Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0e4dd5-9c8f-4856-90d7-1e1e9cbf47da/1/QKgDF8e57QF3eXJrK-FiCPDHmfU.roa
File: QKgDF8e57QF3eXJrK-FiCPDHmfU.roa (raw, json)
Hash identifier: +E1BqSBrlnTbnzWLAAzKH9Q0vqlEI8vEJvPvq//8UvY=
Subject key identifier: 40:A8:03:17:C7:B9:ED:01:77:79:72:6B:2B:E1:62:08:F0:C7:99:F5
Certificate issuer: /CN=6911245ae2025155c09bec25a8991d567af1841d
Certificate serial: 018CC492FB15C51A466EBD9E2508A12F563F
Authority key identifier: 69:11:24:5A:E2:02:51:55:C0:9B:EC:25:A8:99:1D:56:7A:F1:84:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aREkWuICUVXAm-wlqJkdVnrxhB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0e4dd5-9c8f-4856-90d7-1e1e9cbf47da/1/QKgDF8e57QF3eXJrK-FiCPDHmfU.roa
Signing time: Mon 01 Jan 2024 10:30:16 +0000
ROA not before: Mon 01 Jan 2024 10:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203752
IP address blocks: 185.125.60.0/22 maxlen: 22
2a03:94a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:fb:15:c5:1a:46:6e:bd:9e:25:08:a1:2f:56:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6911245ae2025155c09bec25a8991d567af1841d
Validity
Not Before: Jan 1 10:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40a80317c7b9ed017779726b2be16208f0c799f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5e:1b:5c:0d:15:38:24:e9:5e:20:56:89:67:
d4:48:ab:63:f5:d3:70:fe:76:b3:4a:11:fb:7e:c8:
1a:30:7f:5e:e9:fb:ba:55:fe:eb:cd:59:de:12:67:
2c:2c:87:3b:d4:a0:41:dc:97:16:a9:13:77:78:6c:
de:a9:d5:ff:48:c8:96:ed:62:9a:2c:f1:07:e2:00:
ed:bb:db:f4:91:e8:5b:79:83:42:51:84:45:18:88:
4b:b1:fb:1b:0f:66:a6:39:30:41:96:8c:fb:76:36:
44:bc:83:1e:22:99:6e:c0:d0:37:90:0e:40:f8:41:
69:a3:83:86:3b:38:9c:88:11:b2:81:24:16:7b:5f:
78:ea:f4:98:f6:d4:6d:ed:c5:27:aa:fb:2e:d0:29:
91:4c:aa:31:06:34:45:b9:03:98:bf:e7:df:3d:1f:
5a:dd:c3:c8:1c:00:2f:66:c0:c4:2a:fa:d5:a8:eb:
74:21:eb:2a:b6:1f:b9:63:f0:a1:d2:de:2c:7e:c5:
ff:b3:b6:98:4d:f6:cd:0e:65:e2:3d:e5:e6:d2:a2:
34:64:62:3c:dc:64:1c:7f:da:0f:f9:8e:f8:98:6e:
be:70:f7:50:03:70:5f:37:ff:43:9a:bb:05:24:76:
1a:3f:28:82:dc:fd:c0:e3:19:a3:08:6f:b3:25:94:
43:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A8:03:17:C7:B9:ED:01:77:79:72:6B:2B:E1:62:08:F0:C7:99:F5
X509v3 Authority Key Identifier:
keyid:69:11:24:5A:E2:02:51:55:C0:9B:EC:25:A8:99:1D:56:7A:F1:84:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aREkWuICUVXAm-wlqJkdVnrxhB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0e4dd5-9c8f-4856-90d7-1e1e9cbf47da/1/QKgDF8e57QF3eXJrK-FiCPDHmfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0e4dd5-9c8f-4856-90d7-1e1e9cbf47da/1/aREkWuICUVXAm-wlqJkdVnrxhB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.60.0/22
