Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/QefEQTWYZPNsfu1kCZsDATUnzP0.roa
File: QefEQTWYZPNsfu1kCZsDATUnzP0.roa (raw, json)
Hash identifier: TMh+RaCuw983kVeBwH7nb2llW4pYG5dIZK2T35BsPsc=
Subject key identifier: 41:E7:C4:41:35:98:64:F3:6C:7E:ED:64:09:9B:03:01:35:27:CC:FD
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019428242B20D1CD275D50903010AFA2E396
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/QefEQTWYZPNsfu1kCZsDATUnzP0.roa
Signing time: Thu 02 Jan 2025 17:50:46 +0000
ROA not before: Thu 02 Jan 2025 17:50:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205331
IP address blocks: 5.104.183.0/24 maxlen: 24
91.191.216.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 09:28:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:2b:20:d1:cd:27:5d:50:90:30:10:af:a2:e3:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 2 17:50:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41e7c441359864f36c7eed64099b03013527ccfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:eb:6f:9f:15:c2:35:b3:5c:d4:9b:e7:af:6f:
68:6a:41:de:c5:a7:29:33:e5:a3:b1:d0:50:1e:21:
54:77:82:29:4f:e6:aa:59:2c:6e:43:13:05:93:59:
c3:f3:dd:70:8e:99:ee:83:83:c5:83:07:15:eb:2d:
9d:b1:fe:c4:c7:ab:32:d0:bd:54:b7:e5:e3:42:fd:
d6:39:2d:2f:b1:fa:ed:08:33:30:66:30:76:1d:5b:
f7:43:ba:b3:69:fb:a4:9f:a6:00:2c:2c:5c:3b:85:
f8:de:ed:6c:0f:44:60:2f:21:92:ea:f9:81:bb:6f:
3e:55:a6:cd:cc:da:fc:46:b9:e8:ef:77:12:c8:4b:
69:5c:96:33:e7:ad:1a:89:a4:2d:3e:24:e5:dc:a0:
e5:e9:71:c6:b2:1b:94:f4:e5:b0:48:31:cc:9d:bc:
d3:20:fe:12:36:00:2f:b0:52:84:ec:ef:72:b4:ce:
04:94:03:4d:b0:1d:ce:cc:21:a1:dd:bd:9d:da:02:
ab:23:b9:58:06:46:d0:1f:9b:3d:2c:a7:a9:b1:b7:
23:ac:1f:b5:9f:31:cb:6d:30:5e:4a:6a:cf:09:f9:
9a:d5:28:31:93:27:eb:a8:c4:60:69:72:46:7f:70:
44:ec:2d:4f:cb:1b:30:d6:6f:fa:63:9f:bf:15:d9:
de:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E7:C4:41:35:98:64:F3:6C:7E:ED:64:09:9B:03:01:35:27:CC:FD
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/QefEQTWYZPNsfu1kCZsDATUnzP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.183.0/24
91.191.216.0/23
Signature Algorithm: sha256WithRSAEncryption
02:13:60:9e:19:3d:ba:55:13:61:9d:05:a4:d4:e2:4e:5e:a1:
f7:9a:7f:fd:3a:f1:a6:2b:c5:f6:d8:af:ba:a8:7b:5e:42:7c:
f7:00:ef:b1:fa:32:4b:9b:97:9f:34:bc:36:11:b0:1b:04:ed:
ec:94:23:b9:c6:7e:76:a9:b8:b9:75:56:a9:db:fe:33:c5:fb:
a1:66:4f:ee:40:72:73:58:a9:da:1d:8a:c1:97:e2:a3:ee:d1:
0a:d6:61:9b:f7:69:fb:ae:f6:64:4f:ac:f3:21:a2:0e:02:96:
a6:62:cd:f3:e2:2c:de:f4:a3:5e:83:ba:ae:1d:d8:f2:67:93:
7c:29:fd:b4:6f:ff:1e:85:bd:0a:f7:c2:5e:92:d0:58:4b:3e:
ca:5c:63:f3:9b:34:76:14:91:bf:44:50:9d:43:11:84:ed:a9:
7a:d3:81:3b:02:ca:ea:37:a4:b1:89:4d:6f:52:6e:71:5f:6f:
0d:c4:30:8a:55:2f:df:72:5f:34:39:d0:80:af:4a:4c:ee:0a:
aa:51:69:03:75:62:df:d4:55:71:73:61:a6:4e:12:36:f7:92:
75:d3:8d:77:ed:1e:44:ae:4a:12:c7:fd:1b:43:46:a3:00:0e:
00:3b:b9:e9:1b:45:b0:4a:6e:2d:0d:b4:53:39:84:38:80:f1:
65:94:ec:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJCsg0c0nXVCQMBCvouOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTAyMTc1MDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU3YzQ0MTM1OTg2NGYzNmM3ZWVkNjQwOTliMDMwMTM1MjdjY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+tvnxXCNbNc1Jvnr29oakHexacp
M+WjsdBQHiFUd4IpT+aqWSxuQxMFk1nD891wjpnug4PFgwcV6y2dsf7Ex6sy0L1U
t+XjQv3WOS0vsfrtCDMwZjB2HVv3Q7qzafukn6YALCxcO4X43u1sD0RgLyGS6vmB
u28+VabNzNr8Rrno73cSyEtpXJYz560aiaQtPiTl3KDl6XHGshuU9OWwSDHMnbzT
IP4SNgAvsFKE7O9ytM4ElANNsB3OzCGh3b2d2gKrI7lYBkbQH5s9LKepsbcjrB+1
nzHLbTBeSmrPCfma1SgxkyfrqMRgaXJGf3BE7C1Pyxsw1m/6Y5+/FdneEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEHnxEE1mGTzbH7tZAmbAwE1J8z9MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvUWVmRVFUV1laUE5zZnUxa0Nac0RBVFVuelAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWi3AwQB
W7/YMA0GCSqGSIb3DQEBCwUAA4IBAQACE2CeGT26VRNhnQWk1OJOXqH3mn/9OvGm
K8X22K+6qHteQnz3AO+x+jJLm5efNLw2EbAbBO3slCO5xn52qbi5dVap2/4zxfuh
Zk/uQHJzWKnaHYrBl+Kj7tEK1mGb92n7rvZkT6zzIaIOApamYs3z4ize9KNeg7qu
HdjyZ5N8Kf20b/8ehb0K98JektBYSz7KXGPzmzR2FJG/RFCdQxGE7al604E7Asrq
N6SxiU1vUm5xX28NxDCKVS/fcl80OdCAr0pM7gqqUWkDdWLf1FVxc2GmThI295J1
04137R5ErkoSx/0bQ0ajAA4AO7npG0WwSm4tDbRTOYQ4gPFllOxZ
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:20:21 2025 by rpki-client