Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/49924d-7699-4af4-aff9-22aa4f3a7615/1/qzPII3rg1km9b4kQmaDFcgapwXc.roa
File: qzPII3rg1km9b4kQmaDFcgapwXc.roa (raw, json)
Hash identifier: tlXFKCkmT823FBDvWHCljmMAPrdqaCiqpoXI/fxU0AA=
Subject key identifier: AB:33:C8:23:7A:E0:D6:49:BD:6F:89:10:99:A0:C5:72:06:A9:C1:77
Certificate issuer: /CN=46055e82002cc0bd7b9987e5d7365420eafd4970
Certificate serial: 018CC8714E8D66AD1C62E29C48C9A2A21CC4
Authority key identifier: 46:05:5E:82:00:2C:C0:BD:7B:99:87:E5:D7:36:54:20:EA:FD:49:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RgVeggAswL17mYfl1zZUIOr9SXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/49924d-7699-4af4-aff9-22aa4f3a7615/1/qzPII3rg1km9b4kQmaDFcgapwXc.roa
Signing time: Tue 02 Jan 2024 04:31:58 +0000
ROA not before: Tue 02 Jan 2024 04:31:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12735
IP address blocks: 193.160.144.0/24 maxlen: 24
2a0c:bec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:4e:8d:66:ad:1c:62:e2:9c:48:c9:a2:a2:1c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46055e82002cc0bd7b9987e5d7365420eafd4970
Validity
Not Before: Jan 2 04:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab33c8237ae0d649bd6f891099a0c57206a9c177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:94:91:0c:50:06:2f:f0:34:0f:1b:88:c8:23:
bb:c0:55:b5:86:47:14:a3:19:9a:26:6a:ac:07:2e:
18:f7:47:06:f3:b3:5e:5d:4e:cc:4f:d9:13:e7:27:
cb:2d:12:15:7e:9a:13:d3:da:1b:31:5e:d1:ca:09:
1b:43:3b:f6:e6:3a:6f:f0:9c:ca:f6:d0:84:a5:2b:
fd:9a:8a:47:f8:20:ad:1e:38:09:84:c9:7b:d3:07:
92:a1:8b:a6:49:17:85:5e:5c:e7:d6:3f:91:19:38:
d5:53:e1:a8:65:f1:3a:5f:a9:f3:95:3c:98:3d:fb:
bc:d7:25:44:bf:c1:1e:97:b0:a7:92:b9:e4:51:a7:
22:f3:0e:13:6e:7d:82:15:0d:59:d5:2f:b5:f4:29:
23:af:d5:39:07:51:4c:d9:56:3a:ec:44:a6:bc:4c:
5a:4e:fe:cf:28:85:d7:f3:e3:38:ee:3d:62:0d:b3:
87:eb:bc:c3:52:a4:8c:b4:1d:75:4e:d6:19:d5:f9:
bf:56:ce:7f:bf:f3:67:78:bc:62:6a:65:5a:02:4e:
a6:b9:f7:68:49:61:8a:d4:b4:8c:ee:8f:4c:1f:a9:
61:6a:d2:ad:35:b2:54:e2:55:bb:d5:ba:14:3f:10:
0d:7b:5f:12:ba:f9:b4:9a:1b:f0:a3:f1:bc:79:2d:
8e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:33:C8:23:7A:E0:D6:49:BD:6F:89:10:99:A0:C5:72:06:A9:C1:77
X509v3 Authority Key Identifier:
keyid:46:05:5E:82:00:2C:C0:BD:7B:99:87:E5:D7:36:54:20:EA:FD:49:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RgVeggAswL17mYfl1zZUIOr9SXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/49924d-7699-4af4-aff9-22aa4f3a7615/1/qzPII3rg1km9b4kQmaDFcgapwXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/49924d-7699-4af4-aff9-22aa4f3a7615/1/RgVeggAswL17mYfl1zZUIOr9SXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.144.0/24
