Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/vquhKY6XpYPZGBkYTMMsDFp3UFE.roa
File: vquhKY6XpYPZGBkYTMMsDFp3UFE.roa (raw, json)
Hash identifier: lRUsEqGixbK5KEEXkx5ocoalfI4CTBf0ngW8rxcXfQo=
Subject key identifier: BE:AB:A1:29:8E:97:A5:83:D9:18:19:18:4C:C3:2C:0C:5A:77:50:51
Certificate issuer: /CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Certificate serial: 018DC5AEBE7CD8FFF195F1FEFDB9E5E47760
Authority key identifier: 27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/vquhKY6XpYPZGBkYTMMsDFp3UFE.roa
Signing time: Tue 20 Feb 2024 08:42:59 +0000
ROA not before: Tue 20 Feb 2024 08:42:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205721
IP address blocks: 185.208.80.0/22 maxlen: 24
193.142.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:ae:be:7c:d8:ff:f1:95:f1:fe:fd:b9:e5:e4:77:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=270290f5f31f238df3e8f3bdfcc05751cc2f192c
Validity
Not Before: Feb 20 08:42:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=beaba1298e97a583d91819184cc32c0c5a775051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b5:ce:01:ad:66:e1:0e:63:a3:b6:14:9b:f7:
5e:a2:9b:ab:72:37:f2:95:3b:1a:31:c1:30:9e:17:
2d:1c:e6:c1:9e:dc:f5:16:a2:45:dc:eb:16:9c:7e:
0f:b1:c9:f2:38:64:e0:40:6e:b8:97:88:79:4d:9d:
4f:76:de:17:4b:6a:02:f9:a5:db:24:51:b7:48:fe:
fc:3e:a4:f1:59:68:e7:3c:19:1a:89:03:96:74:ed:
cc:d6:11:31:00:7e:9b:1c:f9:08:35:f1:30:57:ac:
01:03:d9:29:d7:2c:f1:39:1d:c3:a1:cb:fa:0c:96:
ad:10:05:48:05:67:6f:ab:0e:a7:1d:e1:5e:ae:d9:
df:71:df:63:d3:5f:b2:c1:b3:04:22:59:24:a2:dc:
cb:b5:f0:dd:12:67:16:c3:ef:03:0c:10:ca:db:62:
86:7c:67:09:87:3f:59:10:f1:1d:19:3e:38:be:09:
2a:d2:a7:b4:23:81:b5:ba:b1:26:50:e0:8b:b4:a4:
6a:31:46:3d:2c:4d:04:f7:26:72:32:e7:88:d9:9f:
a6:a3:00:cb:62:21:7b:59:d7:cd:23:c3:39:c5:8a:
e3:72:f5:8e:00:0a:2b:02:55:26:d4:73:0f:f9:f2:
f9:93:33:ad:f9:92:ab:64:12:e5:12:3c:cd:b5:29:
ab:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:AB:A1:29:8E:97:A5:83:D9:18:19:18:4C:C3:2C:0C:5A:77:50:51
X509v3 Authority Key Identifier:
keyid:27:02:90:F5:F3:1F:23:8D:F3:E8:F3:BD:FC:C0:57:51:CC:2F:19:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKQ9fMfI43z6PO9_MBXUcwvGSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/vquhKY6XpYPZGBkYTMMsDFp3UFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a5930a-7233-4ee9-9900-b14cc91c776c/1/JwKQ9fMfI43z6PO9_MBXUcwvGSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.80.0/22
