Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/26d6f6-11ee-4a86-bfb9-ddc276acb910/1/q3Tlosm3fR0lpO8mPi1xK2vp4so.roa
File: q3Tlosm3fR0lpO8mPi1xK2vp4so.roa (raw, json)
Hash identifier: MNh1JW4/hoROZyQJ8EuYiVNVw3spSV9ge1rK4wTZ0dE=
Subject key identifier: AB:74:E5:A2:C9:B7:7D:1D:25:A4:EF:26:3E:2D:71:2B:6B:E9:E2:CA
Certificate issuer: /CN=0acd4e2c04c39edb242a67051b8b581263436e79
Certificate serial: 018CC64ACFC28A57E509E95B54A40708BCAC
Authority key identifier: 0A:CD:4E:2C:04:C3:9E:DB:24:2A:67:05:1B:8B:58:12:63:43:6E:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cs1OLATDntskKmcFG4tYEmNDbnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/26d6f6-11ee-4a86-bfb9-ddc276acb910/1/q3Tlosm3fR0lpO8mPi1xK2vp4so.roa
Signing time: Mon 01 Jan 2024 18:30:40 +0000
ROA not before: Mon 01 Jan 2024 18:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60593
IP address blocks: 185.196.134.0/23 maxlen: 24
2a09:a5c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:cf:c2:8a:57:e5:09:e9:5b:54:a4:07:08:bc:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0acd4e2c04c39edb242a67051b8b581263436e79
Validity
Not Before: Jan 1 18:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab74e5a2c9b77d1d25a4ef263e2d712b6be9e2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:35:11:4f:45:13:dd:e2:63:07:0c:58:24:f4:
20:7c:97:d3:76:30:a4:5c:40:1f:01:40:01:90:49:
39:df:f8:62:62:d1:66:4a:e8:d2:14:15:d6:44:3a:
6e:70:5c:1d:3b:85:28:bc:ec:2d:1e:f6:1e:fd:12:
0a:b6:e9:bb:8d:7f:86:c2:aa:4d:2b:10:ca:34:ba:
88:4f:d6:86:9e:df:91:65:53:09:64:df:75:17:fb:
2b:f8:5a:a1:98:48:32:d4:67:fb:fe:29:d1:ab:93:
89:d7:e0:a1:63:7c:00:45:aa:ea:3e:27:20:5d:7b:
7b:7e:0c:a6:35:d8:0a:48:2d:29:84:13:82:62:f3:
45:34:14:fb:7f:e6:29:66:c6:94:d2:17:e8:d6:62:
cf:64:45:87:3b:8b:4a:ea:07:61:dd:52:b6:48:79:
57:5e:65:fd:49:01:61:53:fe:d1:94:d1:ea:03:24:
c2:63:80:c2:05:c4:35:2c:2c:ad:db:61:fb:8f:1f:
5c:e0:bd:da:b1:a1:4b:5e:f3:a7:8b:75:81:60:b0:
52:1b:cb:31:38:55:d2:e2:de:7a:99:ba:68:f9:97:
cc:67:4e:a1:c1:34:b5:91:64:0c:b5:a3:ec:e5:08:
73:77:2e:7d:4f:5e:55:40:a5:73:53:98:d9:fb:8a:
cf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:74:E5:A2:C9:B7:7D:1D:25:A4:EF:26:3E:2D:71:2B:6B:E9:E2:CA
X509v3 Authority Key Identifier:
keyid:0A:CD:4E:2C:04:C3:9E:DB:24:2A:67:05:1B:8B:58:12:63:43:6E:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cs1OLATDntskKmcFG4tYEmNDbnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/26d6f6-11ee-4a86-bfb9-ddc276acb910/1/q3Tlosm3fR0lpO8mPi1xK2vp4so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/26d6f6-11ee-4a86-bfb9-ddc276acb910/1/Cs1OLATDntskKmcFG4tYEmNDbnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.134.0/23
