Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/qPaHocZiMSEJpe3p00P9-zer4AI.roa
File: qPaHocZiMSEJpe3p00P9-zer4AI.roa (raw, json)
Hash identifier: BlE0B/EqMUWihexIUr18XmzUq2A4BsG8Rlr0E636M0A=
Subject key identifier: A8:F6:87:A1:C6:62:31:21:09:A5:ED:E9:D3:43:FD:FB:37:AB:E0:02
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 018CC2DB150056A4D50A6F5C64A9B0E12816
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/qPaHocZiMSEJpe3p00P9-zer4AI.roa
Signing time: Mon 01 Jan 2024 02:29:46 +0000
ROA not before: Mon 01 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209007
IP address blocks: 194.145.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:15:00:56:a4:d5:0a:6f:5c:64:a9:b0:e1:28:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: Jan 1 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8f687a1c662312109a5ede9d343fdfb37abe002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b5:13:c0:da:d5:f9:6f:61:0c:95:3a:84:27:
7c:ad:8f:25:16:f9:d0:d4:f4:53:66:28:c7:c6:27:
cb:a6:38:51:35:5f:08:e0:b6:78:d9:01:8c:04:9e:
a9:6a:83:ef:80:31:ad:d0:52:c2:7b:b4:e1:28:4f:
87:2f:da:a8:12:2b:7a:fe:9d:00:f8:13:ff:f2:4e:
65:74:8f:f4:d5:ac:af:93:02:af:68:ec:69:03:30:
84:e8:36:ce:f7:1d:39:67:af:71:93:69:6a:1e:22:
7b:cb:ae:e1:66:83:09:f4:a0:d1:23:c4:2c:75:cc:
23:88:0b:8e:64:3a:fe:f8:e6:c6:19:f6:4d:af:fd:
c8:92:47:cd:e8:ef:95:05:0f:ec:e0:eb:1d:19:54:
89:53:bc:f0:ed:38:42:8c:ae:a8:f1:fc:35:31:97:
d7:4a:2c:3d:61:08:62:62:de:07:4d:50:e2:19:13:
07:1f:e4:d7:d3:c3:3e:2a:48:ea:2b:01:71:88:ef:
45:5c:8a:df:24:07:be:ae:dd:3d:26:fa:ff:2a:82:
26:fc:b9:c1:ac:c4:f3:35:17:7b:77:e4:29:56:c5:
56:d6:23:60:03:29:a8:4f:4c:ba:c8:cb:73:36:34:
71:5e:7c:21:0a:33:26:71:19:83:91:71:31:70:df:
b5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F6:87:A1:C6:62:31:21:09:A5:ED:E9:D3:43:FD:FB:37:AB:E0:02
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/qPaHocZiMSEJpe3p00P9-zer4AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.145.137.0/24
Signature Algorithm: sha256WithRSAEncryption
89:2a:d1:7a:40:05:21:99:30:9f:bb:c4:41:37:b7:c5:b2:80:
5a:52:8b:28:f8:04:37:c1:24:59:cf:08:fe:18:30:d7:34:74:
82:38:d8:1c:f7:af:bb:66:94:13:a9:b1:af:aa:4c:52:c7:8d:
b6:a9:43:a1:fd:f1:4b:3e:0d:5a:34:9c:cc:46:80:a9:98:ec:
60:28:ba:f7:06:89:d1:49:6d:ba:e8:bf:64:c9:fb:71:76:ac:
07:7f:28:05:35:62:ac:7e:dd:28:f6:21:27:6e:fc:11:9c:ac:
7b:58:00:6f:0a:ad:4c:4b:7a:ae:f0:a4:b3:b6:84:39:c8:84:
4e:6b:99:0d:d0:e2:1a:07:35:6f:bd:01:a8:b8:c6:be:d5:ff:
f9:b6:9f:0a:8a:72:61:c2:e4:01:01:66:52:0f:11:5d:ac:f5:
a0:a4:f2:55:dc:ea:04:bd:d2:82:b5:4f:ba:67:f9:3e:5f:8e:
27:36:0b:10:4f:22:cc:55:7b:fe:96:42:a3:06:6c:50:1b:73:
68:3f:ab:7f:a3:b7:10:fc:4b:6f:ec:de:16:95:8e:5e:0e:8d:
41:29:36:2c:1e:7f:55:c2:56:53:de:c4:56:25:dd:45:d0:2d:
17:52:80:92:20:56:8b:04:84:7b:82:1d:95:9c:5e:11:73:62:
99:66:26:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2xUAVqTVCm9cZKmw4SgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjQwMTAxMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGY2ODdhMWM2NjIzMTIxMDlhNWVkZTlkMzQzZmRmYjM3YWJlMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbUTwNrV+W9hDJU6hCd8rY8lFvnQ
1PRTZijHxifLpjhRNV8I4LZ42QGMBJ6paoPvgDGt0FLCe7ThKE+HL9qoEit6/p0A
+BP/8k5ldI/01ayvkwKvaOxpAzCE6DbO9x05Z69xk2lqHiJ7y67hZoMJ9KDRI8Qs
dcwjiAuOZDr++ObGGfZNr/3IkkfN6O+VBQ/s4OsdGVSJU7zw7ThCjK6o8fw1MZfX
Siw9YQhiYt4HTVDiGRMHH+TX08M+KkjqKwFxiO9FXIrfJAe+rt09Jvr/KoIm/LnB
rMTzNRd7d+QpVsVW1iNgAymoT0y6yMtzNjRxXnwhCjMmcRmDkXExcN+1fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKj2h6HGYjEhCaXt6dND/fs3q+ACMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvcVBhSG9jWmlNU0VKcGUzcDAwUDktemVyNEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpGJMA0G
CSqGSIb3DQEBCwUAA4IBAQCJKtF6QAUhmTCfu8RBN7fFsoBaUoso+AQ3wSRZzwj+
GDDXNHSCONgc96+7ZpQTqbGvqkxSx422qUOh/fFLPg1aNJzMRoCpmOxgKLr3BonR
SW266L9kyftxdqwHfygFNWKsft0o9iEnbvwRnKx7WABvCq1MS3qu8KSztoQ5yIRO
a5kN0OIaBzVvvQGouMa+1f/5tp8KinJhwuQBAWZSDxFdrPWgpPJV3OoEvdKCtU+6
Z/k+X44nNgsQTyLMVXv+lkKjBmxQG3NoP6t/o7cQ/Etv7N4WlY5eDo1BKTYsHn9V
wlZT3sRWJd1F0C0XUoCSIFaLBIR7gh2VnF4Rc2KZZiYz
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:25:11 2025 by rpki-client