Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/qDFF5UJpty8MPKmFf1lcE4UHHro.roa
File: qDFF5UJpty8MPKmFf1lcE4UHHro.roa (raw, json)
Hash identifier: 87iC1vFaOqRfGRDL11jsOQupPYDSDJ5JdIxTycO7C7E=
Subject key identifier: A8:31:45:E5:42:69:B7:2F:0C:3C:A9:85:7F:59:5C:13:85:07:1E:BA
Certificate issuer: /CN=4c6b6371b945a35e9df308ff43803e2617851069
Certificate serial: 01927A913E3735D95EE7A11FCFF513822410
Authority key identifier: 4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/qDFF5UJpty8MPKmFf1lcE4UHHro.roa
Signing time: Fri 11 Oct 2024 07:53:11 +0000
ROA not before: Fri 11 Oct 2024 07:53:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3240
IP address blocks: 194.182.108.0/24 maxlen: 24
195.231.128.0/20 maxlen: 20
195.231.144.0/20 maxlen: 20
195.231.160.0/19 maxlen: 19
2a10:cf80:1000::/48 maxlen: 48
2a10:cf80:2000::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 09:17:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:91:3e:37:35:d9:5e:e7:a1:1f:cf:f5:13:82:24:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c6b6371b945a35e9df308ff43803e2617851069
Validity
Not Before: Oct 11 07:53:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a83145e54269b72f0c3ca9857f595c1385071eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f4:ba:fb:18:26:83:ac:d9:37:aa:14:4b:90:
10:87:6f:28:19:ec:e0:ea:61:67:b4:4f:23:96:07:
de:bd:b1:59:21:e0:57:01:77:41:3c:ca:df:9c:89:
50:33:bb:98:6f:a9:86:ef:5c:e5:c2:9e:23:dc:e6:
9c:0f:8d:ec:43:86:63:56:d1:2c:e2:06:db:44:30:
7d:7b:5e:26:23:81:d6:f7:cb:ec:9b:6c:cc:92:93:
f2:20:20:da:aa:15:9e:0d:63:25:84:4e:6b:65:ed:
aa:ec:34:83:ec:9c:20:a9:79:a1:1e:98:99:97:2d:
ec:b5:03:fa:69:7c:69:d3:20:7f:9a:5a:b9:71:d8:
9e:2d:51:6f:1b:df:ce:97:1f:2f:1a:a9:b2:8b:bf:
06:6a:8a:fe:f8:f0:56:9a:30:79:67:8a:80:c5:02:
42:d6:4e:23:f2:ef:39:db:49:23:24:13:84:97:93:
c3:6a:fb:48:93:d9:53:a2:23:96:48:73:43:9f:86:
e4:27:ef:9f:78:8b:11:e0:63:59:22:04:ca:4b:6a:
86:46:9a:4b:f9:30:79:ff:2a:06:11:ae:53:b6:db:
6c:f7:72:11:a6:55:83:1b:8f:80:56:a1:68:94:8e:
f3:80:ab:1b:9e:77:e1:c7:8b:f5:48:d7:85:88:3d:
0c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:31:45:E5:42:69:B7:2F:0C:3C:A9:85:7F:59:5C:13:85:07:1E:BA
X509v3 Authority Key Identifier:
keyid:4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/qDFF5UJpty8MPKmFf1lcE4UHHro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.182.108.0/24
195.231.128.0/18
IPv6:
2a10:cf80:1000::/48
2a10:cf80:2000::/48