IPv6:
2a09:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:2a:6e:90:74:75:75:c9:62:a4:d9:f0:10:b6:ac:13:c0:48:
52:2b:2c:3a:f7:60:d9:39:2e:ab:ca:04:9f:da:d4:44:17:6f:
9e:c8:f0:3a:cd:c4:55:e3:0d:d6:49:6b:c9:43:71:09:36:51:
be:a4:ee:cf:cb:14:cc:fa:26:83:9f:ad:e7:19:7a:e9:9f:a5:
c6:66:c2:04:3a:75:0d:ee:27:a9:db:2a:cf:e7:4b:ab:3f:17:
6a:e5:89:50:43:3a:5e:6b:bf:a6:ae:c2:c6:f4:5b:a5:5a:8a:
ab:f5:fc:76:9b:6b:ad:07:78:9d:6c:cb:21:6d:f6:29:f1:c4:
b9:40:c8:c1:ff:50:74:0b:f2:40:10:a4:ad:69:e5:87:a5:f9:
55:71:1b:fe:53:99:45:38:8a:37:24:b6:5b:62:d5:54:4a:fe:
64:3f:63:93:9b:88:d5:c4:a1:1a:64:0a:27:03:52:fd:74:3b:
85:0f:ca:7d:7f:75:54:93:9d:73:6d:47:b8:36:a6:97:9d:4a:
b3:3c:00:2c:f0:6f:2a:2c:56:ed:28:34:d0:d2:f9:a6:78:e4:
4b:97:cb:ed:e1:ee:9a:14:6a:5d:0a:72:9a:6a:bd:16:85:be:
ae:a2:c2:5b:0c:e8:3f:38:d2:16:9f:c8:d7:98:01:0c:22:9b:
e7:a5:33:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSs/CilflCelbVKQHCLysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhY2Q0ZTJjMDRjMzllZGIyNDJhNjcwNTFiOGI1ODEyNjM0
MzZlNzkwHhcNMjQwMTAxMTgzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjc0ZTVhMmM5Yjc3ZDFkMjVhNGVmMjYzZTJkNzEyYjZiZTllMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzURT0UT3eJjBwxYJPQgfJfTdjCk
XEAfAUABkEk53/hiYtFmSujSFBXWRDpucFwdO4UovOwtHvYe/RIKtum7jX+GwqpN
KxDKNLqIT9aGnt+RZVMJZN91F/sr+FqhmEgy1Gf7/inRq5OJ1+ChY3wARarqPicg
XXt7fgymNdgKSC0phBOCYvNFNBT7f+YpZsaU0hfo1mLPZEWHO4tK6gdh3VK2SHlX
XmX9SQFhU/7RlNHqAyTCY4DCBcQ1LCyt22H7jx9c4L3asaFLXvOni3WBYLBSG8sx
OFXS4t56mbpo+ZfMZ06hwTS1kWQMtaPs5Qhzdy59T15VQKVzU5jZ+4rPTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKt05aLJt30dJaTvJj4tcStr6eLKMB8GA1UdIwQY
MBaAFArNTiwEw57bJCpnBRuLWBJjQ255MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3MxT0xBVERudHNrS21jRkc0dFlFbU5EYm5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8yNmQ2ZjYtMTFlZS00YTg2LWJmYjkt
ZGRjMjc2YWNiOTEwLzEvcTNUbG9zbTNmUjBscE84bVBpMXhLMnZwNHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8yNmQ2ZjYtMTFlZS00YTg2LWJmYjktZGRjMjc2YWNiOTEw
LzEvQ3MxT0xBVERudHNrS21jRkc0dFlFbU5EYm5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBucSGMA0E
AgACMAcDBQMqCaXAMA0GCSqGSIb3DQEBCwUAA4IBAQCPKm6QdHV1yWKk2fAQtqwT
wEhSKyw692DZOS6rygSf2tREF2+eyPA6zcRV4w3WSWvJQ3EJNlG+pO7PyxTM+iaD
n63nGXrpn6XGZsIEOnUN7iep2yrP50urPxdq5YlQQzpea7+mrsLG9FulWoqr9fx2
m2utB3idbMshbfYp8cS5QMjB/1B0C/JAEKStaeWHpflVcRv+U5lFOIo3JLZbYtVU
Sv5kP2OTm4jVxKEaZAonA1L9dDuFD8p9f3VUk51zbUe4NqaXnUqzPAAs8G8qLFbt
KDTQ0vmmeORLl8vt4e6aFGpdCnKaar0Whb6uosJbDOg/ONIWn8jXmAEMIpvnpTOZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:42 2025 by rpki-client