Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/53f9bd-7f54-4bd2-b5a4-e584cd5f8d11/1/q15ra4RXD0GyJOlazSwyXD2m-ug.roa
File: q15ra4RXD0GyJOlazSwyXD2m-ug.roa (raw, json)
Hash identifier: pPbZvwXwxWUz7qUwxOF2A8uVnHp4zaDqamAKijFTlME=
Subject key identifier: AB:5E:6B:6B:84:57:0F:41:B2:24:E9:5A:CD:2C:32:5C:3D:A6:FA:E8
Certificate issuer: /CN=8f9805f64801dd93599414a62509b12a5402f868
Certificate serial: 0191EA74CC4B04DD8720DA5E72163D446E8D
Authority key identifier: 8F:98:05:F6:48:01:DD:93:59:94:14:A6:25:09:B1:2A:54:02:F8:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j5gF9kgB3ZNZlBSmJQmxKlQC-Gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/53f9bd-7f54-4bd2-b5a4-e584cd5f8d11/1/q15ra4RXD0GyJOlazSwyXD2m-ug.roa
Signing time: Fri 13 Sep 2024 08:16:48 +0000
ROA not before: Fri 13 Sep 2024 08:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214254
IP address blocks: 194.116.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ea:74:cc:4b:04:dd:87:20:da:5e:72:16:3d:44:6e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f9805f64801dd93599414a62509b12a5402f868
Validity
Not Before: Sep 13 08:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab5e6b6b84570f41b224e95acd2c325c3da6fae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ac:55:a9:77:83:7e:32:9a:17:55:e0:69:ce:
2d:f1:b8:dd:a9:1c:1b:5b:49:49:93:9c:8d:8e:21:
c5:05:f2:05:16:ab:c7:c0:fa:6d:77:bd:46:9c:84:
cf:b9:e6:bc:2a:48:26:61:bf:87:55:64:c9:4e:55:
2f:8f:e1:74:5c:fa:4f:6d:34:40:cc:7e:44:06:eb:
c1:e5:c4:7e:79:70:10:b8:b6:2f:8a:43:97:4c:96:
aa:48:48:cb:a1:cb:eb:ef:60:e6:0f:96:0b:d7:6f:
a6:c1:f6:89:76:75:7f:de:1e:c2:f3:b1:ad:cf:fc:
32:50:74:ea:5c:31:b6:b2:bd:76:b4:fc:1e:f5:e9:
d3:80:7b:0d:ff:ba:f2:42:91:9c:50:af:1c:67:67:
6f:3f:df:a3:26:ab:7a:8c:bd:a8:21:65:91:a6:28:
3e:30:86:fc:80:be:f2:8e:85:fa:42:52:b1:f7:ba:
4a:c5:30:36:1f:b9:3f:4a:b9:c8:d4:1f:e8:36:71:
e9:9a:e3:a2:27:b5:dd:7c:c8:35:54:3d:41:15:e5:
22:42:34:a7:ed:ad:f4:35:40:b3:a5:bf:c7:d8:8d:
23:f4:e3:0e:17:29:0e:1c:62:32:3b:94:e4:76:fc:
53:52:1a:00:37:a4:9e:3c:78:49:ae:2a:09:2d:b6:
87:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5E:6B:6B:84:57:0F:41:B2:24:E9:5A:CD:2C:32:5C:3D:A6:FA:E8
X509v3 Authority Key Identifier:
keyid:8F:98:05:F6:48:01:DD:93:59:94:14:A6:25:09:B1:2A:54:02:F8:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j5gF9kgB3ZNZlBSmJQmxKlQC-Gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/53f9bd-7f54-4bd2-b5a4-e584cd5f8d11/1/q15ra4RXD0GyJOlazSwyXD2m-ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/53f9bd-7f54-4bd2-b5a4-e584cd5f8d11/1/j5gF9kgB3ZNZlBSmJQmxKlQC-Gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.146.0/24
