Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/Qqg9eqagY2OCtlh4W2g7NHT_CAw.roa
File: Qqg9eqagY2OCtlh4W2g7NHT_CAw.roa (raw, json)
Hash identifier: nt7GYXL/R0kwwbVoVGaPkCkNTAlz1ruqIXPwoIsAnQI=
Subject key identifier: 42:A8:3D:7A:A6:A0:63:63:82:B6:58:78:5B:68:3B:34:74:FF:08:0C
Certificate issuer: /CN=9a5550e908a9b9688c29aac9895353dea836c45a
Certificate serial: 018CC64AA89ED9E8E73897CE5E7F487E8AF3
Authority key identifier: 9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/Qqg9eqagY2OCtlh4W2g7NHT_CAw.roa
Signing time: Mon 01 Jan 2024 18:30:30 +0000
ROA not before: Mon 01 Jan 2024 18:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.11.126.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:a8:9e:d9:e8:e7:38:97:ce:5e:7f:48:7e:8a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a5550e908a9b9688c29aac9895353dea836c45a
Validity
Not Before: Jan 1 18:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42a83d7aa6a0636382b658785b683b3474ff080c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:df:5a:71:a2:69:fd:03:41:4c:7a:15:43:9e:
59:64:0b:bb:3e:71:e5:d2:ef:06:64:ea:f9:61:23:
59:3f:bb:3a:f9:57:48:aa:17:62:b7:b3:f5:05:30:
36:85:dd:6b:05:dd:9b:de:49:0b:89:d5:a1:ee:27:
b4:cc:0c:b2:c4:bc:0d:3e:65:12:51:46:69:d3:9e:
28:33:f6:6c:46:57:29:54:28:71:d1:4f:1f:71:d5:
3c:1f:da:a2:2f:dc:4c:4d:32:ec:dc:a4:d9:f0:02:
bf:bd:05:9e:21:6a:f0:b0:37:c5:fd:31:78:c3:92:
c0:e4:01:da:ef:89:b2:aa:f4:ce:f4:3f:a3:79:b9:
1a:2b:82:0a:2b:e6:bb:08:1a:cd:52:30:73:e4:bd:
44:5f:9d:55:47:58:c5:23:57:3e:b3:b8:2f:f6:bf:
ec:f4:9c:fd:02:47:88:2c:ff:f1:56:54:3b:9c:88:
b2:20:c1:13:9b:9c:96:ee:0b:91:01:68:c9:49:2d:
1c:88:d5:9d:53:07:ad:f9:37:ab:35:64:bc:4c:e9:
34:e4:dc:79:0f:3b:b9:d9:c9:57:09:cd:ea:f9:31:
ff:9a:c9:9f:92:94:a8:7b:e5:a7:2a:47:fd:f3:d3:
f7:9d:aa:34:b7:d5:4f:fd:8a:f6:76:59:73:ff:dc:
d1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A8:3D:7A:A6:A0:63:63:82:B6:58:78:5B:68:3B:34:74:FF:08:0C
X509v3 Authority Key Identifier:
keyid:9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/Qqg9eqagY2OCtlh4W2g7NHT_CAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:12:ee:ba:2d:7e:20:c9:90:1d:56:06:5e:18:74:48:2a:81:
3e:ac:38:e7:24:c4:09:19:b1:3d:fe:bb:55:38:bd:2c:14:b8:
8e:b8:e7:d1:5b:7a:1a:0b:d6:7a:e3:20:a8:a4:47:c8:a0:25:
28:e8:9f:94:e1:22:d6:16:ad:d9:9c:f2:aa:05:ee:b9:cf:dc:
80:ca:b2:f6:e1:c6:63:9d:8e:f6:34:26:d9:d7:f0:51:13:f2:
54:54:9f:c9:fa:6d:c5:15:fe:4a:4c:e4:e3:68:e7:20:64:6d:
b3:cc:44:26:16:81:fb:80:92:e8:e0:cd:ac:47:6f:c8:22:c8:
a5:72:07:7c:3c:68:99:8a:6a:20:f6:fe:68:41:fa:5a:32:54:
2c:a6:30:14:ca:ae:4e:a0:24:3f:8f:c5:16:71:29:1b:6d:f6:
2d:31:11:6b:ea:45:ff:b5:e8:ac:42:ca:5a:dc:17:f0:5d:15:
e5:44:f6:65:50:ab:f2:96:54:45:82:68:db:b7:36:21:a6:c6:
87:66:63:90:89:e3:3a:84:18:dd:a6:e5:80:5d:e1:ff:2c:04:
63:97:cc:be:22:87:99:ef:22:4d:dd:1a:f8:dc:c2:e6:a0:8b:
37:8a:02:0b:53:7e:22:b1:53:75:30:a3:a4:c2:e1:44:d6:f7:
5a:c8:05:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSqie2ejnOJfOXn9IforzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTU1MGU5MDhhOWI5Njg4YzI5YWFjOTg5NTM1M2RlYTgz
NmM0NWEwHhcNMjQwMTAxMTgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmE4M2Q3YWE2YTA2MzYzODJiNjU4Nzg1YjY4M2IzNDc0ZmYwODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl99acaJp/QNBTHoVQ55ZZAu7PnHl
0u8GZOr5YSNZP7s6+VdIqhdit7P1BTA2hd1rBd2b3kkLidWh7ie0zAyyxLwNPmUS
UUZp054oM/ZsRlcpVChx0U8fcdU8H9qiL9xMTTLs3KTZ8AK/vQWeIWrwsDfF/TF4
w5LA5AHa74myqvTO9D+jebkaK4IKK+a7CBrNUjBz5L1EX51VR1jFI1c+s7gv9r/s
9Jz9AkeILP/xVlQ7nIiyIMETm5yW7guRAWjJSS0ciNWdUwet+TerNWS8TOk05Nx5
Dzu52clXCc3q+TH/msmfkpSoe+WnKkf989P3nao0t9VP/Yr2dllz/9zRQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEKoPXqmoGNjgrZYeFtoOzR0/wgMMB8GA1UdIwQY
MBaAFJpVUOkIqblojCmqyYlTU96oNsRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTIt
MTM5OWEyODIyMjdhLzEvUXFnOWVxYWdZMk9DdGxoNFcyZzdOSFRfQ0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTItMTM5OWEyODIyMjdh
LzEvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQt+MA0G
CSqGSIb3DQEBCwUAA4IBAQANEu66LX4gyZAdVgZeGHRIKoE+rDjnJMQJGbE9/rtV
OL0sFLiOuOfRW3oaC9Z64yCopEfIoCUo6J+U4SLWFq3ZnPKqBe65z9yAyrL24cZj
nY72NCbZ1/BRE/JUVJ/J+m3FFf5KTOTjaOcgZG2zzEQmFoH7gJLo4M2sR2/IIsil
cgd8PGiZimog9v5oQfpaMlQspjAUyq5OoCQ/j8UWcSkbbfYtMRFr6kX/teisQspa
3BfwXRXlRPZlUKvyllRFgmjbtzYhpsaHZmOQieM6hBjdpuWAXeH/LARjl8y+IoeZ
7yJN3Rr43MLmoIs3igILU34isVN1MKOkwuFE1vdayAVL
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:50:15 2025 by rpki-client