Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Q3ZMNDevbTziTCGEyI9KZmVYO50.roa
File: Q3ZMNDevbTziTCGEyI9KZmVYO50.roa (raw, json)
Hash identifier: ABqThzxXCB3abxtbXkKhoyYGH8+A48rX4lNn0S1v8rw=
Subject key identifier: 43:76:4C:34:37:AF:6D:3C:E2:4C:21:84:C8:8F:4A:66:65:58:3B:9D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01955CC21C9757EAB01C86E44C87E507CF00
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Q3ZMNDevbTziTCGEyI9KZmVYO50.roa
Signing time: Mon 03 Mar 2025 16:06:19 +0000
ROA not before: Mon 03 Mar 2025 16:06:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214943
IP address blocks: 195.177.95.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 08:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:c2:1c:97:57:ea:b0:1c:86:e4:4c:87:e5:07:cf:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 3 16:06:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43764c3437af6d3ce24c2184c88f4a6665583b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:52:3c:2a:3f:25:4d:2a:6d:84:9a:d5:9f:30:
e5:e6:ce:b9:3d:6f:e3:8e:ee:c3:01:c5:07:7e:5d:
cd:15:75:bd:80:8e:54:32:4d:80:32:da:95:f1:c3:
8c:6b:21:2e:9e:f4:9e:62:b5:6d:79:a9:34:6b:9f:
a6:44:90:9e:72:5c:4b:39:2d:2d:f1:ce:7b:d9:38:
3e:ea:d8:e4:f6:a9:06:3e:1d:81:5e:30:ac:a0:48:
71:67:e0:b0:72:51:7d:e7:5e:3b:ba:9d:1c:4d:5c:
f8:69:eb:01:ce:d8:92:d4:36:de:75:4a:f9:d9:3e:
f8:64:20:04:44:2d:78:90:89:c3:26:90:68:57:0f:
78:b0:73:94:cd:d7:ae:69:ae:49:87:64:de:e9:e8:
24:e1:e2:e8:da:e1:63:fe:22:a6:fe:81:25:9b:c2:
b4:28:02:6c:3c:07:5e:97:80:82:b5:d9:0e:a7:c4:
5d:ea:52:3b:7f:0f:04:2e:9a:18:8a:4f:3e:99:f9:
8f:48:ba:37:bb:6e:16:71:2a:4f:16:ac:24:7e:b1:
95:0f:4f:34:44:af:8c:d4:f1:66:8f:0c:44:67:7e:
ad:c7:0f:ca:37:cb:d9:57:3b:4c:e0:2c:b3:34:be:
c3:59:ad:65:94:21:58:f0:04:8b:51:8d:9d:d9:8e:
32:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:76:4C:34:37:AF:6D:3C:E2:4C:21:84:C8:8F:4A:66:65:58:3B:9D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Q3ZMNDevbTziTCGEyI9KZmVYO50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.95.0/24
195.211.190.0/24
Signature Algorithm: sha256WithRSAEncryption
14:ba:69:fa:29:8a:73:df:cd:53:89:11:7c:9c:d3:f1:69:d1:
5c:da:5d:53:dd:db:c3:24:56:b5:cf:4d:5b:0f:c1:5d:3e:3b:
d5:b7:f8:15:7a:d3:79:84:6d:8a:7b:79:59:dc:75:5c:f6:ea:
6a:51:58:84:18:61:47:e4:27:09:5f:5e:3b:94:2c:b8:26:39:
a3:94:3b:c7:2d:42:b0:1c:fe:3c:7d:0e:43:5d:bd:38:f3:44:
b9:1d:22:2a:f2:00:4a:11:6b:92:64:01:ea:18:47:37:b3:cf:
43:3a:b3:a6:99:1e:98:1a:44:4d:8d:9d:46:fe:bf:68:32:4e:
d8:8f:13:96:bd:0f:36:6d:79:97:32:c7:a1:8f:00:23:e0:68:
bd:59:48:5f:76:f7:f0:92:06:25:9b:5a:db:d1:08:fc:b3:d3:
4a:0b:c0:47:f0:04:1d:4e:26:14:8b:2f:e3:0a:45:3e:5a:61:
ec:0d:4c:d3:20:2c:a6:2f:7f:93:73:1c:3f:c1:2c:ac:33:d3:
ec:5c:ca:35:be:9c:b4:56:ed:b4:cb:f8:28:cd:65:93:fc:10:
51:c8:65:ac:aa:68:22:41:bd:34:dd:cd:01:9b:17:28:7a:b7:
21:ae:76:91:4a:ad:48:ad:f4:47:37:74:4b:d0:fa:29:9c:af:
33:d5:f7:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVcwhyXV+qwHIbkTIflB88AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwMzAzMTYwNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzc2NGMzNDM3YWY2ZDNjZTI0YzIxODRjODhmNGE2NjY1NTgzYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1I8Kj8lTSpthJrVnzDl5s65PW/j
ju7DAcUHfl3NFXW9gI5UMk2AMtqV8cOMayEunvSeYrVteak0a5+mRJCeclxLOS0t
8c572Tg+6tjk9qkGPh2BXjCsoEhxZ+CwclF95147up0cTVz4aesBztiS1DbedUr5
2T74ZCAERC14kInDJpBoVw94sHOUzdeuaa5Jh2Te6egk4eLo2uFj/iKm/oElm8K0
KAJsPAdel4CCtdkOp8Rd6lI7fw8ELpoYik8+mfmPSLo3u24WcSpPFqwkfrGVD080
RK+M1PFmjwxEZ36txw/KN8vZVztM4CyzNL7DWa1llCFY8ASLUY2d2Y4y7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEN2TDQ3r2084kwhhMiPSmZlWDudMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUTNaTU5EZXZiVHppVENHRXlJOUtabVZZTzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw7FfAwQA
w9O+MA0GCSqGSIb3DQEBCwUAA4IBAQAUumn6KYpz381TiRF8nNPxadFc2l1T3dvD
JFa1z01bD8FdPjvVt/gVetN5hG2Ke3lZ3HVc9upqUViEGGFH5CcJX147lCy4Jjmj
lDvHLUKwHP48fQ5DXb0480S5HSIq8gBKEWuSZAHqGEc3s89DOrOmmR6YGkRNjZ1G
/r9oMk7YjxOWvQ82bXmXMsehjwAj4Gi9WUhfdvfwkgYlm1rb0Qj8s9NKC8BH8AQd
TiYUiy/jCkU+WmHsDUzTICymL3+Tcxw/wSysM9PsXMo1vpy0Vu20y/gozWWT/BBR
yGWsqmgiQb003c0BmxcoerchrnaRSq1IrfRHN3RL0PopnK8z1ff2
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:28:31 2025 by rpki-client