IPv6:
2a0c:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
89:65:54:c4:ee:89:f0:58:65:66:f8:a5:e7:ce:85:5a:92:32:
ca:d4:9c:7f:d9:dc:eb:51:99:89:fc:d2:e9:67:9c:bd:fe:3c:
76:65:e5:b1:79:d5:ce:e0:ef:06:91:93:bc:cb:01:72:c6:0e:
84:67:28:95:04:80:f8:59:ef:b7:46:72:37:51:cf:cc:b6:50:
c9:91:bc:5f:da:dc:1b:29:ac:1c:dd:36:91:be:ef:3f:c1:35:
65:b5:d1:7e:0f:3f:43:99:41:fd:10:77:27:0f:63:11:04:2e:
ba:14:a2:1a:34:ab:41:85:72:3b:0f:78:e3:f4:75:7d:09:3a:
a1:a8:a7:52:7e:ed:02:e8:68:2a:37:85:e8:82:8f:2c:f8:1f:
b8:79:9d:5c:84:d1:2b:67:3e:d6:c8:66:28:03:a9:95:54:5b:
85:78:35:24:37:f2:02:3a:a4:11:03:78:8f:6c:43:a1:30:19:
37:3c:f4:d5:f9:b8:e5:b1:83:13:fb:0d:f2:2c:61:d9:b2:e5:
4f:98:ed:4c:ae:30:72:de:48:4a:1d:50:cc:71:13:09:db:61:
c2:e2:b6:49:07:93:b6:2e:08:7d:0e:da:8e:f4:51:68:34:53:
f7:27:4c:72:1b:f8:d0:2a:0b:d3:d7:8e:e0:5c:ab:b6:9e:20:
9f:aa:19:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcU6NZq0cYuKcSMmiohzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MDU1ZTgyMDAyY2MwYmQ3Yjk5ODdlNWQ3MzY1NDIwZWFm
ZDQ5NzAwHhcNMjQwMTAyMDQzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjMzYzgyMzdhZTBkNjQ5YmQ2Zjg5MTA5OWEwYzU3MjA2YTljMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZSRDFAGL/A0DxuIyCO7wFW1hkcU
oxmaJmqsBy4Y90cG87NeXU7MT9kT5yfLLRIVfpoT09obMV7RygkbQzv25jpv8JzK
9tCEpSv9mopH+CCtHjgJhMl70weSoYumSReFXlzn1j+RGTjVU+GoZfE6X6nzlTyY
Pfu81yVEv8Eel7CnkrnkUaci8w4Tbn2CFQ1Z1S+19Ckjr9U5B1FM2VY67ESmvExa
Tv7PKIXX8+M47j1iDbOH67zDUqSMtB11TtYZ1fm/Vs5/v/NneLxiamVaAk6mufdo
SWGK1LSM7o9MH6lhatKtNbJU4lW71boUPxANe18Suvm0mhvwo/G8eS2OKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKszyCN64NZJvW+JEJmgxXIGqcF3MB8GA1UdIwQY
MBaAFEYFXoIALMC9e5mH5dc2VCDq/UlwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmdWZWdnQXN3TDE3bVlmbDF6WlVJT3I5U1hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80OTkyNGQtNzY5OS00YWY0LWFmZjkt
MjJhYTRmM2E3NjE1LzEvcXpQSUkzcmcxa205YjRrUW1hREZjZ2Fwd1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80OTkyNGQtNzY5OS00YWY0LWFmZjktMjJhYTRmM2E3NjE1
LzEvUmdWZWdnQXN3TDE3bVlmbDF6WlVJT3I5U1hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaCQMA0E
AgACMAcDBQMqDL7AMA0GCSqGSIb3DQEBCwUAA4IBAQCJZVTE7onwWGVm+KXnzoVa
kjLK1Jx/2dzrUZmJ/NLpZ5y9/jx2ZeWxedXO4O8GkZO8ywFyxg6EZyiVBID4We+3
RnI3Uc/MtlDJkbxf2twbKawc3TaRvu8/wTVltdF+Dz9DmUH9EHcnD2MRBC66FKIa
NKtBhXI7D3jj9HV9CTqhqKdSfu0C6GgqN4Xogo8s+B+4eZ1chNErZz7WyGYoA6mV
VFuFeDUkN/ICOqQRA3iPbEOhMBk3PPTV+bjlsYMT+w3yLGHZsuVPmO1MrjBy3khK
HVDMcRMJ22HC4rZJB5O2Lgh9DtqO9FFoNFP3J0xyG/jQKgvT147gXKu2niCfqhni
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:12 2025 by rpki-client