Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/4ba5ff-562e-4354-9600-f762929f1f08/1/qlqgePzaow94bOhGIICb3tENs_I.roa
File: qlqgePzaow94bOhGIICb3tENs_I.roa (raw, json)
Hash identifier: g2l9EOHM8zyw2rqoOA1je1urWXi5S7+aWTnDmc/QL/A=
Subject key identifier: AA:5A:A0:78:FC:DA:A3:0F:78:6C:E8:46:20:80:9B:DE:D1:0D:B3:F2
Certificate issuer: /CN=80fab550d827a2def0d4d2616061425c2f694c84
Certificate serial: 0194266BDC4A699214A3EAFE075CA3DA545C
Authority key identifier: 80:FA:B5:50:D8:27:A2:DE:F0:D4:D2:61:60:61:42:5C:2F:69:4C:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPq1UNgnot7w1NJhYGFCXC9pTIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/4ba5ff-562e-4354-9600-f762929f1f08/1/qlqgePzaow94bOhGIICb3tENs_I.roa
Signing time: Thu 02 Jan 2025 09:49:50 +0000
ROA not before: Thu 02 Jan 2025 09:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13631
IP address blocks: 46.255.29.0/24 maxlen: 24
194.59.56.0/23 maxlen: 24
2a13:bb80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 31 Mar 2025 19:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:dc:4a:69:92:14:a3:ea:fe:07:5c:a3:da:54:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80fab550d827a2def0d4d2616061425c2f694c84
Validity
Not Before: Jan 2 09:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa5aa078fcdaa30f786ce84620809bded10db3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:56:25:f5:91:e3:e2:a9:44:56:54:fc:aa:01:
95:17:12:51:ea:24:03:7b:2c:8c:df:da:ac:04:e9:
33:76:4e:35:ed:56:94:2f:87:53:58:18:92:70:27:
c7:dc:98:fb:a7:65:6f:5e:68:c1:4f:25:f2:29:ce:
67:a9:0a:1a:a1:70:9a:fa:a6:f6:0b:4b:05:ae:06:
11:9b:8e:8c:29:9c:bc:4b:9d:32:89:57:68:d6:fc:
32:32:f0:fa:71:20:ad:e1:78:92:42:91:16:b8:40:
7f:e9:33:2f:41:b7:26:b7:0b:26:62:cb:f3:43:38:
93:09:86:f9:27:a6:4f:8d:f8:b3:2c:fb:ba:1b:2e:
75:55:07:65:85:ed:46:c5:d6:ee:24:66:31:07:f5:
81:b3:2c:9e:2d:3e:05:75:93:85:cf:51:7f:02:87:
cf:75:ba:82:8b:80:2e:4d:a8:a0:c7:87:1d:f1:37:
66:55:03:84:88:4f:53:e0:1a:aa:77:19:f6:6c:af:
34:ec:4d:0f:f3:60:14:24:fb:84:ca:64:8f:e4:cf:
bf:5f:18:4f:7c:2f:eb:7e:76:a9:78:3a:42:14:2b:
17:1b:75:80:a2:b2:17:5f:2c:bf:3c:63:16:f7:09:
d1:91:6c:bf:c3:44:c6:a5:f2:7d:af:a9:13:29:01:
b0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:5A:A0:78:FC:DA:A3:0F:78:6C:E8:46:20:80:9B:DE:D1:0D:B3:F2
X509v3 Authority Key Identifier:
keyid:80:FA:B5:50:D8:27:A2:DE:F0:D4:D2:61:60:61:42:5C:2F:69:4C:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPq1UNgnot7w1NJhYGFCXC9pTIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/4ba5ff-562e-4354-9600-f762929f1f08/1/qlqgePzaow94bOhGIICb3tENs_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/4ba5ff-562e-4354-9600-f762929f1f08/1/gPq1UNgnot7w1NJhYGFCXC9pTIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.29.0/24