193.142.211.0/24
Signature Algorithm: sha256WithRSAEncryption
90:49:0e:7f:4d:c9:ac:60:38:37:e0:45:7f:10:27:14:0d:88:
53:03:97:9b:5b:14:7b:79:31:5c:e3:3f:e3:b2:87:a1:ec:95:
e7:77:ed:7e:e3:7b:72:17:c2:29:d5:9c:d1:be:26:61:28:0d:
b1:5a:bf:da:fa:0f:02:6f:a9:d1:98:87:5e:d0:de:76:8c:a7:
6c:91:2c:5f:cd:a5:69:d8:af:7d:6f:46:2d:30:5a:c6:c1:1d:
ed:38:bd:77:03:99:65:5d:5a:1b:3b:5f:fc:2c:7e:2d:53:33:
78:ad:04:30:1d:3b:27:7f:fd:21:7e:01:ce:0e:fb:ba:ef:dc:
a4:73:14:bb:10:e7:12:48:66:de:9d:c3:95:6d:f1:15:60:ac:
9e:8e:16:6c:d5:69:de:73:12:1b:91:03:b1:ca:e3:2d:5c:e1:
8c:f0:d4:47:02:4f:36:85:fc:95:5c:50:c5:c1:60:59:66:ae:
4e:ff:ac:f5:ea:e3:5a:ae:8a:7d:39:c3:e4:ed:b3:ff:35:a5:
81:ee:7c:86:48:64:c9:6c:66:cf:f0:db:53:5d:bf:88:16:b8:
1f:27:5b:13:5f:0d:ae:ed:76:1c:cf:c3:8c:eb:7b:ef:89:07:
be:93:93:e3:6a:2f:40:d0:59:dd:47:c9:55:a7:51:43:2a:e5:
00:8f:d9:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3Frr582P/xlfH+/bnl5HdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5MGY1ZjMxZjIzOGRmM2U4ZjNiZGZjYzA1NzUxY2My
ZjE5MmMwHhcNMjQwMjIwMDg0MjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWFiYTEyOThlOTdhNTgzZDkxODE5MTg0Y2MzMmMwYzVhNzc1MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8LXOAa1m4Q5jo7YUm/deopurcjfy
lTsaMcEwnhctHObBntz1FqJF3OsWnH4PscnyOGTgQG64l4h5TZ1Pdt4XS2oC+aXb
JFG3SP78PqTxWWjnPBkaiQOWdO3M1hExAH6bHPkINfEwV6wBA9kp1yzxOR3Docv6
DJatEAVIBWdvqw6nHeFertnfcd9j01+ywbMEIlkkotzLtfDdEmcWw+8DDBDK22KG
fGcJhz9ZEPEdGT44vgkq0qe0I4G1urEmUOCLtKRqMUY9LE0E9yZyMueI2Z+mowDL
YiF7WdfNI8M5xYrjcvWOAAorAlUm1HMP+fL5kzOt+ZKrZBLlEjzNtSmrvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL6roSmOl6WD2RgZGEzDLAxad1BRMB8GA1UdIwQY
MBaAFCcCkPXzHyON8+jzvfzAV1HMLxksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAt
YjE0Y2M5MWM3NzZjLzEvdnF1aEtZNlhwWVBaR0JrWVRNTXNERnAzVUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hNTkzMGEtNzIzMy00ZWU5LTk5MDAtYjE0Y2M5MWM3NzZj
LzEvSndLUTlmTWZJNDN6NlBPOV9NQlhVY3d2R1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCudBQAwQA
wY7TMA0GCSqGSIb3DQEBCwUAA4IBAQCQSQ5/TcmsYDg34EV/ECcUDYhTA5ebWxR7
eTFc4z/jsoeh7JXnd+1+43tyF8Ip1ZzRviZhKA2xWr/a+g8Cb6nRmIde0N52jKds
kSxfzaVp2K99b0YtMFrGwR3tOL13A5llXVobO1/8LH4tUzN4rQQwHTsnf/0hfgHO
Dvu679ykcxS7EOcSSGbencOVbfEVYKyejhZs1WnecxIbkQOxyuMtXOGM8NRHAk82
hfyVXFDFwWBZZq5O/6z16uNarop9OcPk7bP/NaWB7nyGSGTJbGbP8NtTXb+IFrgf
J1sTXw2u7XYcz8OM63vviQe+k5Pjai9A0FndR8lVp1FDKuUAj9kR
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:33:27 2025 by rpki-client