Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/qorskRTj4f3LtdCQZBmxcckDSBU.roa
File: qorskRTj4f3LtdCQZBmxcckDSBU.roa (raw, json)
Hash identifier: b0SU9Fnl1M0/i851Tsy6ZmbnwDXF1QtJe4eYgr0x08U=
Subject key identifier: AA:8A:EC:91:14:E3:E1:FD:CB:B5:D0:90:64:19:B1:71:C9:03:48:15
Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial: 01982D21AAC0CF2C5BB6C16E60D646B4855A
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/qorskRTj4f3LtdCQZBmxcckDSBU.roa
Signing time: Mon 21 Jul 2025 13:17:17 +0000
ROA not before: Mon 21 Jul 2025 13:17:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 144.2.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Jul 2025 08:18:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:21:aa:c0:cf:2c:5b:b6:c1:6e:60:d6:46:b4:85:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Validity
Not Before: Jul 21 13:17:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa8aec9114e3e1fdcbb5d0906419b171c9034815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d7:da:2a:27:76:37:b8:85:5d:b9:1d:88:30:
bc:b2:6c:09:e5:89:68:00:d7:6a:7d:eb:66:97:e0:
1d:d1:b2:25:d6:53:49:d8:c7:9e:f6:21:4b:29:ad:
99:3b:42:5b:8e:3e:fa:9c:b5:df:19:e3:11:f5:9c:
b3:f7:8a:fc:f2:1f:be:68:6f:19:ca:eb:fe:13:31:
e9:82:75:ad:85:4f:c2:fd:78:d1:d1:4b:c0:32:40:
99:93:6b:11:e0:10:62:fb:4b:58:a4:5d:8e:70:c0:
e8:0c:58:05:9a:cc:0f:86:37:b2:1c:62:33:d5:a3:
d6:17:1c:f8:6a:ef:d9:64:e9:fe:f3:99:45:a8:56:
10:dc:53:5e:6f:13:d7:35:25:09:35:6f:5d:b3:72:
82:6a:b5:19:6b:6c:d6:d9:8c:7d:ff:f0:de:ee:54:
c8:ae:01:5b:d6:4d:ed:f1:96:8a:04:87:d8:c5:82:
20:3d:df:fa:44:2a:16:90:37:49:50:fe:c7:ca:01:
0a:28:d3:50:69:c8:8f:c9:80:2a:62:d0:4f:0d:5b:
bf:65:e7:e5:be:e8:49:c7:94:af:9b:ea:dd:ee:09:
aa:c7:59:1d:9b:a4:ad:30:92:c0:4a:89:1b:68:33:
76:d2:08:70:7f:15:f5:05:9f:ee:77:82:14:20:a6:
88:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8A:EC:91:14:E3:E1:FD:CB:B5:D0:90:64:19:B1:71:C9:03:48:15
X509v3 Authority Key Identifier:
keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/qorskRTj4f3LtdCQZBmxcckDSBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.143.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:e4:62:27:2e:21:d2:13:13:25:f6:01:c0:86:0a:80:9e:d8:
6f:8c:3b:b9:e7:a5:59:9f:2b:ad:de:10:13:62:c1:68:a0:8f:
85:92:61:a0:50:ac:58:cc:e4:9b:bd:2e:c9:a8:e9:5f:7d:48:
e6:1e:e3:70:54:04:a8:92:a6:2f:2d:51:8f:a0:25:db:57:1b:
6d:0f:2f:d1:7c:8b:1b:df:e8:98:e5:d7:fc:1c:af:ae:16:14:
c2:2d:dd:0c:f7:d2:34:f2:36:b5:8e:51:02:9b:89:1d:55:10:
4a:9d:18:1a:80:03:aa:b0:12:3d:71:37:79:c2:c6:77:b1:ce:
be:ad:a5:6f:ca:75:d6:69:32:51:dd:00:23:5a:c9:98:96:a3:
4f:6a:2a:16:ae:67:5e:9a:d7:48:f0:64:3b:a7:6f:19:17:80:
37:0c:60:0e:f5:d4:f1:c6:82:73:ad:6c:e4:7e:4e:3e:06:b8:
fd:ca:fa:72:6e:7a:14:59:2a:60:70:34:8b:79:bf:11:1a:1c:
67:82:c0:87:ee:a0:84:93:84:ab:b7:78:84:8e:b0:37:b5:f1:
13:05:4b:a8:0a:18:74:87:34:84:b3:00:76:ed:86:0f:b9:5e:
50:b8:ab:4d:3f:d7:3a:26:cc:ed:13:d1:ca:3f:53:e2:19:34:
e6:c4:a6:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgtIarAzyxbtsFuYNZGtIVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjUwNzIxMTMxNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYThhZWM5MTE0ZTNlMWZkY2JiNWQwOTA2NDE5YjE3MWM5MDM0ODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtfaKid2N7iFXbkdiDC8smwJ5Ylo
ANdqfetml+Ad0bIl1lNJ2Mee9iFLKa2ZO0Jbjj76nLXfGeMR9Zyz94r88h++aG8Z
yuv+EzHpgnWthU/C/XjR0UvAMkCZk2sR4BBi+0tYpF2OcMDoDFgFmswPhjeyHGIz
1aPWFxz4au/ZZOn+85lFqFYQ3FNebxPXNSUJNW9ds3KCarUZa2zW2Yx9//De7lTI
rgFb1k3t8ZaKBIfYxYIgPd/6RCoWkDdJUP7HygEKKNNQaciPyYAqYtBPDVu/Zefl
vuhJx5Svm+rd7gmqx1kdm6StMJLASokbaDN20ghwfxX1BZ/ud4IUIKaIowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKqK7JEU4+H9y7XQkGQZsXHJA0gVMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvcW9yc2tSVGo0ZjNMdGRDUVpCbXhjY2tEU0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkAKPMA0G
CSqGSIb3DQEBCwUAA4IBAQAt5GInLiHSExMl9gHAhgqAnthvjDu556VZnyut3hAT
YsFooI+FkmGgUKxYzOSbvS7JqOlffUjmHuNwVASokqYvLVGPoCXbVxttDy/RfIsb
3+iY5df8HK+uFhTCLd0M99I08ja1jlECm4kdVRBKnRgagAOqsBI9cTd5wsZ3sc6+
raVvynXWaTJR3QAjWsmYlqNPaioWrmdemtdI8GQ7p28ZF4A3DGAO9dTxxoJzrWzk
fk4+Brj9yvpybnoUWSpgcDSLeb8RGhxngsCH7qCEk4Srt3iEjrA3tfETBUuoChh0
hzSEswB27YYPuV5QuKtNP9c6JsztE9HKP1PiGTTmxKYB
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:23:45 2025 by rpki-client