Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/Q7kj_BHBJgDo1QApzSTNg_DoOrM.roa
File: Q7kj_BHBJgDo1QApzSTNg_DoOrM.roa (raw, json)
Hash identifier: cLSQaE0pEjw2WSk3qBS7WGe7ItRLvMp3IAklyIAcRDQ=
Subject key identifier: 43:B9:23:FC:11:C1:26:00:E8:D5:00:29:CD:24:CD:83:F0:E8:3A:B3
Certificate issuer: /CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Certificate serial: 01955ADCE303A041E38D3957CC444BC8DD71
Authority key identifier: 7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/Q7kj_BHBJgDo1QApzSTNg_DoOrM.roa
Signing time: Mon 03 Mar 2025 07:16:20 +0000
ROA not before: Mon 03 Mar 2025 07:16:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213459
IP address blocks: 193.164.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 13:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5a:dc:e3:03:a0:41:e3:8d:39:57:cc:44:4b:c8:dd:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Validity
Not Before: Mar 3 07:16:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43b923fc11c12600e8d50029cd24cd83f0e83ab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5d:db:e2:a6:5a:2c:e3:79:9a:f4:54:d8:e9:
90:34:5f:a8:d8:b5:e0:09:d4:f1:65:28:fe:0e:cb:
ff:99:5b:fe:df:90:42:81:fc:20:50:06:50:e1:ff:
b1:f3:01:4e:9c:95:1b:04:87:5b:be:0a:61:b4:bf:
80:f9:ca:dd:fb:44:95:89:c4:54:6a:cd:0f:23:86:
19:02:d5:ad:ac:c3:2e:7a:10:59:4c:03:ce:42:74:
77:37:e5:85:e0:cb:75:e9:6c:6e:d2:da:5d:aa:63:
4d:d9:31:04:a6:60:b5:4d:3d:71:ca:72:7b:8f:22:
06:33:1f:da:b8:e0:7e:b0:ce:83:95:5d:16:cc:c9:
4a:f1:20:ec:67:3e:d6:4c:a0:c2:e5:55:f9:b8:74:
84:e5:93:c1:56:a1:a3:19:90:56:29:ec:e7:48:6e:
91:7f:f0:1f:54:00:6a:df:63:ac:22:83:66:d1:e3:
e1:86:42:00:04:dc:d2:34:21:d2:8f:d2:0f:0c:cf:
81:fb:ca:74:6e:cd:04:1c:97:ef:27:42:6d:4c:b9:
f0:96:08:8d:b0:e6:de:29:cd:ec:1f:34:ba:0b:df:
05:95:3a:e0:16:4e:1b:45:7f:e6:92:8c:d2:2d:91:
82:e0:14:38:79:4f:52:9c:48:84:f9:12:ea:2d:11:
08:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B9:23:FC:11:C1:26:00:E8:D5:00:29:CD:24:CD:83:F0:E8:3A:B3
X509v3 Authority Key Identifier:
keyid:7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/Q7kj_BHBJgDo1QApzSTNg_DoOrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.164.128.0/24
Signature Algorithm: sha256WithRSAEncryption
04:d4:17:4c:6e:c3:d8:fd:25:63:02:72:f6:d2:55:62:10:80:
89:c2:8c:e1:a1:96:49:bf:23:72:48:10:fb:ec:d8:30:90:85:
be:37:65:33:e5:f9:1b:aa:66:14:7f:47:77:f5:eb:b1:8d:76:
b2:a4:79:11:8e:c1:6c:e9:aa:79:db:ab:d0:cb:7c:94:34:b4:
bf:09:a8:76:94:2c:97:df:aa:87:2b:18:fb:23:e2:82:07:21:
93:2e:30:b9:a4:ef:85:a6:58:b9:1f:19:46:3a:6f:62:69:c9:
1e:65:c6:c6:ae:11:e1:89:ea:6f:9a:d1:57:65:6f:4b:af:5c:
d9:03:b1:d2:03:ac:3a:e2:a0:a5:5b:29:30:dc:d6:ca:a7:17:
95:3a:2c:8e:6e:77:7b:08:17:bd:a2:9a:9a:30:61:75:40:51:
48:1f:f5:95:2e:3a:7f:a1:81:ad:0b:6a:2f:ac:5c:c2:e4:c7:
d7:ca:11:08:73:66:18:cf:89:e8:d5:87:c2:97:8b:27:23:5c:
6f:62:14:ac:95:f7:7b:45:e9:aa:c5:7e:2f:70:c5:70:14:70:
ef:79:fb:fb:d9:62:b5:75:30:97:a1:6f:82:2f:34:97:38:e3:
e8:e6:06:e2:94:6e:2e:c6:0e:23:81:69:29:0a:b1:5f:36:fe:
ef:eb:89:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVa3OMDoEHjjTlXzERLyN1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMmVhM2VjYWQ1YTQwMmI4ZmU1YTJhNjEzOGFmNjZhYWMy
NTdmZjkwHhcNMjUwMzAzMDcxNjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2I5MjNmYzExYzEyNjAwZThkNTAwMjljZDI0Y2Q4M2YwZTgzYWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz13b4qZaLON5mvRU2OmQNF+o2LXg
CdTxZSj+Dsv/mVv+35BCgfwgUAZQ4f+x8wFOnJUbBIdbvgphtL+A+crd+0SVicRU
as0PI4YZAtWtrMMuehBZTAPOQnR3N+WF4Mt16Wxu0tpdqmNN2TEEpmC1TT1xynJ7
jyIGMx/auOB+sM6DlV0WzMlK8SDsZz7WTKDC5VX5uHSE5ZPBVqGjGZBWKeznSG6R
f/AfVABq32OsIoNm0ePhhkIABNzSNCHSj9IPDM+B+8p0bs0EHJfvJ0JtTLnwlgiN
sObeKc3sHzS6C98FlTrgFk4bRX/mkozSLZGC4BQ4eU9SnEiE+RLqLREIzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEO5I/wRwSYA6NUAKc0kzYPw6DqzMB8GA1UdIwQY
MBaAFH0uo+ytWkArj+WiphOK9mqsJX/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgt
YjkxYjkyZDRkODAxLzEvUTdral9CSEJKZ0RvMVFBcHpTVE5nX0RvT3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgtYjkxYjkyZDRkODAx
LzEvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaSAMA0G
CSqGSIb3DQEBCwUAA4IBAQAE1BdMbsPY/SVjAnL20lViEICJwozhoZZJvyNySBD7
7NgwkIW+N2Uz5fkbqmYUf0d39euxjXaypHkRjsFs6ap526vQy3yUNLS/Cah2lCyX
36qHKxj7I+KCByGTLjC5pO+Fpli5HxlGOm9iackeZcbGrhHhiepvmtFXZW9Lr1zZ
A7HSA6w64qClWykw3NbKpxeVOiyObnd7CBe9opqaMGF1QFFIH/WVLjp/oYGtC2ov
rFzC5MfXyhEIc2YYz4no1YfCl4snI1xvYhSslfd7RemqxX4vcMVwFHDvefv72WK1
dTCXoW+CLzSXOOPo5gbilG4uxg4jgWkpCrFfNv7v64kf
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:51:48 2025 by rpki-client