194.59.56.0/23
IPv6:
2a13:bb80::/29
Signature Algorithm: sha256WithRSAEncryption
27:e7:00:c3:82:cc:e7:10:f2:86:31:48:9c:79:fc:0e:94:63:
30:d7:aa:2c:2c:c0:ce:75:ba:e0:b2:4f:45:aa:73:bd:de:5e:
98:1a:6e:a7:40:41:e8:c0:9b:87:18:17:3b:a7:a1:13:41:3f:
a1:c5:a6:2a:d0:c6:f5:5b:60:c9:de:a7:45:b2:74:9e:ae:55:
cd:7f:3a:69:c1:3c:cb:60:6c:e8:30:39:29:29:3d:ed:39:cf:
8f:40:07:d4:63:98:f8:f8:03:38:05:75:05:60:86:77:67:97:
8b:fd:c3:6a:f1:18:3c:4a:2e:b1:75:a1:db:c7:92:d3:ca:75:
20:a7:df:f4:c0:30:5e:d4:23:78:9d:75:8e:af:5e:e3:aa:b1:
f2:0c:54:74:10:46:63:9b:0f:04:d5:f5:28:6d:83:78:6f:c2:
2a:03:cd:dc:b0:29:09:07:2c:ef:b0:4e:b0:ae:dd:05:a5:3a:
85:89:a9:d3:ba:07:81:96:ad:6e:5a:63:e5:e8:13:c8:b5:eb:
8b:58:74:03:cd:ea:26:8b:7c:05:9f:6d:a3:09:47:1c:1e:b2:
2e:d1:ac:4a:fe:21:85:83:01:56:de:87:80:ce:83:c6:93:25:
91:29:80:03:81:1d:32:19:e5:6e:fa:bf:f8:bb:90:e8:18:30:
fb:3a:89:40
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma9xKaZIUo+r+B1yj2lRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZmFiNTUwZDgyN2EyZGVmMGQ0ZDI2MTYwNjE0MjVjMmY2
OTRjODQwHhcNMjUwMTAyMDk0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTVhYTA3OGZjZGFhMzBmNzg2Y2U4NDYyMDgwOWJkZWQxMGRiM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVYl9ZHj4qlEVlT8qgGVFxJR6iQD
eyyM39qsBOkzdk417VaUL4dTWBiScCfH3Jj7p2VvXmjBTyXyKc5nqQoaoXCa+qb2
C0sFrgYRm46MKZy8S50yiVdo1vwyMvD6cSCt4XiSQpEWuEB/6TMvQbcmtwsmYsvz
QziTCYb5J6ZPjfizLPu6Gy51VQdlhe1GxdbuJGYxB/WBsyyeLT4FdZOFz1F/AofP
dbqCi4AuTaigx4cd8TdmVQOEiE9T4Bqqdxn2bK807E0P82AUJPuEymSP5M+/XxhP
fC/rfnapeDpCFCsXG3WAorIXXyy/PGMW9wnRkWy/w0TGpfJ9r6kTKQGwlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKpaoHj82qMPeGzoRiCAm97RDbPyMB8GA1UdIwQY
MBaAFID6tVDYJ6Le8NTSYWBhQlwvaUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BxMVVOZ25vdDd3MU5KaFlHRkNYQzlwVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS80YmE1ZmYtNTYyZS00MzU0LTk2MDAt
Zjc2MjkyOWYxZjA4LzEvcWxxZ2VQemFvdzk0Yk9oR0lJQ2IzdEVOc19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS80YmE1ZmYtNTYyZS00MzU0LTk2MDAtZjc2MjkyOWYxZjA4
LzEvZ1BxMVVOZ25vdDd3MU5KaFlHRkNYQzlwVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALv8dAwQB
wjs4MA0EAgACMAcDBQMqE7uAMA0GCSqGSIb3DQEBCwUAA4IBAQAn5wDDgsznEPKG
MUicefwOlGMw16osLMDOdbrgsk9FqnO93l6YGm6nQEHowJuHGBc7p6ETQT+hxaYq
0Mb1W2DJ3qdFsnSerlXNfzppwTzLYGzoMDkpKT3tOc+PQAfUY5j4+AM4BXUFYIZ3
Z5eL/cNq8Rg8Si6xdaHbx5LTynUgp9/0wDBe1CN4nXWOr17jqrHyDFR0EEZjmw8E
1fUobYN4b8IqA83csCkJByzvsE6wrt0FpTqFianTugeBlq1uWmPl6BPIteuLWHQD
zeomi3wFn22jCUccHrIu0axK/iGFgwFW3oeAzoPGkyWRKYADgR0yGeVu+r/4u5Do
GDD7OolA
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:31:23 2025 by rpki-client