Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/QbeD900684NH4snUeAPQUAG7dFI.roa
File: QbeD900684NH4snUeAPQUAG7dFI.roa (raw, json)
Hash identifier: k1cQzvyVk80f/2C+6L/chF6dBX1XkNuaffjikHs2dfI=
Subject key identifier: 41:B7:83:F7:4D:3A:F3:83:47:E2:C9:D4:78:03:D0:50:01:BB:74:52
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 01947564C77F3FF986AFDEAA6135966F6C44
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/QbeD900684NH4snUeAPQUAG7dFI.roa
Signing time: Fri 17 Jan 2025 17:52:06 +0000
ROA not before: Fri 17 Jan 2025 17:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214128
IP address blocks: 188.95.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 13:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:75:64:c7:7f:3f:f9:86:af:de:aa:61:35:96:6f:6c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jan 17 17:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41b783f74d3af38347e2c9d47803d05001bb7452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:aa:22:c9:83:f7:c5:88:c5:3e:ee:8f:58:b7:
63:ae:b6:f9:0e:5f:82:07:9e:ee:fa:e0:bb:eb:1b:
46:57:56:53:b8:2a:d3:34:7e:05:e9:85:3a:03:1f:
93:04:07:b2:a6:52:44:32:76:93:f1:64:f0:54:75:
b2:03:0b:8c:15:88:b6:09:d4:c6:21:76:fb:8e:47:
f1:fa:e3:f9:9c:1e:d5:44:54:08:af:20:e2:b4:6f:
0b:48:d5:42:48:4f:a9:47:df:c5:59:3f:b5:16:52:
ae:29:d9:95:6d:7b:ba:77:d6:51:9f:d4:82:81:3e:
e7:2e:d3:d2:1f:3d:d4:a0:2c:31:3e:f5:3a:e3:cb:
10:53:45:ab:42:f0:8f:c2:0d:4c:ae:77:f5:f9:c5:
d5:6c:01:ac:bb:13:a3:e3:87:69:22:42:2f:12:f4:
b9:6f:0d:15:ab:97:25:99:e8:48:0d:a3:a3:d6:01:
12:f5:e6:66:a6:c4:39:c6:a2:d1:79:ce:c0:da:96:
2b:af:bc:86:0c:aa:d4:68:4e:f6:78:2f:39:af:71:
9e:ee:c0:1b:dc:80:af:0a:96:8c:01:03:c8:a4:a6:
87:77:d4:75:48:63:a5:52:a5:32:a7:b9:57:33:9c:
87:74:bd:df:6c:e7:ff:7e:d2:ad:ec:fd:f6:f9:72:
d8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B7:83:F7:4D:3A:F3:83:47:E2:C9:D4:78:03:D0:50:01:BB:74:52
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/QbeD900684NH4snUeAPQUAG7dFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.67.0/24
Signature Algorithm: sha256WithRSAEncryption
17:41:2a:00:89:c1:5c:dc:6d:bd:e6:ff:3f:f7:ef:49:bf:fc:
50:8d:66:22:9c:92:d4:f9:7c:7b:68:17:a9:2d:56:0a:df:b4:
00:26:13:ee:93:ee:a6:58:23:4f:a7:45:53:14:15:22:61:49:
7c:f7:c9:34:4f:f2:ad:52:35:0e:72:27:6e:c1:17:be:af:2b:
f1:6c:da:a9:9c:d7:59:02:51:47:7f:55:7d:94:c2:bd:73:68:
09:65:6c:f2:90:59:47:9d:98:7c:7d:53:09:ca:01:91:31:28:
fb:50:be:cd:ee:df:c5:1b:5c:07:31:1a:b3:f6:06:e9:7c:59:
15:1c:82:00:56:24:63:e2:3c:02:a0:82:44:e8:13:65:61:65:
d6:d8:2f:7c:27:52:f1:8e:4e:6b:ba:5e:b8:5e:40:f1:c7:39:
5f:63:77:39:ee:04:e4:e8:a4:40:34:f2:c9:8c:d8:19:0a:6f:
eb:e8:e2:be:2f:b9:39:0f:ce:0c:42:3a:b2:7d:52:fa:26:27:
fd:42:2d:a2:b9:f3:15:7a:fc:0d:ef:8b:ac:6d:af:61:c8:68:
42:ef:e6:b7:71:04:47:ca:13:2d:5a:36:28:05:5a:a2:e4:62:
50:66:bf:6d:54:9b:2b:8c:3b:86:24:8a:36:b9:ca:99:df:0f:
ab:b0:13:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR1ZMd/P/mGr96qYTWWb2xEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwMTE3MTc1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWI3ODNmNzRkM2FmMzgzNDdlMmM5ZDQ3ODAzZDA1MDAxYmI3NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aoiyYP3xYjFPu6PWLdjrrb5Dl+C
B57u+uC76xtGV1ZTuCrTNH4F6YU6Ax+TBAeyplJEMnaT8WTwVHWyAwuMFYi2CdTG
IXb7jkfx+uP5nB7VRFQIryDitG8LSNVCSE+pR9/FWT+1FlKuKdmVbXu6d9ZRn9SC
gT7nLtPSHz3UoCwxPvU648sQU0WrQvCPwg1Mrnf1+cXVbAGsuxOj44dpIkIvEvS5
bw0Vq5clmehIDaOj1gES9eZmpsQ5xqLRec7A2pYrr7yGDKrUaE72eC85r3Ge7sAb
3ICvCpaMAQPIpKaHd9R1SGOlUqUyp7lXM5yHdL3fbOf/ftKt7P32+XLYuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEG3g/dNOvODR+LJ1HgD0FABu3RSMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvUWJlRDkwMDY4NE5INHNuVWVBUFFVQUc3ZEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvF9DMA0G
CSqGSIb3DQEBCwUAA4IBAQAXQSoAicFc3G295v8/9+9Jv/xQjWYinJLU+Xx7aBep
LVYK37QAJhPuk+6mWCNPp0VTFBUiYUl898k0T/KtUjUOciduwRe+ryvxbNqpnNdZ
AlFHf1V9lMK9c2gJZWzykFlHnZh8fVMJygGRMSj7UL7N7t/FG1wHMRqz9gbpfFkV
HIIAViRj4jwCoIJE6BNlYWXW2C98J1Lxjk5rul64XkDxxzlfY3c57gTk6KRANPLJ
jNgZCm/r6OK+L7k5D84MQjqyfVL6Jif9Qi2iufMVevwN74usba9hyGhC7+a3cQRH
yhMtWjYoBVqi5GJQZr9tVJsrjDuGJIo2ucqZ3w+rsBOF
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:51:15 2025 by rpki-client