Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CqF3S1r7RZl581pziuWVwT3iC7U.roa
File: CqF3S1r7RZl581pziuWVwT3iC7U.roa (raw, json)
Hash identifier: W2f6V8PnM4cG3N5ivtnJRYBxgpqcbJz4JFMYoIMExuk=
Subject key identifier: 0A:A1:77:4B:5A:FB:45:99:79:F3:5A:73:8A:E5:95:C1:3D:E2:0B:B5
Certificate issuer: /CN=09bb6327cdfa16524dc7d0337138af325fb5e2d9
Certificate serial: 018CC86F70B428FC2672B2B797B16E058E88
Authority key identifier: 09:BB:63:27:CD:FA:16:52:4D:C7:D0:33:71:38:AF:32:5F:B5:E2:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbtjJ836FlJNx9AzcTivMl-14tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CqF3S1r7RZl581pziuWVwT3iC7U.roa
Signing time: Tue 02 Jan 2024 04:29:55 +0000
ROA not before: Tue 02 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207715
IP address blocks: 185.229.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:70:b4:28:fc:26:72:b2:b7:97:b1:6e:05:8e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09bb6327cdfa16524dc7d0337138af325fb5e2d9
Validity
Not Before: Jan 2 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aa1774b5afb459979f35a738ae595c13de20bb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7d:f4:6b:a2:d6:7f:51:af:13:f9:57:c4:7f:
63:ca:80:df:2b:ab:32:8a:ec:29:13:93:9c:c7:09:
2e:20:6a:16:0b:89:57:4d:46:b3:67:7d:b1:3d:c3:
0b:28:d9:13:50:91:4d:31:e1:83:e2:26:30:80:dd:
3e:f4:01:05:af:02:70:da:61:6a:d5:8d:68:a5:1b:
a3:eb:8e:ae:ab:7d:73:fc:18:1b:8b:6d:e0:dc:5d:
3c:81:e6:4d:19:fe:fd:79:bf:a6:1d:93:97:52:15:
39:61:f6:6c:0d:f2:43:e1:4d:48:92:50:fa:50:2a:
df:43:cf:93:2e:b8:29:17:8b:0f:2e:cd:ae:a9:e5:
59:bc:46:62:a3:c5:b8:fb:93:d4:94:43:5f:37:73:
d8:eb:50:3d:48:7b:9f:4b:63:91:25:7c:b3:cd:6d:
42:69:a3:db:79:10:a1:8c:7f:69:eb:aa:36:d3:01:
6f:04:3c:fd:b5:cf:f2:2d:6b:8e:7d:e7:99:11:cd:
36:4e:be:ee:c3:5d:b8:89:91:26:32:bf:78:39:80:
1b:65:54:cd:12:d4:bf:c3:63:53:19:ee:53:49:76:
4c:42:d7:b6:56:62:5d:65:8c:ea:77:eb:34:df:de:
65:99:a9:b9:65:94:91:ed:1a:a9:67:73:e3:48:87:
19:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A1:77:4B:5A:FB:45:99:79:F3:5A:73:8A:E5:95:C1:3D:E2:0B:B5
X509v3 Authority Key Identifier:
keyid:09:BB:63:27:CD:FA:16:52:4D:C7:D0:33:71:38:AF:32:5F:B5:E2:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbtjJ836FlJNx9AzcTivMl-14tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CqF3S1r7RZl581pziuWVwT3iC7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CbtjJ836FlJNx9AzcTivMl-14tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.100.0/22
Signature Algorithm: sha256WithRSAEncryption
