Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/912110-6fc2-424a-a955-da621cd756d7/1/5QeOQGngC5weqdR81bLw5bsAUP0.roa
File: 5QeOQGngC5weqdR81bLw5bsAUP0.roa (raw, json)
Hash identifier: geVAtKee5BBheek90Qen+n67oK2nO0zu+a7IIPJKp9g=
Subject key identifier: E5:07:8E:40:69:E0:0B:9C:1E:A9:D4:7C:D5:B2:F0:E5:BB:00:50:FD
Certificate issuer: /CN=fa4f44ba814b8c94b7afe3022ee01462f513bff7
Certificate serial: 01966792B6C1E7B7638CCCAC229BBB4B1B20
Authority key identifier: FA:4F:44:BA:81:4B:8C:94:B7:AF:E3:02:2E:E0:14:62:F5:13:BF:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-k9EuoFLjJS3r-MCLuAUYvUTv_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/912110-6fc2-424a-a955-da621cd756d7/1/5QeOQGngC5weqdR81bLw5bsAUP0.roa
Signing time: Thu 24 Apr 2025 11:33:10 +0000
ROA not before: Thu 24 Apr 2025 11:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198031
IP address blocks: 91.146.120.0/21 maxlen: 21
91.146.120.0/22 maxlen: 22
2a03:a780::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Apr 2025 16:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:92:b6:c1:e7:b7:63:8c:cc:ac:22:9b:bb:4b:1b:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa4f44ba814b8c94b7afe3022ee01462f513bff7
Validity
Not Before: Apr 24 11:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5078e4069e00b9c1ea9d47cd5b2f0e5bb0050fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5a:ca:c5:be:da:54:a0:be:77:21:6c:51:6b:
78:e7:9c:f4:37:f3:f1:30:a3:59:a1:d2:1d:77:1c:
c3:cc:10:4b:85:ba:47:41:62:c0:08:35:aa:d8:3f:
f4:6a:36:13:91:8c:91:0d:87:27:ad:5e:b7:38:d1:
a9:a5:cd:f3:f1:b2:26:74:52:d9:ae:d8:2a:64:3a:
69:71:d8:2a:71:9f:ee:c2:12:98:c1:bf:da:50:14:
eb:39:48:63:7e:ee:3b:fe:d9:2c:42:41:de:13:9f:
49:77:1c:05:8b:67:d9:86:ca:8c:b1:f6:9a:9f:d1:
f0:7d:1c:6d:e5:b6:26:a5:22:4c:88:6f:e3:fd:97:
5c:ec:8b:bd:55:8e:e1:e7:bd:dc:3e:df:36:1e:fe:
2e:5a:8d:54:50:bf:65:08:3e:50:49:82:3c:3e:97:
96:6b:55:19:b4:c2:9b:45:d5:60:3b:79:03:69:41:
ad:1b:70:c2:3f:f4:5e:dc:91:ef:ca:7e:a1:c3:73:
92:6c:a1:52:49:44:6d:9d:97:c7:7b:73:56:cb:04:
e5:dd:6a:0d:5f:6e:b0:4e:1d:d3:7d:dc:e8:b3:e5:
53:34:ab:51:e9:07:8a:20:53:34:f7:21:29:ed:e9:
bb:be:49:dd:cc:94:aa:21:74:1e:ac:6b:3a:80:1f:
15:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:07:8E:40:69:E0:0B:9C:1E:A9:D4:7C:D5:B2:F0:E5:BB:00:50:FD
X509v3 Authority Key Identifier:
keyid:FA:4F:44:BA:81:4B:8C:94:B7:AF:E3:02:2E:E0:14:62:F5:13:BF:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-k9EuoFLjJS3r-MCLuAUYvUTv_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/912110-6fc2-424a-a955-da621cd756d7/1/5QeOQGngC5weqdR81bLw5bsAUP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/912110-6fc2-424a-a955-da621cd756d7/1/1-k9EuoFLjJS3r-MCLuAUYvUTv_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.146.120.0/21
