Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/cQNS8AT2b_ObyfNtpLmI56GmPHs.roa
File: cQNS8AT2b_ObyfNtpLmI56GmPHs.roa (raw, json)
Hash identifier: FIrPd1Qt9ke+iQ4PcnJa+P6/h8ZOpsMJkPUSoJHv9bk=
Subject key identifier: 71:03:52:F0:04:F6:6F:F3:9B:C9:F3:6D:A4:B9:88:E7:A1:A6:3C:7B
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01932DDC432CF8117C65097D36321B570FBD
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/cQNS8AT2b_ObyfNtpLmI56GmPHs.roa
Signing time: Fri 15 Nov 2024 03:27:09 +0000
ROA not before: Fri 15 Nov 2024 03:27:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 401257
IP address blocks: 185.236.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 19:05:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2d:dc:43:2c:f8:11:7c:65:09:7d:36:32:1b:57:0f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Nov 15 03:27:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=710352f004f66ff39bc9f36da4b988e7a1a63c7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cd:9a:6e:74:c0:1e:54:b0:48:98:0d:51:fb:
f8:bc:d8:76:0a:f1:02:7a:41:0b:8d:bc:a3:9b:58:
34:1d:7d:da:be:7a:3f:02:7e:fc:3c:da:4c:59:5b:
04:a4:4f:98:6c:4f:41:15:29:59:78:5a:5d:c9:85:
2c:1f:c2:e3:aa:c8:6a:44:e9:0b:72:df:f5:87:82:
50:99:83:ae:02:33:b0:92:62:d3:32:8f:20:4e:55:
87:b0:46:f3:2b:94:f3:41:9d:72:fa:92:e3:be:f7:
07:14:14:dd:33:14:e7:4c:c5:80:5a:92:8e:b0:58:
8d:54:2b:1c:90:e0:7d:c5:9b:ca:45:3f:6f:f9:e4:
f8:32:72:2f:ba:59:94:ae:28:b3:a0:4f:e8:02:f0:
08:9c:4f:03:f5:3e:26:94:f1:dd:4e:43:2a:75:5d:
2a:13:73:6c:e4:6e:d8:59:dc:e5:87:bc:c6:5d:23:
a4:1d:6f:14:eb:ac:c9:d8:1c:ea:41:d5:78:d6:b6:
cd:b0:41:50:7a:80:9e:eb:69:e7:27:1c:89:97:6d:
67:19:f8:8b:98:9e:f4:ca:b2:95:20:75:cb:96:3a:
88:fd:15:ac:a3:9b:c4:3d:4f:3c:59:dc:a2:74:d9:
89:3f:bd:c1:50:4a:51:a1:59:76:7c:8d:f6:8b:28:
26:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:03:52:F0:04:F6:6F:F3:9B:C9:F3:6D:A4:B9:88:E7:A1:A6:3C:7B
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/cQNS8AT2b_ObyfNtpLmI56GmPHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.9.0/24
Signature Algorithm: sha256WithRSAEncryption
18:9a:24:0a:cb:e9:e0:a1:13:e2:52:ae:45:03:04:7c:d2:94:
3b:2a:1b:f1:d2:8d:25:1a:d1:bd:e7:25:1e:b9:17:90:a0:e1:
44:9b:43:8d:56:da:a4:8e:ef:50:fe:54:13:f3:4e:90:15:75:
b8:0e:65:00:ad:b0:91:46:95:63:22:12:9e:8a:c1:74:53:c5:
6b:af:fb:47:a5:24:0a:4e:6a:d1:0e:c2:14:72:62:fb:98:32:
ce:25:a2:9d:15:45:46:de:b4:91:1d:9e:fd:3d:b5:5f:50:ff:
87:be:90:d5:66:4d:5e:cc:e8:22:08:e2:3c:37:29:e3:cb:9c:
ea:44:59:b4:ac:8b:14:36:04:d7:8a:fa:38:5d:8a:d4:44:09:
13:63:16:d7:73:4a:05:bf:7f:83:fa:4f:8c:2d:fa:c4:b8:d0:
74:c3:90:ae:25:fd:ff:73:87:3d:0e:dc:b4:e8:64:14:d0:d4:
66:c6:16:12:73:fd:4a:fb:69:16:44:f2:e4:76:fc:ce:e8:04:
ef:79:61:6b:77:1c:df:61:98:f4:78:65:dc:89:13:17:9a:d6:
2a:45:66:6d:e0:18:6f:3f:f8:a3:2b:df:77:54:98:e7:56:34:
13:03:25:aa:17:00:f3:ca:33:1e:a3:f9:9e:29:62:87:13:3b:
bc:10:e0:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMt3EMs+BF8ZQl9NjIbVw+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQxMTE1MDMyNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTAzNTJmMDA0ZjY2ZmYzOWJjOWYzNmRhNGI5ODhlN2ExYTYzYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc2abnTAHlSwSJgNUfv4vNh2CvEC
ekELjbyjm1g0HX3avno/An78PNpMWVsEpE+YbE9BFSlZeFpdyYUsH8LjqshqROkL
ct/1h4JQmYOuAjOwkmLTMo8gTlWHsEbzK5TzQZ1y+pLjvvcHFBTdMxTnTMWAWpKO
sFiNVCsckOB9xZvKRT9v+eT4MnIvulmUriizoE/oAvAInE8D9T4mlPHdTkMqdV0q
E3Ns5G7YWdzlh7zGXSOkHW8U66zJ2BzqQdV41rbNsEFQeoCe62nnJxyJl21nGfiL
mJ70yrKVIHXLljqI/RWso5vEPU88WdyidNmJP73BUEpRoVl2fI32iygmuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHEDUvAE9m/zm8nzbaS5iOehpjx7MB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvY1FOUzhBVDJiX09ieWZOdHBMbUk1NkdtUEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuewJMA0G
CSqGSIb3DQEBCwUAA4IBAQAYmiQKy+ngoRPiUq5FAwR80pQ7Khvx0o0lGtG95yUe
uReQoOFEm0ONVtqkju9Q/lQT806QFXW4DmUArbCRRpVjIhKeisF0U8Vrr/tHpSQK
TmrRDsIUcmL7mDLOJaKdFUVG3rSRHZ79PbVfUP+HvpDVZk1ezOgiCOI8Nynjy5zq
RFm0rIsUNgTXivo4XYrURAkTYxbXc0oFv3+D+k+MLfrEuNB0w5CuJf3/c4c9Dty0
6GQU0NRmxhYSc/1K+2kWRPLkdvzO6ATveWFrdxzfYZj0eGXciRMXmtYqRWZt4Bhv
P/ijK993VJjnVjQTAyWqFwDzyjMeo/meKWKHEzu8EOA0
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:08 2025 by rpki-client