21:97:d9:ea:99:b6:00:65:f6:2b:54:9e:e0:24:18:53:cf:da:
15:0c:1c:74:58:54:07:24:0a:54:2e:65:54:81:31:45:9c:7b:
87:d3:36:83:9c:66:4e:23:80:ec:4c:0a:4f:ba:26:8a:3e:f0:
ba:a4:d1:a3:20:ad:1a:35:67:a1:fd:49:6d:7a:2b:df:74:34:
52:0e:30:97:c9:bf:86:f3:d5:ff:e8:d1:dd:78:4f:27:6c:da:
4c:48:ab:50:0b:25:b9:60:13:2f:61:65:18:e7:01:60:ce:53:
ab:db:08:a8:2f:71:21:84:35:08:0b:2c:c2:7c:f1:09:6d:3a:
f1:66:fa:49:b4:d3:54:c7:bf:26:74:dc:17:05:01:5c:16:62:
1f:77:cb:12:df:de:82:51:cd:77:1c:0a:69:e8:fb:a8:b0:18:
3f:c4:ab:b9:b3:cf:28:65:40:36:9d:6d:3f:5d:11:1c:a2:de:
65:aa:de:25:10:15:d9:17:4d:9b:63:e4:74:af:7a:28:d9:fd:
5c:74:1b:ac:35:e7:31:f1:bf:a8:9d:58:be:c4:ec:5e:1b:ee:
85:4a:63:b3:b6:91:9f:bf:f8:3a:51:40:76:f9:98:ec:8a:f9:
a8:1e:08:af:8e:c1:3b:48:7c:e5:28:db:e1:78:14:2e:1f:dd:
64:a0:ab:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb3C0KPwmcrK3l7FuBY6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YmI2MzI3Y2RmYTE2NTI0ZGM3ZDAzMzcxMzhhZjMyNWZi
NWUyZDkwHhcNMjQwMTAyMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWExNzc0YjVhZmI0NTk5NzlmMzVhNzM4YWU1OTVjMTNkZTIwYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi330a6LWf1GvE/lXxH9jyoDfK6sy
iuwpE5OcxwkuIGoWC4lXTUazZ32xPcMLKNkTUJFNMeGD4iYwgN0+9AEFrwJw2mFq
1Y1opRuj646uq31z/Bgbi23g3F08geZNGf79eb+mHZOXUhU5YfZsDfJD4U1IklD6
UCrfQ8+TLrgpF4sPLs2uqeVZvEZio8W4+5PUlENfN3PY61A9SHufS2ORJXyzzW1C
aaPbeRChjH9p66o20wFvBDz9tc/yLWuOfeeZEc02Tr7uw124iZEmMr94OYAbZVTN
EtS/w2NTGe5TSXZMQte2VmJdZYzqd+s0395lmam5ZZSR7RqpZ3PjSIcZmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqhd0ta+0WZefNac4rllcE94gu1MB8GA1UdIwQY
MBaAFAm7YyfN+hZSTcfQM3E4rzJfteLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2J0ako4MzZGbEpOeDlBemNUaXZNbC0xNHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9mZmZkZTEtOWQ4Ny00NDA4LWFjYzIt
ZTczNjAzMjMzMDNjLzEvQ3FGM1MxcjdSWmw1ODFweml1V1Z3VDNpQzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9mZmZkZTEtOWQ4Ny00NDA4LWFjYzItZTczNjAzMjMzMDNj
LzEvQ2J0ako4MzZGbEpOeDlBemNUaXZNbC0xNHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueVkMA0G
CSqGSIb3DQEBCwUAA4IBAQAhl9nqmbYAZfYrVJ7gJBhTz9oVDBx0WFQHJApULmVU
gTFFnHuH0zaDnGZOI4DsTApPuiaKPvC6pNGjIK0aNWeh/UlteivfdDRSDjCXyb+G
89X/6NHdeE8nbNpMSKtQCyW5YBMvYWUY5wFgzlOr2wioL3EhhDUICyzCfPEJbTrx
ZvpJtNNUx78mdNwXBQFcFmIfd8sS396CUc13HApp6PuosBg/xKu5s88oZUA2nW0/
XREcot5lqt4lEBXZF02bY+R0r3oo2f1cdBusNecx8b+onVi+xOxeG+6FSmOztpGf
v/g6UUB2+ZjsivmoHgivjsE7SHzlKNvheBQuH91koKtw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:18 2025 by rpki-client