Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/QcYXgmX4csjnHkvftKjSKHUoYOw.roa
File: QcYXgmX4csjnHkvftKjSKHUoYOw.roa (raw, json)
Hash identifier: opywyWJsDG4elFKe1LhKrjvVZrEk3AqW/Gn+fQIA3Ok=
Subject key identifier: 41:C6:17:82:65:F8:72:C8:E7:1E:4B:DF:B4:A8:D2:28:75:28:60:EC
Certificate issuer: /CN=8cad303bc70b12f83dbf89fc1489cb4612cf5526
Certificate serial: 0193D171531F173045B664323325A64AB79F
Authority key identifier: 8C:AD:30:3B:C7:0B:12:F8:3D:BF:89:FC:14:89:CB:46:12:CF:55:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jK0wO8cLEvg9v4n8FInLRhLPVSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/QcYXgmX4csjnHkvftKjSKHUoYOw.roa
Signing time: Mon 16 Dec 2024 21:48:05 +0000
ROA not before: Mon 16 Dec 2024 21:48:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29584
IP address blocks: 82.194.0.0/24 maxlen: 24
82.194.1.0/24 maxlen: 24
82.194.2.0/24 maxlen: 24
82.194.3.0/24 maxlen: 24
82.194.4.0/23 maxlen: 23
82.194.6.0/24 maxlen: 24
82.194.7.0/24 maxlen: 24
82.194.8.0/24 maxlen: 24
82.194.9.0/24 maxlen: 24
82.194.10.0/24 maxlen: 24
82.194.11.0/24 maxlen: 24
82.194.12.0/24 maxlen: 24
82.194.13.0/24 maxlen: 24
82.194.14.0/24 maxlen: 24
82.194.15.0/24 maxlen: 24
82.194.16.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Dec 2024 07:20:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d1:71:53:1f:17:30:45:b6:64:32:33:25:a6:4a:b7:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cad303bc70b12f83dbf89fc1489cb4612cf5526
Validity
Not Before: Dec 16 21:48:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41c6178265f872c8e71e4bdfb4a8d228752860ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:96:72:f5:a9:28:cb:c7:ac:14:e9:df:23:89:
a0:e1:5e:6e:12:d0:4d:a4:e2:f9:74:02:1e:6a:10:
c0:75:0a:8a:9f:07:cb:41:a3:8a:2f:8b:6c:e8:2f:
96:da:a6:76:6c:35:2a:5f:c1:24:99:12:5b:ee:95:
07:09:03:7c:1e:ca:b4:04:10:b5:c6:e4:21:6d:e5:
68:0c:57:a6:59:03:3f:03:fe:db:5a:bb:ce:23:c0:
5d:0f:7b:3d:5a:25:70:8a:6e:1b:41:d3:cf:2c:5a:
ff:66:14:c7:94:6b:ed:b7:4a:7f:d1:a6:17:79:0a:
f8:f8:e7:c1:24:71:7f:5c:9f:79:d1:8c:f4:4a:d0:
d3:a7:7f:29:e5:58:d9:96:ab:dd:fd:cd:ab:42:e7:
a8:d7:88:7e:ad:e3:15:8e:d9:b5:df:2f:67:5c:c3:
b5:d5:9b:02:8c:33:92:cd:5f:5a:a3:b5:64:c0:a2:
95:b2:c8:ca:14:e5:e3:50:20:9b:21:b3:52:9c:43:
8d:f3:20:45:d0:c0:82:42:a4:ef:1f:31:d8:38:0f:
63:56:73:3d:31:b0:0c:48:61:ff:72:b4:ba:73:8e:
f1:40:13:3f:ca:a0:c1:01:40:0b:99:cc:41:61:2a:
be:4e:bb:a5:18:8a:d5:0a:68:2a:e7:5c:9f:2b:bc:
1f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C6:17:82:65:F8:72:C8:E7:1E:4B:DF:B4:A8:D2:28:75:28:60:EC
X509v3 Authority Key Identifier:
