Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/qccN77X5aBPFfpbZXuJpfA8e1DM.roa
File: qccN77X5aBPFfpbZXuJpfA8e1DM.roa (raw, json)
Hash identifier: kxNXLDXHXyzWE97PoMFtl8NdymNg0c7i3uQiL1/lWUU=
Subject key identifier: A9:C7:0D:EF:B5:F9:68:13:C5:7E:96:D9:5E:E2:69:7C:0F:1E:D4:33
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018CC348F7596AF556B33B1A4FBA81E06548
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/qccN77X5aBPFfpbZXuJpfA8e1DM.roa
Signing time: Mon 01 Jan 2024 04:29:48 +0000
ROA not before: Mon 01 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8762
IP address blocks: 195.251.48.0/24 maxlen: 24
194.177.198.0/24 maxlen: 24
2001:648:2c10::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f7:59:6a:f5:56:b3:3b:1a:4f:ba:81:e0:65:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9c70defb5f96813c57e96d95ee2697c0f1ed433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f1:b6:f9:45:fd:b2:59:5f:d0:bc:88:77:60:
53:1c:6a:18:23:d7:a7:ee:3f:68:e5:1c:8d:76:97:
cb:7d:44:fd:d7:15:dc:d5:31:b5:42:97:db:f0:a9:
1d:af:64:85:5a:a8:70:70:72:ac:f6:c2:28:7b:26:
df:4d:32:fb:86:ec:0f:1f:ce:4e:51:e7:f6:94:d5:
77:79:fb:75:e7:41:9e:d8:71:8f:a0:2c:d0:a9:40:
0a:03:9d:25:bf:32:23:0c:32:95:3d:19:bd:e7:8f:
c1:d7:c7:4c:94:cb:86:a2:bc:41:42:1e:7d:29:3b:
5a:30:e7:f4:f3:4e:7f:6f:a8:9f:41:61:73:45:3b:
e1:d4:c8:4d:fc:53:38:c5:7f:90:6c:48:c4:07:6c:
be:bf:bb:3b:c7:6a:9c:19:5e:94:e9:32:de:5a:c3:
2c:ef:5b:39:94:bc:23:fc:0a:cf:00:0a:40:c1:d4:
9f:60:f5:28:e6:a0:3b:ea:12:a1:54:a4:4a:a0:5c:
04:d1:bd:38:45:4a:23:d3:a7:ba:1b:b1:24:f0:36:
00:b1:30:21:e1:1e:70:cf:c0:d5:4a:c5:d0:f7:3f:
cf:d4:63:6c:16:1a:9a:7d:16:1b:77:b1:04:51:ce:
ac:b9:be:bd:f5:33:59:ed:8f:02:9f:c2:e8:b9:70:
13:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C7:0D:EF:B5:F9:68:13:C5:7E:96:D9:5E:E2:69:7C:0F:1E:D4:33
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/qccN77X5aBPFfpbZXuJpfA8e1DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.177.198.0/24
195.251.48.0/24
IPv6:
2001:648:2c10::/48
Signature Algorithm: sha256WithRSAEncryption
49:80:5c:45:0d:f4:ac:cd:36:20:ad:d3:6b:dc:3d:66:3e:39:
f3:c0:cf:7c:aa:a0:4f:4e:e9:3c:13:e0:6d:a2:c7:8d:bb:1d:
9f:a8:c6:81:e5:5a:c7:24:7c:2e:dd:7c:eb:19:23:4d:15:6d:
2f:76:fe:cb:71:28:75:56:57:d4:31:d7:d8:ba:25:97:8c:66:
e5:76:1d:45:17:fe:bb:e2:29:73:f0:a2:cf:e4:8c:a4:e4:89:
fe:3a:48:dd:44:de:74:d7:f9:46:31:20:7b:47:98:54:9a:c9:
80:f6:1d:ab:c8:db:00:e5:e6:9c:ad:02:cf:fe:a4:01:b5:cd:
3a:4c:45:92:d2:cd:d5:b5:02:35:fa:aa:4a:18:59:c6:40:57:
be:2b:5c:e1:27:9d:52:cf:c7:3d:e4:5a:d8:04:34:23:9c:08:
51:e4:b5:82:75:80:c0:be:98:2c:03:a8:84:45:f0:48:00:08:
90:fa:bc:25:9d:cb:39:a7:b2:db:45:fb:47:cb:d3:b3:a3:90:
56:c1:e2:b4:2d:0e:0b:c6:35:ca:dc:64:58:c2:75:49:03:73:
b0:a8:5b:28:38:b9:b0:ff:cc:35:4f:5b:a0:69:cb:87:34:7b:
b4:9c:88:95:f3:9b:34:0f:d0:4d:66:2f:fa:13:3a:66:b4:89:
b1:df:7f:cf
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSPdZavVWszsaT7qB4GVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWM3MGRlZmI1Zjk2ODEzYzU3ZTk2ZDk1ZWUyNjk3YzBmMWVkNDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/G2+UX9sllf0LyId2BTHGoYI9en
7j9o5RyNdpfLfUT91xXc1TG1Qpfb8Kkdr2SFWqhwcHKs9sIoeybfTTL7huwPH85O
Uef2lNV3eft150Ge2HGPoCzQqUAKA50lvzIjDDKVPRm954/B18dMlMuGorxBQh59
KTtaMOf0805/b6ifQWFzRTvh1MhN/FM4xX+QbEjEB2y+v7s7x2qcGV6U6TLeWsMs
71s5lLwj/ArPAApAwdSfYPUo5qA76hKhVKRKoFwE0b04RUoj06e6G7Ek8DYAsTAh
4R5wz8DVSsXQ9z/P1GNsFhqafRYbd7EEUc6sub699TNZ7Y8Cn8LouXATqQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKnHDe+1+WgTxX6W2V7iaXwPHtQzMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvcWNjTjc3WDVhQlBGZnBiWlh1SnBmQThlMURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwrHGAwQA
w/swMA8EAgACMAkDBwAgAQZILBAwDQYJKoZIhvcNAQELBQADggEBAEmAXEUN9KzN
NiCt02vcPWY+OfPAz3yqoE9O6TwT4G2ix427HZ+oxoHlWsckfC7dfOsZI00VbS92
/stxKHVWV9Qx19i6JZeMZuV2HUUX/rviKXPwos/kjKTkif46SN1E3nTX+UYxIHtH
mFSayYD2HavI2wDl5pytAs/+pAG1zTpMRZLSzdW1AjX6qkoYWcZAV74rXOEnnVLP
xz3kWtgENCOcCFHktYJ1gMC+mCwDqIRF8EgACJD6vCWdyzmnsttF+0fL07OjkFbB
4rQtDgvGNcrcZFjCdUkDc7CoWyg4ubD/zDVPW6Bpy4c0e7SciJXzmzQP0E1mL/oT
Oma0ibHff88=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:26 2025 by rpki-client