Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/QFLc77lBdQ9ZdSfcjgEM0IVzz-o.roa
File: QFLc77lBdQ9ZdSfcjgEM0IVzz-o.roa (raw, json)
Hash identifier: 1adloaJRxyTiS3KaJrl1SOM3h3RyGXZwOt78WwKRUwc=
Subject key identifier: 40:52:DC:EF:B9:41:75:0F:59:75:27:DC:8E:01:0C:D0:85:73:CF:EA
Certificate issuer: /CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Certificate serial: 0196CA2824B77068720D6A08860D8C1F563F
Authority key identifier: DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/QFLc77lBdQ9ZdSfcjgEM0IVzz-o.roa
Signing time: Tue 13 May 2025 14:59:10 +0000
ROA not before: Tue 13 May 2025 14:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26042
IP address blocks: 91.210.108.0/23 maxlen: 23
91.221.190.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Jun 2025 19:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ca:28:24:b7:70:68:72:0d:6a:08:86:0d:8c:1f:56:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Validity
Not Before: May 13 14:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4052dcefb941750f597527dc8e010cd08573cfea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7c:6a:b0:b8:64:60:fb:f0:98:e3:7c:f3:a8:
5e:52:40:7e:96:bb:6c:9d:5e:b3:4e:fd:07:ee:68:
03:8e:6d:5f:87:f2:6d:8c:d9:e0:4b:98:90:f6:41:
22:77:79:51:8c:d8:7d:2a:92:c4:ec:88:ef:8d:4a:
a2:53:ea:6e:c9:cc:bc:1d:7b:2d:56:63:f1:36:b4:
7d:6d:20:1a:00:72:9e:9f:35:c7:9d:89:d2:29:50:
25:b9:49:42:f0:16:e3:9e:d5:af:ce:aa:f0:b6:c5:
10:55:71:ce:79:24:17:2c:af:66:80:08:cc:11:42:
da:cf:86:2e:52:dc:2d:5c:35:aa:ea:11:12:cb:8e:
69:80:9e:f6:25:bb:07:cc:c6:bf:4b:1c:e9:df:6e:
32:a5:36:fa:90:8e:0e:88:18:42:5c:6d:2b:16:e3:
50:8b:fa:83:4d:f2:02:c7:8d:19:be:4d:a7:18:41:
d3:f8:43:8f:13:c9:6d:8e:ec:9a:07:da:02:f2:22:
93:16:09:3c:9f:9c:59:5e:b9:74:7c:d8:ec:7c:58:
b1:c9:77:8b:40:03:e9:bc:3f:f8:c0:92:03:be:79:
00:39:db:87:6a:c3:ca:6f:6c:21:f0:cd:10:5d:8b:
64:d9:b7:c8:d7:9b:01:6b:e0:4b:cb:6b:b7:b8:8b:
0b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:52:DC:EF:B9:41:75:0F:59:75:27:DC:8E:01:0C:D0:85:73:CF:EA
X509v3 Authority Key Identifier:
keyid:DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/QFLc77lBdQ9ZdSfcjgEM0IVzz-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.108.0/23
91.221.190.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:7d:36:05:05:61:5c:2d:52:23:de:8b:27:24:f7:20:80:88:
f0:f4:4d:f2:1a:5a:30:cc:45:30:a9:f1:d2:58:e0:13:9c:c6:
6e:71:52:cf:ce:2a:46:e4:62:bf:89:62:50:c4:08:24:43:a8:
68:48:a5:57:61:31:df:c8:17:97:c2:59:d6:d5:28:d3:8a:ff:
4a:36:15:8a:f9:32:04:40:a8:e4:7f:42:c5:3a:4d:9c:76:62:
55:16:4c:c9:ec:26:56:a4:5c:62:80:29:31:e2:66:9d:00:7a:
24:38:eb:6c:de:e4:95:8d:cf:fc:75:50:7b:7e:e8:6f:ef:8c:
1d:88:82:2e:d3:48:21:44:ab:b3:aa:fd:c8:9f:7a:01:1f:0c:
95:f7:34:3d:ae:14:1f:85:06:7b:0a:66:ef:df:b3:0c:72:87:
78:e7:04:b9:5a:a5:e5:41:63:98:6e:0b:3d:38:26:7b:44:90:
e9:e2:0a:17:0a:d7:e1:af:e5:bd:9a:6c:cd:29:b5:34:03:b2:
83:66:b7:86:16:70:5d:5c:f5:14:dc:7f:4d:8a:1c:27:cc:93:
14:a3:b5:65:67:14:d0:b8:ba:7e:28:71:98:ea:ed:56:24:30:
96:50:d1:80:b6:ae:c9:49:fe:94:c5:8a:57:1b:43:28:d4:60:
45:d9:f6:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbKKCS3cGhyDWoIhg2MH1Y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWQ2ZWJhNDYzYjc1NjRhYmZhZTkzOGI0NmVkNDcxODdk
ZTBlYzAwHhcNMjUwNTEzMTQ1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDUyZGNlZmI5NDE3NTBmNTk3NTI3ZGM4ZTAxMGNkMDg1NzNjZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43xqsLhkYPvwmON886heUkB+lrts
nV6zTv0H7mgDjm1fh/JtjNngS5iQ9kEid3lRjNh9KpLE7IjvjUqiU+puycy8HXst
VmPxNrR9bSAaAHKenzXHnYnSKVAluUlC8BbjntWvzqrwtsUQVXHOeSQXLK9mgAjM
EULaz4YuUtwtXDWq6hESy45pgJ72JbsHzMa/Sxzp324ypTb6kI4OiBhCXG0rFuNQ
i/qDTfICx40Zvk2nGEHT+EOPE8ltjuyaB9oC8iKTFgk8n5xZXrl0fNjsfFixyXeL
QAPpvD/4wJIDvnkAOduHasPKb2wh8M0QXYtk2bfI15sBa+BLy2u3uIsLlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEBS3O+5QXUPWXUn3I4BDNCFc8/qMB8GA1UdIwQY
MBaAFNsdbrpGO3Vkq/rpOLRu1HGH3g7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAt
NmYyY2Y0ZjAzY2ViLzEvUUZMYzc3bEJkUTlaZFNmY2pnRU0wSVZ6ei1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAtNmYyY2Y0ZjAzY2Vi
LzEvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW9JsAwQB
W92+MA0GCSqGSIb3DQEBCwUAA4IBAQBsfTYFBWFcLVIj3osnJPcggIjw9E3yGlow
zEUwqfHSWOATnMZucVLPzipG5GK/iWJQxAgkQ6hoSKVXYTHfyBeXwlnW1SjTiv9K
NhWK+TIEQKjkf0LFOk2cdmJVFkzJ7CZWpFxigCkx4madAHokOOts3uSVjc/8dVB7
fuhv74wdiIIu00ghRKuzqv3In3oBHwyV9zQ9rhQfhQZ7Cmbv37MMcod45wS5WqXl
QWOYbgs9OCZ7RJDp4goXCtfhr+W9mmzNKbU0A7KDZreGFnBdXPUU3H9NihwnzJMU
o7VlZxTQuLp+KHGY6u1WJDCWUNGAtq7JSf6UxYpXG0Mo1GBF2fbB
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:26:55 2025 by rpki-client