Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Qoq6TzJFFhvDcWCEvdXma3WzjmA.roa
File: Qoq6TzJFFhvDcWCEvdXma3WzjmA.roa (raw, json)
Hash identifier: bEyAV6AZ8d01gpgJqX/Oi82NZRb+Ky96JpUtTaTe9+E=
Subject key identifier: 42:8A:BA:4F:32:45:16:1B:C3:71:60:84:BD:D5:E6:6B:75:B3:8E:60
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01958053F1FFD36548351F964A3A82E08DE0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Qoq6TzJFFhvDcWCEvdXma3WzjmA.roa
Signing time: Mon 10 Mar 2025 13:52:19 +0000
ROA not before: Mon 10 Mar 2025 13:52:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
194.33.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 18:04:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:80:53:f1:ff:d3:65:48:35:1f:96:4a:3a:82:e0:8d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 10 13:52:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=428aba4f3245161bc3716084bdd5e66b75b38e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:18:27:ab:a8:2e:5e:b9:e4:f8:78:5e:45:93:
06:f2:da:fd:2b:49:6e:2d:05:43:e1:18:77:4f:cd:
2d:39:b2:35:47:d0:c6:94:06:09:4c:0a:c3:f1:f7:
3b:8d:51:40:54:72:58:cc:1c:79:62:f1:7a:df:97:
04:7d:02:0f:7e:e2:d3:96:fb:28:b5:bd:c2:ab:bb:
05:55:bb:93:0e:0d:22:c9:01:70:56:3e:cd:0a:62:
bc:77:18:83:e3:7d:39:10:8f:bf:ae:89:45:32:9a:
45:39:79:b4:6d:58:96:77:1e:fd:ed:f8:0d:a4:e1:
5f:36:c6:84:c8:0f:5a:4e:01:d4:bb:f9:20:90:73:
a2:5c:07:4a:80:6b:dc:52:ec:3c:1f:ce:fc:c2:4f:
94:42:39:88:d2:d6:ec:c1:8b:9b:46:07:d5:1d:04:
94:74:99:0b:68:a2:14:ea:cd:65:84:ef:37:a5:e1:
c0:6d:57:d7:a5:7c:43:76:5b:b9:e3:a2:4a:00:6e:
45:da:5d:15:0d:b6:fa:70:53:86:94:f7:dc:de:96:
95:96:48:52:da:de:d1:1d:e2:59:5f:9e:12:bb:d5:
bf:ea:d3:51:12:e9:27:df:48:e5:20:ed:86:6d:00:
2f:4a:92:a7:b4:e8:a8:6f:47:a5:82:f8:ac:ac:bc:
33:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8A:BA:4F:32:45:16:1B:C3:71:60:84:BD:D5:E6:6B:75:B3:8E:60
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Qoq6TzJFFhvDcWCEvdXma3WzjmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.118.248.0/24
45.130.60.0/24
45.131.215.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.152.208.0/24
85.209.128.0/24
103.114.43.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
193.8.215.0/24
193.23.245.0/24
194.33.29.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:02:a8:72:a5:20:8a:2f:8f:55:09:30:ad:b1:a6:65:81:2b:
8b:4f:0e:cb:75:1e:f5:42:0c:73:8b:38:a2:0c:e2:28:32:87:
f4:e8:42:93:88:5d:06:5d:20:b3:1b:ff:97:25:f3:f4:59:32:
37:62:5d:4e:be:92:33:2c:64:b9:db:18:30:87:1b:db:d4:76:
14:63:2d:82:c8:cf:91:9d:bc:0b:19:c3:05:02:f6:a5:59:58:
e0:34:a8:fc:c4:ef:71:de:fc:0e:78:e9:ab:53:f6:1e:1c:1a:
27:a3:01:2a:a9:99:b0:3f:c6:cb:93:5a:7b:53:53:f6:37:3c:
76:d1:e7:3f:a1:76:b1:50:67:3c:7e:0f:2c:f6:7f:8f:e1:4a:
c8:70:36:4a:76:d2:b0:07:77:a0:12:6b:aa:ee:a6:19:20:b3:
6c:43:7b:da:2b:84:eb:39:8f:af:84:6d:e1:f7:fe:fe:e4:56:
e2:2d:2a:51:99:9b:97:67:a4:e5:f1:7f:92:a3:69:ae:94:30:
65:8e:e3:c5:68:bf:d2:da:2e:24:b6:4f:5b:ee:20:46:f7:bb:
30:1b:7f:dc:53:cb:34:f9:f9:e1:a1:f9:d8:e3:9f:04:12:82:
fb:c6:e0:ba:6d:00:e2:ab:c3:87:80:0d:ca:a8:74:77:ae:6f:
e5:d0:5d:df
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZWAU/H/02VINR+WSjqC4I3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMzEwMTM1MjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjhhYmE0ZjMyNDUxNjFiYzM3MTYwODRiZGQ1ZTY2Yjc1YjM4ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBgnq6guXrnk+HheRZMG8tr9K0lu
LQVD4Rh3T80tObI1R9DGlAYJTArD8fc7jVFAVHJYzBx5YvF635cEfQIPfuLTlvso
tb3Cq7sFVbuTDg0iyQFwVj7NCmK8dxiD4305EI+/rolFMppFOXm0bViWdx797fgN
pOFfNsaEyA9aTgHUu/kgkHOiXAdKgGvcUuw8H878wk+UQjmI0tbswYubRgfVHQSU
dJkLaKIU6s1lhO83peHAbVfXpXxDdlu546JKAG5F2l0VDbb6cFOGlPfc3paVlkhS
2t7RHeJZX54Su9W/6tNREukn30jlIO2GbQAvSpKntOiob0elgvisrLwzrQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFEKKuk8yRRYbw3FghL3V5mt1s45gMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUW9xNlR6SkZGaHZEY1dDRXZkWG1hM1d6am1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQALQl1AwQA
LXb4AwQALYI8AwQALYPXAwQALYlRAwQALYwNAwQALY2xAwQALZjQAwQAVdGAAwQA
Z3IrAwQAuXqrAwQAuX5AAwQAuX5CAwQAwQjXAwQAwRf1AwQAwiEdMA0GCSqGSIb3
DQEBCwUAA4IBAQC4AqhypSCKL49VCTCtsaZlgSuLTw7LdR71QgxziziiDOIoMof0
6EKTiF0GXSCzG/+XJfP0WTI3Yl1OvpIzLGS52xgwhxvb1HYUYy2CyM+RnbwLGcMF
AvalWVjgNKj8xO9x3vwOeOmrU/YeHBonowEqqZmwP8bLk1p7U1P2Nzx20ec/oXax
UGc8fg8s9n+P4UrIcDZKdtKwB3egEmuq7qYZILNsQ3vaK4TrOY+vhG3h9/7+5Fbi
LSpRmZuXZ6Tl8X+So2mulDBljuPFaL/S2i4ktk9b7iBG97swG3/cU8s0+fnhofnY
458EEoL7xuC6bQDiq8OHgA3KqHR3rm/l0F3f
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:21:41 2025 by rpki-client