Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/_QXw2oHqKnmE9acE1_nKH0tGVOQ.roa
File: _QXw2oHqKnmE9acE1_nKH0tGVOQ.roa (raw, json)
Hash identifier: ldogmTCDypmm3fMpusoIEtGNwVQl5E7kceUk+jf1c2A=
Subject key identifier: FD:05:F0:DA:81:EA:2A:79:84:F5:A7:04:D7:F9:CA:1F:4B:46:54:E4
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 019427B5A18B39009A4DB14B194DDF98CB69
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/_QXw2oHqKnmE9acE1_nKH0tGVOQ.roa
Signing time: Thu 02 Jan 2025 15:50:02 +0000
ROA not before: Thu 02 Jan 2025 15:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44050
IP address blocks: 5.101.89.0/24 maxlen: 24
37.139.48.0/23 maxlen: 24
45.156.212.0/22 maxlen: 22
45.159.200.0/22 maxlen: 22
46.161.16.0/22 maxlen: 22
46.161.24.0/23 maxlen: 24
91.151.176.0/20 maxlen: 20
95.215.0.0/22 maxlen: 24
188.143.128.0/17 maxlen: 24
195.2.240.0/23 maxlen: 24
2a00:1d78::/32 maxlen: 48
2a00:1d78:666::/64 maxlen: 64
2a01:8380::/32 maxlen: 32
2a0c:8700::/29 maxlen: 29
2a0d:8fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 07 Mar 2025 12:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:a1:8b:39:00:9a:4d:b1:4b:19:4d:df:98:cb:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 15:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd05f0da81ea2a7984f5a704d7f9ca1f4b4654e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:25:bd:15:d4:60:ea:77:7e:1d:a0:5a:66:1b:
c0:15:e6:b7:be:4f:8c:56:d4:a7:c9:d3:32:d6:c6:
6e:7c:18:60:94:01:76:36:ea:82:8e:40:f2:99:1f:
32:69:4b:80:fe:8b:75:66:00:16:b0:a3:bb:54:da:
ed:cb:1c:53:e8:d3:85:70:39:87:ba:61:fa:c8:24:
d4:35:24:c0:e4:2d:9b:cf:6a:5b:4e:3d:19:cc:8b:
af:98:2f:f7:31:92:b7:e7:52:4c:d8:35:c4:95:41:
64:ea:7d:a1:1c:04:fd:1e:93:91:1f:0a:4c:34:53:
a4:ec:e3:cc:ee:41:3d:17:37:84:5e:c3:3c:24:df:
31:e6:78:3c:88:6c:98:c7:43:7d:b8:2c:f9:71:83:
eb:96:d2:96:0c:aa:ef:8a:b4:bf:42:14:70:e5:da:
52:63:27:e4:c0:d9:61:39:25:ce:17:0b:4e:f9:f4:
f2:3c:25:b9:c2:33:f4:3a:2d:6e:fd:cb:01:5a:bf:
06:a0:be:f5:34:16:a8:78:af:00:5d:50:79:eb:00:
15:c8:ca:c3:2c:7d:dd:2b:34:e6:a7:2c:59:3f:b7:
3d:e5:7d:d2:63:32:33:30:3c:75:3d:03:de:79:f7:
d6:b1:81:c8:f7:fb:77:0e:e4:aa:29:b7:7e:c4:ae:
2c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:05:F0:DA:81:EA:2A:79:84:F5:A7:04:D7:F9:CA:1F:4B:46:54:E4
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/_QXw2oHqKnmE9acE1_nKH0tGVOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.89.0/24
37.139.48.0/23
45.156.212.0/22
45.159.200.0/22
