Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/rQUHMp-M3GQa2IEgsNV5ZxajYYc.roa
File: rQUHMp-M3GQa2IEgsNV5ZxajYYc.roa (raw, json)
Hash identifier: GBePBFa3LurhP1JMukHHY4+oDza2Cijp0IvJZBzzZ1E=
Subject key identifier: AD:05:07:32:9F:8C:DC:64:1A:D8:81:20:B0:D5:79:67:16:A3:61:87
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AEEC7BFE283C4623331D5385F25C25
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/rQUHMp-M3GQa2IEgsNV5ZxajYYc.roa
Signing time: Tue 26 Nov 2024 13:35:14 +0000
ROA not before: Tue 26 Nov 2024 13:35:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396542
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:ec:7b:fe:28:3c:46:23:33:1d:53:85:f2:5c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad0507329f8cdc641ad88120b0d5796716a36187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f6:e5:5f:25:3f:2c:1e:cd:0e:da:a4:74:f7:
fc:00:28:94:2c:c2:87:7b:e0:2e:4b:7a:43:f1:86:
0d:bf:c2:b6:fa:1e:76:93:ff:89:f2:f2:a8:16:02:
a9:22:17:01:ff:88:6c:67:20:92:af:16:3d:41:00:
fb:fa:37:b4:96:5c:ed:03:75:d0:1a:fc:1a:62:00:
14:a5:d9:2b:d8:dc:a7:c3:a8:16:2b:2f:fa:2b:66:
f0:39:c4:bf:b2:3d:e9:02:af:63:34:f1:7a:53:8e:
86:3e:d3:01:c7:be:07:f4:06:9a:03:ae:af:af:ce:
5a:96:70:80:e4:98:e1:ae:69:2c:04:19:cc:f4:e6:
76:c9:f2:0a:7b:39:a6:89:35:84:84:68:39:a1:66:
f1:2f:9d:dd:d2:ba:62:55:cf:ab:0d:96:f8:02:c1:
74:15:86:8b:2c:7f:c3:dd:d1:70:5d:3c:b5:fd:3d:
98:4c:28:d2:51:70:e3:43:f6:e2:bc:4b:f0:46:be:
14:75:51:ba:6e:5f:dd:5e:5f:ff:95:f0:e3:32:ce:
de:76:6d:4f:03:df:96:94:9a:b5:72:fa:b2:b2:b7:
f9:1a:de:71:6f:aa:da:c9:2a:5a:20:c8:ef:bd:19:
42:ab:24:72:5e:20:0f:4f:9f:c6:0e:19:5d:50:f7:
cc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:05:07:32:9F:8C:DC:64:1A:D8:81:20:B0:D5:79:67:16:A3:61:87
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/rQUHMp-M3GQa2IEgsNV5ZxajYYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
01:41:72:0b:e0:f4:52:42:20:59:db:46:f0:e3:15:2f:b0:d1:
5b:8b:14:e9:82:4c:8c:89:d3:c1:ea:9d:18:4d:b6:40:14:10:
66:40:eb:a9:58:1e:53:d7:eb:5b:c5:66:e2:ec:da:cd:3f:fc:
3d:a4:16:e5:ea:3c:67:bb:76:3c:f1:54:4e:d6:f3:25:48:a5:
04:fd:64:c1:9e:7f:e6:34:53:10:3b:76:5b:42:ec:6b:53:2a:
6b:9d:83:75:c6:d8:a5:2f:45:51:24:06:34:d5:09:7f:96:d1:
36:fc:a6:c5:14:dd:e3:00:b4:62:95:c4:e6:ad:ba:9c:ad:38:
96:1b:d4:eb:0a:e2:c0:d7:ec:f1:d4:ab:af:64:45:88:6b:e6:
a1:67:13:51:ed:3e:55:e3:bd:66:2c:a5:a3:ca:52:c8:a4:79:
dc:3e:96:a7:b7:71:1a:32:d1:d1:fd:91:e6:df:2b:f5:a2:8e:
8a:32:7e:12:aa:31:c5:6d:8c:f8:0b:68:6e:7f:dc:21:a2:7c:
aa:51:32:bf:ba:10:02:bb:32:93:f2:d5:fc:20:ba:75:0a:79:
7e:ed:bc:74:83:bc:18:bb:4c:0c:d0:98:ac:d1:df:5d:3e:31:
b9:0f:eb:26:3a:c8:4d:58:54:56:a4:11:cc:83:3e:09:83:d7:
8b:d0:1d:82
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorux7/ig8RiMzHVOF8lwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDA1MDczMjlmOGNkYzY0MWFkODgxMjBiMGQ1Nzk2NzE2YTM2MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPblXyU/LB7NDtqkdPf8ACiULMKH
e+AuS3pD8YYNv8K2+h52k/+J8vKoFgKpIhcB/4hsZyCSrxY9QQD7+je0llztA3XQ
GvwaYgAUpdkr2Nynw6gWKy/6K2bwOcS/sj3pAq9jNPF6U46GPtMBx74H9AaaA66v
r85alnCA5JjhrmksBBnM9OZ2yfIKezmmiTWEhGg5oWbxL53d0rpiVc+rDZb4AsF0
FYaLLH/D3dFwXTy1/T2YTCjSUXDjQ/bivEvwRr4UdVG6bl/dXl//lfDjMs7edm1P
A9+WlJq1cvqysrf5Gt5xb6raySpaIMjvvRlCqyRyXiAPT5/GDhldUPfMkwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK0FBzKfjNxkGtiBILDVeWcWo2GHMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvclFVSE1wLU0zR1FhMklFZ3NOVjVaeGFqWVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAAFBcgvg9FJCIFnbRvDjFS+w0VuLFOmC
TIyJ08HqnRhNtkAUEGZA66lYHlPX61vFZuLs2s0//D2kFuXqPGe7djzxVE7W8yVI
pQT9ZMGef+Y0UxA7dltC7GtTKmudg3XG2KUvRVEkBjTVCX+W0Tb8psUU3eMAtGKV
xOatupytOJYb1OsK4sDX7PHUq69kRYhr5qFnE1HtPlXjvWYspaPKUsikedw+lqe3
cRoy0dH9kebfK/WijooyfhKqMcVtjPgLaG5/3CGifKpRMr+6EAK7MpPy1fwgunUK
eX7tvHSDvBi7TAzQmKzR310+MbkP6yY6yE1YVFakEcyDPgmD14vQHYI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:17 2025 by rpki-client