Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/4QQoin7VBagwMgWRIEQ3o_Fw2YY.roa
File: 4QQoin7VBagwMgWRIEQ3o_Fw2YY.roa (raw, json)
Hash identifier: y+rbJVTRC5RLv6R5LPKZysbMPgusZnSzi/yY7Xe3njw=
Subject key identifier: E1:04:28:8A:7E:D5:05:A8:30:32:05:91:20:44:37:A3:F1:70:D9:86
Certificate issuer: /CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Certificate serial: 019427B5B1E6FA78CF0F1BF1BB89F4BDF4DD
Authority key identifier: 3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/4QQoin7VBagwMgWRIEQ3o_Fw2YY.roa
Signing time: Thu 02 Jan 2025 15:50:06 +0000
ROA not before: Thu 02 Jan 2025 15:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25019
IP address blocks: 159.0.0.0/16 maxlen: 16
159.0.0.0/20 maxlen: 20
159.0.16.0/20 maxlen: 20
159.0.32.0/20 maxlen: 20
159.0.48.0/20 maxlen: 20
159.0.64.0/20 maxlen: 20
159.0.80.0/20 maxlen: 20
159.0.96.0/20 maxlen: 20
159.0.112.0/20 maxlen: 20
159.0.192.0/20 maxlen: 20
159.0.208.0/20 maxlen: 20
159.0.224.0/20 maxlen: 20
159.0.240.0/20 maxlen: 20
185.139.8.0/22 maxlen: 22
212.215.128.0/17 maxlen: 17
212.215.128.0/18 maxlen: 18
212.215.136.0/21 maxlen: 21
212.215.137.0/24 maxlen: 24
212.215.144.0/20 maxlen: 20
212.215.160.0/20 maxlen: 20
212.215.176.0/20 maxlen: 20
212.215.192.0/20 maxlen: 20
212.215.224.0/21 maxlen: 21
212.215.240.0/22 maxlen: 22
212.215.244.0/22 maxlen: 22
212.215.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 30 Jan 2025 05:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b1:e6:fa:78:cf:0f:1b:f1:bb:89:f4:bd:f4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Validity
Not Before: Jan 2 15:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e104288a7ed505a830320591204437a3f170d986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e3:a3:f3:31:16:85:87:45:77:9a:6a:a7:75:
9c:45:3d:de:0b:02:72:98:c9:67:ef:81:19:35:fa:
09:26:02:de:b5:34:d2:35:2b:16:33:ff:77:2c:10:
da:ef:26:57:c0:3f:bc:ac:9b:4c:b8:6a:64:c1:5c:
10:0e:e5:50:c9:71:d0:ac:17:a5:af:0f:53:72:9c:
6b:7f:b2:e7:f5:ca:50:37:3c:d4:b0:bd:16:97:38:
91:e8:ba:4b:59:58:14:ee:81:48:b1:86:0d:6c:8a:
e0:d1:d7:8f:de:03:f6:ff:ff:45:b8:e7:d2:95:ca:
9a:60:d8:b6:39:3a:62:88:02:94:0b:96:43:68:0a:
84:8e:91:e9:af:80:1c:f9:4c:07:c7:be:19:20:6b:
40:ac:12:28:7a:c4:1c:fd:da:0e:af:c1:0b:d9:50:
54:00:3c:0f:e9:ba:06:ba:b5:38:92:db:a5:62:c8:
79:6f:65:e4:25:a4:11:d6:28:fb:ec:27:1d:20:8e:
98:1f:9f:e8:9e:96:f9:a2:4e:cf:54:ec:be:ce:c6:
1e:eb:d7:18:91:4a:24:66:07:b3:1c:b7:93:5c:33:
d4:12:02:9d:0f:3a:8e:21:68:32:7e:b3:b1:53:97:
ee:90:17:43:5c:3e:f4:07:32:4b:bb:ab:1d:f4:a9:
22:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:04:28:8A:7E:D5:05:A8:30:32:05:91:20:44:37:A3:F1:70:D9:86
