Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/QeMEop5V1KQZeD3YGA9yjHm-aL8.roa
File: QeMEop5V1KQZeD3YGA9yjHm-aL8.roa (raw, json)
Hash identifier: K1ZpFBJjOIEk8DWGFAsqAoWK4gX/Et3KxirlPwMr40E=
Subject key identifier: 41:E3:04:A2:9E:55:D4:A4:19:78:3D:D8:18:0F:72:8C:79:BE:68:BF
Certificate issuer: /CN=fc55e0533efaa5624f538b92ed1a973feff89751
Certificate serial: 019468FFA3332D527973CB301956C0307402
Authority key identifier: FC:55:E0:53:3E:FA:A5:62:4F:53:8B:92:ED:1A:97:3F:EF:F8:97:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_FXgUz76pWJPU4uS7RqXP-_4l1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/QeMEop5V1KQZeD3YGA9yjHm-aL8.roa
Signing time: Wed 15 Jan 2025 08:06:11 +0000
ROA not before: Wed 15 Jan 2025 08:06:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.84.116.0/24 maxlen: 24
185.84.118.0/24 maxlen: 24
185.132.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 08:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:68:ff:a3:33:2d:52:79:73:cb:30:19:56:c0:30:74:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc55e0533efaa5624f538b92ed1a973feff89751
Validity
Not Before: Jan 15 08:06:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41e304a29e55d4a419783dd8180f728c79be68bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3f:37:1f:2f:4c:68:72:22:9e:7e:35:23:49:
7e:99:83:2e:3f:85:76:2a:ef:40:58:5c:8d:33:c7:
4a:47:3e:d0:d3:da:74:d7:46:2d:f7:f2:f4:df:b2:
66:58:00:6a:46:6f:12:e0:16:db:f1:6d:69:11:89:
98:32:a3:f5:00:52:4e:36:0e:ed:d7:51:aa:e4:8e:
5e:9d:3e:e5:65:65:3a:7f:83:54:a9:bb:52:12:a8:
07:57:0b:da:47:7f:79:2a:e8:1e:28:ea:79:d4:2f:
ae:8a:b9:ef:50:b3:c7:bb:c9:68:5c:71:0a:8b:b5:
ca:e1:72:1e:bf:02:0f:06:49:a8:48:06:6b:0c:3b:
c9:66:04:7b:9d:29:74:cc:62:d7:ee:56:b1:c1:1a:
55:a3:57:a5:0b:eb:d8:ee:46:e7:70:ec:26:76:96:
06:14:53:39:eb:09:59:d5:9d:95:55:aa:a7:1d:74:
8a:95:5a:7e:0e:64:80:65:10:7d:18:d9:a8:e9:c5:
a2:8c:97:d8:e4:ae:dc:85:67:29:d9:a7:04:e8:51:
a5:11:e5:d5:e8:5c:00:e9:f8:b3:82:65:dd:7a:e3:
fd:6d:cd:a8:d7:e8:8f:e3:48:1f:f8:3d:e1:3e:0e:
8a:6f:0e:aa:fa:8f:35:6d:1c:9a:a5:4c:79:27:fc:
34:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E3:04:A2:9E:55:D4:A4:19:78:3D:D8:18:0F:72:8C:79:BE:68:BF
X509v3 Authority Key Identifier:
keyid:FC:55:E0:53:3E:FA:A5:62:4F:53:8B:92:ED:1A:97:3F:EF:F8:97:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_FXgUz76pWJPU4uS7RqXP-_4l1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/QeMEop5V1KQZeD3YGA9yjHm-aL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/5e753d-c33d-47a3-8e82-a52862b44563/1/_FXgUz76pWJPU4uS7RqXP-_4l1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.116.0/24