IPv6:
2a03:94a0::/32
Signature Algorithm: sha256WithRSAEncryption
a3:1a:ed:6c:5e:f9:c1:fd:5f:b5:c7:c0:31:6e:57:11:5e:66:
4f:74:64:9b:e4:80:4e:0e:e8:07:2a:d4:ea:3a:54:3e:01:24:
1d:b3:c8:60:43:7a:27:c4:88:f3:a5:f6:c3:da:a3:44:14:10:
19:d8:77:1b:29:d4:b8:0c:7e:5a:47:83:1a:dd:06:19:55:b1:
35:e0:da:e8:b9:dc:4b:5f:17:3e:b0:86:e0:86:bb:d5:30:50:
b6:91:4b:65:68:aa:a5:30:53:ab:6e:51:49:cf:cf:6a:e2:e8:
4b:53:c6:d3:8d:b4:31:5e:24:af:7e:02:4a:ec:8e:64:c1:6a:
0b:95:e0:d6:fc:b0:67:70:96:14:fa:98:cf:e2:fe:69:66:59:
11:d0:2d:a6:76:21:e7:3a:28:57:ef:38:46:3c:47:2f:fa:d6:
b0:44:8f:16:71:b2:a2:1e:ce:74:37:19:0b:38:f3:36:56:b9:
46:a4:61:a0:44:3d:b0:b4:fb:a1:81:fd:50:5d:72:00:4a:99:
c0:19:d9:fb:18:4d:eb:fa:14:2a:41:29:2f:e8:47:b2:ad:0b:
f8:a2:06:7c:f9:e6:35:b1:33:49:22:df:ff:ae:6f:03:f2:fd:
00:fc:d6:27:3c:c6:fb:e9:b7:19:eb:fe:ff:02:81:34:40:ca:
a1:06:71:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkvsVxRpGbr2eJQihL1Y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTEyNDVhZTIwMjUxNTVjMDliZWMyNWE4OTkxZDU2N2Fm
MTg0MWQwHhcNMjQwMTAxMTAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGE4MDMxN2M3YjllZDAxNzc3OTcyNmIyYmUxNjIwOGYwYzc5OWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV4bXA0VOCTpXiBWiWfUSKtj9dNw
/nazShH7fsgaMH9e6fu6Vf7rzVneEmcsLIc71KBB3JcWqRN3eGzeqdX/SMiW7WKa
LPEH4gDtu9v0kehbeYNCUYRFGIhLsfsbD2amOTBBloz7djZEvIMeIpluwNA3kA5A
+EFpo4OGOziciBGygSQWe1946vSY9tRt7cUnqvsu0CmRTKoxBjRFuQOYv+ffPR9a
3cPIHAAvZsDEKvrVqOt0Iesqth+5Y/Ch0t4sfsX/s7aYTfbNDmXiPeXm0qI0ZGI8
3GQcf9oP+Y74mG6+cPdQA3BfN/9DmrsFJHYaPyiC3P3A4xmjCG+zJZRDFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFECoAxfHue0Bd3lyayvhYgjwx5n1MB8GA1UdIwQY
MBaAFGkRJFriAlFVwJvsJaiZHVZ68YQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJFa1d1SUNVVlhBbS13bHFKa2RWbnJ4aEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wZTRkZDUtOWM4Zi00ODU2LTkwZDct
MWUxZTljYmY0N2RhLzEvUUtnREY4ZTU3UUYzZVhKckstRmlDUERIbWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wZTRkZDUtOWM4Zi00ODU2LTkwZDctMWUxZTljYmY0N2Rh
LzEvYVJFa1d1SUNVVlhBbS13bHFKa2RWbnJ4aEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX08MA0E
AgACMAcDBQAqA5SgMA0GCSqGSIb3DQEBCwUAA4IBAQCjGu1sXvnB/V+1x8AxblcR
XmZPdGSb5IBODugHKtTqOlQ+ASQds8hgQ3onxIjzpfbD2qNEFBAZ2HcbKdS4DH5a
R4Ma3QYZVbE14NroudxLXxc+sIbghrvVMFC2kUtlaKqlMFOrblFJz89q4uhLU8bT
jbQxXiSvfgJK7I5kwWoLleDW/LBncJYU+pjP4v5pZlkR0C2mdiHnOihX7zhGPEcv
+tawRI8WcbKiHs50NxkLOPM2VrlGpGGgRD2wtPuhgf1QXXIASpnAGdn7GE3r+hQq
QSkv6EeyrQv4ogZ8+eY1sTNJIt//rm8D8v0A/NYnPMb76bcZ6/7/AoE0QMqhBnFm
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:48:52 2025 by rpki-client