Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q6o3sU8BPIDqniwY9OsgABxzSQA.roa
File: Q6o3sU8BPIDqniwY9OsgABxzSQA.roa (raw, json)
Hash identifier: +sf8d+clN8BZHtL41I07sY0JziMVQDrA9APdCOySTxA=
Subject key identifier: 43:AA:37:B1:4F:01:3C:80:EA:9E:2C:18:F4:EB:20:00:1C:73:49:00
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196175F6F1E84CBA9C342598E2C81666E4A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q6o3sU8BPIDqniwY9OsgABxzSQA.roa
Signing time: Tue 08 Apr 2025 21:47:32 +0000
ROA not before: Tue 08 Apr 2025 21:47:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 89.144.34.0/24 maxlen: 24
178.18.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Apr 2025 22:17:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:17:5f:6f:1e:84:cb:a9:c3:42:59:8e:2c:81:66:6e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 8 21:47:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43aa37b14f013c80ea9e2c18f4eb20001c734900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ed:e4:8b:b4:a0:e2:0a:ea:25:a8:e4:fe:23:
db:21:e7:27:a5:00:f3:80:d3:72:cc:34:f0:e7:da:
ee:12:c2:b8:a1:53:ba:a0:f1:0d:c0:89:ba:9d:a8:
96:f9:15:a4:99:3c:74:92:ad:e9:47:3b:e2:39:2f:
75:87:58:e5:14:8e:2b:28:ec:fa:a4:8d:24:10:7e:
30:df:a7:31:d6:b5:09:ab:89:fd:44:2d:a1:d3:af:
9d:c8:6f:cf:73:de:26:61:26:ef:0a:37:10:19:2c:
4c:e1:8c:5c:32:cf:f0:58:86:cd:86:7e:35:f1:9d:
08:ba:4a:c2:1a:4b:c4:42:45:5d:ec:51:59:74:cc:
31:34:7a:d8:0d:fb:cf:9d:dd:08:89:2d:78:f4:3d:
a7:5f:aa:21:46:2c:b8:d9:31:26:7b:83:41:7d:e2:
db:9a:bb:e5:e2:4f:98:e3:75:19:ed:38:6e:0e:0f:
b0:91:74:3e:27:89:28:b7:db:47:7f:66:7e:68:dc:
a3:a2:cd:27:13:0a:cd:04:96:ef:86:13:11:fb:de:
91:15:65:e0:e7:a3:47:3e:cb:e4:67:95:30:bf:ec:
36:7b:e9:53:7b:30:24:d1:26:88:2a:d1:ad:39:b2:
12:7d:8f:8d:41:d7:d3:31:97:98:47:6b:5c:47:55:
cd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AA:37:B1:4F:01:3C:80:EA:9E:2C:18:F4:EB:20:00:1C:73:49:00
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Q6o3sU8BPIDqniwY9OsgABxzSQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.144.34.0/24
178.18.149.0/24
Signature Algorithm: sha256WithRSAEncryption
72:00:16:36:98:b5:b5:1b:ed:4d:25:27:a1:93:09:38:6a:1a:
0f:f2:1a:b4:a8:22:c0:1f:d4:34:e5:e5:6d:8a:e5:bf:01:27:
f3:3b:9b:22:d5:84:f1:37:20:53:29:dd:a1:60:1d:19:21:69:
ce:0e:60:37:08:2a:cb:ab:fb:fc:4a:ac:23:10:e4:da:67:2a:
82:0e:dd:b8:50:43:55:29:b8:72:29:13:b0:d4:27:9c:d7:4d:
79:61:d1:42:9a:07:59:5f:63:c9:01:7b:cc:7b:af:ab:18:f8:
1d:22:0b:4b:36:2f:e2:52:7c:f3:3d:dd:1f:5f:46:da:bc:17:
d3:ff:dc:e9:6a:a7:58:c6:6b:00:05:1a:d9:1e:9e:bb:27:07:
66:c1:38:cb:45:65:56:e6:48:75:9d:80:74:6f:99:84:1f:a9:
8c:b6:91:d8:b5:dd:c4:ac:dd:c2:6b:90:84:de:0a:de:ba:ae:
b0:cc:4e:54:d4:1d:99:c0:01:d1:aa:84:dd:b7:98:01:92:99:
83:de:10:d6:fd:c2:10:54:d4:f0:61:6b:06:1b:f4:bc:86:46:
3c:3b:0c:66:d5:14:ec:a4:b0:54:fa:5b:03:44:6a:33:98:e5:
c2:18:49:fa:59:db:16:a3:ca:c6:c8:2b:67:59:f6:18:06:3f:
24:5c:88:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYXX28ehMupw0JZjiyBZm5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA4MjE0NzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FhMzdiMTRmMDEzYzgwZWE5ZTJjMThmNGViMjAwMDFjNzM0OTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO3ki7Sg4grqJajk/iPbIecnpQDz
gNNyzDTw59ruEsK4oVO6oPENwIm6naiW+RWkmTx0kq3pRzviOS91h1jlFI4rKOz6
pI0kEH4w36cx1rUJq4n9RC2h06+dyG/Pc94mYSbvCjcQGSxM4YxcMs/wWIbNhn41
8Z0IukrCGkvEQkVd7FFZdMwxNHrYDfvPnd0IiS149D2nX6ohRiy42TEme4NBfeLb
mrvl4k+Y43UZ7ThuDg+wkXQ+J4kot9tHf2Z+aNyjos0nEwrNBJbvhhMR+96RFWXg
56NHPsvkZ5Uwv+w2e+lTezAk0SaIKtGtObISfY+NQdfTMZeYR2tcR1XNoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEOqN7FPATyA6p4sGPTrIAAcc0kAMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvUTZvM3NVOEJQSURxbml3WTlPc2dBQnh6U1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWZAiAwQA
shKVMA0GCSqGSIb3DQEBCwUAA4IBAQByABY2mLW1G+1NJSehkwk4ahoP8hq0qCLA
H9Q05eVtiuW/ASfzO5si1YTxNyBTKd2hYB0ZIWnODmA3CCrLq/v8SqwjEOTaZyqC
Dt24UENVKbhyKROw1Cec1015YdFCmgdZX2PJAXvMe6+rGPgdIgtLNi/iUnzzPd0f
X0bavBfT/9zpaqdYxmsABRrZHp67JwdmwTjLRWVW5kh1nYB0b5mEH6mMtpHYtd3E
rN3Ca5CE3greuq6wzE5U1B2ZwAHRqoTdt5gBkpmD3hDW/cIQVNTwYWsGG/S8hkY8
Owxm1RTspLBU+lsDRGozmOXCGEn6WdsWo8rGyCtnWfYYBj8kXIhu
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:49:32 2025 by rpki-client