Signature Algorithm: sha256WithRSAEncryption
76:73:0a:28:10:ca:95:db:f0:c6:38:65:d9:69:39:43:e2:ff:
24:1c:0b:ad:e4:d1:58:b5:e1:36:18:30:af:04:a5:e3:b8:66:
d8:bb:f9:a2:93:ca:f8:fa:f4:7d:b3:1c:33:f1:bf:9a:b8:2e:
f9:e6:a0:e2:40:54:17:4c:f4:3e:53:92:13:79:1f:fc:32:e4:
1e:6a:60:e5:f6:22:79:d9:8c:cd:df:8f:3d:00:a7:bf:bc:b0:
c5:b1:06:52:24:28:39:5f:7c:98:cd:45:03:1c:27:b9:e2:bb:
a3:5f:f8:1f:64:e4:c9:58:6d:59:8d:3c:78:bd:bc:69:1d:f8:
ed:27:f3:4f:ed:4b:ea:cb:b6:60:77:b3:4e:e0:2d:0c:31:c3:
99:90:e8:df:47:9c:22:84:cc:24:00:06:a4:ab:1c:2d:a6:8c:
18:68:c7:1a:cf:13:f3:8b:21:43:06:61:9b:21:b5:c1:e8:b9:
47:1c:c1:66:e3:6e:27:25:5a:7c:cd:4d:ee:9e:79:48:ae:a5:
c7:eb:c0:45:0d:b8:f5:a6:f1:e1:cc:5b:df:9a:ed:63:ea:4a:
96:18:47:01:df:d2:40:33:86:64:b1:cd:f6:15:b0:7a:73:c9:
53:a3:04:94:57:41:31:86:cb:fe:eb:3a:7e:bf:3f:55:ac:7c:
40:76:e1:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHqdMxLBN2HINpechY9RG6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOTgwNWY2NDgwMWRkOTM1OTk0MTRhNjI1MDliMTJhNTQw
MmY4NjgwHhcNMjQwOTEzMDgxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjVlNmI2Yjg0NTcwZjQxYjIyNGU5NWFjZDJjMzI1YzNkYTZmYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaxVqXeDfjKaF1Xgac4t8bjdqRwb
W0lJk5yNjiHFBfIFFqvHwPptd71GnITPuea8KkgmYb+HVWTJTlUvj+F0XPpPbTRA
zH5EBuvB5cR+eXAQuLYvikOXTJaqSEjLocvr72DmD5YL12+mwfaJdnV/3h7C87Gt
z/wyUHTqXDG2sr12tPwe9enTgHsN/7ryQpGcUK8cZ2dvP9+jJqt6jL2oIWWRpig+
MIb8gL7yjoX6QlKx97pKxTA2H7k/SrnI1B/oNnHpmuOiJ7XdfMg1VD1BFeUiQjSn
7a30NUCzpb/H2I0j9OMOFykOHGIyO5TkdvxTUhoAN6SePHhJrioJLbaH/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtea2uEVw9BsiTpWs0sMlw9pvroMB8GA1UdIwQY
MBaAFI+YBfZIAd2TWZQUpiUJsSpUAvhoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajVnRjlrZ0IzWk5abEJTbUpRbXhLbFFDLUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81M2Y5YmQtN2Y1NC00YmQyLWI1YTQt
ZTU4NGNkNWY4ZDExLzEvcTE1cmE0UlhEMEd5Sk9sYXpTd3lYRDJtLXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81M2Y5YmQtN2Y1NC00YmQyLWI1YTQtZTU4NGNkNWY4ZDEx
LzEvajVnRjlrZ0IzWk5abEJTbUpRbXhLbFFDLUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnSSMA0G
CSqGSIb3DQEBCwUAA4IBAQB2cwooEMqV2/DGOGXZaTlD4v8kHAut5NFYteE2GDCv
BKXjuGbYu/mik8r4+vR9sxwz8b+auC755qDiQFQXTPQ+U5ITeR/8MuQeamDl9iJ5
2YzN3489AKe/vLDFsQZSJCg5X3yYzUUDHCe54rujX/gfZOTJWG1ZjTx4vbxpHfjt
J/NP7Uvqy7Zgd7NO4C0MMcOZkOjfR5wihMwkAAakqxwtpowYaMcazxPziyFDBmGb
IbXB6LlHHMFm424nJVp8zU3unnlIrqXH68BFDbj1pvHhzFvfmu1j6kqWGEcB39JA
M4Zksc32FbB6c8lTowSUV0Exhsv+6zp+vz9VrHxAduG8
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:21:27 2025 by rpki-client