Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/7Qkzbg6Vffeiqf6eAUKSj7m79q8.roa
File: 7Qkzbg6Vffeiqf6eAUKSj7m79q8.roa (raw, json)
Hash identifier: lMRkSD0rQHpXTERu9SWn0Kk/pi6wLovRyZXigsdzB7U=
Subject key identifier: ED:09:33:6E:0E:95:7D:F7:A2:A9:FE:9E:01:42:92:8F:B9:BB:F6:AF
Certificate issuer: /CN=b45064c1ac8690e2c77a959a502546e98bcd3727
Certificate serial: 0192CA9D91FA48B5C0CDC0BDAF7FACE1D251
Authority key identifier: B4:50:64:C1:AC:86:90:E2:C7:7A:95:9A:50:25:46:E9:8B:CD:37:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFBkwayGkOLHepWaUCVG6YvNNyc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/7Qkzbg6Vffeiqf6eAUKSj7m79q8.roa
Signing time: Sat 26 Oct 2024 20:56:17 +0000
ROA not before: Sat 26 Oct 2024 20:56:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204928
IP address blocks: 194.153.216.0/24 maxlen: 24
2a12:e540::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ca:9d:91:fa:48:b5:c0:cd:c0:bd:af:7f:ac:e1:d2:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45064c1ac8690e2c77a959a502546e98bcd3727
Validity
Not Before: Oct 26 20:56:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed09336e0e957df7a2a9fe9e0142928fb9bbf6af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:fb:29:81:30:e1:c4:b6:1c:5a:7a:5d:44:8b:
98:8c:d0:c7:e8:e9:91:30:cf:e9:e5:98:9f:a9:c3:
5d:00:29:ab:b0:45:7a:42:09:09:fb:b6:b8:51:9d:
a3:7d:80:94:60:14:09:fa:be:d5:78:9c:a3:1f:5a:
60:73:c2:59:8d:86:22:9d:39:95:41:bd:4e:2d:a6:
f9:6c:4b:b8:d9:10:72:4a:c9:df:12:be:a2:db:80:
4f:a1:6a:b6:15:36:43:88:5d:7f:2a:bf:95:89:3e:
64:e5:fd:2c:e5:82:c0:f2:c8:d0:01:58:d8:d9:42:
4a:51:b3:8f:dc:01:44:7b:26:20:5f:2e:e2:e1:cf:
27:6b:4e:73:ff:b8:e0:7d:ae:ef:1d:05:93:d6:ac:
77:2d:14:6c:ac:fc:50:a1:57:04:31:8e:10:7b:c4:
38:6e:f2:3b:62:79:11:df:6e:54:c0:2f:c2:eb:a0:
ee:2d:d6:6a:e1:39:a2:30:f6:b5:9a:83:40:ae:c7:
e5:27:77:7e:34:02:bd:d0:30:ef:2a:ed:75:85:d2:
c1:28:0a:67:f2:90:eb:92:f1:50:7f:2e:1e:5a:b7:
73:1e:f9:5f:ae:6f:9e:90:aa:b1:c2:ac:bd:b1:1d:
d1:e5:83:20:0e:b5:42:01:80:00:ca:16:20:8e:d7:
f0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:09:33:6E:0E:95:7D:F7:A2:A9:FE:9E:01:42:92:8F:B9:BB:F6:AF
X509v3 Authority Key Identifier:
keyid:B4:50:64:C1:AC:86:90:E2:C7:7A:95:9A:50:25:46:E9:8B:CD:37:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFBkwayGkOLHepWaUCVG6YvNNyc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/7Qkzbg6Vffeiqf6eAUKSj7m79q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/359179-4ac2-431c-9531-0b7a33dd5b56/1/tFBkwayGkOLHepWaUCVG6YvNNyc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.216.0/24
IPv6:
