Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/QVXoPUPZi3k9WNklP91S0HNdNuU.roa
File: QVXoPUPZi3k9WNklP91S0HNdNuU.roa (raw, json)
Hash identifier: 06vIh0EI0G3ypemCyiF1RoPvxI7nUccUIwj3C0dU7Hc=
Subject key identifier: 41:55:E8:3D:43:D9:8B:79:3D:58:D9:25:3F:DD:52:D0:73:5D:36:E5
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 019425220C5086235866ADCF93FC6BA273AF
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/QVXoPUPZi3k9WNklP91S0HNdNuU.roa
Signing time: Thu 02 Jan 2025 03:49:35 +0000
ROA not before: Thu 02 Jan 2025 03:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 5.44.42.0/24 maxlen: 24
45.129.185.0/24 maxlen: 24
2a05:541:102::/48 maxlen: 48
2a05:541:103::/48 maxlen: 48
2a05:541:104::/48 maxlen: 48
2a05:541:105::/48 maxlen: 48
2a05:541:106::/48 maxlen: 48
2a05:541:107::/48 maxlen: 48
2a05:541:108::/48 maxlen: 48
2a05:541:109::/48 maxlen: 48
2a05:541:110::/48 maxlen: 48
2a05:541:111::/48 maxlen: 48
2a05:541:112::/48 maxlen: 48
2a05:541:113::/48 maxlen: 48
2a05:541:114::/48 maxlen: 48
2a05:541:115::/48 maxlen: 48
2a05:541:116::/48 maxlen: 48
2a05:541:117::/48 maxlen: 48
2a05:541:118::/48 maxlen: 48
2a05:541:119::/48 maxlen: 48
2a05:541:121::/48 maxlen: 48
2a05:541:122::/48 maxlen: 48
2a05:541:123::/48 maxlen: 48
2a05:541:124::/48 maxlen: 48
2a05:541:125::/48 maxlen: 48
2a05:541:126::/48 maxlen: 48
2a05:541:127::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
2a05:541:131::/48 maxlen: 48
2a05:541:133::/48 maxlen: 48
2a05:541:134::/48 maxlen: 48
2a05:541:135::/48 maxlen: 48
2a05:541:136::/48 maxlen: 48
2a05:541:137::/48 maxlen: 48
2a05:541:138::/48 maxlen: 48
2a05:541:139::/48 maxlen: 48
2a05:541:141::/48 maxlen: 48
2a05:541:152::/48 maxlen: 48
2a05:541:153::/48 maxlen: 48
2a05:541:156::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Jan 2025 18:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0c:50:86:23:58:66:ad:cf:93:fc:6b:a2:73:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jan 2 03:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4155e83d43d98b793d58d9253fdd52d0735d36e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7a:e0:d7:be:7f:01:04:b5:87:26:2c:02:7f:
f0:49:db:06:6b:69:92:ef:17:a7:f3:dc:34:38:63:
be:56:25:68:e0:e4:e7:1f:f5:23:d0:cc:d7:f9:ab:
67:07:d7:c5:4f:cc:b0:f0:3d:2a:13:e8:17:3d:1c:
56:30:21:a1:99:3a:2f:36:e1:dd:aa:e5:b8:54:de:
68:74:bd:30:94:9b:e0:1a:3b:89:0a:1a:db:7d:6b:
ef:5b:b6:2a:11:7b:22:c4:6e:27:0c:5a:23:4a:1b:
23:e0:f7:c1:10:3f:77:d5:2f:24:f2:42:a9:0d:58:
49:0e:6b:65:1a:b0:29:b0:51:28:6c:2a:15:fe:95:
82:44:51:c8:ae:f1:c3:4d:24:9c:0d:8e:60:5b:a8:
22:8e:43:2d:64:72:ba:b4:aa:ed:a0:b4:ab:11:d1:
10:58:24:f0:18:04:06:ea:d8:66:51:59:c0:d6:ee:
2b:de:7b:94:b0:c0:29:59:a4:01:91:a4:7a:21:13:
36:c7:d3:f3:2e:9e:83:44:71:b6:1d:7a:65:a3:3c:
6f:56:14:c0:83:0b:bc:bf:5d:15:aa:ee:36:c8:9b:
e8:02:fd:66:f0:3e:a1:7a:53:a5:f7:fb:30:7a:75:
0c:78:8d:02:6b:cd:72:4f:43:e7:18:7e:38:72:7f:
15:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:55:E8:3D:43:D9:8B:79:3D:58:D9:25:3F:DD:52:D0:73:5D:36:E5
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/QVXoPUPZi3k9WNklP91S0HNdNuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
45.129.185.0/24
IPv6:
2a05:541:102::-2a05:541:109:ffff:ffff:ffff:ffff:ffff
2a05:541:110::-2a05:541:119:ffff:ffff:ffff:ffff:ffff
2a05:541:121::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
2a05:541:129::/48
2a05:541:131::/48
2a05:541:133::-2a05:541:139:ffff:ffff:ffff:ffff:ffff
2a05:541:141::/48
2a05:541:152::/47
2a05:541:156::/48
Signature Algorithm: sha256WithRSAEncryption
7a:dd:87:56:cb:e6:3f:d0:91:a3:41:ee:0e:10:17:79:46:c4:
5a:8f:28:3f:f7:b6:45:50:41:60:98:0b:81:00:ca:2e:7b:69:
bd:17:7f:8b:1a:1f:2c:9e:68:02:c2:4f:20:07:b9:88:55:a2:
8c:45:a1:f8:de:4c:14:09:72:6c:81:db:04:b9:54:04:e0:df:
11:d7:e1:9d:be:3e:e5:df:b9:09:91:16:47:61:3c:12:1c:95:
3f:68:d6:94:8f:9e:a2:0d:17:64:40:96:b5:ed:01:b5:f6:6f:
5a:bc:5f:58:bc:90:15:f0:51:d5:db:1b:38:ab:52:5e:73:49:
9e:3b:12:0f:3b:05:ba:25:70:21:46:ab:7b:15:32:1f:b8:3a:
bc:9b:c0:41:de:9e:80:bb:8f:b2:77:84:cc:11:dd:9b:b0:80:
a6:31:ab:cf:91:13:8f:8c:54:ee:62:e5:fc:8c:ac:c6:2b:74:
f8:f7:bc:bd:e6:f5:4a:30:b5:83:ac:25:89:bf:72:64:f6:30:
95:f7:f5:b7:1e:e0:e5:6d:15:2d:d0:73:4e:c5:a1:51:68:34:
c0:9b:23:82:0d:9a:49:f6:74:f1:bc:14:33:b8:b5:5d:28:99:
6d:7d:43:e2:27:59:9f:ae:99:53:58:c2:b1:4c:09:35:4f:0e:
7e:0a:68:db
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZQlIgxQhiNYZq3Pk/xronOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjUwMTAyMDM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTU1ZTgzZDQzZDk4Yjc5M2Q1OGQ5MjUzZmRkNTJkMDczNWQzNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnrg175/AQS1hyYsAn/wSdsGa2mS
7xen89w0OGO+ViVo4OTnH/Uj0MzX+atnB9fFT8yw8D0qE+gXPRxWMCGhmTovNuHd
quW4VN5odL0wlJvgGjuJChrbfWvvW7YqEXsixG4nDFojShsj4PfBED931S8k8kKp
DVhJDmtlGrApsFEobCoV/pWCRFHIrvHDTSScDY5gW6gijkMtZHK6tKrtoLSrEdEQ
WCTwGAQG6thmUVnA1u4r3nuUsMApWaQBkaR6IRM2x9PzLp6DRHG2HXplozxvVhTA
gwu8v10Vqu42yJvoAv1m8D6helOl9/swenUMeI0Ca81yT0PnGH44cn8VrwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFEFV6D1D2Yt5PVjZJT/dUtBzXTblMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvUVZYb1BVUFppM2s5V05rbFA5MVMwSE5kTnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjASBAIAATAMAwQABSwq
AwQALYG5MIGDBAIAAjB9MBIDBwEqBQVBAQIDBwEqBQVBAQgwEgMHBCoFBUEBEAMH
ASoFBUEBGDASAwcAKgUFQQEhAwcDKgUFQQEgAwcAKgUFQQEpAwcAKgUFQQExMBID
BwAqBQVBATMDBwEqBQVBATgDBwAqBQVBAUEDBwEqBQVBAVIDBwAqBQVBAVYwDQYJ
KoZIhvcNAQELBQADggEBAHrdh1bL5j/QkaNB7g4QF3lGxFqPKD/3tkVQQWCYC4EA
yi57ab0Xf4saHyyeaALCTyAHuYhVooxFofjeTBQJcmyB2wS5VATg3xHX4Z2+PuXf
uQmRFkdhPBIclT9o1pSPnqINF2RAlrXtAbX2b1q8X1i8kBXwUdXbGzirUl5zSZ47
Eg87BbolcCFGq3sVMh+4OrybwEHenoC7j7J3hMwR3ZuwgKYxq8+RE4+MVO5i5fyM
rMYrdPj3vL3m9UowtYOsJYm/cmT2MJX39bce4OVtFS3Qc07FoVFoNMCbI4INmkn2
dPG8FDO4tV0omW19Q+InWZ+umVNYwrFMCTVPDn4KaNs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:50 2025 by rpki-client