Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/QEoEmJV1RXhRCACzCL6dgxuVGhc.roa
File: QEoEmJV1RXhRCACzCL6dgxuVGhc.roa (raw, json)
Hash identifier: pXLz8SwgOcG4x5ZA7X8o3Z0H+xO8OlvZbIAF6PezYBE=
Subject key identifier: 40:4A:04:98:95:75:45:78:51:08:00:B3:08:BE:9D:83:1B:95:1A:17
Certificate issuer: /CN=ab91d5262561a9dd713dfa39163dec849fee4636
Certificate serial: 018CC3B733543CA78504D37729AF8FBC7F84
Authority key identifier: AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/QEoEmJV1RXhRCACzCL6dgxuVGhc.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200168
IP address blocks: 195.254.172.0/23 maxlen: 23
185.35.212.0/22 maxlen: 24
2a04:6543::/32 maxlen: 32
2a04:6540::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:33:54:3c:a7:85:04:d3:77:29:af:8f:bc:7f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab91d5262561a9dd713dfa39163dec849fee4636
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=404a049895754578510800b308be9d831b951a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c3:7e:a5:ea:b3:26:2b:87:a6:61:09:d1:23:
f4:39:c5:9e:f5:6e:4a:c5:46:ee:20:bc:f9:4e:28:
48:b6:e5:5b:4b:e6:fd:20:19:79:9e:a0:c2:de:93:
9f:6d:c1:8b:5a:3c:30:ca:b5:90:84:57:29:72:9a:
51:34:fd:70:4e:91:c1:c6:54:1e:e6:a7:4e:7a:db:
cd:37:f5:64:4c:65:e2:e9:70:8a:a6:27:75:af:ec:
f2:4b:e4:61:3f:8c:ef:94:f0:ee:df:45:1d:10:8c:
78:d0:f3:e2:2e:e9:a1:0f:55:d3:81:3b:ad:44:ec:
df:22:c7:57:40:f4:5c:12:1c:bb:7d:e0:4f:22:90:
cf:fe:e0:b0:3e:7a:6a:0f:ce:45:f4:da:81:38:b8:
51:aa:87:88:4a:ef:2e:24:77:00:3e:ab:f3:f8:8c:
9f:cf:3e:fa:0d:e3:58:e6:bd:12:5b:0d:17:7c:9d:
9d:64:82:0d:d4:1a:dc:59:91:89:d9:c1:d3:9f:31:
57:c4:9f:ec:a1:92:58:2c:69:c3:bc:56:67:a8:65:
79:4d:4b:c3:cc:3f:b0:9a:b8:db:38:08:d6:ed:cb:
37:27:98:e5:30:27:a0:09:1e:bd:d2:c8:d6:b9:0a:
e6:99:c0:ff:98:7e:f1:c4:54:17:c6:83:ea:32:b2:
a3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4A:04:98:95:75:45:78:51:08:00:B3:08:BE:9D:83:1B:95:1A:17
X509v3 Authority Key Identifier:
keyid:AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/QEoEmJV1RXhRCACzCL6dgxuVGhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.212.0/22
195.254.172.0/23
IPv6:
2a04:6540::/32
2a04:6543::/32
Signature Algorithm: sha256WithRSAEncryption
4b:0f:a1:15:28:b1:5e:fb:49:b1:c4:b0:f6:97:66:44:67:46:
1e:32:3a:1d:45:e8:05:af:fb:35:aa:8c:88:2c:32:7e:dd:1d:
24:61:3e:c1:e2:c2:d4:c4:39:70:0e:19:14:c2:63:b9:38:47:
6e:24:1f:af:64:99:81:7f:d5:2f:fc:78:d3:fc:b9:6d:f4:b0:
56:72:71:05:31:af:8b:22:a3:39:1c:5f:f1:d7:17:64:86:b2:
69:a2:45:ad:22:35:9c:ad:6b:c0:36:08:1e:b0:b5:23:04:b0:
c2:c1:e5:d4:f1:9a:f9:eb:30:a0:b4:71:6e:c4:9d:d7:4d:02:
e0:be:3c:da:48:8a:7c:89:35:3a:38:64:7d:0e:20:71:42:46:
82:4a:91:dd:9b:38:dd:7b:31:b6:10:6d:94:d9:d1:f4:a8:04:
6e:21:f4:1b:51:f5:31:3c:f8:b7:33:eb:69:e3:a5:3d:e2:0b:
d6:a2:00:a0:b3:b4:fe:66:8c:a4:9b:b5:22:6a:46:8a:b7:cc:
d9:e8:58:85:45:17:72:56:93:28:03:76:42:19:4e:2b:78:48:
b1:c1:fe:5d:4e:d5:07:46:92:6f:6d:5e:c6:b8:b3:34:81:1f:
a6:a9:db:d1:a9:e4:09:1a:26:4b:e5:43:18:dc:64:cf:7b:7b:
94:49:db:50
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDtzNUPKeFBNN3Ka+PvH+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOTFkNTI2MjU2MWE5ZGQ3MTNkZmEzOTE2M2RlYzg0OWZl
ZTQ2MzYwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRhMDQ5ODk1NzU0NTc4NTEwODAwYjMwOGJlOWQ4MzFiOTUxYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcN+peqzJiuHpmEJ0SP0OcWe9W5K
xUbuILz5TihItuVbS+b9IBl5nqDC3pOfbcGLWjwwyrWQhFcpcppRNP1wTpHBxlQe
5qdOetvNN/VkTGXi6XCKpid1r+zyS+RhP4zvlPDu30UdEIx40PPiLumhD1XTgTut
ROzfIsdXQPRcEhy7feBPIpDP/uCwPnpqD85F9NqBOLhRqoeISu8uJHcAPqvz+Iyf
zz76DeNY5r0SWw0XfJ2dZIIN1BrcWZGJ2cHTnzFXxJ/soZJYLGnDvFZnqGV5TUvD
zD+wmrjbOAjW7cs3J5jlMCegCR690sjWuQrmmcD/mH7xxFQXxoPqMrKj0QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEBKBJiVdUV4UQgAswi+nYMblRoXMB8GA1UdIwQY
MBaAFKuR1SYlYandcT36ORY97ISf7kY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQt
Mjc1MjQyYWE2Nzc1LzEvUUVvRW1KVjFSWGhSQ0FDekNMNmRneHVWR2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85MWU4ODItYmE4YS00NGM1LTliMGQtMjc1MjQyYWE2Nzc1
LzEvcTVIVkppVmhxZDF4UGZvNUZqM3NoSl91UmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuSPUAwQB
w/6sMBQEAgACMA4DBQAqBGVAAwUAKgRlQzANBgkqhkiG9w0BAQsFAAOCAQEASw+h
FSixXvtJscSw9pdmRGdGHjI6HUXoBa/7NaqMiCwyft0dJGE+weLC1MQ5cA4ZFMJj
uThHbiQfr2SZgX/VL/x40/y5bfSwVnJxBTGviyKjORxf8dcXZIayaaJFrSI1nK1r
wDYIHrC1IwSwwsHl1PGa+eswoLRxbsSd100C4L482kiKfIk1OjhkfQ4gcUJGgkqR
3Zs43XsxthBtlNnR9KgEbiH0G1H1MTz4tzPraeOlPeIL1qIAoLO0/maMpJu1ImpG
irfM2ehYhUUXclaTKAN2QhlOK3hIscH+XU7VB0aSb21exrizNIEfpqnb0ankCRom
S+VDGNxkz3t7lEnbUA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:48 2025 by rpki-client