Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Q_eL2Q_xl1obTczdwxg2k75QK2Y.roa
File: Q_eL2Q_xl1obTczdwxg2k75QK2Y.roa (raw, json)
Hash identifier: lZdGuj+Gt175loTALGfqkr9lSCBms8monDrIOHo52yg=
Subject key identifier: 43:F7:8B:D9:0F:F1:97:5A:1B:4D:CC:DD:C3:18:36:93:BE:50:2B:66
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0194DA87E46A29499F65DE5C86AFF75A7213
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Q_eL2Q_xl1obTczdwxg2k75QK2Y.roa
Signing time: Thu 06 Feb 2025 09:12:06 +0000
ROA not before: Thu 06 Feb 2025 09:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8399
IP address blocks: 37.97.64.0/19 maxlen: 19
37.97.96.0/20 maxlen: 20
37.139.120.0/21 maxlen: 21
65.39.64.0/19 maxlen: 19
80.251.96.0/20 maxlen: 20
81.93.0.0/19 maxlen: 19
88.213.224.0/19 maxlen: 19
157.143.128.0/17 maxlen: 17
178.157.16.0/20 maxlen: 20
178.157.32.0/20 maxlen: 20
178.174.96.0/20 maxlen: 23
178.255.160.0/21 maxlen: 21
185.6.92.0/22 maxlen: 22
185.8.252.0/22 maxlen: 22
185.24.140.0/22 maxlen: 22
185.32.208.0/22 maxlen: 22
185.42.176.0/22 maxlen: 22
185.65.248.0/22 maxlen: 22
185.76.216.0/22 maxlen: 22
185.218.208.0/22 maxlen: 22
185.249.20.0/22 maxlen: 22
195.135.0.0/17 maxlen: 17
195.135.0.0/18 maxlen: 18
195.135.12.0/23 maxlen: 23
195.135.48.0/20 maxlen: 20
195.135.48.0/24 maxlen: 24
217.74.96.0/20 maxlen: 20
217.181.128.0/17 maxlen: 17
2a02:6e8::/32 maxlen: 32
2a02:c440::/29 maxlen: 29
2a05:5cc0::/29 maxlen: 29
2a0b:e3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 13 Feb 2025 15:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:87:e4:6a:29:49:9f:65:de:5c:86:af:f7:5a:72:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Feb 6 09:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43f78bd90ff1975a1b4dccddc3183693be502b66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a1:45:7b:08:29:e0:4b:4d:85:c2:26:ec:18:
c5:a7:e1:ec:78:97:29:18:e6:7e:2f:3e:4c:12:df:
a1:c0:bb:e1:ae:bf:67:b3:2f:32:cd:00:9d:a5:28:
5d:0a:d5:bd:d7:48:a5:02:3c:c3:14:4c:b8:9c:15:
92:05:86:ac:cb:9b:3e:15:98:89:b1:3d:c1:59:64:
91:a8:c7:e7:8b:27:c2:7d:d6:bb:b8:f9:a1:cf:4b:
11:02:5a:12:46:7a:ba:7e:c5:8f:52:b8:ad:51:40:
ad:d2:bf:cc:29:9d:0d:25:f3:22:dc:b9:2b:ab:79:
e4:9a:a4:a4:4c:a4:1c:bc:35:92:51:f2:a2:42:ab:
b6:a4:05:3c:3d:fd:eb:4a:20:f9:94:5b:5e:62:dc:
40:32:f2:47:5b:ae:25:cb:fc:db:ff:84:04:2d:da:
18:79:ce:bf:c6:c2:e4:40:3a:72:ad:8b:9e:41:ee:
62:19:b4:4e:94:e9:9f:f3:65:e5:7d:f5:5d:42:ee:
c0:b7:7b:94:6b:35:f4:c1:f4:99:05:dc:c3:2f:aa:
e6:a3:d3:fb:89:3c:fa:42:f0:05:d6:04:5e:6d:a4:
c8:8e:a4:ad:33:8e:17:45:33:92:e8:4b:de:ec:07:
10:c1:22:b4:c9:06:55:76:77:7c:87:40:99:53:08:
a8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F7:8B:D9:0F:F1:97:5A:1B:4D:CC:DD:C3:18:36:93:BE:50:2B:66
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Q_eL2Q_xl1obTczdwxg2k75QK2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.64.0-37.97.111.255
