Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/quPezT2plfrM6JLcFYBAjjzJ6Ic.roa
File: quPezT2plfrM6JLcFYBAjjzJ6Ic.roa (raw, json)
Hash identifier: oDpQvL9QUHraBWecctMS/fKEB16LY1I50TxWB4qi190=
Subject key identifier: AA:E3:DE:CD:3D:A9:95:FA:CC:E8:92:DC:15:80:40:8E:3C:C9:E8:87
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0195FAA284EEF90867FE5EA026B9D19489F6
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/quPezT2plfrM6JLcFYBAjjzJ6Ic.roa
Signing time: Thu 03 Apr 2025 07:51:49 +0000
ROA not before: Thu 03 Apr 2025 07:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.22.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.26.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
83.147.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 16:36:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fa:a2:84:ee:f9:08:67:fe:5e:a0:26:b9:d1:94:89:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Apr 3 07:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aae3decd3da995facce892dc1580408e3cc9e887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ba:87:48:9c:0d:18:bd:18:35:69:36:64:d0:
86:64:1c:73:af:f9:a6:6e:7c:e5:85:fb:cf:c7:83:
4c:46:09:10:4e:e3:50:05:18:43:c7:7a:53:c0:2c:
32:ef:aa:3a:04:69:64:f7:fd:70:3f:00:fb:97:67:
68:8a:87:21:4b:0b:ef:d3:e0:49:7e:b9:17:2f:9a:
bb:c4:9e:19:1b:73:4a:04:94:15:e9:67:0b:e8:b0:
54:c3:09:98:a9:cf:39:17:9c:99:cd:ca:7d:30:62:
40:7c:b1:49:f3:9c:4f:e6:a9:85:e4:0a:ec:01:9c:
f7:14:4d:f4:db:09:73:0d:4b:62:60:d5:cc:d2:38:
58:f0:eb:28:46:ef:92:79:14:8f:b0:a7:a6:00:70:
a2:1c:2e:51:6a:8e:6b:0a:5e:9f:40:01:59:5f:80:
63:cb:25:70:7d:c2:ce:e7:0d:5f:8e:e0:74:84:90:
b8:95:c1:ce:c9:53:63:ab:51:bb:3b:98:71:2a:0b:
1e:23:c0:1c:ae:0f:16:53:e1:68:d8:60:a3:02:e3:
aa:c7:b6:a2:eb:5f:bc:36:b5:5c:60:81:81:e3:47:
1a:d1:ef:ef:86:a3:d8:59:93:85:32:a9:85:db:57:
10:e0:d3:42:3c:c5:f4:4b:67:6d:1d:c9:23:11:2c:
28:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:E3:DE:CD:3D:A9:95:FA:CC:E8:92:DC:15:80:40:8E:3C:C9:E8:87
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/quPezT2plfrM6JLcFYBAjjzJ6Ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.16.0-83.147.22.255
83.147.26.0-83.147.28.255
83.147.40.0/22
Signature Algorithm: sha256WithRSAEncryption
64:c7:b5:ff:28:f9:f8:87:6a:c8:89:34:7f:c4:37:5e:fa:81:
97:8e:96:cb:17:95:ce:72:29:fd:01:6b:c6:47:18:ff:02:94:
6c:68:36:d1:45:f0:59:e1:c7:c6:37:dc:c0:7b:16:36:9f:70:
b9:10:0c:14:c7:ac:92:cd:13:00:6a:a9:b4:89:c5:14:10:ed:
f2:1d:64:55:a1:7e:81:b7:ab:03:00:84:02:a2:1d:c2:16:ba:
53:65:74:8b:ad:da:c7:b0:af:08:72:4b:df:44:7d:eb:15:d4:
1a:c4:0d:bc:cf:af:9a:14:10:be:43:1f:e4:eb:1b:9e:d4:da:
2f:f3:bf:2a:78:25:56:48:74:12:e6:ac:2a:90:af:3c:1c:a5:
9c:46:05:86:cd:63:6c:fa:29:c8:5e:73:3e:e7:c1:09:ae:16:
3c:35:f6:0c:e9:9c:ea:69:10:a8:a6:04:e4:6e:95:93:83:fd:
6f:60:ba:39:9a:53:9c:79:f4:01:88:a2:42:10:2e:17:51:ca:
12:92:c4:35:1b:11:74:37:ad:ee:60:1f:b3:03:9f:e3:96:0f:
c9:38:13:49:e6:8c:98:7d:3f:f1:e5:d7:aa:83:ee:bc:06:be:
ee:8c:04:71:c2:1d:ae:0b:a6:3d:41:0c:f1:f4:77:b0:47:74:
b3:e0:c5:d3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZX6ooTu+Qhn/l6gJrnRlIn2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjUwNDAzMDc1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWUzZGVjZDNkYTk5NWZhY2NlODkyZGMxNTgwNDA4ZTNjYzllODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bqHSJwNGL0YNWk2ZNCGZBxzr/mm
bnzlhfvPx4NMRgkQTuNQBRhDx3pTwCwy76o6BGlk9/1wPwD7l2doiochSwvv0+BJ
frkXL5q7xJ4ZG3NKBJQV6WcL6LBUwwmYqc85F5yZzcp9MGJAfLFJ85xP5qmF5Ars
AZz3FE302wlzDUtiYNXM0jhY8OsoRu+SeRSPsKemAHCiHC5Rao5rCl6fQAFZX4Bj
yyVwfcLO5w1fjuB0hJC4lcHOyVNjq1G7O5hxKgseI8Acrg8WU+Fo2GCjAuOqx7ai
61+8NrVcYIGB40ca0e/vhqPYWZOFMqmF21cQ4NNCPMX0S2dtHckjESwo4QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKrj3s09qZX6zOiS3BWAQI48yeiHMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvcXVQZXpUMnBsZnJNNkpMY0ZZQkFqanpKNkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBARTkxAD
BABTkxYwDAMEAVOTGgMEAFOTHAMEAlOTKDANBgkqhkiG9w0BAQsFAAOCAQEAZMe1
/yj5+IdqyIk0f8Q3XvqBl46WyxeVznIp/QFrxkcY/wKUbGg20UXwWeHHxjfcwHsW
Np9wuRAMFMesks0TAGqptInFFBDt8h1kVaF+gberAwCEAqIdwha6U2V0i63ax7Cv
CHJL30R96xXUGsQNvM+vmhQQvkMf5OsbntTaL/O/KnglVkh0EuasKpCvPBylnEYF
hs1jbPopyF5zPufBCa4WPDX2DOmc6mkQqKYE5G6Vk4P9b2C6OZpTnHn0AYiiQhAu
F1HKEpLENRsRdDet7mAfswOf45YPyTgTSeaMmH0/8eXXqoPuvAa+7owEccIdrgum
PUEM8fR3sEd0s+DF0w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:22:18 2025 by rpki-client