Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/Q10NrGE0ptdnjNPjI6DkzDVy6Ao.roa
File: Q10NrGE0ptdnjNPjI6DkzDVy6Ao.roa (raw, json)
Hash identifier: oOvj43ARg7Wna42QILsD+H+UN6LCrzKFnUOMKLjmN5w=
Subject key identifier: 43:5D:0D:AC:61:34:A6:D7:67:8C:D3:E3:23:A0:E4:CC:35:72:E8:0A
Certificate issuer: /CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Certificate serial: 019424B3EF161AFF27CA721E42E521566FAF
Authority key identifier: FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/Q10NrGE0ptdnjNPjI6DkzDVy6Ao.roa
Signing time: Thu 02 Jan 2025 01:49:19 +0000
ROA not before: Thu 02 Jan 2025 01:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7488
IP address blocks: 185.34.144.0/22 maxlen: 22
185.92.188.0/22 maxlen: 22
185.170.76.0/22 maxlen: 22
195.34.70.0/23 maxlen: 23
2a14:7a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 28 Mar 2025 16:36:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ef:16:1a:ff:27:ca:72:1e:42:e5:21:56:6f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Validity
Not Before: Jan 2 01:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=435d0dac6134a6d7678cd3e323a0e4cc3572e80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:37:1b:6f:b4:4b:dd:8f:56:2b:0a:d3:62:ae:
8c:5b:fe:56:ff:8c:2a:ec:2b:0d:12:81:f7:2b:4f:
8b:22:01:d4:b5:d0:a2:2e:63:c0:5d:51:a8:5a:b7:
9d:d5:c8:23:04:f6:0c:0a:80:ab:e9:bf:2b:bd:e3:
2d:7d:db:65:e9:ff:22:e7:38:40:3b:95:df:c8:83:
b6:63:f1:15:c5:1f:b1:d2:1a:81:78:ea:b9:0b:5c:
a5:8d:57:0f:e5:0b:82:33:7f:b6:06:94:4c:37:8f:
b2:7e:4d:41:52:99:49:04:44:67:58:4c:04:7a:ff:
3f:6a:e7:03:1f:8c:4a:18:6f:c5:95:e0:fe:23:3f:
7c:3d:17:a3:8d:ab:5f:df:ed:23:8d:8f:ac:ae:19:
ec:c3:f2:4c:1c:8b:ba:b1:05:2d:88:fe:69:08:68:
b5:0e:9a:1c:3f:d9:98:4c:d2:b4:31:d1:79:16:3f:
af:df:18:6a:ba:97:d0:c7:85:36:ac:e4:78:3c:be:
3b:2e:ba:8d:f3:32:a9:94:de:1a:7b:b7:4c:f7:9a:
bb:9d:ae:c4:00:d8:c7:fd:32:7f:04:b3:dc:26:c2:
81:26:3e:fc:31:71:2e:92:70:0c:03:9e:38:7b:a6:
c5:a1:31:e5:c8:69:de:e2:8c:ce:d5:ed:4b:be:60:
30:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5D:0D:AC:61:34:A6:D7:67:8C:D3:E3:23:A0:E4:CC:35:72:E8:0A
X509v3 Authority Key Identifier:
keyid:FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/Q10NrGE0ptdnjNPjI6DkzDVy6Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.144.0/22
185.92.188.0/22
185.170.76.0/22
195.34.70.0/23
IPv6:
2a14:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
