Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/QLNmElHFbUpeACeUVlBwfckAJbc.roa
File: QLNmElHFbUpeACeUVlBwfckAJbc.roa (raw, json)
Hash identifier: rDBNL7Tm6sXmX3uvkJGs9EU4ig0dJ+jxz8EUzWkLbwA=
Subject key identifier: 40:B3:66:12:51:C5:6D:4A:5E:00:27:94:56:50:70:7D:C9:00:25:B7
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0195021352C71F53BD240FFBED9B556D338C
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/QLNmElHFbUpeACeUVlBwfckAJbc.roa
Signing time: Fri 14 Feb 2025 01:29:35 +0000
ROA not before: Fri 14 Feb 2025 01:29:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210099
IP address blocks: 77.92.153.0/24 maxlen: 24
78.135.73.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 19:57:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:02:13:52:c7:1f:53:bd:24:0f:fb:ed:9b:55:6d:33:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 14 01:29:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40b3661251c56d4a5e0027945650707dc90025b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e8:c5:ab:84:d9:b3:62:bf:54:d4:8e:b4:54:
1a:df:fb:c3:89:1f:3d:70:47:a5:28:d2:f7:01:66:
c8:af:4a:cd:26:f8:fd:1f:50:e5:db:9d:05:15:17:
02:50:45:cd:10:0b:f2:c7:6a:18:18:91:03:40:f6:
13:68:50:79:a4:51:6c:73:24:43:65:6e:10:79:a6:
09:ad:e1:08:60:0a:60:38:fb:f9:7c:6a:87:f6:f7:
d7:37:70:71:ff:60:ef:c8:ae:4d:12:c0:1e:6a:3f:
c5:af:f2:59:10:f8:85:4f:d9:35:d0:0d:b2:57:90:
d7:bf:1b:9d:16:af:0f:68:d3:cd:f4:db:7e:d4:3d:
db:18:5f:cf:ef:86:55:c9:b0:f4:cd:fd:a8:94:89:
dc:f1:40:91:8a:55:07:2e:66:18:e9:84:de:1f:99:
a3:76:5b:66:dd:39:ce:3c:d2:a5:29:b1:dc:7c:04:
3f:51:71:03:cd:9d:c5:b6:22:cb:78:0e:ce:59:60:
e5:34:c7:36:5c:2f:9f:bf:5d:a5:46:e2:ba:8c:03:
8b:9a:6a:8a:76:ac:0a:4e:e2:17:d5:6d:08:cf:04:
ad:9d:2c:fc:50:4a:7d:7b:28:ff:01:66:54:ea:d9:
44:77:10:c4:6b:51:9e:38:9b:a4:25:d7:cf:69:17:
99:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B3:66:12:51:C5:6D:4A:5E:00:27:94:56:50:70:7D:C9:00:25:B7
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/QLNmElHFbUpeACeUVlBwfckAJbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.153.0/24
78.135.73.0/24
188.132.236.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:29:4c:c7:56:8c:70:82:93:66:cb:f5:b4:ee:69:96:14:b9:
1c:26:ea:49:75:c8:00:bc:7f:81:43:7c:9b:4e:87:f5:f9:b0:
89:a9:2e:e7:d2:ec:17:3b:b6:6d:fc:00:2b:6d:d8:4b:25:d8:
64:68:48:fa:f9:c8:68:ec:e6:eb:8e:ff:fd:b3:6c:47:ca:64:
87:71:1b:36:3a:7a:28:3a:23:79:1d:b5:c3:56:42:37:38:ed:
44:2c:7d:2d:97:51:05:59:9f:bb:13:0c:3b:82:4d:26:7b:f7:
1b:df:67:68:d3:0c:bc:d4:67:7b:54:e5:88:c9:d4:dc:78:70:
2d:ae:f3:5d:3d:95:60:4f:18:25:66:e9:54:95:f5:60:3c:3a:
d7:7c:84:9d:2d:f5:8e:ea:45:7d:21:16:5d:77:b7:22:b1:46:
7a:82:a3:47:5c:98:0a:06:63:8b:58:f8:e3:51:8f:9b:d6:38:
99:5e:61:6d:90:bd:de:e0:14:c1:db:e7:79:6f:1a:1f:a6:92:
80:c9:4d:91:6f:c7:0a:4b:26:e7:14:3a:07:dd:3a:fb:0d:60:
39:c4:41:9a:41:68:ca:04:7c:e1:c9:cd:0c:f6:5a:fa:80:e2:
63:23:c1:d5:dc:77:ec:2e:d7:ce:00:a5:ce:fa:fa:b8:21:02:
9c:a3:d0:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUCE1LHH1O9JA/77ZtVbTOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMjE0MDEyOTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGIzNjYxMjUxYzU2ZDRhNWUwMDI3OTQ1NjUwNzA3ZGM5MDAyNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+jFq4TZs2K/VNSOtFQa3/vDiR89
cEelKNL3AWbIr0rNJvj9H1Dl250FFRcCUEXNEAvyx2oYGJEDQPYTaFB5pFFscyRD
ZW4QeaYJreEIYApgOPv5fGqH9vfXN3Bx/2DvyK5NEsAeaj/Fr/JZEPiFT9k10A2y
V5DXvxudFq8PaNPN9Nt+1D3bGF/P74ZVybD0zf2olInc8UCRilUHLmYY6YTeH5mj
dltm3TnOPNKlKbHcfAQ/UXEDzZ3FtiLLeA7OWWDlNMc2XC+fv12lRuK6jAOLmmqK
dqwKTuIX1W0IzwStnSz8UEp9eyj/AWZU6tlEdxDEa1GeOJukJdfPaReZ2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFECzZhJRxW1KXgAnlFZQcH3JACW3MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvUUxObUVsSEZiVXBlQUNlVVZsQndmY2tBSmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVyZAwQA
TodJAwQAvITsMA0GCSqGSIb3DQEBCwUAA4IBAQCfKUzHVoxwgpNmy/W07mmWFLkc
JupJdcgAvH+BQ3ybTof1+bCJqS7n0uwXO7Zt/AArbdhLJdhkaEj6+cho7Obrjv/9
s2xHymSHcRs2OnooOiN5HbXDVkI3OO1ELH0tl1EFWZ+7Eww7gk0me/cb32do0wy8
1Gd7VOWIydTceHAtrvNdPZVgTxglZulUlfVgPDrXfISdLfWO6kV9IRZdd7cisUZ6
gqNHXJgKBmOLWPjjUY+b1jiZXmFtkL3e4BTB2+d5bxofppKAyU2Rb8cKSybnFDoH
3Tr7DWA5xEGaQWjKBHzhyc0M9lr6gOJjI8HV3HfsLtfOAKXO+vq4IQKco9Bd
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:56:13 2025 by rpki-client