185.84.118.0/24
185.132.188.0/24
Signature Algorithm: sha256WithRSAEncryption
be:38:bd:a4:54:7e:b9:03:cb:00:a6:f5:ef:90:fe:a2:5b:33:
c1:3d:e1:78:12:20:b0:b4:c8:ef:41:c5:aa:e2:24:3c:41:14:
49:7b:4e:e6:15:3e:bf:03:fd:eb:63:6b:58:20:b3:b0:d2:5e:
25:98:d0:ae:6b:40:db:c4:5a:00:99:71:52:76:27:54:44:b9:
cb:7a:b9:8d:25:eb:f0:d8:4c:74:3d:4a:18:ee:e5:5d:9d:22:
d4:4c:61:8e:77:ac:1a:12:03:82:1f:68:e7:70:87:27:9f:1f:
62:e4:1b:f2:85:67:97:72:76:c3:22:53:bd:a8:84:25:3a:b0:
5c:d8:20:3c:0e:56:93:2e:bb:03:4b:1e:5e:a4:76:48:12:e3:
b6:55:4b:c8:b5:0a:8b:0e:e4:19:fe:f2:98:0c:1d:d4:35:e9:
e2:f1:97:f7:52:43:8d:8c:76:e4:bb:0e:3f:92:c7:dd:e6:0a:
03:ae:2a:b7:80:0a:5f:3d:d4:83:2f:2e:66:1f:34:06:b9:37:
c4:6c:7a:76:a7:03:99:1c:db:4b:01:46:6e:99:a1:e9:c9:a6:
ed:45:a3:7c:6e:34:6a:b4:27:9c:4f:8e:fd:79:ba:56:8c:a9:
92:0d:42:91:68:f4:a6:47:43:ab:b1:2c:f1:c0:d9:60:e2:a6:
e5:8a:73:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRo/6MzLVJ5c8swGVbAMHQCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNTVlMDUzM2VmYWE1NjI0ZjUzOGI5MmVkMWE5NzNmZWZm
ODk3NTEwHhcNMjUwMTE1MDgwNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWUzMDRhMjllNTVkNGE0MTk3ODNkZDgxODBmNzI4Yzc5YmU2OGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArz83Hy9MaHIinn41I0l+mYMuP4V2
Ku9AWFyNM8dKRz7Q09p010Yt9/L037JmWABqRm8S4Bbb8W1pEYmYMqP1AFJONg7t
11Gq5I5enT7lZWU6f4NUqbtSEqgHVwvaR395KugeKOp51C+uirnvULPHu8loXHEK
i7XK4XIevwIPBkmoSAZrDDvJZgR7nSl0zGLX7laxwRpVo1elC+vY7kbncOwmdpYG
FFM56wlZ1Z2VVaqnHXSKlVp+DmSAZRB9GNmo6cWijJfY5K7chWcp2acE6FGlEeXV
6FwA6fizgmXdeuP9bc2o1+iP40gf+D3hPg6Kbw6q+o81bRyapUx5J/w0ywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEHjBKKeVdSkGXg92BgPcox5vmi/MB8GA1UdIwQY
MBaAFPxV4FM++qViT1OLku0alz/v+JdRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ZYZ1V6NzZwV0pQVTR1UzdScVhQLV80bDFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC81ZTc1M2QtYzMzZC00N2EzLThlODIt
YTUyODYyYjQ0NTYzLzEvUWVNRW9wNVYxS1FaZUQzWUdBOXlqSG0tYUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC81ZTc1M2QtYzMzZC00N2EzLThlODItYTUyODYyYjQ0NTYz
LzEvX0ZYZ1V6NzZwV0pQVTR1UzdScVhQLV80bDFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuVR0AwQA
uVR2AwQAuYS8MA0GCSqGSIb3DQEBCwUAA4IBAQC+OL2kVH65A8sApvXvkP6iWzPB
PeF4EiCwtMjvQcWq4iQ8QRRJe07mFT6/A/3rY2tYILOw0l4lmNCua0DbxFoAmXFS
didURLnLermNJevw2Ex0PUoY7uVdnSLUTGGOd6waEgOCH2jncIcnnx9i5BvyhWeX
cnbDIlO9qIQlOrBc2CA8DlaTLrsDSx5epHZIEuO2VUvItQqLDuQZ/vKYDB3UNeni
8Zf3UkONjHbkuw4/ksfd5goDriq3gApfPdSDLy5mHzQGuTfEbHp2pwOZHNtLAUZu
maHpyabtRaN8bjRqtCecT479ebpWjKmSDUKRaPSmR0OrsSzxwNlg4qblinOg
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:42:06 2025 by rpki-client