Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/QFExoFhkGQwcCgTuYoucfKSJKhE.roa
File: QFExoFhkGQwcCgTuYoucfKSJKhE.roa (raw, json)
Hash identifier: IYzjSvlJifbMjECFQ8N73VVKMu2dM7s7r42tFbbOPOs=
Subject key identifier: 40:51:31:A0:58:64:19:0C:1C:0A:04:EE:62:8B:9C:7C:A4:89:2A:11
Certificate issuer: /CN=d325fc508a7373256720a54d73fa9057d8a21c13
Certificate serial: 018CC26D7329224504EE464ED564B39A8489
Authority key identifier: D3:25:FC:50:8A:73:73:25:67:20:A5:4D:73:FA:90:57:D8:A2:1C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0yX8UIpzcyVnIKVNc_qQV9iiHBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/QFExoFhkGQwcCgTuYoucfKSJKhE.roa
Signing time: Mon 01 Jan 2024 00:30:01 +0000
ROA not before: Mon 01 Jan 2024 00:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205609
IP address blocks: 185.133.252.0/22 maxlen: 22
185.133.252.0/23 maxlen: 23
185.133.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:73:29:22:45:04:ee:46:4e:d5:64:b3:9a:84:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d325fc508a7373256720a54d73fa9057d8a21c13
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=405131a05864190c1c0a04ee628b9c7ca4892a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:af:2d:96:c0:9a:eb:fa:37:81:e3:b1:3a:ce:
25:37:a4:dc:f9:ea:72:11:e2:18:cf:11:c5:16:14:
c6:52:2e:49:0d:d9:99:a4:e8:50:f5:e9:11:a2:cc:
a1:d0:61:9d:53:20:ed:9d:02:08:9e:1a:4a:07:29:
6b:6e:84:e4:61:de:7c:91:26:56:7a:08:08:74:ac:
d8:a3:f9:2a:da:75:d3:d6:ec:f4:25:a0:83:b3:d2:
65:25:a7:a5:c5:0f:e1:bd:97:83:52:c9:dd:71:c2:
ae:56:89:a5:47:b4:c6:1c:c3:d2:f6:34:41:37:e5:
aa:d4:00:d2:42:12:62:93:99:95:3d:7a:6f:65:dc:
3f:63:91:65:0d:0d:ef:f2:19:94:81:fa:32:d7:b3:
9a:fc:f3:d0:f6:29:eb:e6:ac:ca:40:37:08:6f:fa:
aa:f8:9f:de:ee:5f:81:0e:4e:c0:b3:af:b8:d9:04:
07:bb:5f:8e:2a:20:c4:9b:d5:82:0d:2e:f9:4c:c0:
fe:5c:18:29:27:09:b3:35:5c:e8:39:7b:85:63:60:
d6:04:1d:bc:ea:78:48:41:58:b2:84:2e:8e:2e:1f:
9c:0c:cb:4c:be:26:d0:c6:3d:d7:77:d9:7b:1e:52:
6a:9f:b0:9b:52:ec:52:80:18:67:d0:b4:3a:27:c6:
21:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:51:31:A0:58:64:19:0C:1C:0A:04:EE:62:8B:9C:7C:A4:89:2A:11
X509v3 Authority Key Identifier:
keyid:D3:25:FC:50:8A:73:73:25:67:20:A5:4D:73:FA:90:57:D8:A2:1C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0yX8UIpzcyVnIKVNc_qQV9iiHBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/QFExoFhkGQwcCgTuYoucfKSJKhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/0yX8UIpzcyVnIKVNc_qQV9iiHBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.252.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:13:76:e9:dc:d0:6a:7c:97:d0:e4:9b:07:7a:67:d3:d1:df:
e0:de:b8:33:68:4e:a4:f6:04:e7:b2:6c:03:bd:41:3d:d2:b0:
25:92:c1:7a:02:ec:18:0a:50:cd:f1:a8:c3:9c:f4:a7:e4:83:
3f:40:75:e0:6f:0a:17:8b:b3:8d:a8:c0:51:0b:2b:a0:29:f0:
64:25:ad:79:97:a9:b5:95:c1:1e:20:0d:4f:95:78:1c:06:bd:
15:e0:ac:6d:6f:4b:e0:3d:7b:ac:94:cf:fb:4f:e5:49:91:55:
02:8f:9c:e1:fc:5c:e9:c4:82:bc:de:2d:9d:2f:21:b8:6c:78:
4c:cc:9d:14:70:90:59:7e:ee:ce:aa:dd:eb:de:93:ec:7a:3b:
ec:00:7c:fe:cc:d2:30:6e:03:97:c2:20:2b:97:0d:ce:77:24:
d0:dc:ab:b1:35:63:5a:de:88:10:50:94:3e:6f:ef:12:0a:c8:
f9:b8:81:a5:4d:ab:fb:26:e9:55:68:cc:76:a2:cc:c2:df:f1:
ab:84:c7:d3:8c:cf:f0:f3:fa:49:c2:41:32:e4:30:ef:2d:ef:
a4:42:33:a9:e3:20:16:64:6b:a1:cb:54:32:07:8a:43:48:e6:
62:e6:89:b8:46:63:ef:e5:58:b2:29:95:b1:2f:db:5a:a2:20:
b0:51:0c:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbXMpIkUE7kZO1WSzmoSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMjVmYzUwOGE3MzczMjU2NzIwYTU0ZDczZmE5MDU3ZDhh
MjFjMTMwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDUxMzFhMDU4NjQxOTBjMWMwYTA0ZWU2MjhiOWM3Y2E0ODkyYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr68tlsCa6/o3geOxOs4lN6Tc+epy
EeIYzxHFFhTGUi5JDdmZpOhQ9ekRosyh0GGdUyDtnQIInhpKBylrboTkYd58kSZW
eggIdKzYo/kq2nXT1uz0JaCDs9JlJaelxQ/hvZeDUsndccKuVomlR7TGHMPS9jRB
N+Wq1ADSQhJik5mVPXpvZdw/Y5FlDQ3v8hmUgfoy17Oa/PPQ9inr5qzKQDcIb/qq
+J/e7l+BDk7As6+42QQHu1+OKiDEm9WCDS75TMD+XBgpJwmzNVzoOXuFY2DWBB28
6nhIQViyhC6OLh+cDMtMvibQxj3Xd9l7HlJqn7CbUuxSgBhn0LQ6J8Yh5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEBRMaBYZBkMHAoE7mKLnHykiSoRMB8GA1UdIwQY
MBaAFNMl/FCKc3MlZyClTXP6kFfYohwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHlYOFVJcHpjeVZuSUtWTmNfcVFWOWlpSEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kYzE3MjQtMzE2NS00N2VmLWE2ZmUt
MWM2YWExZjZiNzBiLzEvUUZFeG9GaGtHUXdjQ2dUdVlvdWNmS1NKS2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kYzE3MjQtMzE2NS00N2VmLWE2ZmUtMWM2YWExZjZiNzBi
LzEvMHlYOFVJcHpjeVZuSUtWTmNfcVFWOWlpSEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYX8MA0G
CSqGSIb3DQEBCwUAA4IBAQB/E3bp3NBqfJfQ5JsHemfT0d/g3rgzaE6k9gTnsmwD
vUE90rAlksF6AuwYClDN8ajDnPSn5IM/QHXgbwoXi7ONqMBRCyugKfBkJa15l6m1
lcEeIA1PlXgcBr0V4Kxtb0vgPXuslM/7T+VJkVUCj5zh/FzpxIK83i2dLyG4bHhM
zJ0UcJBZfu7Oqt3r3pPsejvsAHz+zNIwbgOXwiArlw3OdyTQ3KuxNWNa3ogQUJQ+
b+8SCsj5uIGlTav7JulVaMx2oszC3/GrhMfTjM/w8/pJwkEy5DDvLe+kQjOp4yAW
ZGuhy1QyB4pDSOZi5om4RmPv5ViyKZWxL9taoiCwUQyN
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:21:19 2025 by rpki-client