IPv6:
2a03:a780::/32
Signature Algorithm: sha256WithRSAEncryption
3c:5c:75:d4:14:cf:4d:54:bc:29:03:92:f5:58:6f:86:69:ce:
aa:7a:ce:6c:e5:59:a8:b2:50:db:4d:95:aa:4b:ce:ba:2c:ea:
6e:b5:da:2e:05:cd:2b:06:b7:d0:58:85:98:37:29:46:86:58:
88:58:5c:4c:cd:6f:d1:9a:b4:a7:05:d6:00:29:c7:96:20:d5:
a8:39:99:41:03:1b:34:e3:66:82:29:a0:d0:d8:f3:4b:1a:fa:
1f:e9:ba:8c:d3:e8:70:5b:4d:e7:64:19:7c:47:58:58:81:de:
e2:95:52:86:a4:87:53:11:19:cb:f1:65:aa:4f:b8:de:e8:d6:
b7:6a:68:9f:5d:ce:04:7e:56:9d:38:19:13:d7:af:c1:24:9f:
d7:7c:d8:2e:45:4f:40:05:11:51:a1:d9:f2:01:d8:f5:18:a0:
b0:7e:87:40:8a:df:99:09:30:81:25:38:75:82:5e:f9:71:2e:
16:20:d3:68:ac:62:67:02:04:e9:b4:09:7b:d7:99:e1:dc:ad:
17:87:a9:7c:71:c3:93:ce:48:ff:79:2f:9b:05:bf:e0:b1:e8:
8d:57:bc:f1:f4:61:1f:04:a4:d1:c1:67:00:93:9d:29:29:c8:
8e:e2:c5:50:59:56:0e:59:d4:23:2f:4b:14:fd:7e:98:ad:a0:
03:59:9d:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZZnkrbB57djjMysIpu7SxsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNGY0NGJhODE0YjhjOTRiN2FmZTMwMjJlZTAxNDYyZjUx
M2JmZjcwHhcNMjUwNDI0MTEzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA3OGU0MDY5ZTAwYjljMWVhOWQ0N2NkNWIyZjBlNWJiMDA1MGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFrKxb7aVKC+dyFsUWt455z0N/Px
MKNZodIddxzDzBBLhbpHQWLACDWq2D/0ajYTkYyRDYcnrV63ONGppc3z8bImdFLZ
rtgqZDppcdgqcZ/uwhKYwb/aUBTrOUhjfu47/tksQkHeE59JdxwFi2fZhsqMsfaa
n9HwfRxt5bYmpSJMiG/j/Zdc7Iu9VY7h573cPt82Hv4uWo1UUL9lCD5QSYI8PpeW
a1UZtMKbRdVgO3kDaUGtG3DCP/Re3JHvyn6hw3OSbKFSSURtnZfHe3NWywTl3WoN
X26wTh3Tfdzos+VTNKtR6QeKIFM09yEp7em7vkndzJSqIXQerGs6gB8VLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOUHjkBp4AucHqnUfNWy8OW7AFD9MB8GA1UdIwQY
MBaAFPpPRLqBS4yUt6/jAi7gFGL1E7/3MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1rOUV1b0ZMakpTM3ItTUNMdUFVWXZVVHZfYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvOTEyMTEwLTZmYzItNDI0YS1hOTU1
LWRhNjIxY2Q3NTZkNy8xLzVRZU9RR25nQzV3ZXFkUjgxYkx3NWJzQVVQMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvOTEyMTEwLTZmYzItNDI0YS1hOTU1LWRhNjIxY2Q3NTZk
Ny8xLzEtazlFdW9GTGpKUzNyLU1DTHVBVVl2VVR2X2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBANbkngw
DQQCAAIwBwMFACoDp4AwDQYJKoZIhvcNAQELBQADggEBADxcddQUz01UvCkDkvVY
b4Zpzqp6zmzlWaiyUNtNlapLzros6m612i4FzSsGt9BYhZg3KUaGWIhYXEzNb9Ga
tKcF1gApx5Yg1ag5mUEDGzTjZoIpoNDY80sa+h/puozT6HBbTedkGXxHWFiB3uKV
Uoakh1MRGcvxZapPuN7o1rdqaJ9dzgR+Vp04GRPXr8Ekn9d82C5FT0AFEVGh2fIB
2PUYoLB+h0CK35kJMIElOHWCXvlxLhYg02isYmcCBOm0CXvXmeHcrReHqXxxw5PO
SP95L5sFv+Cx6I1XvPH0YR8EpNHBZwCTnSkpyI7ixVBZVg5Z1CMvSxT9fpitoANZ
nZU=
-----END CERTIFICATE-----
Generated at Wed May 7 02:30:45 2025 by rpki-client