Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QnOjTIEyXgZII4Z54M3kCJBiIE0.roa
File: QnOjTIEyXgZII4Z54M3kCJBiIE0.roa (raw, json)
Hash identifier: Qku+KQ7cYNNVd3RetKaWEAoVK9Kz9Ruz3dsM/mRSTa0=
Subject key identifier: 42:73:A3:4C:81:32:5E:06:48:23:86:79:E0:CD:E4:08:90:62:20:4D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019610038D16389D31490E1841C669B0217A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QnOjTIEyXgZII4Z54M3kCJBiIE0.roa
Signing time: Mon 07 Apr 2025 11:29:50 +0000
ROA not before: Mon 07 Apr 2025 11:29:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 45.88.88.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
94.156.104.0/24 maxlen: 24
94.156.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Apr 2025 12:12:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:10:03:8d:16:38:9d:31:49:0e:18:41:c6:69:b0:21:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 7 11:29:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4273a34c81325e0648238679e0cde4089062204d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4b:88:e0:23:f9:93:d1:b6:3c:ff:03:d2:21:
36:23:1f:12:e0:9b:23:f2:c6:bd:38:8d:0c:81:34:
6e:1b:12:4d:60:06:8e:22:f7:d6:d9:db:35:10:bf:
94:31:cc:95:33:90:2b:53:38:a4:00:86:b9:5c:d0:
60:c9:d4:67:39:92:99:f8:79:03:bb:65:db:7c:34:
c7:09:39:56:fd:f9:cf:d5:e9:aa:c4:1e:0c:16:1f:
70:44:f2:12:2a:c3:39:aa:d1:31:91:42:e7:f7:ed:
45:68:a6:c4:99:73:33:16:3b:ff:02:7b:0f:2e:9d:
df:05:e6:a1:b5:56:29:d3:b9:7a:ed:e4:81:96:b0:
a3:7e:a9:50:54:63:65:a3:c5:5b:ac:f5:4a:38:fa:
f4:c6:45:56:84:62:25:09:60:f2:8a:fe:a4:b4:a8:
e8:65:90:02:bc:0f:a3:57:03:92:69:8a:3e:8d:43:
1c:7a:2d:d3:10:c9:0d:47:fe:e8:ee:fd:a9:f7:f5:
69:74:cd:c3:71:f3:5b:cb:78:05:48:fd:5e:9a:d9:
d1:27:1b:f4:f4:08:66:77:84:7d:d8:1b:54:64:bb:
78:f6:17:08:9e:e7:20:5a:17:3e:4e:8b:54:9e:3d:
7b:2c:7a:8e:a0:da:49:63:e6:3e:07:48:6c:ba:66:
c1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:73:A3:4C:81:32:5E:06:48:23:86:79:E0:CD:E4:08:90:62:20:4D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QnOjTIEyXgZII4Z54M3kCJBiIE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/24
45.151.91.0/24
79.110.62.0/24
87.121.86.0/24
94.156.104.0/24
94.156.166.0/24
Signature Algorithm: sha256WithRSAEncryption
78:c5:d4:33:b7:c5:2b:86:2f:58:93:96:fa:d6:a4:16:7a:b0:
2e:b8:cf:0b:4d:25:3e:b5:21:4c:ab:a1:bd:0c:81:5b:a8:dd:
8d:15:2a:6f:28:3d:55:ad:b7:e1:af:0d:00:78:4f:3d:fe:f3:
98:9e:5c:60:73:ea:47:7b:e5:d5:29:af:78:54:21:e7:73:1b:
4a:c1:02:2f:47:2a:df:a5:f1:f9:b2:94:64:91:63:1a:3d:0d:
b3:43:d6:1e:52:be:4d:8e:f6:a0:53:de:05:80:bf:5c:da:6b:
68:f1:6d:1e:80:79:d5:7f:1e:cf:a3:4b:7d:83:1c:83:fa:04:
50:51:64:cd:7e:98:dc:38:cc:56:ec:76:68:ee:d4:cd:36:b2:
fd:dc:7d:ec:c2:e2:82:a6:7d:50:8b:17:63:02:65:11:b4:02:
6c:df:f4:61:4a:31:7f:36:a8:62:19:aa:87:6e:6a:f7:be:8f:
fa:e7:52:8a:c4:37:0b:f1:d8:ab:ff:8b:86:be:11:b3:c5:09:
86:02:85:b6:30:b9:a6:e7:47:47:8d:45:5a:04:19:cf:03:8d:
ea:66:a7:e3:86:69:0f:9b:1c:ce:c3:18:df:59:20:75:56:9c:
a5:f5:05:bc:c7:92:10:7b:64:05:b7:a6:72:50:96:f3:d1:2f:
d6:30:60:8e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZYQA40WOJ0xSQ4YQcZpsCF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDA3MTEyOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjczYTM0YzgxMzI1ZTA2NDgyMzg2NzllMGNkZTQwODkwNjIyMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEuI4CP5k9G2PP8D0iE2Ix8S4Jsj
8sa9OI0MgTRuGxJNYAaOIvfW2ds1EL+UMcyVM5ArUzikAIa5XNBgydRnOZKZ+HkD
u2XbfDTHCTlW/fnP1emqxB4MFh9wRPISKsM5qtExkULn9+1FaKbEmXMzFjv/AnsP
Lp3fBeahtVYp07l67eSBlrCjfqlQVGNlo8VbrPVKOPr0xkVWhGIlCWDyiv6ktKjo
ZZACvA+jVwOSaYo+jUMcei3TEMkNR/7o7v2p9/VpdM3DcfNby3gFSP1emtnRJxv0
9Ahmd4R92BtUZLt49hcInucgWhc+TotUnj17LHqOoNpJY+Y+B0hsumbBXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEJzo0yBMl4GSCOGeeDN5AiQYiBNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUW5PalRJRXlYZ1pJSTRaNTRNM2tDSkJpSUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVhYAwQA
LZdbAwQAT24+AwQAV3lWAwQAXpxoAwQAXpymMA0GCSqGSIb3DQEBCwUAA4IBAQB4
xdQzt8Urhi9Yk5b61qQWerAuuM8LTSU+tSFMq6G9DIFbqN2NFSpvKD1Vrbfhrw0A
eE89/vOYnlxgc+pHe+XVKa94VCHncxtKwQIvRyrfpfH5spRkkWMaPQ2zQ9YeUr5N
jvagU94FgL9c2mto8W0egHnVfx7Po0t9gxyD+gRQUWTNfpjcOMxW7HZo7tTNNrL9
3H3swuKCpn1QixdjAmURtAJs3/RhSjF/NqhiGaqHbmr3vo/651KKxDcL8dir/4uG
vhGzxQmGAoW2MLmm50dHjUVaBBnPA43qZqfjhmkPmxzOwxjfWSB1Vpyl9QW8x5IQ
e2QFt6ZyUJbz0S/WMGCO
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:27:44 2025 by rpki-client