Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QXq-QREJ2__ku_CiU9IRaLrXDq0.roa
File: QXq-QREJ2__ku_CiU9IRaLrXDq0.roa (raw, json)
Hash identifier: Sxo2XRD3W0GRybUsGIYlo/Gbaj2RW+PDS4/Kn0vfTRU=
Subject key identifier: 41:7A:BE:41:11:09:DB:FF:E4:BB:F0:A2:53:D2:11:68:BA:D7:0E:AD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC80303F7BC9539CD823C6C08CE58C658
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QXq-QREJ2__ku_CiU9IRaLrXDq0.roa
Signing time: Tue 02 Jan 2024 02:31:29 +0000
ROA not before: Tue 02 Jan 2024 02:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207448
IP address blocks: 193.235.64.0/24 maxlen: 24
2a01:280:358::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:03:f7:bc:95:39:cd:82:3c:6c:08:ce:58:c6:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=417abe411109dbffe4bbf0a253d21168bad70ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c7:ee:95:0f:4f:ea:59:39:51:32:2b:ad:71:
0b:fc:f7:0b:4f:9b:cf:1c:fb:00:8c:fb:d3:07:71:
0e:57:b5:3f:46:5b:14:b1:8b:d5:fb:69:10:3b:4d:
41:85:71:30:c3:69:1d:18:67:bf:a2:3b:49:5f:bc:
5c:91:28:d7:e6:0a:04:06:7f:0d:59:c7:1c:54:c5:
63:02:d9:06:cd:2a:42:ad:64:a6:30:9d:0a:f3:0c:
cb:e4:25:cd:fd:eb:dd:0c:f5:3a:1b:b0:4b:96:8c:
b3:3c:d1:e3:e8:d9:dd:18:5e:ca:f9:01:65:e8:27:
c3:9f:79:9a:73:ce:f3:42:9c:28:23:f7:eb:09:91:
3a:8d:61:e5:9e:10:1d:cd:98:31:b7:93:e7:c7:cd:
42:5f:23:2c:20:9c:f8:ce:27:f2:9c:08:12:5e:72:
16:c2:ba:33:bc:7c:3e:f0:c4:17:ef:4f:1e:5d:3c:
99:bb:7c:d1:48:4d:1e:f5:0f:c6:c5:69:00:42:7c:
8a:7e:2f:88:6e:c9:ae:f2:13:e2:f1:6d:42:d4:9a:
5d:9b:71:df:f1:5d:d2:79:5d:6e:10:2c:d7:ac:cb:
31:fe:5e:78:87:33:a6:ef:8e:cb:7f:20:f6:b5:d4:
96:95:3e:93:58:78:72:5e:06:9e:37:cd:8f:12:66:
46:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7A:BE:41:11:09:DB:FF:E4:BB:F0:A2:53:D2:11:68:BA:D7:0E:AD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/QXq-QREJ2__ku_CiU9IRaLrXDq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.235.64.0/24
IPv6:
2a01:280:358::/48
Signature Algorithm: sha256WithRSAEncryption
41:ab:7b:f3:9c:c8:e3:0f:1d:81:9f:97:23:26:fc:66:a3:32:
b7:3e:e7:2b:d1:1c:3e:c5:41:41:02:71:5f:0d:2e:c9:07:a4:
39:f5:4f:1d:85:45:14:99:47:fb:58:9c:6c:dd:43:f5:60:22:
50:ad:a2:67:59:e6:7b:8a:41:3b:b7:eb:f8:ff:24:67:da:ed:
57:3a:f4:46:e6:6d:07:f0:a8:35:d9:12:a3:f1:8d:82:5c:e1:
a1:f9:d5:17:60:f3:09:bf:7a:ca:87:95:46:3d:7a:c0:e4:da:
d0:ea:29:0c:d1:d6:a1:e4:92:db:ae:f8:e2:64:1e:f2:83:d0:
be:94:4d:99:00:c8:c7:34:b7:9b:c5:f3:14:12:d7:f1:fc:09:
bb:78:ef:e2:cb:9f:87:8d:e5:52:e8:b0:35:87:87:ca:f2:31:
f3:ec:51:b0:a0:df:84:cf:8d:fb:e0:bf:c3:90:15:14:df:c2:
81:00:b5:00:43:89:42:8d:60:a7:8e:86:e0:5b:08:0a:92:6f:
b3:00:0e:cd:82:98:3b:7a:cc:fe:b1:1d:a2:c0:de:d7:12:ca:
03:da:a9:55:37:98:12:bb:5e:3c:a8:9d:e3:78:7e:59:fc:d6:
d9:08:cc:5c:36:77:fa:fa:2e:0a:31:f3:ec:ad:be:6b:42:03:
8f:5b:94:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAwP3vJU5zYI8bAjOWMZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTdhYmU0MTExMDlkYmZmZTRiYmYwYTI1M2QyMTE2OGJhZDcwZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMfulQ9P6lk5UTIrrXEL/PcLT5vP
HPsAjPvTB3EOV7U/RlsUsYvV+2kQO01BhXEww2kdGGe/ojtJX7xckSjX5goEBn8N
WcccVMVjAtkGzSpCrWSmMJ0K8wzL5CXN/evdDPU6G7BLloyzPNHj6NndGF7K+QFl
6CfDn3mac87zQpwoI/frCZE6jWHlnhAdzZgxt5Pnx81CXyMsIJz4zifynAgSXnIW
wrozvHw+8MQX708eXTyZu3zRSE0e9Q/GxWkAQnyKfi+Ibsmu8hPi8W1C1Jpdm3Hf
8V3SeV1uECzXrMsx/l54hzOm747LfyD2tdSWlT6TWHhyXgaeN82PEmZGjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEF6vkERCdv/5LvwolPSEWi61w6tMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUVhxLVFSRUoyX19rdV9DaVU5SVJhTHJYRHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwetAMA8E
AgACMAkDBwAqAQKAA1gwDQYJKoZIhvcNAQELBQADggEBAEGre/OcyOMPHYGflyMm
/GajMrc+5yvRHD7FQUECcV8NLskHpDn1Tx2FRRSZR/tYnGzdQ/VgIlCtomdZ5nuK
QTu36/j/JGfa7Vc69EbmbQfwqDXZEqPxjYJc4aH51Rdg8wm/esqHlUY9esDk2tDq
KQzR1qHkktuu+OJkHvKD0L6UTZkAyMc0t5vF8xQS1/H8Cbt47+LLn4eN5VLosDWH
h8ryMfPsUbCg34TPjfvgv8OQFRTfwoEAtQBDiUKNYKeOhuBbCAqSb7MADs2CmDt6
zP6xHaLA3tcSygPaqVU3mBK7XjyoneN4fln81tkIzFw2d/r6Lgox8+ytvmtCA49b
lHs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:32:52 2025 by rpki-client