37.139.120.0/21
65.39.64.0/19
80.251.96.0/20
81.93.0.0/19
88.213.224.0/19
157.143.128.0/17
178.157.16.0-178.157.47.255
178.174.96.0/20
178.255.160.0/21
185.6.92.0/22
185.8.252.0/22
185.24.140.0/22
185.32.208.0/22
185.42.176.0/22
185.65.248.0/22
185.76.216.0/22
185.218.208.0/22
185.249.20.0/22
195.135.0.0/17
217.74.96.0/20
217.181.128.0/17
IPv6:
2a02:6e8::/32
2a02:c440::/29
2a05:5cc0::/29
2a0b:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
30:a7:a2:3b:29:8c:56:41:40:5d:aa:fa:fb:e2:e0:f8:f5:19:
0b:be:ca:68:3b:1f:97:ff:76:d0:1e:53:d0:a7:6e:3d:c0:08:
55:d0:92:d5:e3:9c:3a:65:de:42:40:24:ec:6e:1b:cc:4e:73:
a7:78:63:55:33:56:fa:10:8e:51:9d:97:e9:c8:a2:48:f7:4f:
41:40:12:23:16:aa:4d:bc:8a:f3:7c:51:23:a4:42:f9:3b:81:
10:1e:6d:9d:a1:17:aa:a2:42:44:e9:77:d5:7f:7a:48:89:d0:
3d:a5:ee:cb:5b:40:2e:b0:21:c9:3b:73:2b:a2:e0:c3:4b:ee:
70:ec:11:41:e7:1f:a4:76:17:76:49:8a:06:6c:9f:c8:c6:2b:
66:a8:38:0b:99:03:56:3f:66:f0:72:b3:35:67:18:c5:92:6a:
fa:16:16:46:0b:a9:90:e9:1b:58:40:15:ea:e7:da:68:a2:b3:
51:26:7b:00:bc:cc:04:7f:e5:17:07:f5:0b:8a:2d:43:40:96:
20:68:af:32:aa:f7:1b:54:e8:04:c4:89:e9:70:d5:b2:fb:a5:
09:fa:04:1f:e4:b6:85:62:53:8c:25:9a:ae:0f:af:4a:10:46:
aa:9c:d8:a3:2a:18:8e:b7:18:a5:a6:eb:f5:fe:31:8f:45:13:
b4:c7:0a:5a
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZTah+RqKUmfZd5chq/3WnITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjUwMjA2MDkxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Y3OGJkOTBmZjE5NzVhMWI0ZGNjZGRjMzE4MzY5M2JlNTAyYjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaFFewgp4EtNhcIm7BjFp+HseJcp
GOZ+Lz5MEt+hwLvhrr9nsy8yzQCdpShdCtW910ilAjzDFEy4nBWSBYasy5s+FZiJ
sT3BWWSRqMfniyfCfda7uPmhz0sRAloSRnq6fsWPUritUUCt0r/MKZ0NJfMi3Lkr
q3nkmqSkTKQcvDWSUfKiQqu2pAU8Pf3rSiD5lFteYtxAMvJHW64ly/zb/4QELdoY
ec6/xsLkQDpyrYueQe5iGbROlOmf82XlffVdQu7At3uUazX0wfSZBdzDL6rmo9P7
iTz6QvAF1gRebaTIjqStM44XRTOS6Eve7AcQwSK0yQZVdnd8h0CZUwio4QIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFEP3i9kP8ZdaG03M3cMYNpO+UCtmMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvUV9lTDJRX3hsMW9iVGN6ZHd4ZzJrNzVRSzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBmwQCAAEwgZQwDAME
BiVhQAMEBCVhYAMEAyWLeAMEBUEnQAMEBFD7YAMEBVFdAAMEBVjV4AMEB52PgDAM
AwQEsp0QAwQEsp0gAwQEsq5gAwQDsv+gAwQCuQZcAwQCuQj8AwQCuRiMAwQCuSDQ
AwQCuSqwAwQCuUH4AwQCuUzYAwQCudrQAwQCufkUAwQHw4cAAwQE2UpgAwQH2bWA
MCIEAgACMBwDBQAqAgboAwUDKgLEQAMFAyoFXMADBQMqC+PAMA0GCSqGSIb3DQEB
CwUAA4IBAQAwp6I7KYxWQUBdqvr74uD49RkLvspoOx+X/3bQHlPQp249wAhV0JLV
45w6Zd5CQCTsbhvMTnOneGNVM1b6EI5RnZfpyKJI909BQBIjFqpNvIrzfFEjpEL5
O4EQHm2doReqokJE6XfVf3pIidA9pe7LW0AusCHJO3MrouDDS+5w7BFB5x+kdhd2
SYoGbJ/IxitmqDgLmQNWP2bwcrM1ZxjFkmr6FhZGC6mQ6RtYQBXq59poorNRJnsA
vMwEf+UXB/ULii1DQJYgaK8yqvcbVOgExInpcNWy+6UJ+gQf5LaFYlOMJZquD69K
EEaqnNijKhiOtxilpuv1/jGPRRO0xwpa
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:15 2025 by rpki-client