X509v3 Authority Key Identifier:
keyid:3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/4QQoin7VBagwMgWRIEQ3o_Fw2YY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.0.0.0/16
185.139.8.0/22
212.215.128.0/17
Signature Algorithm: sha256WithRSAEncryption
80:f6:a2:6a:08:01:70:ec:41:eb:3c:71:4e:bd:cb:99:9a:c1:
b8:27:5e:dc:b7:f6:54:2e:c4:6c:65:9a:c6:4c:f7:23:3f:9d:
aa:23:11:46:ab:c4:5c:8c:40:2c:cd:d4:16:c6:c1:c9:34:79:
f0:b3:57:21:e9:7a:59:08:4c:7a:ca:a3:43:bc:2f:2f:14:b0:
9b:91:a3:10:8d:27:60:d0:32:ca:e1:41:0f:08:06:e4:d3:00:
f9:2a:91:ed:6c:64:d2:02:7c:c6:2c:b1:fe:4b:cb:95:49:44:
f4:72:a0:45:cf:08:14:36:47:e2:4f:ed:f1:6c:a8:b6:30:26:
b7:ad:e8:c3:3a:d5:0a:3c:5f:98:ba:48:ec:68:45:f7:19:5e:
c7:e2:97:b3:7c:54:c5:5c:ee:ed:d5:38:4d:e2:4e:e5:f0:4f:
91:91:5a:97:94:df:99:df:1a:aa:67:6e:09:cf:47:8b:ab:da:
09:d5:cf:95:a0:69:42:c1:7f:e9:be:59:a2:a7:a7:51:43:27:
67:f9:b7:ae:f6:42:2c:c7:8d:07:52:0b:90:55:09:62:c9:bb:
c2:93:77:39:e5:4c:0d:a2:3d:bb:8f:dc:a8:41:b7:55:ca:96:
ef:d7:98:2d:6f:68:26:dc:0c:2e:8f:bb:35:18:3d:f8:f7:6d:
d9:cd:47:83
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZQntbHm+njPDxvxu4n0vfTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2NiYzcwZTE4YjZjNjllNTNlZjUyYTVlOTI1ZTVmNGYw
Y2RjYzEwHhcNMjUwMTAyMTU1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTA0Mjg4YTdlZDUwNWE4MzAzMjA1OTEyMDQ0MzdhM2YxNzBkOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+Oj8zEWhYdFd5pqp3WcRT3eCwJy
mMln74EZNfoJJgLetTTSNSsWM/93LBDa7yZXwD+8rJtMuGpkwVwQDuVQyXHQrBel
rw9Tcpxrf7Ln9cpQNzzUsL0WlziR6LpLWVgU7oFIsYYNbIrg0deP3gP2//9FuOfS
lcqaYNi2OTpiiAKUC5ZDaAqEjpHpr4Ac+UwHx74ZIGtArBIoesQc/doOr8EL2VBU
ADwP6boGurU4ktulYsh5b2XkJaQR1ij77CcdII6YH5/onpb5ok7PVOy+zsYe69cY
kUokZgezHLeTXDPUEgKdDzqOIWgyfrOxU5fukBdDXD70BzJLu6sd9KkiXwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFOEEKIp+1QWoMDIFkSBEN6PxcNmGMB8GA1UdIwQY
MBaAFDvMvHDhi2xp5T71Kl6SXl9PDNzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgt
YmJlNjBlYTIyMmM1LzEvNFFRb2luN1ZCYWd3TWdXUklFUTNvX0Z3MllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgtYmJlNjBlYTIyMmM1
LzEvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAnwADBAK5
iwgDBAfU14AwDQYJKoZIhvcNAQELBQADggEBAID2omoIAXDsQes8cU69y5mawbgn
Xty39lQuxGxlmsZM9yM/naojEUarxFyMQCzN1BbGwck0efCzVyHpelkITHrKo0O8
Ly8UsJuRoxCNJ2DQMsrhQQ8IBuTTAPkqke1sZNICfMYssf5Ly5VJRPRyoEXPCBQ2
R+JP7fFsqLYwJret6MM61Qo8X5i6SOxoRfcZXsfil7N8VMVc7u3VOE3iTuXwT5GR
WpeU35nfGqpnbgnPR4ur2gnVz5WgaULBf+m+WaKnp1FDJ2f5t672QizHjQdSC5BV
CWLJu8KTdznlTA2iPbuP3KhBt1XKlu/XmC1vaCbcDC6PuzUYPfj3bdnNR4M=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:11:34 2025 by rpki-client