2a12:e540::/32
Signature Algorithm: sha256WithRSAEncryption
2b:80:8e:c0:26:7f:51:f3:76:db:91:5c:48:a6:aa:b2:d7:83:
1b:08:30:36:2b:89:5a:37:36:4d:0c:62:fd:fe:9d:d3:9c:25:
cc:53:09:15:41:54:54:2a:47:cc:a5:2a:6d:02:67:4b:59:0c:
c2:53:74:83:0a:88:73:5a:e6:e4:06:db:89:2d:2b:fc:71:f6:
57:3d:f0:be:96:b8:d4:4c:a7:42:a6:3d:85:ad:c4:26:bf:13:
19:94:17:dc:a0:7b:b2:cf:e4:bc:e2:92:87:71:a3:5a:f6:28:
7c:cf:f4:24:21:de:e4:f4:10:e3:b6:ad:9e:cb:32:33:e8:0d:
14:66:0c:b1:c6:b9:23:67:1e:94:e8:32:86:08:34:d0:c4:f2:
b1:11:e2:dd:b5:f0:b2:f5:77:bf:6e:90:9b:c2:76:bb:14:a2:
d4:96:95:37:33:5d:ae:a6:cb:f8:30:d3:45:a7:94:fb:ff:f0:
fe:a2:19:ee:69:dc:87:67:80:fd:c7:0d:f6:3d:3c:89:ae:0e:
b2:b7:7a:60:19:55:fd:89:e9:91:85:ba:7d:a8:ed:9c:81:ea:
fc:56:0a:c7:94:2a:d0:dd:d0:be:c3:37:b1:88:bd:f4:bb:7b:
53:aa:36:a4:6d:a6:6f:44:96:5c:a1:b6:8d:3a:77:92:d9:8c:
60:ba:3f:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZLKnZH6SLXAzcC9r3+s4dJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTA2NGMxYWM4NjkwZTJjNzdhOTU5YTUwMjU0NmU5OGJj
ZDM3MjcwHhcNMjQxMDI2MjA1NjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA5MzM2ZTBlOTU3ZGY3YTJhOWZlOWUwMTQyOTI4ZmI5YmJmNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/spgTDhxLYcWnpdRIuYjNDH6OmR
MM/p5ZifqcNdACmrsEV6QgkJ+7a4UZ2jfYCUYBQJ+r7VeJyjH1pgc8JZjYYinTmV
Qb1OLab5bEu42RBySsnfEr6i24BPoWq2FTZDiF1/Kr+ViT5k5f0s5YLA8sjQAVjY
2UJKUbOP3AFEeyYgXy7i4c8na05z/7jgfa7vHQWT1qx3LRRsrPxQoVcEMY4Qe8Q4
bvI7YnkR325UwC/C66DuLdZq4TmiMPa1moNArsflJ3d+NAK90DDvKu11hdLBKApn
8pDrkvFQfy4eWrdzHvlfrm+ekKqxwqy9sR3R5YMgDrVCAYAAyhYgjtfwJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO0JM24OlX33oqn+ngFCko+5u/avMB8GA1UdIwQY
MBaAFLRQZMGshpDix3qVmlAlRumLzTcnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZCa3dheUdrT0xIZXBXYVVDVkc2WXZOTnljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8zNTkxNzktNGFjMi00MzFjLTk1MzEt
MGI3YTMzZGQ1YjU2LzEvN1FremJnNlZmZmVpcWY2ZUFVS1NqN203OXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8zNTkxNzktNGFjMi00MzFjLTk1MzEtMGI3YTMzZGQ1YjU2
LzEvdEZCa3dheUdrT0xIZXBXYVVDVkc2WXZOTnljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwpnYMA0E
AgACMAcDBQAqEuVAMA0GCSqGSIb3DQEBCwUAA4IBAQArgI7AJn9R83bbkVxIpqqy
14MbCDA2K4laNzZNDGL9/p3TnCXMUwkVQVRUKkfMpSptAmdLWQzCU3SDCohzWubk
BtuJLSv8cfZXPfC+lrjUTKdCpj2FrcQmvxMZlBfcoHuyz+S84pKHcaNa9ih8z/Qk
Id7k9BDjtq2eyzIz6A0UZgyxxrkjZx6U6DKGCDTQxPKxEeLdtfCy9Xe/bpCbwna7
FKLUlpU3M12upsv4MNNFp5T7//D+ohnuadyHZ4D9xw32PTyJrg6yt3pgGVX9iemR
hbp9qO2cger8VgrHlCrQ3dC+wzexiL30u3tTqjakbaZvRJZcobaNOneS2Yxguj/1
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:20:04 2025 by rpki-client