Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/QbqZQNiiBgBaw5BYADdHdvaxuqg.roa
File: QbqZQNiiBgBaw5BYADdHdvaxuqg.roa (raw, json)
Hash identifier: 5cjXFsC4NfPy5i/NxDpGRfWxWKvLW5AlisOU0pD4aZg=
Subject key identifier: 41:BA:99:40:D8:A2:06:00:5A:C3:90:58:00:37:47:76:F6:B1:BA:A8
Certificate issuer: /CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Certificate serial: 018CC72733FC2AC2F90CAB7A48BEF2BCD4E7
Authority key identifier: 6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/QbqZQNiiBgBaw5BYADdHdvaxuqg.roa
Signing time: Mon 01 Jan 2024 22:31:24 +0000
ROA not before: Mon 01 Jan 2024 22:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57793
IP address blocks: 95.131.81.0/24 maxlen: 24
95.131.82.0/23 maxlen: 24
95.131.84.0/22 maxlen: 24
2a02:ef8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 20 Jun 2024 15:35:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:33:fc:2a:c2:f9:0c:ab:7a:48:be:f2:bc:d4:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Validity
Not Before: Jan 1 22:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41ba9940d8a206005ac3905800374776f6b1baa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a2:c6:00:56:96:e5:2b:69:5a:41:dd:a6:dc:
06:2a:2f:71:47:9f:f9:d1:84:5a:d0:2e:f7:94:4c:
c1:88:dc:32:7a:32:ed:9e:d5:af:b8:1d:fc:ad:1e:
26:82:cf:1b:65:36:79:4e:ed:9a:ab:de:7f:eb:fd:
6b:30:ba:07:b9:80:8e:84:ad:d8:3e:20:e5:fa:0a:
04:01:46:40:6e:f3:73:45:43:52:ae:22:76:f8:e2:
b3:2a:af:2b:80:9b:03:11:5b:ee:c9:7f:d6:98:20:
2f:ce:8d:97:5a:eb:1b:c8:07:4a:7b:a9:d6:49:e6:
b4:c4:b7:7a:0b:b4:fe:83:86:9c:18:4f:98:86:0e:
9d:27:89:bc:c4:0a:76:de:3a:5d:e2:26:c7:93:c6:
f2:21:55:d3:7a:55:e5:f9:f2:2b:78:56:15:8e:e3:
42:54:67:e7:6d:f4:b0:88:c9:9f:ff:35:ae:b7:c0:
b4:ae:90:cb:7c:ea:af:3d:1f:df:90:81:1f:bf:3b:
a2:41:77:0a:e0:23:d2:f5:76:ab:8b:ec:90:6f:f2:
ec:ff:de:75:f2:e2:6d:a0:4f:53:e3:2d:6c:19:31:
44:f3:44:be:25:67:09:4d:22:67:78:60:88:c1:4d:
12:14:bb:4c:63:a7:54:90:c0:75:84:a8:63:52:1b:
1b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BA:99:40:D8:A2:06:00:5A:C3:90:58:00:37:47:76:F6:B1:BA:A8
X509v3 Authority Key Identifier:
keyid:6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/QbqZQNiiBgBaw5BYADdHdvaxuqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/bkBn13v-qZ3yXOXgipIT0RKAFM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.81.0-95.131.87.255
IPv6:
2a02:ef8::/32
Signature Algorithm: sha256WithRSAEncryption
20:8c:bd:8d:ef:f3:5c:99:4c:69:43:68:81:9e:f9:ce:1e:84:
5e:6a:7d:77:c9:cd:f3:fa:7c:91:89:62:ea:31:69:84:44:9f:
71:b6:f8:f6:30:65:20:d8:84:0a:94:56:bb:48:3b:93:bc:ff:
ae:01:a7:36:ae:0b:b5:77:12:a1:18:62:d5:c9:fa:cb:0d:c0:
89:94:6a:0f:4d:59:a4:d3:b9:ee:d1:12:f4:56:22:48:cb:ba:
8b:6e:b3:d2:66:2f:de:ea:0d:1b:b0:dd:9c:dc:20:f5:44:33:
16:50:09:94:77:b2:01:9b:1b:b9:f2:b6:2a:df:b8:62:f9:5d:
cd:26:71:13:07:9f:06:a3:24:63:2b:0f:d4:b8:9a:1c:fc:05:
e9:89:b2:ca:4f:4c:4d:1b:01:be:bf:e8:b4:96:7a:a0:a5:af:
46:d8:b9:54:33:19:ea:9a:e5:0b:89:e5:86:05:44:56:8c:31:
00:23:3b:8b:e3:ed:bf:44:ec:31:f0:1d:d8:a2:74:04:9b:14:
8d:b0:49:19:54:ef:d9:48:ac:4e:ba:6c:9a:0f:05:9c:4a:8d:
09:14:04:90:c1:3e:45:fa:ab:6a:eb:61:e9:9f:1c:b6:8b:fa:
24:9e:af:8a:3b:bb:be:66:97:21:4d:8c:99:d9:ae:80:77:79:
bb:4a:80:a4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzHJzP8KsL5DKt6SL7yvNTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDA2N2Q3N2JmZWE5OWRmMjVjZTVlMDhhOTIxM2QxMTI4
MDE0Y2YwHhcNMjQwMTAxMjIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJhOTk0MGQ4YTIwNjAwNWFjMzkwNTgwMDM3NDc3NmY2YjFiYWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6LGAFaW5StpWkHdptwGKi9xR5/5
0YRa0C73lEzBiNwyejLtntWvuB38rR4mgs8bZTZ5Tu2aq95/6/1rMLoHuYCOhK3Y
PiDl+goEAUZAbvNzRUNSriJ2+OKzKq8rgJsDEVvuyX/WmCAvzo2XWusbyAdKe6nW
Sea0xLd6C7T+g4acGE+Yhg6dJ4m8xAp23jpd4ibHk8byIVXTelXl+fIreFYVjuNC
VGfnbfSwiMmf/zWut8C0rpDLfOqvPR/fkIEfvzuiQXcK4CPS9Xari+yQb/Ls/951
8uJtoE9T4y1sGTFE80S+JWcJTSJneGCIwU0SFLtMY6dUkMB1hKhjUhsbHQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEG6mUDYogYAWsOQWAA3R3b2sbqoMB8GA1UdIwQY
MBaAFG5AZ9d7/qmd8lzl4IqSE9ESgBTPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmIt
MzMwM2Y3MTYyMmY5LzEvUWJxWlFOaWlCZ0JhdzVCWUFEZEhkdmF4dXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmItMzMwM2Y3MTYyMmY5
LzEvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBABfg1ED
BANfg1AwDQQCAAIwBwMFACoCDvgwDQYJKoZIhvcNAQELBQADggEBACCMvY3v81yZ
TGlDaIGe+c4ehF5qfXfJzfP6fJGJYuoxaYREn3G2+PYwZSDYhAqUVrtIO5O8/64B
pzauC7V3EqEYYtXJ+ssNwImUag9NWaTTue7REvRWIkjLuotus9JmL97qDRuw3Zzc
IPVEMxZQCZR3sgGbG7nytirfuGL5Xc0mcRMHnwajJGMrD9S4mhz8BemJsspPTE0b
Ab6/6LSWeqClr0bYuVQzGeqa5QuJ5YYFRFaMMQAjO4vj7b9E7DHwHdiidASbFI2w
SRlU79lIrE66bJoPBZxKjQkUBJDBPkX6q2rrYemfHLaL+iSer4o7u75mlyFNjJnZ
roB3ebtKgKQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:47 2025 by rpki-client