Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/qQuUN66vlVCfPMhJc8K9BU0TeuE.roa
File: qQuUN66vlVCfPMhJc8K9BU0TeuE.roa (raw, json)
Hash identifier: NnakH7akrfO+F/BBB6tvun/tLBZQPr24m9wYk2DZLg4=
Subject key identifier: A9:0B:94:37:AE:AF:95:50:9F:3C:C8:49:73:C2:BD:05:4D:13:7A:E1
Certificate issuer: /CN=662f55d377127f28ce26b78fd83becf41becad4b
Certificate serial: 0195C423B74718FF28464DC072F91CB9EC08
Authority key identifier: 66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/qQuUN66vlVCfPMhJc8K9BU0TeuE.roa
Signing time: Sun 23 Mar 2025 17:53:49 +0000
ROA not before: Sun 23 Mar 2025 17:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49683
IP address blocks: 31.25.234.0/24 maxlen: 24
31.25.235.0/24 maxlen: 24
171.22.172.0/24 maxlen: 24
171.22.173.0/24 maxlen: 24
171.22.174.0/24 maxlen: 24
171.22.175.0/24 maxlen: 24
185.44.64.0/24 maxlen: 24
185.44.65.0/24 maxlen: 24
185.44.66.0/24 maxlen: 24
185.44.67.0/24 maxlen: 24
185.85.240.0/24 maxlen: 24
185.85.241.0/24 maxlen: 24
185.85.242.0/24 maxlen: 24
185.85.243.0/24 maxlen: 24
185.116.236.0/24 maxlen: 24
185.116.237.0/24 maxlen: 24
185.116.239.0/24 maxlen: 24
185.122.164.0/24 maxlen: 24
185.122.165.0/24 maxlen: 24
185.122.166.0/24 maxlen: 24
185.122.167.0/24 maxlen: 24
185.168.192.0/24 maxlen: 24
185.168.193.0/24 maxlen: 24
185.168.194.0/24 maxlen: 24
185.168.195.0/24 maxlen: 24
185.184.68.0/24 maxlen: 24
185.184.69.0/24 maxlen: 24
185.184.70.0/24 maxlen: 24
185.184.71.0/24 maxlen: 24
185.189.56.0/24 maxlen: 24
185.189.57.0/24 maxlen: 24
185.189.58.0/24 maxlen: 24
185.189.59.0/24 maxlen: 24
2a0a:2f00:1::/48 maxlen: 48
2a0a:2f00:2::/48 maxlen: 48
2a0a:2f00:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 23 Mar 2025 18:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c4:23:b7:47:18:ff:28:46:4d:c0:72:f9:1c:b9:ec:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662f55d377127f28ce26b78fd83becf41becad4b
Validity
Not Before: Mar 23 17:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a90b9437aeaf95509f3cc84973c2bd054d137ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8b:69:d9:50:db:9d:34:90:03:90:ac:12:ec:
ce:b1:fd:e5:33:bc:01:76:06:05:bf:e3:88:3e:78:
19:d2:50:e8:30:26:c2:8a:d2:ba:70:88:a2:59:f6:
e9:3e:a5:03:8d:c7:68:b5:7a:5a:d8:85:f7:ed:31:
56:b4:68:5e:49:45:d5:86:22:0f:8b:3c:20:1d:93:
64:da:a1:e4:35:7a:ac:3d:79:49:fe:63:39:59:2f:
c5:a6:97:d8:5c:fc:51:22:64:46:bf:04:df:82:ed:
1b:8a:ab:02:a0:5e:df:9a:17:57:5c:3b:79:50:26:
c6:10:3d:26:a0:b8:37:54:33:96:af:a4:45:c4:f4:
eb:b6:5f:2b:0f:aa:d4:a3:3f:0f:c3:b2:42:e5:db:
89:12:97:e1:65:ae:b2:f6:73:9c:13:0f:c5:79:b0:
84:fe:d8:76:1e:87:84:a1:b0:82:d8:74:a6:7d:6d:
b8:4f:5e:35:97:c1:05:c0:68:3b:19:81:2d:fb:3c:
45:50:ce:5c:70:38:d7:4a:ad:68:f5:58:dd:3a:af:
d4:ee:9e:38:5c:32:92:55:77:8d:f2:69:f2:65:c4:
fc:be:f1:a0:1b:d8:6a:a3:d6:53:b0:ae:d8:e3:ce:
3e:b2:1d:6a:8c:c7:67:3d:1f:13:0a:9d:cc:7e:00:
00:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0B:94:37:AE:AF:95:50:9F:3C:C8:49:73:C2:BD:05:4D:13:7A:E1
X509v3 Authority Key Identifier:
keyid:66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/qQuUN66vlVCfPMhJc8K9BU0TeuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.234.0/23
171.22.172.0/22
185.44.64.0/22
185.85.240.0/22
185.116.236.0/23
185.116.239.0/24
185.122.164.0/22
185.168.192.0/22
185.184.68.0/22
185.189.56.0/22
IPv6:
2a0a:2f00:1::-2a0a:2f00:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
99:f8:83:cf:18:8a:b6:2f:b9:2d:2d:28:10:bb:4e:54:60:c2:
81:2e:ed:71:41:43:94:9b:37:4f:97:f9:ea:ec:51:32:c0:18:
ab:03:30:7e:50:31:d6:ea:73:6f:35:e1:37:a7:f2:7f:48:41:
48:94:22:3a:75:d4:67:8b:ca:76:b4:e7:09:60:21:a2:13:98:
c3:b4:86:1b:b5:7c:18:82:e9:ec:0c:4a:26:1f:95:de:e5:fa:
bd:68:93:f2:df:1f:09:6f:b0:ad:74:1c:5c:45:55:1f:22:f3:
fd:36:2d:57:e4:94:9e:5e:08:e7:db:c6:b8:8b:1e:27:c2:fe:
6b:94:12:12:f2:23:9d:67:84:d2:75:41:42:05:a3:7d:97:93:
66:dd:f7:45:ef:e2:50:c7:94:c9:14:2c:a7:e3:19:21:c1:c6:
d0:26:50:88:ee:cf:93:6a:34:bd:4c:d5:40:c1:d6:9e:f4:49:
83:f2:76:cc:ec:49:73:57:ad:a7:56:16:b3:f0:fa:c4:f1:56:
b1:ab:c3:37:3a:a0:6c:20:48:3a:c1:21:cd:14:95:3b:f0:58:
c3:ec:d0:d8:21:57:06:06:f9:b7:f4:bf:c3:8d:f9:38:05:4c:
57:ac:87:04:a2:c7:b2:82:50:b3:f6:dc:ce:fb:3c:88:4f:62:
4d:b3:d6:69
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZXEI7dHGP8oRk3AcvkcuewIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MmY1NWQzNzcxMjdmMjhjZTI2Yjc4ZmQ4M2JlY2Y0MWJl
Y2FkNGIwHhcNMjUwMzIzMTc1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTBiOTQzN2FlYWY5NTUwOWYzY2M4NDk3M2MyYmQwNTRkMTM3YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtItp2VDbnTSQA5CsEuzOsf3lM7wB
dgYFv+OIPngZ0lDoMCbCitK6cIiiWfbpPqUDjcdotXpa2IX37TFWtGheSUXVhiIP
izwgHZNk2qHkNXqsPXlJ/mM5WS/FppfYXPxRImRGvwTfgu0biqsCoF7fmhdXXDt5
UCbGED0moLg3VDOWr6RFxPTrtl8rD6rUoz8Pw7JC5duJEpfhZa6y9nOcEw/FebCE
/th2HoeEobCC2HSmfW24T141l8EFwGg7GYEt+zxFUM5ccDjXSq1o9VjdOq/U7p44
XDKSVXeN8mnyZcT8vvGgG9hqo9ZTsK7Y484+sh1qjMdnPR8TCp3MfgAAjQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFKkLlDeur5VQnzzISXPCvQVNE3rhMB8GA1UdIwQY
MBaAFGYvVdN3En8ozia3j9g77PQb7K1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgt
OGJlMTQ2MjUzMzU2LzEvcVF1VU42NnZsVkNmUE1oSmM4SzlCVTBUZXVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgtOGJlMTQ2MjUzMzU2
LzEvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBCBAIAATA8AwQBHxnqAwQC
qxasAwQCuSxAAwQCuVXwAwQBuXTsAwQAuXTvAwQCuXqkAwQCuajAAwQCubhEAwQC
ub04MBoEAgACMBQwEgMHACoKLwAAAQMHAioKLwAAADANBgkqhkiG9w0BAQsFAAOC
AQEAmfiDzxiKti+5LS0oELtOVGDCgS7tcUFDlJs3T5f56uxRMsAYqwMwflAx1upz
bzXhN6fyf0hBSJQiOnXUZ4vKdrTnCWAhohOYw7SGG7V8GILp7AxKJh+V3uX6vWiT
8t8fCW+wrXQcXEVVHyLz/TYtV+SUnl4I59vGuIseJ8L+a5QSEvIjnWeE0nVBQgWj
fZeTZt33Re/iUMeUyRQsp+MZIcHG0CZQiO7Pk2o0vUzVQMHWnvRJg/J2zOxJc1et
p1YWs/D6xPFWsavDNzqgbCBIOsEhzRSVO/BYw+zQ2CFXBgb5t/S/w435OAVMV6yH
BKLHsoJQs/bczvs8iE9iTbPWaQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:47:41 2025 by rpki-client