Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Qr_P5pGvJm8O8UtAipTwrjJl1GU.roa
File: Qr_P5pGvJm8O8UtAipTwrjJl1GU.roa (raw, json)
Hash identifier: Ll171tXcQ0d+jWAurpL9p2rwIH4rKiWL1m9zmyZe2eE=
Subject key identifier: 42:BF:CF:E6:91:AF:26:6F:0E:F1:4B:40:8A:94:F0:AE:32:65:D4:65
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01942824272A234CB1119D4399E64F24E9D7
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Qr_P5pGvJm8O8UtAipTwrjJl1GU.roa
Signing time: Thu 02 Jan 2025 17:50:45 +0000
ROA not before: Thu 02 Jan 2025 17:50:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136258
IP address blocks: 91.148.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 09:28:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:27:2a:23:4c:b1:11:9d:43:99:e6:4f:24:e9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 2 17:50:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42bfcfe691af266f0ef14b408a94f0ae3265d465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b9:09:0e:3a:7d:b3:0f:3b:56:ad:c9:b6:a5:
79:41:69:85:84:91:75:e9:15:c6:2a:29:02:ff:40:
61:f2:e8:97:a6:58:75:99:8c:9c:28:4a:3e:03:04:
83:a8:ac:b9:58:57:14:03:40:f8:7b:c3:f0:2a:4f:
e7:e6:68:03:48:24:a6:c2:73:bc:ed:91:27:81:16:
b2:5a:6d:52:01:e1:d4:23:27:62:77:38:ae:c2:36:
83:bc:23:72:1a:29:fb:83:ba:fc:6c:55:3f:e6:1b:
a3:9b:33:e8:e0:eb:14:78:32:b9:3a:ff:4a:c8:47:
cd:37:8f:fa:b7:a2:b4:9c:b9:cf:8b:12:5d:db:ea:
1a:ad:05:ec:88:5d:09:28:71:ca:ac:29:21:68:eb:
38:ea:14:f0:04:3c:17:6c:75:e8:e6:cb:0e:87:77:
c2:9a:ec:a1:3d:13:5b:47:12:cd:0f:c9:82:38:ba:
68:9a:8b:1b:3b:9a:a9:e6:3e:de:42:cd:c9:17:59:
d6:89:a9:53:16:19:1b:9f:9f:53:64:ba:c6:f0:c9:
7a:ed:ce:83:3b:d0:06:d7:0f:bd:84:38:4f:a5:90:
db:8d:7a:73:02:0a:de:10:a7:cf:70:7f:d7:7f:9c:
13:c0:5d:63:dc:94:63:02:0a:df:e9:ae:95:22:e7:
cf:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BF:CF:E6:91:AF:26:6F:0E:F1:4B:40:8A:94:F0:AE:32:65:D4:65
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Qr_P5pGvJm8O8UtAipTwrjJl1GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.148.134.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:1c:5c:e4:30:42:f6:40:97:8c:d3:0d:17:41:84:d7:99:cf:
4c:77:2a:e3:42:93:01:a3:73:77:5f:4d:76:12:ed:0c:99:f7:
1e:c5:97:03:c4:6c:10:87:c8:85:71:77:15:71:4e:c5:a6:b2:
51:da:0e:59:40:1b:e4:1b:c9:98:bf:af:06:a2:04:cc:91:29:
f8:96:99:af:2d:1a:15:09:ed:40:ad:d0:15:dd:7f:86:96:68:
d8:3d:1f:41:3e:80:3a:e1:94:2c:f8:d5:39:db:05:70:59:b4:
de:08:19:fc:c7:fc:0f:f9:4d:09:0d:9f:94:1d:6b:ae:57:b2:
0c:38:01:4a:e8:c5:4b:76:a9:ea:88:5d:74:0f:31:b6:82:57:
51:03:f2:1b:d7:58:de:8c:66:2a:8f:26:db:a3:f4:1a:85:59:
39:7f:f3:d0:cd:4f:47:9c:74:e2:c7:c5:ba:d7:e2:72:ad:70:
19:e6:52:17:41:52:ee:88:7f:64:9b:ce:09:72:69:f5:d2:13:
96:1f:05:d5:67:80:68:ec:fe:b4:1d:0d:e3:a7:49:67:00:6b:
dc:9b:11:c6:82:ff:02:7a:29:54:f4:77:8c:ef:39:ec:ce:cb:
d5:8c:6e:b9:47:19:e2:e3:ad:ad:63:cc:f8:90:14:be:d2:ce:
16:79:b3:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJCcqI0yxEZ1DmeZPJOnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTAyMTc1MDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmJmY2ZlNjkxYWYyNjZmMGVmMTRiNDA4YTk0ZjBhZTMyNjVkNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLkJDjp9sw87Vq3JtqV5QWmFhJF1
6RXGKikC/0Bh8uiXplh1mYycKEo+AwSDqKy5WFcUA0D4e8PwKk/n5mgDSCSmwnO8
7ZEngRayWm1SAeHUIydidziuwjaDvCNyGin7g7r8bFU/5hujmzPo4OsUeDK5Ov9K
yEfNN4/6t6K0nLnPixJd2+oarQXsiF0JKHHKrCkhaOs46hTwBDwXbHXo5ssOh3fC
muyhPRNbRxLND8mCOLpomosbO5qp5j7eQs3JF1nWialTFhkbn59TZLrG8Ml67c6D
O9AG1w+9hDhPpZDbjXpzAgreEKfPcH/Xf5wTwF1j3JRjAgrf6a6VIufPCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEK/z+aRryZvDvFLQIqU8K4yZdRlMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvUXJfUDVwR3ZKbThPOFV0QWlwVHdyakpsMUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW5SGMA0G
CSqGSIb3DQEBCwUAA4IBAQBbHFzkMEL2QJeM0w0XQYTXmc9MdyrjQpMBo3N3X012
Eu0MmfcexZcDxGwQh8iFcXcVcU7FprJR2g5ZQBvkG8mYv68GogTMkSn4lpmvLRoV
Ce1ArdAV3X+GlmjYPR9BPoA64ZQs+NU52wVwWbTeCBn8x/wP+U0JDZ+UHWuuV7IM
OAFK6MVLdqnqiF10DzG2gldRA/Ib11jejGYqjybbo/QahVk5f/PQzU9HnHTix8W6
1+JyrXAZ5lIXQVLuiH9km84Jcmn10hOWHwXVZ4Bo7P60HQ3jp0lnAGvcmxHGgv8C
eilU9HeM7znszsvVjG65Rxni462tY8z4kBS+0s4WebMs
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:27:01 2025 by rpki-client