Signature Algorithm: sha256WithRSAEncryption
2a:c0:9e:1a:1e:68:fe:b2:c4:75:bd:d9:8c:2d:e0:e3:c1:4b:
e8:0e:63:fa:10:2f:b3:41:78:85:0a:44:06:97:53:9d:77:3e:
c3:d9:39:44:61:f9:34:3c:70:18:77:22:d9:c8:ba:2b:c5:15:
8a:6a:6a:76:0d:46:5f:c7:95:46:c4:6d:8b:29:23:d5:97:b2:
cb:29:52:10:e1:89:4c:f2:b4:06:2c:0b:7c:c0:93:c6:a5:22:
e0:88:45:5b:1b:4b:a9:3b:97:e9:5f:f8:14:79:78:a5:c5:b5:
93:f7:ce:77:97:b1:0f:b3:23:b3:63:a9:2e:a0:0c:68:26:07:
37:d3:14:1e:e7:a9:8b:47:1a:fc:56:d2:5d:38:ea:5e:4d:8e:
3a:74:25:0b:c5:86:f8:11:40:17:16:91:72:6d:8a:b4:6b:a2:
00:07:60:8d:0a:75:dd:cc:a2:58:cc:39:22:d8:d4:de:55:ac:
4f:93:4f:e9:c0:c7:87:01:33:c4:95:f7:12:d7:c1:6c:62:99:
ae:40:82:0c:8f:99:91:81:3f:f0:8e:88:43:11:9c:4e:ac:09:
0a:44:94:5d:ce:6b:cc:11:84:c6:d0:5e:7b:50:bb:33:86:bc:
6c:f1:af:a2:00:68:e3:7e:14:33:30:b7:85:55:9c:02:fc:ae:
71:61:1d:6a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZJ6kT43Ndle56Efz/UTgiQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNmI2MzcxYjk0NWEzNWU5ZGYzMDhmZjQzODAzZTI2MTc4
NTEwNjkwHhcNMjQxMDExMDc1MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODMxNDVlNTQyNjliNzJmMGMzY2E5ODU3ZjU5NWMxMzg1MDcxZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvS6+xgmg6zZN6oUS5AQh28oGezg
6mFntE8jlgfevbFZIeBXAXdBPMrfnIlQM7uYb6mG71zlwp4j3OacD43sQ4ZjVtEs
4gbbRDB9e14mI4HW98vsm2zMkpPyICDaqhWeDWMlhE5rZe2q7DSD7JwgqXmhHpiZ
ly3stQP6aXxp0yB/mlq5cdieLVFvG9/Olx8vGqmyi78Gaor++PBWmjB5Z4qAxQJC
1k4j8u8520kjJBOEl5PDavtIk9lToiOWSHNDn4bkJ++feIsR4GNZIgTKS2qGRppL
+TB5/yoGEa5Tttts93IRplWDG4+AVqFolI7zgKsbnnfhx4v1SNeFiD0MiQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKgxReVCabcvDDyphX9ZXBOFBx66MB8GA1UdIwQY
MBaAFExrY3G5RaNenfMI/0OAPiYXhRBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3Mjct
ZDk2MzkzYWYyZjIwLzEvcURGRjVVSnB0eThNUEttRmYxbGNFNFVISHJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3MjctZDk2MzkzYWYyZjIw
LzEvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAwrZsAwQG
w+eAMBgEAgACMBIDBwAqEM+AEAADBwAqEM+AIAAwDQYJKoZIhvcNAQELBQADggEB
ACrAnhoeaP6yxHW92Ywt4OPBS+gOY/oQL7NBeIUKRAaXU513PsPZOURh+TQ8cBh3
ItnIuivFFYpqanYNRl/HlUbEbYspI9WXssspUhDhiUzytAYsC3zAk8alIuCIRVsb
S6k7l+lf+BR5eKXFtZP3zneXsQ+zI7NjqS6gDGgmBzfTFB7nqYtHGvxW0l046l5N
jjp0JQvFhvgRQBcWkXJtirRrogAHYI0Kdd3MoljMOSLY1N5VrE+TT+nAx4cBM8SV
9xLXwWxima5AggyPmZGBP/COiEMRnE6sCQpElF3Oa8wRhMbQXntQuzOGvGzxr6IA
aON+FDMwt4VVnAL8rnFhHWo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:25:57 2025 by rpki-client