Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/qKU9i2kq6N6XHmw7c1JewZHJhr0.roa
File: qKU9i2kq6N6XHmw7c1JewZHJhr0.roa (raw, json)
Hash identifier: iycVHSyW0r+/ENImpRx2Tbb2Qz2KDvg98HKI/BTeygw=
Subject key identifier: A8:A5:3D:8B:69:2A:E8:DE:97:1E:6C:3B:73:52:5E:C1:91:C9:86:BD
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 0194D5D5D0384CA4531C65692E16A5411D68
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/qKU9i2kq6N6XHmw7c1JewZHJhr0.roa
Signing time: Wed 05 Feb 2025 11:19:06 +0000
ROA not before: Wed 05 Feb 2025 11:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 178.17.48.0/20 maxlen: 20
178.17.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 11:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d5:d5:d0:38:4c:a4:53:1c:65:69:2e:16:a5:41:1d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: Feb 5 11:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8a53d8b692ae8de971e6c3b73525ec191c986bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:76:2f:18:f1:56:5f:79:19:1b:f6:54:e7:96:
49:a2:af:68:17:34:bd:7e:07:cc:29:6d:c5:df:67:
3c:93:36:60:15:4b:e0:99:72:2f:b2:84:d9:b9:07:
94:0c:27:77:6d:bf:ed:ed:3f:51:ce:0c:dc:eb:9d:
09:9f:76:d6:c0:d0:86:b9:b1:52:93:35:8f:a6:8f:
80:9c:7d:58:a8:21:61:b9:6a:8b:3d:e5:8d:bb:b4:
1e:15:6a:3c:76:b7:8c:a8:ae:0b:ff:9b:a5:81:0a:
80:b5:d8:79:ad:ac:de:6c:be:4e:f7:5b:fa:87:28:
05:b7:ae:19:71:b5:86:68:3c:e7:f4:0c:4a:06:3d:
95:48:b6:78:b5:25:55:56:b3:1a:48:d0:27:65:88:
d9:8e:b7:70:6b:bb:43:67:8d:ae:fc:85:ee:ac:60:
a6:c8:ae:55:d2:e9:38:6e:b9:6f:35:67:d0:a9:4b:
be:eb:d0:ec:7e:2a:87:d8:76:67:53:3d:e1:8a:8a:
2e:e4:e9:93:36:0e:8a:75:ee:41:4d:1b:10:eb:f9:
98:0c:de:02:9c:2e:e8:b8:6f:d1:4d:7d:f0:9e:0b:
39:ad:a5:d9:12:54:f3:5f:26:3b:50:b8:c2:75:b1:
84:9f:c6:8d:92:f7:47:52:82:98:f0:88:f9:0b:31:
cd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A5:3D:8B:69:2A:E8:DE:97:1E:6C:3B:73:52:5E:C1:91:C9:86:BD
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/qKU9i2kq6N6XHmw7c1JewZHJhr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.17.48.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:db:19:cf:e2:ae:f9:d9:b0:f4:0f:c1:a6:01:ec:69:b5:73:
5b:a8:b2:1b:3e:8d:82:84:67:01:5e:d7:f2:ba:29:ca:a9:7c:
3d:ac:38:61:44:32:57:a6:06:08:f9:b5:66:58:d5:5e:1d:ed:
ea:7f:c8:0b:c3:dd:0d:fc:0d:31:2e:87:36:57:94:cd:b9:e8:
88:4e:71:c8:d0:38:eb:ff:0e:cf:81:9d:98:37:21:60:db:e9:
87:9d:ad:0a:00:d2:bd:35:10:9b:dd:c4:cf:b2:34:aa:b4:5a:
9f:10:db:db:ff:74:34:38:72:41:54:ee:eb:fa:12:54:5b:74:
68:06:30:8f:27:93:af:33:18:bd:6a:dd:68:7a:f3:d4:d6:e8:
2f:66:0a:3a:4a:42:df:a8:e1:d9:aa:11:eb:87:5d:95:3d:68:
3f:38:27:6e:e6:c7:b1:fb:a8:0e:30:e4:ed:8f:cb:0b:9d:ea:
ca:59:c9:77:57:9a:3b:57:8a:b3:84:3d:ca:c4:f4:9c:f4:60:
91:79:40:93:34:6f:50:fb:99:57:d8:06:83:61:90:eb:c9:3c:
d3:6e:2d:cf:9f:81:93:71:b8:a3:df:3c:0a:e6:ad:40:45:fd:
87:46:09:57:e9:bf:70:b3:d3:7a:77:94:d2:5e:fb:fc:2c:dd:
47:18:5a:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTV1dA4TKRTHGVpLhalQR1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjUwMjA1MTExOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE1M2Q4YjY5MmFlOGRlOTcxZTZjM2I3MzUyNWVjMTkxYzk4NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHYvGPFWX3kZG/ZU55ZJoq9oFzS9
fgfMKW3F32c8kzZgFUvgmXIvsoTZuQeUDCd3bb/t7T9Rzgzc650Jn3bWwNCGubFS
kzWPpo+AnH1YqCFhuWqLPeWNu7QeFWo8dreMqK4L/5ulgQqAtdh5razebL5O91v6
hygFt64ZcbWGaDzn9AxKBj2VSLZ4tSVVVrMaSNAnZYjZjrdwa7tDZ42u/IXurGCm
yK5V0uk4brlvNWfQqUu+69DsfiqH2HZnUz3hioou5OmTNg6Kde5BTRsQ6/mYDN4C
nC7ouG/RTX3wngs5raXZElTzXyY7ULjCdbGEn8aNkvdHUoKY8Ij5CzHN2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKilPYtpKujelx5sO3NSXsGRyYa9MB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvcUtVOWkya3E2TjZYSG13N2MxSmV3WkhKaHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEshEwMA0G
CSqGSIb3DQEBCwUAA4IBAQCd2xnP4q752bD0D8GmAexptXNbqLIbPo2ChGcBXtfy
uinKqXw9rDhhRDJXpgYI+bVmWNVeHe3qf8gLw90N/A0xLoc2V5TNueiITnHI0Djr
/w7PgZ2YNyFg2+mHna0KANK9NRCb3cTPsjSqtFqfENvb/3Q0OHJBVO7r+hJUW3Ro
BjCPJ5OvMxi9at1oevPU1ugvZgo6SkLfqOHZqhHrh12VPWg/OCdu5sex+6gOMOTt
j8sLnerKWcl3V5o7V4qzhD3KxPSc9GCReUCTNG9Q+5lX2AaDYZDryTzTbi3Pn4GT
cbij3zwK5q1ARf2HRglX6b9ws9N6d5TSXvv8LN1HGFqw
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:09:28 2025 by rpki-client