9e:79:6b:4a:88:34:ab:87:ab:e3:f8:f4:ef:f0:9b:e9:d5:ac:
9c:24:ba:d4:ea:6e:70:8a:4f:d9:65:02:97:45:48:2c:b7:80:
32:20:cc:bb:cd:b9:13:f8:99:5e:d1:ba:a6:c3:03:25:5b:c5:
f4:b4:57:7d:74:f6:cc:36:a3:6c:d5:46:a1:c7:d5:95:c1:be:
3a:3d:7b:82:5f:76:6a:34:5a:53:7c:25:ee:bb:c1:b7:24:e8:
30:f2:88:46:47:5b:9e:a9:be:26:84:6b:10:c1:9c:58:25:e5:
cb:70:17:cf:58:fd:14:a9:15:f0:fa:db:a8:c1:da:ee:25:b2:
ee:04:e8:44:70:e5:2c:24:0e:bc:91:78:6d:4d:8e:2a:2f:f4:
c2:e2:64:a2:e6:47:6c:6a:4e:11:3a:7b:dd:08:81:ae:1c:2d:
44:b6:f2:18:d5:d7:36:83:ae:72:7e:37:98:11:3d:c4:8c:b7:
69:3b:66:fa:32:ba:1d:d6:28:ea:45:f0:54:47:43:64:42:56:
e1:bc:a9:97:db:35:20:e9:3e:8a:5f:fe:59:9b:bb:3b:e3:48:
aa:13:b3:cc:8c:ad:87:b5:32:c2:85:c2:b6:3a:b4:c2:d1:f1:
c2:18:7b:da:6f:73:bd:ef:8d:1a:c0:88:11:f8:ca:fd:56:b2:
33:7e:54:b6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQks+8WGv8nynIeQuUhVm+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNzExMDU0YTg5NDQ2YTc2ZjQ5M2NlMmMxMjdhOTQ4ZWJh
NGE4ZmYwHhcNMjUwMTAyMDE0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzVkMGRhYzYxMzRhNmQ3Njc4Y2QzZTMyM2EwZTRjYzM1NzJlODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjcbb7RL3Y9WKwrTYq6MW/5W/4wq
7CsNEoH3K0+LIgHUtdCiLmPAXVGoWred1cgjBPYMCoCr6b8rveMtfdtl6f8i5zhA
O5XfyIO2Y/EVxR+x0hqBeOq5C1yljVcP5QuCM3+2BpRMN4+yfk1BUplJBERnWEwE
ev8/aucDH4xKGG/FleD+Iz98PRejjatf3+0jjY+srhnsw/JMHIu6sQUtiP5pCGi1
DpocP9mYTNK0MdF5Fj+v3xhqupfQx4U2rOR4PL47LrqN8zKplN4ae7dM95q7na7E
ANjH/TJ/BLPcJsKBJj78MXEuknAMA544e6bFoTHlyGne4ozO1e1LvmAwIQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFENdDaxhNKbXZ4zT4yOg5Mw1cugKMB8GA1UdIwQY
MBaAFP9xEFSolEanb0k84sEnqUjrpKj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAt
NDdhYzM4OWQzMjYxLzEvUTEwTnJHRTBwdGRuak5Qakk2RGt6RFZ5NkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAtNDdhYzM4OWQzMjYx
LzEvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSKQAwQC
uVy8AwQCuapMAwQBwyJGMA0EAgACMAcDBQMqFHpAMA0GCSqGSIb3DQEBCwUAA4IB
AQCeeWtKiDSrh6vj+PTv8Jvp1aycJLrU6m5wik/ZZQKXRUgst4AyIMy7zbkT+Jle
0bqmwwMlW8X0tFd9dPbMNqNs1Uahx9WVwb46PXuCX3ZqNFpTfCXuu8G3JOgw8ohG
R1ueqb4mhGsQwZxYJeXLcBfPWP0UqRXw+tuowdruJbLuBOhEcOUsJA68kXhtTY4q
L/TC4mSi5kdsak4ROnvdCIGuHC1EtvIY1dc2g65yfjeYET3EjLdpO2b6Mrod1ijq
RfBUR0NkQlbhvKmX2zUg6T6KX/5Zm7s740iqE7PMjK2HtTLChcK2OrTC0fHCGHva
b3O9740awIgR+Mr9VrIzflS2
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:16:04 2025 by rpki-client