Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/qMk1C2p9-YX8wh0CTkeq1QYo4JA.roa
File: qMk1C2p9-YX8wh0CTkeq1QYo4JA.roa (raw, json)
Hash identifier: fz6hT/tqd9dW26kca9sZU7zvv63r2YdCkmDEnRp9Bm8=
Subject key identifier: A8:C9:35:0B:6A:7D:F9:85:FC:C2:1D:02:4E:47:AA:D5:06:28:E0:90
Certificate issuer: /CN=f973209625e2a03ddeecf91bb480548e5729d479
Certificate serial: 018CC6B7853D9274EEFEF9FAE7E78420831B
Authority key identifier: F9:73:20:96:25:E2:A0:3D:DE:EC:F9:1B:B4:80:54:8E:57:29:D4:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XMgliXioD3e7PkbtIBUjlcp1Hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/qMk1C2p9-YX8wh0CTkeq1QYo4JA.roa
Signing time: Mon 01 Jan 2024 20:29:25 +0000
ROA not before: Mon 01 Jan 2024 20:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209323
IP address blocks: 147.78.144.0/22 maxlen: 22
2a09:24c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:85:3d:92:74:ee:fe:f9:fa:e7:e7:84:20:83:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f973209625e2a03ddeecf91bb480548e5729d479
Validity
Not Before: Jan 1 20:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8c9350b6a7df985fcc21d024e47aad50628e090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b8:29:3a:02:90:f3:e1:4a:e8:bc:eb:18:a6:
ac:a2:d9:b4:b1:48:de:d8:e1:b9:4e:fc:01:32:bd:
bd:a6:12:0c:7e:e2:1c:74:e1:dd:88:70:0a:9e:f3:
38:e9:35:11:65:0c:7a:c2:3c:9e:a7:e2:68:e9:8d:
9b:7a:2b:5d:59:1a:98:23:26:61:20:df:ec:2e:f4:
ff:ce:06:1e:be:42:b9:72:80:a1:01:ea:9d:14:ff:
8d:df:70:2a:4e:03:0e:cc:d2:70:71:bd:8e:12:85:
53:02:e1:99:24:fe:ff:51:b2:2a:f5:a1:5f:de:64:
eb:5e:7b:5a:f0:67:ab:30:ad:cb:58:df:7d:ff:00:
4f:5e:19:e1:33:49:e2:8a:8f:5c:ba:0a:7a:9c:c8:
44:2a:dd:7a:e0:40:58:83:55:5c:d2:7f:03:2a:a8:
1a:84:b4:13:28:0e:c4:b4:5d:93:b6:fe:5f:84:61:
28:87:11:f3:71:be:d6:0b:eb:cd:ad:a2:42:86:ed:
73:66:12:1c:e0:c7:93:c5:40:9f:45:5f:10:2f:41:
bf:91:d8:88:03:41:bf:59:82:6f:4d:bb:7e:91:4c:
64:29:cb:3f:1d:56:ad:a1:81:8a:08:ad:00:0e:bc:
f3:e4:9f:66:1c:3b:60:a2:c1:d6:ec:0e:bb:40:10:
d5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C9:35:0B:6A:7D:F9:85:FC:C2:1D:02:4E:47:AA:D5:06:28:E0:90
X509v3 Authority Key Identifier:
keyid:F9:73:20:96:25:E2:A0:3D:DE:EC:F9:1B:B4:80:54:8E:57:29:D4:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XMgliXioD3e7PkbtIBUjlcp1Hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/qMk1C2p9-YX8wh0CTkeq1QYo4JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.144.0/22
IPv6:
2a09:24c0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:81:bf:f3:85:8c:33:e5:f8:ab:54:93:df:f0:2f:c9:1f:3b:
