Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/Qjz23DRffDyHRSjkOjQCu_QTk2Q.roa
File: Qjz23DRffDyHRSjkOjQCu_QTk2Q.roa (raw, json)
Hash identifier: 8BAAGr2J2SIyWvq11gZQ7Sy5493xE0kIeRUht/kXwa0=
Subject key identifier: 42:3C:F6:DC:34:5F:7C:3C:87:45:28:E4:3A:34:02:BB:F4:13:93:64
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 019681CCB921D8091CBF4DDB986C576DF455
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/Qjz23DRffDyHRSjkOjQCu_QTk2Q.roa
Signing time: Tue 29 Apr 2025 13:46:39 +0000
ROA not before: Tue 29 Apr 2025 13:46:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.42.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 12:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:cc:b9:21:d8:09:1c:bf:4d:db:98:6c:57:6d:f4:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Apr 29 13:46:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=423cf6dc345f7c3c874528e43a3402bbf4139364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:05:c8:78:0d:88:93:fc:d8:50:37:58:88:3c:
76:e5:b0:66:56:c6:80:c2:67:10:9e:f4:a2:54:4c:
06:3e:8f:68:62:4f:75:aa:16:bc:5a:12:7c:33:e6:
ac:89:3a:69:e2:dd:58:5f:97:fd:c8:52:bd:0c:25:
6b:34:9b:96:66:1d:16:24:d3:68:a9:0a:66:4d:bc:
d3:89:1b:85:64:88:36:e3:f1:ed:50:59:de:b1:79:
b6:12:6e:b7:1c:23:c6:29:78:b2:ca:5d:db:8a:ba:
a4:57:63:3c:fd:55:c5:29:79:51:cd:57:c8:90:1d:
45:89:c7:df:c7:cf:26:31:04:93:54:e4:56:9f:e8:
7e:35:c4:e5:6c:0e:23:55:9f:19:4f:cb:35:a6:5c:
f0:28:31:7c:6c:e5:39:8b:0d:b2:07:d4:c0:36:2c:
17:d7:c1:79:3d:d2:ea:a7:78:0a:6f:2b:3d:2b:e2:
a6:5d:8f:23:e8:7e:dd:2d:93:86:8b:64:ef:0c:71:
2f:41:2c:66:7f:36:0d:3a:6f:e0:ba:6e:c9:a5:9e:
9f:3b:f5:e3:a9:2e:47:95:c9:e2:fd:ee:57:dd:c9:
38:ec:9f:fd:28:cb:40:5c:81:dc:4d:b6:0f:d8:01:
8b:30:ee:3a:89:15:84:01:33:4f:09:dc:2a:e8:40:
a3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3C:F6:DC:34:5F:7C:3C:87:45:28:E4:3A:34:02:BB:F4:13:93:64
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/Qjz23DRffDyHRSjkOjQCu_QTk2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.125.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:fe:ea:b1:ae:5e:53:11:92:44:67:8c:94:1a:11:c5:ba:81:
45:dd:84:61:62:5e:a1:d0:2c:13:2e:8f:84:04:34:da:f0:96:
48:2d:ff:8a:4a:e1:49:9a:5a:74:69:32:37:18:3f:1f:60:a9:
80:e8:5b:06:64:12:5a:75:9d:00:76:63:aa:67:28:ef:6d:46:
c6:91:b3:9c:60:1c:a0:ea:89:8e:d1:16:bb:dd:72:a0:c4:c5:
6a:b7:f7:ed:27:2a:a2:1e:84:3e:ee:23:4f:79:8e:d0:98:09:
76:9c:60:21:53:76:4f:e4:2e:e5:35:00:1b:4a:fe:d2:b7:d8:
c7:51:e1:56:a3:51:50:47:33:64:b7:3d:dd:c8:df:45:66:c6:
af:25:6f:0d:b4:70:fa:d9:ad:28:3f:9f:2c:19:ad:6e:f4:de:
a9:3a:fb:7e:96:6f:70:d8:ff:65:d7:aa:bf:be:f9:79:9a:c0:
a3:fa:64:5f:e5:1b:bc:69:55:16:8f:d3:91:48:72:4a:b7:dd:
4d:bd:f2:ba:bd:2e:03:c1:76:1d:49:f2:82:79:ab:1f:8c:77:
23:14:f2:74:5c:d4:ff:1d:43:75:39:f9:8c:b8:3e:87:03:21:
a8:12:57:70:63:37:36:7f:d2:c9:b0:4e:50:96:91:85:c5:2c:
06:15:69:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaBzLkh2Akcv03bmGxXbfRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwNDI5MTM0NjM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNjZjZkYzM0NWY3YzNjODc0NTI4ZTQzYTM0MDJiYmY0MTM5MzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQXIeA2Ik/zYUDdYiDx25bBmVsaA
wmcQnvSiVEwGPo9oYk91qha8WhJ8M+asiTpp4t1YX5f9yFK9DCVrNJuWZh0WJNNo
qQpmTbzTiRuFZIg24/HtUFnesXm2Em63HCPGKXiyyl3birqkV2M8/VXFKXlRzVfI
kB1Ficffx88mMQSTVORWn+h+NcTlbA4jVZ8ZT8s1plzwKDF8bOU5iw2yB9TANiwX
18F5PdLqp3gKbys9K+KmXY8j6H7dLZOGi2TvDHEvQSxmfzYNOm/gum7JpZ6fO/Xj
qS5Hlcni/e5X3ck47J/9KMtAXIHcTbYP2AGLMO46iRWEATNPCdwq6ECj1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEI89tw0X3w8h0Uo5Do0Arv0E5NkMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvUWp6MjNEUmZmRHlIUlNqa09qUUN1X1FUazJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyp9MA0G
CSqGSIb3DQEBCwUAA4IBAQCK/uqxrl5TEZJEZ4yUGhHFuoFF3YRhYl6h0CwTLo+E
BDTa8JZILf+KSuFJmlp0aTI3GD8fYKmA6FsGZBJadZ0AdmOqZyjvbUbGkbOcYByg
6omO0Ra73XKgxMVqt/ftJyqiHoQ+7iNPeY7QmAl2nGAhU3ZP5C7lNQAbSv7St9jH
UeFWo1FQRzNktz3dyN9FZsavJW8NtHD62a0oP58sGa1u9N6pOvt+lm9w2P9l16q/
vvl5msCj+mRf5Ru8aVUWj9ORSHJKt91NvfK6vS4DwXYdSfKCeasfjHcjFPJ0XNT/
HUN1OfmMuD6HAyGoEldwYzc2f9LJsE5QlpGFxSwGFWlN
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:48:46 2025 by rpki-client