Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/QH6PdfYm1ULWj4I3EtK6S2ApgmY.roa
File: QH6PdfYm1ULWj4I3EtK6S2ApgmY.roa (raw, json)
Hash identifier: SeejcTnnT6F4ETjahJjwC5sHOV3vkCnUN6EIhrsHQHU=
Subject key identifier: 40:7E:8F:75:F6:26:D5:42:D6:8F:82:37:12:D2:BA:4B:60:29:82:66
Certificate issuer: /CN=26cf4d53ed5c0a4bd3fe242201a966655c80cc0e
Certificate serial: 018CC8DE4A35EB06CC264AF3242A01BD8847
Authority key identifier: 26:CF:4D:53:ED:5C:0A:4B:D3:FE:24:22:01:A9:66:65:5C:80:CC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Js9NU-1cCkvT_iQiAalmZVyAzA4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/QH6PdfYm1ULWj4I3EtK6S2ApgmY.roa
Signing time: Tue 02 Jan 2024 06:31:00 +0000
ROA not before: Tue 02 Jan 2024 06:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202173
IP address blocks: 185.79.100.0/22 maxlen: 24
91.220.120.0/24 maxlen: 24
2a05:7280::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:4a:35:eb:06:cc:26:4a:f3:24:2a:01:bd:88:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26cf4d53ed5c0a4bd3fe242201a966655c80cc0e
Validity
Not Before: Jan 2 06:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=407e8f75f626d542d68f823712d2ba4b60298266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:72:57:39:ee:da:34:3b:bd:a3:3e:1a:3e:8f:
59:f7:59:ae:e6:09:b9:d4:1b:8a:cf:d4:95:37:3f:
64:a1:0d:08:b4:f4:a5:c6:b9:14:8d:4e:f0:91:b0:
ba:90:9a:d4:26:9f:db:d0:1f:7b:a7:e1:60:17:52:
d1:78:d1:f2:78:71:99:0e:69:24:1d:2f:e0:7c:a2:
c8:dc:5b:1b:8d:b3:40:ff:a6:f4:04:77:8e:47:8d:
ef:b8:ae:36:52:60:a2:b0:a2:be:47:59:98:89:ee:
d8:61:a1:fa:dc:8c:fc:63:37:1a:01:8b:ed:91:f6:
3d:fc:3e:f8:ff:78:1c:0a:83:8f:79:80:2d:24:d1:
73:d9:35:c3:e9:76:72:0c:0f:c5:9e:00:c3:5b:7d:
18:b3:72:b3:a4:52:f6:19:e3:07:70:17:b9:1c:f4:
4a:9a:fe:9f:33:02:95:b2:e2:21:7b:31:fa:ae:b8:
d4:bf:e7:d4:61:20:26:26:1c:ce:ca:fe:8b:d4:ad:
f6:dd:69:a1:a8:85:8a:65:39:00:a0:a4:55:e8:7d:
30:99:4c:f3:76:ea:6e:88:b1:f3:93:68:27:d0:9c:
4c:80:30:b8:1d:5c:12:e9:98:15:e0:23:1b:6d:0e:
5e:e1:d7:ed:aa:44:4b:40:bd:3c:95:a8:f4:76:3c:
0a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7E:8F:75:F6:26:D5:42:D6:8F:82:37:12:D2:BA:4B:60:29:82:66
X509v3 Authority Key Identifier:
keyid:26:CF:4D:53:ED:5C:0A:4B:D3:FE:24:22:01:A9:66:65:5C:80:CC:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Js9NU-1cCkvT_iQiAalmZVyAzA4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/QH6PdfYm1ULWj4I3EtK6S2ApgmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/Js9NU-1cCkvT_iQiAalmZVyAzA4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.120.0/24
185.79.100.0/22
IPv6:
