Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qds9Vr-uEwh1CnGiXDOG8UoFvas.roa
File: Qds9Vr-uEwh1CnGiXDOG8UoFvas.roa (raw, json)
Hash identifier: wMwj6SxssihxHomJn1pyJ9ZifIgNfzXPgf96ce6Ge04=
Subject key identifier: 41:DB:3D:56:BF:AE:13:08:75:0A:71:A2:5C:33:86:F1:4A:05:BD:AB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01950431BD11E869BC8C392B771DF0248450
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qds9Vr-uEwh1CnGiXDOG8UoFvas.roa
Signing time: Fri 14 Feb 2025 11:22:03 +0000
ROA not before: Fri 14 Feb 2025 11:22:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401120
IP address blocks: 94.156.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Feb 2025 16:13:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:31:bd:11:e8:69:bc:8c:39:2b:77:1d:f0:24:84:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 14 11:22:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41db3d56bfae1308750a71a25c3386f14a05bdab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:61:f1:24:a3:fb:02:84:19:b9:93:b0:88:af:
67:e1:cf:1c:e7:62:07:42:60:2c:ab:1a:e3:39:92:
be:4a:02:ad:33:fa:d1:8d:25:be:3f:ee:25:76:5d:
a8:d9:6f:e1:ae:93:f9:3c:a6:dc:75:eb:6a:19:d4:
bc:c0:b5:50:71:71:fd:c8:72:0d:ec:3f:06:2b:0d:
3b:90:7d:dc:48:77:d1:ec:e4:49:68:91:15:3c:59:
50:9a:9b:ba:9f:0f:a5:79:2e:82:cc:03:be:fd:b7:
3f:e7:9a:4a:24:b8:54:b1:86:4b:47:3a:00:33:99:
e1:da:32:66:fa:10:f4:fb:28:d4:d7:09:4d:4d:c2:
7e:b1:24:97:2e:56:c2:14:5d:f1:e5:a5:34:18:a9:
0e:3c:0b:12:c3:01:44:e6:64:d7:fe:dd:29:1c:ec:
e7:ee:4b:60:b8:84:9c:2e:e5:85:82:65:4e:a7:3d:
6c:27:25:8b:1a:31:b1:d0:59:36:15:46:41:54:dd:
0e:34:7a:57:73:3f:67:85:04:8e:6e:81:45:61:45:
65:d0:f6:d5:de:18:11:6a:a6:c1:19:15:a0:29:4a:
90:60:11:45:bb:19:6c:1b:15:ac:5f:35:c9:7b:39:
7d:59:39:d3:43:a2:55:dc:90:ea:d6:79:47:9d:54:
00:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:DB:3D:56:BF:AE:13:08:75:0A:71:A2:5C:33:86:F1:4A:05:BD:AB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qds9Vr-uEwh1CnGiXDOG8UoFvas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.105.0/24
Signature Algorithm: sha256WithRSAEncryption
21:4a:32:8b:63:4b:65:a3:76:7e:03:33:68:3c:f3:57:48:13:
97:c2:e9:3e:b4:ff:28:ac:50:9f:98:44:59:6b:0b:d0:4a:c5:
2a:ba:1a:46:8f:2e:c5:02:82:29:b8:a7:3b:df:1d:3c:bc:26:
e2:44:97:3c:9c:64:90:ba:36:15:fd:ef:d1:a8:50:59:26:98:
3f:15:dd:5a:d0:61:cf:3c:21:25:bc:f9:ec:a3:5b:08:b6:0f:
04:a4:72:98:1b:b1:56:86:57:3c:1a:81:ad:cc:68:ac:88:0c:
64:1d:da:a2:05:d8:23:11:34:55:dc:4c:4e:45:81:d5:df:89:
66:fc:59:98:11:04:76:0f:e7:1d:74:16:89:d3:e7:e9:07:f4:
26:d9:f0:99:11:5d:c3:89:1d:47:d3:90:44:0d:99:5d:53:98:
be:65:81:af:b5:83:e6:9e:7b:39:df:2b:4d:9f:a1:de:b8:51:
75:cd:de:29:d9:65:38:a7:0f:ab:8d:b5:f1:6f:5e:51:39:62:
e3:99:ce:df:d0:0f:cd:d5:8e:41:b6:31:4f:37:33:0f:09:e1:
53:07:73:7b:a7:8a:2d:75:e0:76:45:ff:42:9c:c1:c3:51:f6:
4a:81:c0:84:40:3d:1e:76:73:6a:fd:18:60:b6:27:5c:79:89:
83:2b:65:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUEMb0R6Gm8jDkrdx3wJIRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjE0MTEyMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWRiM2Q1NmJmYWUxMzA4NzUwYTcxYTI1YzMzODZmMTRhMDViZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWHxJKP7AoQZuZOwiK9n4c8c52IH
QmAsqxrjOZK+SgKtM/rRjSW+P+4ldl2o2W/hrpP5PKbcdetqGdS8wLVQcXH9yHIN
7D8GKw07kH3cSHfR7ORJaJEVPFlQmpu6nw+leS6CzAO+/bc/55pKJLhUsYZLRzoA
M5nh2jJm+hD0+yjU1wlNTcJ+sSSXLlbCFF3x5aU0GKkOPAsSwwFE5mTX/t0pHOzn
7ktguIScLuWFgmVOpz1sJyWLGjGx0Fk2FUZBVN0ONHpXcz9nhQSOboFFYUVl0PbV
3hgRaqbBGRWgKUqQYBFFuxlsGxWsXzXJezl9WTnTQ6JV3JDq1nlHnVQALQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHbPVa/rhMIdQpxolwzhvFKBb2rMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUWRzOVZyLXVFd2gxQ25HaVhET0c4VW9GdmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpxpMA0G
CSqGSIb3DQEBCwUAA4IBAQAhSjKLY0tlo3Z+AzNoPPNXSBOXwuk+tP8orFCfmERZ
awvQSsUquhpGjy7FAoIpuKc73x08vCbiRJc8nGSQujYV/e/RqFBZJpg/Fd1a0GHP
PCElvPnso1sItg8EpHKYG7FWhlc8GoGtzGisiAxkHdqiBdgjETRV3ExORYHV34lm
/FmYEQR2D+cddBaJ0+fpB/Qm2fCZEV3DiR1H05BEDZldU5i+ZYGvtYPmnns53ytN
n6HeuFF1zd4p2WU4pw+rjbXxb15ROWLjmc7f0A/N1Y5BtjFPNzMPCeFTB3N7p4ot
deB2Rf9CnMHDUfZKgcCEQD0ednNq/RhgtidceYmDK2VQ
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:15:46 2025 by rpki-client