Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QnEu_QM-gUR_wrgKAWmGmjIYLdo.roa
File: QnEu_QM-gUR_wrgKAWmGmjIYLdo.roa (raw, json)
Hash identifier: pMIeeGqYJoMJJlH1qFrA8IPrI9psI982MhypNYAi5jg=
Subject key identifier: 42:71:2E:FD:03:3E:81:44:7F:C2:B8:0A:01:69:86:9A:32:18:2D:DA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01959DCD439DFA58A4C1040688AFA7974172
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QnEu_QM-gUR_wrgKAWmGmjIYLdo.roa
Signing time: Sun 16 Mar 2025 07:13:49 +0000
ROA not before: Sun 16 Mar 2025 07:13:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 217.60.199.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
217.60.243.0/24 maxlen: 24
217.60.246.0/24 maxlen: 24
217.60.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 15:55:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9d:cd:43:9d:fa:58:a4:c1:04:06:88:af:a7:97:41:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 16 07:13:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42712efd033e81447fc2b80a0169869a32182dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:71:f0:51:c8:c4:19:dd:8a:05:2c:30:8b:c6:
4b:77:74:3a:e8:68:b8:f8:91:5c:1d:1b:c6:4d:c2:
b9:e5:8b:a0:67:ab:0c:64:6e:03:1b:48:53:f0:49:
de:96:ac:59:f0:00:07:11:cc:ea:6f:af:4d:f1:67:
af:c2:6c:35:2e:ef:0b:0e:af:b6:f0:a4:df:da:71:
2d:e1:20:7a:73:31:8c:56:8f:2e:72:1f:fb:99:ac:
cd:d4:f8:50:d4:6c:1b:64:0b:6d:02:2b:ca:97:29:
4d:b2:41:9a:d0:8f:21:14:7a:01:2c:b6:87:26:5b:
43:11:bd:32:a7:32:bd:2e:fd:21:09:d2:f9:41:5e:
c0:65:11:86:8b:72:c5:f2:42:ec:33:b6:5e:c3:c3:
c7:75:b2:70:85:3c:ed:1b:53:d6:22:fa:cd:1e:26:
64:b8:d0:78:de:b6:7a:fe:6b:fb:a4:de:91:c5:eb:
d4:84:1c:0d:20:73:6f:4c:ac:ae:f6:f5:38:6f:d0:
86:c1:43:18:9a:a6:67:29:88:6d:79:67:09:a2:f7:
97:02:e9:38:27:34:67:97:67:cc:c5:c1:81:80:33:
65:40:0d:00:9d:8c:61:1c:18:cb:24:83:5a:6c:a8:
49:90:d7:e3:9e:36:1a:37:9a:1d:a8:73:cb:cc:49:
da:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:71:2E:FD:03:3E:81:44:7F:C2:B8:0A:01:69:86:9A:32:18:2D:DA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QnEu_QM-gUR_wrgKAWmGmjIYLdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.199.0/24
217.60.237.0-217.60.238.255
217.60.243.0/24
217.60.246.0/24
217.60.248.0/24
Signature Algorithm: sha256WithRSAEncryption
09:32:82:a7:a4:ea:eb:63:ef:8e:a3:f3:ed:56:7f:fb:7b:ef:
16:87:c4:26:e8:d1:8f:25:11:a3:d5:8c:54:e8:57:2b:f7:09:
b0:28:52:a4:43:fe:ae:5e:9b:d3:8a:25:a6:ab:d0:c2:4b:52:
ac:b7:f9:3b:25:07:99:de:1e:a4:ba:3f:b9:c8:60:a8:d4:8a:
e0:9c:c6:b2:9c:76:44:00:9c:2e:22:2c:9c:5d:00:b9:06:95:
f6:4f:61:c8:a8:a6:a6:fe:bb:d6:2e:18:6e:44:df:cc:30:95:
5c:52:c0:27:5a:21:86:3d:2c:d9:06:b6:c4:74:27:ec:68:55:
7f:36:f5:57:04:76:f5:6b:dc:86:30:93:f5:07:9e:f8:e7:62:
f1:b3:fb:09:99:22:47:12:46:04:46:88:7d:24:a0:b0:f5:1f:
de:84:ae:96:38:4f:1a:2a:13:4b:45:06:3d:8b:34:ef:b8:43:
fc:69:30:18:9d:c2:13:44:05:04:c7:53:43:4c:59:23:d2:76:
a1:c4:fa:9f:f0:7a:0a:36:d1:03:70:2d:7e:c6:81:af:37:3a:
da:67:81:e5:3b:54:81:8b:b2:61:ea:1a:d1:18:89:da:69:93:
ac:47:db:35:b3:8a:64:5b:58:2f:3d:26:69:8b:c2:71:6f:2a:
91:e7:9d:bb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZWdzUOd+likwQQGiK+nl0FyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE2MDcxMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjcxMmVmZDAzM2U4MTQ0N2ZjMmI4MGEwMTY5ODY5YTMyMTgyZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33HwUcjEGd2KBSwwi8ZLd3Q66Gi4
+JFcHRvGTcK55YugZ6sMZG4DG0hT8EnelqxZ8AAHEczqb69N8Wevwmw1Lu8LDq+2
8KTf2nEt4SB6czGMVo8uch/7mazN1PhQ1GwbZAttAivKlylNskGa0I8hFHoBLLaH
JltDEb0ypzK9Lv0hCdL5QV7AZRGGi3LF8kLsM7Zew8PHdbJwhTztG1PWIvrNHiZk
uNB43rZ6/mv7pN6RxevUhBwNIHNvTKyu9vU4b9CGwUMYmqZnKYhteWcJoveXAuk4
JzRnl2fMxcGBgDNlQA0AnYxhHBjLJINabKhJkNfjnjYaN5odqHPLzEnaJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEJxLv0DPoFEf8K4CgFphpoyGC3aMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUW5FdV9RTS1nVVJfd3JnS0FXbUdtaklZTGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQA2TzHMAwD
BADZPO0DBADZPO4DBADZPPMDBADZPPYDBADZPPgwDQYJKoZIhvcNAQELBQADggEB
AAkygqek6utj746j8+1Wf/t77xaHxCbo0Y8lEaPVjFToVyv3CbAoUqRD/q5em9OK
Jaar0MJLUqy3+TslB5neHqS6P7nIYKjUiuCcxrKcdkQAnC4iLJxdALkGlfZPYcio
pqb+u9YuGG5E38wwlVxSwCdaIYY9LNkGtsR0J+xoVX829VcEdvVr3IYwk/UHnvjn
YvGz+wmZIkcSRgRGiH0koLD1H96ErpY4TxoqE0tFBj2LNO+4Q/xpMBidwhNEBQTH
U0NMWSPSdqHE+p/wego20QNwLX7Gga83OtpngeU7VIGLsmHqGtEYidppk6xH2zWz
imRbWC89JmmLwnFvKpHnnbs=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:54:12 2025 by rpki-client