Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/dqWEGC39SPVQnBojnDIFWdGkd2I.roa
File: dqWEGC39SPVQnBojnDIFWdGkd2I.roa (raw, json)
Hash identifier: EFnxTEo/K6vG1Ht53StZJd7vKzGtD8rAgbmeZ3ACxz4=
Subject key identifier: 76:A5:84:18:2D:FD:48:F5:50:9C:1A:23:9C:32:05:59:D1:A4:77:62
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A43C1F0F136C4C027701054892CDB
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/dqWEGC39SPVQnBojnDIFWdGkd2I.roa
Signing time: Wed 01 Jan 2025 19:49:14 +0000
ROA not before: Wed 01 Jan 2025 19:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52423
IP address blocks: 185.184.141.0/24 maxlen: 32
185.185.248.0/24 maxlen: 24
185.185.249.0/24 maxlen: 24
185.190.80.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 07 Feb 2025 02:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:43:c1:f0:f1:36:c4:c0:27:70:10:54:89:2c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76a584182dfd48f5509c1a239c320559d1a47762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6c:16:a7:29:57:ee:f2:eb:0f:12:30:15:14:
38:ed:71:58:db:b8:de:1c:41:b9:ca:98:32:7f:df:
2b:c8:bc:99:86:77:ea:fb:d4:0e:01:88:8d:51:3e:
42:06:24:5f:99:1f:2a:d1:ed:95:49:f9:f3:31:b1:
84:cd:c2:22:ee:6b:3e:05:4b:2e:37:22:56:fa:0b:
fe:1a:09:9c:61:63:9c:db:dc:ed:57:9d:cf:71:14:
22:c4:66:8d:13:f2:84:69:72:59:a1:4a:35:f3:2f:
e5:28:b9:52:0b:1a:b4:9c:a7:89:2a:73:47:24:63:
39:af:25:97:64:7e:df:ed:9e:ac:f8:a7:d4:df:47:
c4:81:80:d1:d3:80:4f:4e:3f:30:a8:5a:85:db:43:
c7:b4:39:d1:86:f4:9c:a7:cf:13:8c:d9:e4:3a:ac:
aa:f5:fa:61:8d:a2:54:5e:27:ff:a3:7d:eb:f4:05:
21:d8:91:0d:38:a8:34:c7:92:9e:ca:66:01:c5:f8:
24:2a:44:10:82:61:e3:e4:b5:f3:b5:a2:dd:3b:fd:
eb:54:38:f1:5b:42:2d:7c:24:a9:f9:e2:e1:04:53:
23:85:ed:18:38:8f:ca:2a:35:70:51:0f:34:e7:19:
49:6d:24:bd:6d:69:a8:0f:ca:c9:f1:45:c7:b3:0c:
13:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A5:84:18:2D:FD:48:F5:50:9C:1A:23:9C:32:05:59:D1:A4:77:62
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/dqWEGC39SPVQnBojnDIFWdGkd2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.141.0/24
185.185.248.0/23
185.190.80.0/24
Signature Algorithm: sha256WithRSAEncryption
51:76:5a:7f:7a:3f:9c:06:59:a6:e2:0b:01:2a:cc:07:1f:86:
65:89:46:5f:5f:e7:6f:f3:f3:a5:37:41:d9:79:0d:c5:86:76:
85:12:af:67:2c:62:c8:b7:29:27:2d:b3:d3:67:e8:dd:9c:a4:
45:53:74:81:62:73:40:8b:59:b9:1f:25:ce:f9:e0:f2:cb:9d:
39:4f:7b:d0:92:01:7c:6f:ff:6c:72:99:b1:04:c1:fb:80:69:
13:be:4f:a1:96:4b:ee:4d:77:c5:2b:66:59:88:f7:b8:50:8c:
13:67:1f:5c:2a:e0:d8:b3:b8:2b:0f:f6:06:61:59:1e:0d:9f:
e9:dd:4a:26:6c:fe:e0:f7:e0:7a:38:53:94:4c:7d:a8:34:08:
df:75:a3:f6:44:5d:7c:b5:e6:d4:d3:d8:ac:ed:6c:37:cf:87:
f3:d0:5d:2b:a3:df:8f:d2:e4:57:f7:d4:dd:05:d2:62:a6:35:
c2:db:66:05:2d:42:4e:40:f5:e3:b8:29:11:ec:4d:24:60:76:
8d:94:11:2b:7d:82:a6:11:0c:52:5c:8f:e0:ec:9d:29:74:6b:
cc:d7:22:8e:19:df:a0:0a:2b:51:bc:3a:6a:39:bf:91:c4:d3:
d1:bc:c3:ba:22:77:bf:43:2b:de:f4:aa:48:ad:53:b3:76:c8:
d3:80:a1:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjakPB8PE2xMAncBBUiSzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmE1ODQxODJkZmQ0OGY1NTA5YzFhMjM5YzMyMDU1OWQxYTQ3NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmwWpylX7vLrDxIwFRQ47XFY27je
HEG5ypgyf98ryLyZhnfq+9QOAYiNUT5CBiRfmR8q0e2VSfnzMbGEzcIi7ms+BUsu
NyJW+gv+GgmcYWOc29ztV53PcRQixGaNE/KEaXJZoUo18y/lKLlSCxq0nKeJKnNH
JGM5ryWXZH7f7Z6s+KfU30fEgYDR04BPTj8wqFqF20PHtDnRhvScp88TjNnkOqyq
9fphjaJUXif/o33r9AUh2JENOKg0x5KeymYBxfgkKkQQgmHj5LXztaLdO/3rVDjx
W0ItfCSp+eLhBFMjhe0YOI/KKjVwUQ805xlJbSS9bWmoD8rJ8UXHswwTCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHalhBgt/Uj1UJwaI5wyBVnRpHdiMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvZHFXRUdDMzlTUFZRbkJvam5ESUZXZEdrZDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAubiNAwQB
ubn4AwQAub5QMA0GCSqGSIb3DQEBCwUAA4IBAQBRdlp/ej+cBlmm4gsBKswHH4Zl
iUZfX+dv8/OlN0HZeQ3FhnaFEq9nLGLItyknLbPTZ+jdnKRFU3SBYnNAi1m5HyXO
+eDyy505T3vQkgF8b/9scpmxBMH7gGkTvk+hlkvuTXfFK2ZZiPe4UIwTZx9cKuDY
s7grD/YGYVkeDZ/p3UombP7g9+B6OFOUTH2oNAjfdaP2RF18tebU09is7Ww3z4fz
0F0ro9+P0uRX99TdBdJipjXC22YFLUJOQPXjuCkR7E0kYHaNlBErfYKmEQxSXI/g
7J0pdGvM1yKOGd+gCitRvDpqOb+RxNPRvMO6Ine/Qyve9KpIrVOzdsjTgKFL
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:15:26 2025 by rpki-client