6e:a0:67:43:c2:82:ff:52:67:b6:f8:3b:18:85:d8:0e:23:4e:
de:66:d6:8a:45:56:b3:ca:fb:2a:32:f4:2a:b4:a0:4b:3f:64:
06:8c:38:7f:a0:3a:1b:7d:6a:60:b1:b9:99:4d:20:81:78:43:
76:43:cd:e9:f0:f8:0c:14:49:19:52:3e:e8:81:40:db:f8:05:
da:cc:3b:ae:f1:f9:ff:dd:a6:17:6f:07:a2:d2:d1:25:1a:31:
2d:d7:7a:60:5e:9a:ab:01:cb:74:23:f8:23:00:cf:7d:b6:63:
ed:6c:27:9a:0a:21:bf:ed:51:3b:df:42:b0:5a:58:9b:8a:eb:
56:66:8b:d9:15:c2:97:32:29:a4:74:43:7e:2a:0a:eb:43:f6:
41:38:dc:3b:7f:e6:c1:98:1b:0d:42:90:8d:74:c0:b9:c2:d4:
e7:58:ac:57:56:f9:c7:1c:c3:5b:67:00:5e:af:12:5d:3d:7d:
78:61:af:92:80:8c:97:91:7a:3c:02:9b:e0:57:09:97:3b:95:
94:be:91:05:b8:80:bb:3f:db:87:b8:ba:61:75:19:0b:19:b8:
7e:f8:96:0f:26:c6:12:e2:fb:9c:74:7a:00:f5:15:0e:23:82:
82:2c:10:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGt4U9knTu/vn65+eEIIMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzMyMDk2MjVlMmEwM2RkZWVjZjkxYmI0ODA1NDhlNTcy
OWQ0NzkwHhcNMjQwMTAxMjAyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM5MzUwYjZhN2RmOTg1ZmNjMjFkMDI0ZTQ3YWFkNTA2MjhlMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLgpOgKQ8+FK6LzrGKasotm0sUje
2OG5TvwBMr29phIMfuIcdOHdiHAKnvM46TURZQx6wjyep+Jo6Y2beitdWRqYIyZh
IN/sLvT/zgYevkK5coChAeqdFP+N33AqTgMOzNJwcb2OEoVTAuGZJP7/UbIq9aFf
3mTrXnta8GerMK3LWN99/wBPXhnhM0niio9cugp6nMhEKt164EBYg1Vc0n8DKqga
hLQTKA7EtF2Ttv5fhGEohxHzcb7WC+vNraJChu1zZhIc4MeTxUCfRV8QL0G/kdiI
A0G/WYJvTbt+kUxkKcs/HVatoYGKCK0ADrzz5J9mHDtgosHW7A67QBDVTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKjJNQtqffmF/MIdAk5HqtUGKOCQMB8GA1UdIwQY
MBaAFPlzIJYl4qA93uz5G7SAVI5XKdR5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YTWdsaVhpb0QzZTdQa2J0SUJVamxjcDFIay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQvYWY1NGU4LWJkNjMtNDI3ZC04Y2M4
LWY0ZWNlYmJiMWVjMi8xL3FNazFDMnA5LVlYOHdoMENUa2VxMVFZbzRKQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWQvYWY1NGU4LWJkNjMtNDI3ZC04Y2M4LWY0ZWNlYmJiMWVj
Mi8xLzEtWE1nbGlYaW9EM2U3UGtidElCVWpsY3AxSGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAKTTpAw
DQQCAAIwBwMFACoJJMAwDQYJKoZIhvcNAQELBQADggEBAIuBv/OFjDPl+KtUk9/w
L8kfO26gZ0PCgv9SZ7b4OxiF2A4jTt5m1opFVrPK+yoy9Cq0oEs/ZAaMOH+gOht9
amCxuZlNIIF4Q3ZDzenw+AwUSRlSPuiBQNv4BdrMO67x+f/dphdvB6LS0SUaMS3X
emBemqsBy3Qj+CMAz322Y+1sJ5oKIb/tUTvfQrBaWJuK61Zmi9kVwpcyKaR0Q34q
CutD9kE43Dt/5sGYGw1CkI10wLnC1OdYrFdW+cccw1tnAF6vEl09fXhhr5KAjJeR
ejwCm+BXCZc7lZS+kQW4gLs/24e4umF1GQsZuH74lg8mxhLi+5x0egD1FQ4jgoIs
EKE=
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:23:55 2025 by rpki-client