Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qno8SfVQ8Mg5WfV4dwy2QtMqiqA.roa
File: Qno8SfVQ8Mg5WfV4dwy2QtMqiqA.roa (raw, json)
Hash identifier: z+fKmxBSiNZShdxqG9D5lPDB9MyFS5+fVHfVdyCg28s=
Subject key identifier: 42:7A:3C:49:F5:50:F0:C8:39:59:F5:78:77:0C:B6:42:D3:2A:8A:A0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01960F5FAD7EA34801F35034290965395F22
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qno8SfVQ8Mg5WfV4dwy2QtMqiqA.roa
Signing time: Mon 07 Apr 2025 08:30:50 +0000
ROA not before: Mon 07 Apr 2025 08:30:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 45.66.230.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Apr 2025 12:12:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:5f:ad:7e:a3:48:01:f3:50:34:29:09:65:39:5f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 7 08:30:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=427a3c49f550f0c83959f578770cb642d32a8aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:81:74:e8:a6:f4:ac:64:1b:e1:6c:a8:d6:91:
0d:b1:63:42:0c:3c:c9:2b:47:e6:b3:16:3d:20:47:
75:26:b8:fd:dd:75:4c:49:83:2b:3b:13:74:09:44:
85:e6:1d:76:c5:82:e5:c8:4e:a9:52:fb:85:35:47:
53:4f:86:d9:ec:4a:c9:af:9c:9a:2a:84:7c:83:d5:
04:ce:0b:33:20:3f:28:ed:08:83:25:a9:ef:d6:ea:
b4:39:09:17:14:03:5f:88:fe:84:7c:56:62:47:9e:
a5:3d:54:c7:ef:99:b1:38:11:a9:c3:fc:7d:d0:29:
fb:bf:40:57:c0:a4:39:ed:a4:62:3c:81:23:5b:31:
b0:48:bf:36:22:82:a6:b4:d6:0d:cb:64:2a:a3:92:
c7:17:07:b8:e0:3f:30:15:6b:77:e9:dd:cd:4a:8f:
80:ce:53:11:39:f1:40:56:c4:c3:26:88:34:69:a2:
c4:63:44:4e:cb:ec:b9:3b:52:ab:45:bf:c6:a0:1c:
a2:36:9c:07:fa:32:00:2c:a6:89:c2:73:00:17:33:
31:c9:65:96:49:6f:48:4c:19:70:a3:da:35:cd:c2:
32:11:2b:48:63:f3:2d:c3:08:06:fd:7f:07:c5:31:
9f:f8:c8:d2:3b:e0:c0:43:1b:4d:f7:46:60:d2:59:
bd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:7A:3C:49:F5:50:F0:C8:39:59:F5:78:77:0C:B6:42:D3:2A:8A:A0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Qno8SfVQ8Mg5WfV4dwy2QtMqiqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.230.0/24
83.219.97.0/24
87.121.221.0/24
141.98.6.0/24
176.125.254.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:95:38:e2:ed:2b:9d:13:af:22:6c:5a:72:d7:8b:ff:12:d8:
25:da:5e:87:82:c0:be:9c:b7:d8:99:d8:ef:c6:32:83:5e:45:
a3:d4:e7:cf:ae:2e:2d:49:1b:a6:00:03:19:37:8a:90:cc:fc:
81:c6:02:bc:08:c3:5e:c1:68:5f:b9:83:80:58:6a:f9:47:7d:
2b:38:c3:10:95:ab:13:a6:2f:e7:29:be:60:48:e9:4b:56:af:
c3:19:c1:7f:97:91:76:bc:c3:26:a5:f9:3e:a3:9c:83:f2:d2:
79:d3:c3:41:d6:b1:3a:2e:64:f1:7d:c8:74:ed:9e:06:85:a7:
4f:0d:ac:46:7f:d2:29:2e:5e:0a:67:7a:71:6a:83:14:5d:79:
ea:13:f3:34:f6:56:85:24:5d:5c:40:fa:b9:2f:b4:3a:06:1e:
e5:c7:d9:ab:65:de:16:78:31:9c:eb:7b:af:7c:82:fe:25:ac:
12:d2:bf:dc:e5:a7:a8:86:49:34:57:17:ce:e8:01:13:86:89:
7a:af:64:8e:46:5a:b9:68:57:53:c1:d7:77:3d:d5:e5:30:b2:
18:9d:69:41:64:73:d4:cd:b0:b8:b2:20:5a:bd:c4:0e:fc:72:
72:16:fc:e4:a8:f6:db:22:56:b5:14:93:14:8b:43:d7:70:bb:
92:8f:c2:b0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZYPX61+o0gB81A0KQllOV8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDA3MDgzMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjdhM2M0OWY1NTBmMGM4Mzk1OWY1Nzg3NzBjYjY0MmQzMmE4YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIF06Kb0rGQb4Wyo1pENsWNCDDzJ
K0fmsxY9IEd1Jrj93XVMSYMrOxN0CUSF5h12xYLlyE6pUvuFNUdTT4bZ7ErJr5ya
KoR8g9UEzgszID8o7QiDJanv1uq0OQkXFANfiP6EfFZiR56lPVTH75mxOBGpw/x9
0Cn7v0BXwKQ57aRiPIEjWzGwSL82IoKmtNYNy2Qqo5LHFwe44D8wFWt36d3NSo+A
zlMROfFAVsTDJog0aaLEY0ROy+y5O1KrRb/GoByiNpwH+jIALKaJwnMAFzMxyWWW
SW9ITBlwo9o1zcIyEStIY/MtwwgG/X8HxTGf+MjSO+DAQxtN90Zg0lm9RwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEJ6PEn1UPDIOVn1eHcMtkLTKoqgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUW5vOFNmVlE4TWc1V2ZWNGR3eTJRdE1xaXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALULmAwQA
U9thAwQAV3ndAwQAjWIGAwQAsH3+AwQAufyxAwQAwjD6MA0GCSqGSIb3DQEBCwUA
A4IBAQCMlTji7SudE68ibFpy14v/Etgl2l6HgsC+nLfYmdjvxjKDXkWj1OfPri4t
SRumAAMZN4qQzPyBxgK8CMNewWhfuYOAWGr5R30rOMMQlasTpi/nKb5gSOlLVq/D
GcF/l5F2vMMmpfk+o5yD8tJ508NB1rE6LmTxfch07Z4GhadPDaxGf9IpLl4KZ3px
aoMUXXnqE/M09laFJF1cQPq5L7Q6Bh7lx9mrZd4WeDGc63uvfIL+JawS0r/c5aeo
hkk0VxfO6AEThol6r2SORlq5aFdTwdd3PdXlMLIYnWlBZHPUzbC4siBavcQO/HJy
FvzkqPbbIla1FJMUi0PXcLuSj8Kw
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:33:27 2025 by rpki-client