2b:65:ab:01:14:15:30:cf:f2:41:e6:f8:ce:
03:78:58:45:7e:d6:52:b2:76:92:7d:fe:b7:a3:8e:7a:52:74:
34:64:49:86:d5:2d:fb:1f:99:5d:01:2b:98:99:1a:05:3b:4b:
67:a1:19:fb:40:62:9a:60:c2:d1:cf:a2:cc:bc:16:e1:3c:93:
eb:c6:b5:af:73:8d:6d:1f:bf:89:5d:af:78:8a:e7:13:34:38:
dc:c8:33:1c:a0:87:c1:55:1a:63:cd:cb:0e:0a:b8:26:c1:0b:
8d:62:3a:e1:18:c0:9a:00:01:53:f7:b3:62:99:0d:b7:b5:68:
a1:75:dc:79:a8:7c:53:95:d2:a3:fd:0d:9b:66:f7:2b:ef:94:
5e:2a:5e:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8uR7YcLwCDnbi1JbpRFDr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNjQxMmM1ZGRmMTI4ZWM3MTRhZmFlYTQ4M2U4N2IxYmM3
NGQ0MWYwHhcNMjQwNDMwMDkxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWFhOWYwZjhjNmFmNzg1ZWRjMDJhYmM1OGI0OTk0NmIxOGRhNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwIArcPtW0O3nQf4hY70GpYvM8gR
S7EgzjQ1BSJfO7ZP0WVkQIUffsloUrvKY+R4aN6AKF8jn5FxPv7izJXjG8fwYVOc
iSYECGna+aZkUZGRF3YtYJRHY0Bok+0gor6ZEm4NLdYkJ8O6mc/AWODr9BVhv7R4
UV+Og7NDwperPn4GNKerMKv8AeNt2YPUJXUUrHPfj4pQNgUM+67kicBQOUpncuhR
JUTrX5aCgpGMNstriITih+HKJmYj+qqMGniJBsIcvUbpBQciJo6nqwErKRXApDF6
zmiTWI2ORFynlgT1PK94u/Q4cJebV4UgF2yHJ3dAf5jjKtZQuonU9uEpfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqqnw+MaveF7cAqvFi0mUaxjaTEMB8GA1UdIwQY
MBaAFN9kEsXd8SjscUr66kg+h7G8dNQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzJRU3hkM3hLT3h4U3ZycVNENkhzYngwMUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xMDFjMDUtYTkxYy00ZmJkLWJkMDct
Zjk1MDQyMGI5ZTA2LzEvV3FxZkQ0eHE5NFh0d0NxOFdMU1pSckdOcE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xMDFjMDUtYTkxYy00ZmJkLWJkMDctZjk1MDQyMGI5ZTA2
LzEvMzJRU3hkM3hLT3h4U3ZycVNENkhzYngwMUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmt5MA0G
CSqGSIb3DQEBCwUAA4IBAQA085Nn4jvAwTCirJPMg4x5kJF9Wrmd1Q5VJ5X1szaG
LPD6PyN6rSnefyp/AACaY66aAPl1lE3meD/lLOxA8ExQSutQnhMzCnfmuo2efEZg
o8xjZU5vb55QBrIL4kqOGrb0suzTHI6r/WeLliL0fwk2iytlqwEUFTDP8kHm+M4D
eFhFftZSsnaSff63o456UnQ0ZEmG1S37H5ldASuYmRoFO0tnoRn7QGKaYMLRz6LM
vBbhPJPrxrWvc41tH7+JXa94iucTNDjcyDMcoIfBVRpjzcsOCrgmwQuNYjrhGMCa
AAFT97NimQ23tWihddx5qHxTldKj/Q2bZvcr75ReKl7r
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:16 2025 by rpki-client