Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QHRvGvlK6-w-AMLArrWN8eLS7io.roa
File: QHRvGvlK6-w-AMLArrWN8eLS7io.roa (raw, json)
Hash identifier: FZ62HgAciNuMn6pOku2HjnAruPY80Oxzitmd1y8Blvk=
Subject key identifier: 40:74:6F:1A:F9:4A:EB:EC:3E:00:C2:C0:AE:B5:8D:F1:E2:D2:EE:2A
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0196F23AF6BEE407A9C4B2DF565CCB624013
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QHRvGvlK6-w-AMLArrWN8eLS7io.roa
Signing time: Wed 21 May 2025 09:44:32 +0000
ROA not before: Wed 21 May 2025 09:44:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62251
IP address blocks: 2a0d:8341::/32 maxlen: 32
2a0d:8342::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Jun 2025 11:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:3a:f6:be:e4:07:a9:c4:b2:df:56:5c:cb:62:40:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: May 21 09:44:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40746f1af94aebec3e00c2c0aeb58df1e2d2ee2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c4:d1:c8:9e:17:ff:c0:71:5b:36:02:91:24:
c8:82:f3:4f:a7:38:79:c0:cd:7b:a6:42:42:fe:b3:
99:4f:2a:e4:b4:93:89:07:0a:9b:3d:f8:d2:b6:2e:
14:cf:15:b0:13:42:cd:f3:4d:3c:f1:a6:81:56:53:
27:3c:83:b6:54:8f:43:62:87:97:c7:93:86:58:32:
35:9e:3f:d0:ce:84:6d:5e:fc:d3:de:1c:01:e3:8e:
ca:7b:36:49:e4:1e:71:a8:ef:b4:af:b9:a8:47:94:
a8:dc:51:66:a6:50:32:39:08:ce:d3:2d:75:53:98:
f4:d5:a5:74:b3:4a:61:75:64:b2:c2:2c:5e:ad:4e:
ad:19:2d:32:0f:5c:df:10:81:19:5a:03:32:62:a3:
db:57:7a:4d:b9:1f:28:f7:9b:d6:c7:f2:04:8d:6a:
a4:b0:52:b1:12:84:98:2e:96:f3:ae:2f:b7:9f:7b:
0e:4c:c8:b4:de:93:da:22:4b:b3:08:2e:9c:6b:c5:
ea:c2:04:95:32:d4:51:23:90:fe:1d:bd:c2:e1:0e:
e6:57:d8:be:49:26:51:56:f9:fe:c5:5f:52:b5:56:
cb:ee:9b:de:10:87:e4:61:35:e3:d0:55:e8:8c:f8:
0d:c3:78:af:95:0e:09:ec:fa:5c:04:56:f6:22:77:
31:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:74:6F:1A:F9:4A:EB:EC:3E:00:C2:C0:AE:B5:8D:F1:E2:D2:EE:2A
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/QHRvGvlK6-w-AMLArrWN8eLS7io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8341::-2a0d:8342:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
36:44:be:0a:5b:a1:a0:13:1f:4b:a2:41:5d:6b:ba:37:bd:b5:
3c:91:c1:09:e4:6c:2f:2f:f3:aa:f9:59:45:cd:f6:08:a9:87:
aa:15:75:b9:cb:85:a6:01:14:d9:b6:cc:e4:4d:66:40:ba:55:
e7:c2:b1:d1:f3:c1:42:30:83:ff:a2:ba:3b:77:ef:51:b3:0c:
42:ce:b3:45:32:c9:d6:9a:6b:94:fb:9d:15:71:2a:4c:34:c7:
98:64:51:6a:34:07:d6:21:35:b0:d4:88:8d:f7:e8:8b:3a:30:
4c:bf:a1:b0:dd:7c:72:1a:69:61:17:00:63:27:50:7a:43:f5:
ba:e5:c2:3e:aa:15:33:e6:aa:1b:b2:04:da:44:64:39:ab:33:
34:a3:d5:cd:bc:bd:cc:d7:e0:ae:44:6b:ae:57:2f:c4:cf:0e:
42:af:10:f2:89:45:b5:c6:ed:67:4f:56:a1:b4:95:6e:ec:60:
d6:79:26:cc:a5:90:96:04:17:ca:5f:d1:21:8b:8a:88:10:e7:
99:e6:10:28:b6:23:a8:05:72:a6:bb:2f:f9:bd:81:0a:c5:09:
c3:6b:5f:ff:d3:51:6a:da:da:53:82:c5:3c:8b:10:3b:16:cf:
ba:f8:dc:57:fd:bd:db:86:7b:cf:16:e6:16:61:0f:5f:c6:7d:
13:e0:71:da
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZbyOva+5AepxLLfVlzLYkATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNTIxMDk0NDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDc0NmYxYWY5NGFlYmVjM2UwMGMyYzBhZWI1OGRmMWUyZDJlZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMTRyJ4X/8BxWzYCkSTIgvNPpzh5
wM17pkJC/rOZTyrktJOJBwqbPfjSti4UzxWwE0LN80088aaBVlMnPIO2VI9DYoeX
x5OGWDI1nj/QzoRtXvzT3hwB447KezZJ5B5xqO+0r7moR5So3FFmplAyOQjO0y11
U5j01aV0s0phdWSywixerU6tGS0yD1zfEIEZWgMyYqPbV3pNuR8o95vWx/IEjWqk
sFKxEoSYLpbzri+3n3sOTMi03pPaIkuzCC6ca8XqwgSVMtRRI5D+Hb3C4Q7mV9i+
SSZRVvn+xV9StVbL7pveEIfkYTXj0FXojPgNw3ivlQ4J7PpcBFb2Incx1wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFEB0bxr5SuvsPgDCwK61jfHi0u4qMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUUhSdkd2bEs2LXctQU1MQXJyV044ZUxTN2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDYNB
AwUAKg2DQjANBgkqhkiG9w0BAQsFAAOCAQEANkS+CluhoBMfS6JBXWu6N721PJHB
CeRsLy/zqvlZRc32CKmHqhV1ucuFpgEU2bbM5E1mQLpV58Kx0fPBQjCD/6K6O3fv
UbMMQs6zRTLJ1pprlPudFXEqTDTHmGRRajQH1iE1sNSIjffoizowTL+hsN18chpp
YRcAYydQekP1uuXCPqoVM+aqG7IE2kRkOaszNKPVzby9zNfgrkRrrlcvxM8OQq8Q
8olFtcbtZ09WobSVbuxg1nkmzKWQlgQXyl/RIYuKiBDnmeYQKLYjqAVyprsv+b2B
CsUJw2tf/9NRatraU4LFPIsQOxbPuvjcV/2924Z7zxbmFmEPX8Z9E+Bx2g==
-----END CERTIFICATE-----
Generated at Sat Jun 7 02:29:27 2025 by rpki-client