46.161.16.0/22
46.161.24.0/23
91.151.176.0/20
95.215.0.0/22
188.143.128.0/17
195.2.240.0/23
IPv6:
2a00:1d78::/32
2a01:8380::/32
2a0c:8700::/29
2a0d:8fc0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:26:0c:91:9a:3b:7f:a1:1b:59:14:b3:30:b7:5f:bc:32:25:
7b:ec:d3:3d:c4:4f:5b:ab:23:9e:92:97:e9:d2:b1:24:10:aa:
33:fb:57:ba:61:b9:b9:b5:02:57:60:4a:c1:b8:7b:ca:d3:2a:
53:80:00:fd:c7:a8:31:f2:ad:dc:45:df:02:05:30:d1:f9:86:
07:62:3b:22:22:62:0f:39:d8:c6:4f:b8:1a:80:68:16:70:a8:
4b:84:cb:d5:0c:59:c2:73:5e:d7:84:3e:7c:30:f5:7c:f3:6d:
c6:d4:0c:fa:44:4b:9a:de:05:ad:48:b6:b9:34:a6:41:bb:33:
71:13:ed:ab:88:5b:75:3e:10:42:15:55:28:bd:cd:7d:c3:a8:
eb:de:06:48:31:8e:b3:ee:eb:f1:88:24:fe:8a:28:e5:bd:1a:
62:75:f4:81:a7:ce:55:2e:81:0a:d7:af:00:39:fc:49:6e:f0:
17:d5:aa:12:9e:96:b4:d1:af:85:67:da:ee:01:c0:f2:f5:c7:
07:74:be:78:d7:f7:4e:28:53:fe:47:c9:84:2f:de:13:3b:66:
54:98:4f:19:ca:88:f4:a9:cf:28:e6:71:c3:2f:9f:90:de:05:
09:24:72:0e:ee:ea:f2:9e:20:79:1d:79:64:bc:88:c9:e0:4d:
31:b4:d5:2a
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZQntaGLOQCaTbFLGU3fmMtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwMTAyMTU1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDA1ZjBkYTgxZWEyYTc5ODRmNWE3MDRkN2Y5Y2ExZjRiNDY1NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiW9FdRg6nd+HaBaZhvAFea3vk+M
VtSnydMy1sZufBhglAF2NuqCjkDymR8yaUuA/ot1ZgAWsKO7VNrtyxxT6NOFcDmH
umH6yCTUNSTA5C2bz2pbTj0ZzIuvmC/3MZK351JM2DXElUFk6n2hHAT9HpORHwpM
NFOk7OPM7kE9FzeEXsM8JN8x5ng8iGyYx0N9uCz5cYPrltKWDKrvirS/QhRw5dpS
YyfkwNlhOSXOFwtO+fTyPCW5wjP0Oi1u/csBWr8GoL71NBaoeK8AXVB56wAVyMrD
LH3dKzTmpyxZP7c95X3SYzIzMDx1PQPeeffWsYHI9/t3DuSqKbd+xK4sqQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFP0F8NqB6ip5hPWnBNf5yh9LRlTkMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvX1FYdzJvSHFLbm1FOWFjRTFfbktIMHRHVk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBCBAIAATA8AwQABWVZAwQB
JYswAwQCLZzUAwQCLZ/IAwQCLqEQAwQBLqEYAwQEW5ewAwQCX9cAAwQHvI+AAwQB
wwLwMCIEAgACMBwDBQAqAB14AwUAKgGDgAMFAyoMhwADBQMqDY/AMA0GCSqGSIb3
DQEBCwUAA4IBAQAdJgyRmjt/oRtZFLMwt1+8MiV77NM9xE9bqyOekpfp0rEkEKoz
+1e6Ybm5tQJXYErBuHvK0ypTgAD9x6gx8q3cRd8CBTDR+YYHYjsiImIPOdjGT7ga
gGgWcKhLhMvVDFnCc17XhD58MPV8823G1Az6REua3gWtSLa5NKZBuzNxE+2riFt1
PhBCFVUovc19w6jr3gZIMY6z7uvxiCT+iijlvRpidfSBp85VLoEK168AOfxJbvAX
1aoSnpa00a+FZ9ruAcDy9ccHdL541/dOKFP+R8mEL94TO2ZUmE8Zyoj0qc8o5nHD
L5+Q3gUJJHIO7uryniB5HXlkvIjJ4E0xtNUq
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:22:16 2025 by rpki-client