Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/QeQfclq3eLQ-JLU59ShNFXTdkiA.roa
File: QeQfclq3eLQ-JLU59ShNFXTdkiA.roa (raw, json)
Hash identifier: WpCU5wAaqmz5PRfa+5NxBXl1f7EsMClmFrvR8aYvR+E=
Subject key identifier: 41:E4:1F:72:5A:B7:78:B4:3E:24:B5:39:F5:28:4D:15:74:DD:92:20
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 0195948AF693764280498838857DB5BEF4C5
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/QeQfclq3eLQ-JLU59ShNFXTdkiA.roa
Signing time: Fri 14 Mar 2025 12:04:49 +0000
ROA not before: Fri 14 Mar 2025 12:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43606
IP address blocks: 91.212.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 05:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:94:8a:f6:93:76:42:80:49:88:38:85:7d:b5:be:f4:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: Mar 14 12:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41e41f725ab778b43e24b539f5284d1574dd9220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a6:03:7e:b7:b2:cd:39:b6:2a:3a:58:7c:81:
ed:e4:ca:e4:1a:e5:9a:e4:cd:85:b7:48:d5:34:77:
0d:b1:44:80:94:94:d5:14:4f:c7:c5:ef:16:5c:c0:
7b:d4:77:b3:15:c3:b6:c2:7d:a9:2b:40:f0:a3:ec:
7c:ca:2d:e8:e9:5e:c9:14:bf:62:26:cd:df:6c:cc:
db:c2:cf:19:30:9e:ac:81:6b:cf:dd:d3:9b:ce:d7:
7a:76:00:01:86:6d:36:38:06:1a:c7:47:b1:7a:9c:
70:8d:dc:e5:52:12:4b:e9:12:b1:6a:70:35:30:9a:
aa:1f:83:57:d7:03:5b:f0:54:e2:8e:28:dd:25:f4:
c1:e6:e2:fd:11:b2:4e:d1:b3:45:72:9f:2f:81:3b:
1a:45:dc:41:08:87:c9:ce:61:74:75:99:dc:1b:78:
0c:d1:ff:19:98:57:20:6d:0b:f5:a5:c5:7c:7f:8d:
3d:61:08:4e:98:34:b7:f2:45:55:ce:07:fa:1b:a7:
44:ea:50:34:27:b4:d8:eb:ac:94:3f:be:2e:95:56:
d0:94:e1:26:3c:08:a1:7c:47:28:36:bf:34:50:8f:
24:84:05:f7:6a:dd:81:ef:6a:f6:ec:05:53:71:d5:
90:1c:97:fa:58:17:ea:e7:7a:94:91:26:6b:e9:69:
ae:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E4:1F:72:5A:B7:78:B4:3E:24:B5:39:F5:28:4D:15:74:DD:92:20
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/QeQfclq3eLQ-JLU59ShNFXTdkiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.93.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:0e:5d:da:c7:aa:f6:01:1f:c8:ef:ce:a3:24:6a:14:d0:9b:
56:3e:ed:9e:08:79:14:6c:d5:47:06:23:31:28:04:88:53:fd:
19:01:bd:66:4e:e6:40:11:a6:d1:1f:40:7a:e8:d5:95:35:12:
43:21:5a:62:f7:0f:20:72:73:10:5f:c5:26:83:d3:ff:7e:5f:
90:1e:f4:29:f0:71:d8:8d:8b:e2:1d:17:ee:22:1a:aa:ed:40:
80:7c:02:84:b8:63:1f:bc:be:01:76:c5:28:13:32:83:8b:4d:
94:c3:ce:d2:09:48:b1:86:24:c4:ae:0a:ec:38:3d:b7:d2:8c:
51:b0:9a:94:37:7c:04:3a:f1:da:3f:62:97:d0:9e:cc:a0:b2:
0d:5d:12:04:37:89:b2:9e:66:a8:2e:c8:14:d6:16:b9:27:a2:
44:90:37:de:cf:cd:65:0a:11:fd:64:03:b7:e0:6b:4c:4d:f1:
20:ad:a4:90:0c:b5:37:bf:3f:e9:1a:3e:13:da:da:4a:b9:76:
5d:2f:b7:bc:c3:47:dd:5d:e4:cb:1c:c2:c8:6b:96:e6:86:3a:
cc:3f:a7:a3:47:d8:94:2d:55:80:37:5e:12:2d:36:42:8f:ec:
3d:8a:69:78:16:e6:0d:cd:a8:2e:99:2a:c8:39:10:1c:a0:4f:
2f:dd:e4:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWUivaTdkKASYg4hX21vvTFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjUwMzE0MTIwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU0MWY3MjVhYjc3OGI0M2UyNGI1MzlmNTI4NGQxNTc0ZGQ5MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKYDfreyzTm2KjpYfIHt5MrkGuWa
5M2Ft0jVNHcNsUSAlJTVFE/Hxe8WXMB71HezFcO2wn2pK0Dwo+x8yi3o6V7JFL9i
Js3fbMzbws8ZMJ6sgWvP3dObztd6dgABhm02OAYax0exepxwjdzlUhJL6RKxanA1
MJqqH4NX1wNb8FTijijdJfTB5uL9EbJO0bNFcp8vgTsaRdxBCIfJzmF0dZncG3gM
0f8ZmFcgbQv1pcV8f409YQhOmDS38kVVzgf6G6dE6lA0J7TY66yUP74ulVbQlOEm
PAihfEcoNr80UI8khAX3at2B72r27AVTcdWQHJf6WBfq53qUkSZr6WmuFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHkH3Jat3i0PiS1OfUoTRV03ZIgMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvUWVRZmNscTNlTFEtSkxVNTlTaE5GWFRka2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9RdMA0G
CSqGSIb3DQEBCwUAA4IBAQBtDl3ax6r2AR/I786jJGoU0JtWPu2eCHkUbNVHBiMx
KASIU/0ZAb1mTuZAEabRH0B66NWVNRJDIVpi9w8gcnMQX8Umg9P/fl+QHvQp8HHY
jYviHRfuIhqq7UCAfAKEuGMfvL4BdsUoEzKDi02Uw87SCUixhiTErgrsOD230oxR
sJqUN3wEOvHaP2KX0J7MoLINXRIEN4mynmaoLsgU1ha5J6JEkDfez81lChH9ZAO3
4GtMTfEgraSQDLU3vz/pGj4T2tpKuXZdL7e8w0fdXeTLHMLIa5bmhjrMP6ejR9iU
LVWAN14SLTZCj+w9iml4FuYNzagumSrIORAcoE8v3eRZ
-----END CERTIFICATE-----
Generated at Tue Jun 10 08:40:10 2025 by rpki-client