2a05:7280::/32
Signature Algorithm: sha256WithRSAEncryption
69:48:c0:9b:39:00:8b:80:5b:01:5c:f9:6f:62:7b:ab:3d:b4:
7b:db:c8:cc:3b:1a:5c:1b:b1:a3:97:3a:a3:27:11:06:29:66:
e5:84:bb:ae:d5:65:d8:54:6d:ae:d4:db:8f:a0:6e:73:26:87:
7a:1c:24:79:95:54:1d:e8:c6:ac:17:23:bb:b4:ed:87:a8:c0:
e8:f1:3b:03:ce:7b:e8:e5:e2:82:e3:0d:1c:e4:1b:c5:f0:4b:
59:be:68:f7:21:77:2e:d2:b6:dc:a9:69:ae:45:6a:b6:2f:6a:
ef:3e:35:9a:84:5a:55:a0:f4:e0:8a:2a:57:9d:3a:08:21:24:
67:4f:22:93:c6:64:c4:fa:34:4c:9f:c7:ff:dd:53:a3:e7:96:
d2:c5:b8:38:2a:0b:ce:6b:cd:00:be:d3:f8:d9:68:de:0e:00:
47:00:d4:0f:4f:5f:2d:6b:d9:25:c1:a0:4e:9d:d9:8a:36:c2:
16:c9:d6:62:7a:08:74:4c:6a:dc:39:92:dc:18:95:84:ef:3e:
0a:e5:ba:23:79:03:e4:96:52:ac:c9:19:51:e7:26:05:f6:43:
d8:f9:15:be:34:ca:ac:9a:7d:20:df:10:28:47:3e:bf:1d:db:
4e:71:52:09:eb:aa:cf:e2:a2:00:de:fe:2e:08:f1:98:1a:6c:
2e:4e:fb:2b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3ko16wbMJkrzJCoBvYhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2Y2Y0ZDUzZWQ1YzBhNGJkM2ZlMjQyMjAxYTk2NjY1NWM4
MGNjMGUwHhcNMjQwMTAyMDYzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdlOGY3NWY2MjZkNTQyZDY4ZjgyMzcxMmQyYmE0YjYwMjk4MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHJXOe7aNDu9oz4aPo9Z91mu5gm5
1BuKz9SVNz9koQ0ItPSlxrkUjU7wkbC6kJrUJp/b0B97p+FgF1LReNHyeHGZDmkk
HS/gfKLI3FsbjbNA/6b0BHeOR43vuK42UmCisKK+R1mYie7YYaH63Iz8YzcaAYvt
kfY9/D74/3gcCoOPeYAtJNFz2TXD6XZyDA/FngDDW30Ys3KzpFL2GeMHcBe5HPRK
mv6fMwKVsuIhezH6rrjUv+fUYSAmJhzOyv6L1K323WmhqIWKZTkAoKRV6H0wmUzz
dupuiLHzk2gn0JxMgDC4HVwS6ZgV4CMbbQ5e4dftqkRLQL08laj0djwKXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEB+j3X2JtVC1o+CNxLSuktgKYJmMB8GA1UdIwQY
MBaAFCbPTVPtXApL0/4kIgGpZmVcgMwOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnM5TlUtMWNDa3ZUX2lRaUFhbG1aVnlBekE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zZWJjZTUtNzNlMy00ZTNlLTgzYjAt
YTc4OGZkYzcwOTQ4LzEvUUg2UGRmWW0xVUxXajRJM0V0SzZTMkFwZ21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8zZWJjZTUtNzNlMy00ZTNlLTgzYjAtYTc4OGZkYzcwOTQ4
LzEvSnM5TlUtMWNDa3ZUX2lRaUFhbG1aVnlBekE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9x4AwQC
uU9kMA0EAgACMAcDBQAqBXKAMA0GCSqGSIb3DQEBCwUAA4IBAQBpSMCbOQCLgFsB
XPlvYnurPbR728jMOxpcG7GjlzqjJxEGKWblhLuu1WXYVG2u1NuPoG5zJod6HCR5
lVQd6MasFyO7tO2HqMDo8TsDznvo5eKC4w0c5BvF8EtZvmj3IXcu0rbcqWmuRWq2
L2rvPjWahFpVoPTgiipXnToIISRnTyKTxmTE+jRMn8f/3VOj55bSxbg4KgvOa80A
vtP42WjeDgBHANQPT18ta9klwaBOndmKNsIWydZiegh0TGrcOZLcGJWE7z4K5boj
eQPkllKsyRlR5yYF9kPY+RW+NMqsmn0g3xAoRz6/HdtOcVIJ66rP4qIA3v4uCPGY
GmwuTvsr
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:27 2025 by rpki-client