keyid:8C:AD:30:3B:C7:0B:12:F8:3D:BF:89:FC:14:89:CB:46:12:CF:55:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jK0wO8cLEvg9v4n8FInLRhLPVSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/QcYXgmX4csjnHkvftKjSKHUoYOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1d3f9e-9a6c-4c86-a036-482555452831/1/jK0wO8cLEvg9v4n8FInLRhLPVSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.0.0/19
Signature Algorithm: sha256WithRSAEncryption
88:16:4b:f6:9e:21:94:89:16:df:2f:c7:16:4f:71:f3:b4:4b:
63:7a:fd:40:a5:81:25:6e:e5:ad:41:70:58:8f:7e:ee:18:9f:
a6:29:6e:98:cb:cb:e2:ae:c1:a2:7f:9d:0f:86:58:52:86:c5:
0c:1b:88:52:9d:d9:59:47:41:0d:e6:1d:4e:f7:7b:38:e9:9c:
b1:db:a5:a5:04:2f:16:16:5c:36:45:9d:f8:ee:76:f0:77:c9:
c8:ae:c6:7a:a8:2f:3b:f4:8e:96:c9:a3:44:3a:29:3e:05:73:
77:e3:7d:bb:df:b7:53:21:93:c8:7f:97:8f:48:36:76:70:4e:
c0:d4:aa:2a:38:16:45:5e:b8:ef:62:13:a4:4b:ea:26:f1:d8:
fa:2f:bd:7c:e5:0a:70:a2:d1:83:a0:a9:dc:57:ce:9d:e9:73:
22:24:bd:5d:50:34:ca:5d:c8:00:39:52:4d:51:b5:f4:1b:53:
a4:f7:e5:6e:fa:ea:fc:7c:6c:7c:6f:20:46:cc:16:1b:06:05:
1a:7a:38:3d:7a:b0:84:ce:bd:6d:13:6c:1f:fa:30:89:7f:9d:
71:ad:0c:14:78:40:d7:37:22:1d:6e:73:4a:ae:8b:dc:47:16:
67:04:af:8f:6b:b0:46:cf:96:e2:81:e1:d7:ef:99:bf:e2:00:
40:64:ac:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPRcVMfFzBFtmQyMyWmSrefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjYWQzMDNiYzcwYjEyZjgzZGJmODlmYzE0ODljYjQ2MTJj
ZjU1MjYwHhcNMjQxMjE2MjE0ODA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM2MTc4MjY1Zjg3MmM4ZTcxZTRiZGZiNGE4ZDIyODc1Mjg2MGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJZy9akoy8esFOnfI4mg4V5uEtBN
pOL5dAIeahDAdQqKnwfLQaOKL4ts6C+W2qZ2bDUqX8EkmRJb7pUHCQN8Hsq0BBC1
xuQhbeVoDFemWQM/A/7bWrvOI8BdD3s9WiVwim4bQdPPLFr/ZhTHlGvtt0p/0aYX
eQr4+OfBJHF/XJ950Yz0StDTp38p5VjZlqvd/c2rQueo14h+reMVjtm13y9nXMO1
1ZsCjDOSzV9ao7VkwKKVssjKFOXjUCCbIbNSnEON8yBF0MCCQqTvHzHYOA9jVnM9
MbAMSGH/crS6c47xQBM/yqDBAUALmcxBYSq+TrulGIrVCmgq51yfK7wf3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHGF4Jl+HLI5x5L37So0ih1KGDsMB8GA1UdIwQY
MBaAFIytMDvHCxL4Pb+J/BSJy0YSz1UmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakswd084Y0xFdmc5djRuOEZJbkxSaExQVlNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8xZDNmOWUtOWE2Yy00Yzg2LWEwMzYt
NDgyNTU1NDUyODMxLzEvUWNZWGdtWDRjc2puSGt2ZnRLalNLSFVvWU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8xZDNmOWUtOWE2Yy00Yzg2LWEwMzYtNDgyNTU1NDUyODMx
LzEvakswd084Y0xFdmc5djRuOEZJbkxSaExQVlNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFUsIAMA0G
CSqGSIb3DQEBCwUAA4IBAQCIFkv2niGUiRbfL8cWT3HztEtjev1ApYElbuWtQXBY
j37uGJ+mKW6Yy8virsGif50PhlhShsUMG4hSndlZR0EN5h1O93s46Zyx26WlBC8W
Flw2RZ347nbwd8nIrsZ6qC879I6WyaNEOik+BXN3432737dTIZPIf5ePSDZ2cE7A
1KoqOBZFXrjvYhOkS+om8dj6L7185QpwotGDoKncV86d6XMiJL1dUDTKXcgAOVJN
UbX0G1Ok9+Vu+ur8fGx8byBGzBYbBgUaejg9erCEzr1tE2wf+jCJf51xrQwUeEDX
NyIdbnNKrovcRxZnBK+Pa7BGz5bigeHX75m/4gBAZKwZ
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:02:16 2025 by rpki-client