Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/qv6UF8PDmnwRrJWky4gAjD3LwIQ.roa
File: qv6UF8PDmnwRrJWky4gAjD3LwIQ.roa (raw, json)
Hash identifier: nGYHN4/zKckhPQWWIlRJQK++vt8PgOpa9k2vtUnQU04=
Subject key identifier: AA:FE:94:17:C3:C3:9A:7C:11:AC:95:A4:CB:88:00:8C:3D:CB:C0:84
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018ED129E2D46FEC0F4FB88FAF279E99F77E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/qv6UF8PDmnwRrJWky4gAjD3LwIQ.roa
Signing time: Fri 12 Apr 2024 07:16:06 +0000
ROA not before: Fri 12 Apr 2024 07:16:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 192.36.247.0/24 maxlen: 24
192.71.84.0/24 maxlen: 24
192.71.254.0/23 maxlen: 24
192.71.255.0/24 maxlen: 24
193.182.113.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Apr 2024 07:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:29:e2:d4:6f:ec:0f:4f:b8:8f:af:27:9e:99:f7:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 12 07:16:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aafe9417c3c39a7c11ac95a4cb88008c3dcbc084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a5:fb:02:49:83:e6:95:94:1f:a6:fd:3a:a6:
7c:15:72:93:e0:84:f7:5e:57:65:7d:f9:c7:02:e9:
d0:6c:44:c6:1f:96:b4:fe:c6:09:82:30:32:17:e0:
4f:5e:4c:3b:24:a4:5c:cd:b1:54:a0:09:fb:a6:92:
84:49:ca:70:26:af:03:e5:06:f9:0c:ca:f7:6c:1c:
12:1e:fa:cf:1e:49:ff:13:5d:27:5b:93:b4:8b:4e:
c2:72:ed:4d:28:b1:35:8b:3a:ee:95:90:23:de:37:
26:86:c1:7e:0f:bd:3f:9f:ed:5c:36:a6:f5:e6:dd:
38:1c:00:36:ea:98:fe:3c:0c:33:47:f1:bb:ee:63:
b0:f0:30:61:1a:51:84:3c:d4:f2:1d:ac:2b:d4:6a:
bc:71:65:b7:a1:fa:c7:e2:30:66:f9:1c:fc:4e:b9:
a8:c4:cc:e8:33:30:19:d8:2c:6c:a4:d0:b4:69:04:
05:48:fb:56:8c:ac:c2:d2:b7:58:07:b3:bc:5b:63:
61:cf:6e:83:5e:75:2a:d9:f1:01:81:65:b6:8e:46:
7c:cf:5a:ab:f8:49:75:bc:cc:f4:ab:81:75:ed:e2:
ab:95:6e:3d:fe:6c:89:8d:1f:15:a3:87:00:2f:29:
c2:17:94:16:87:14:fa:48:3a:ab:c8:20:74:b8:cb:
fe:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FE:94:17:C3:C3:9A:7C:11:AC:95:A4:CB:88:00:8C:3D:CB:C0:84
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/qv6UF8PDmnwRrJWky4gAjD3LwIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
193.182.113.0/24
193.234.120.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:4e:2b:48:61:43:a1:ef:17:f8:51:0a:67:42:3c:5a:12:86:
15:92:80:08:02:54:53:55:ff:22:4f:d4:c3:df:72:bb:f2:1d:
7e:df:a4:bb:53:f0:30:8f:42:be:19:44:f3:c8:b7:c0:f4:2b:
48:69:64:b3:87:25:aa:5e:18:fa:b4:94:7a:7c:2c:09:03:76:
75:af:a6:b4:8c:69:04:58:38:cd:a2:8b:96:0f:b9:06:82:80:
b9:34:3e:71:74:5f:18:c8:fc:fc:d1:62:5f:83:81:e0:a0:9a:
0d:ed:63:1d:c2:72:83:8a:94:aa:44:80:b7:3d:78:9c:f4:ba:
70:ee:93:92:35:f2:a4:2b:54:bb:18:61:16:c0:89:e3:f7:3e:
d1:ce:27:a4:2a:ef:ef:4b:4c:5d:b4:48:6e:f3:e6:60:ca:6d:
8f:eb:1d:43:cc:cb:cd:9a:64:bb:7e:1e:6d:5a:f6:cc:1c:3a:
b5:ca:47:7e:4e:90:19:58:8f:99:2f:42:15:55:4c:2b:c1:c9:
ca:73:af:0b:05:fc:53:eb:1d:be:2c:66:04:5f:39:48:c6:b7:
7e:56:fe:e1:64:03:5c:f3:d9:dc:fb:de:c7:65:97:e7:9e:7d:
5a:81:a5:e9:17:7d:27:24:f9:b1:3b:ca:32:4a:e4:79:e6:f9:
d4:cb:14:83
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7RKeLUb+wPT7iPryeemfd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNDEyMDcxNjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZlOTQxN2MzYzM5YTdjMTFhYzk1YTRjYjg4MDA4YzNkY2JjMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaX7AkmD5pWUH6b9OqZ8FXKT4IT3
XldlffnHAunQbETGH5a0/sYJgjAyF+BPXkw7JKRczbFUoAn7ppKEScpwJq8D5Qb5
DMr3bBwSHvrPHkn/E10nW5O0i07Ccu1NKLE1izrulZAj3jcmhsF+D70/n+1cNqb1
5t04HAA26pj+PAwzR/G77mOw8DBhGlGEPNTyHawr1Gq8cWW3ofrH4jBm+Rz8Trmo
xMzoMzAZ2CxspNC0aQQFSPtWjKzC0rdYB7O8W2Nhz26DXnUq2fEBgWW2jkZ8z1qr
+El1vMz0q4F17eKrlW49/myJjR8Vo4cALynCF5QWhxT6SDqryCB0uMv+QwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKr+lBfDw5p8EayVpMuIAIw9y8CEMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvcXY2VUY4UERtbndSckpXa3k0Z0FqRDNMd0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwCT3AwQA
wEdUAwQBwEf+AwQAwbZxAwQCwep4MA0GCSqGSIb3DQEBCwUAA4IBAQB6TitIYUOh
7xf4UQpnQjxaEoYVkoAIAlRTVf8iT9TD33K78h1+36S7U/Awj0K+GUTzyLfA9CtI
aWSzhyWqXhj6tJR6fCwJA3Z1r6a0jGkEWDjNoouWD7kGgoC5ND5xdF8YyPz80WJf
g4HgoJoN7WMdwnKDipSqRIC3PXic9Lpw7pOSNfKkK1S7GGEWwInj9z7RziekKu/v
S0xdtEhu8+Zgym2P6x1DzMvNmmS7fh5tWvbMHDq1ykd+TpAZWI+ZL0IVVUwrwcnK
c68LBfxT6x2+LGYEXzlIxrd+Vv7hZANc89nc+97HZZfnnn1agaXpF30nJPmxO8oy
SuR55vnUyxSD
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:58 2025 by rpki-client