Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QQT8ItF-gXSCCgW2GqNJM25TfhE.roa
File: QQT8ItF-gXSCCgW2GqNJM25TfhE.roa (raw, json)
Hash identifier: fIZBy1BJW7TEBjpAoDbl0DQ+BQcSOXQeyLy/kP6FCm8=
Subject key identifier: 41:04:FC:22:D1:7E:81:74:82:0A:05:B6:1A:A3:49:33:6E:53:7E:11
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01953CD6C673D287B027DBBD32E45F33DDEE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QQT8ItF-gXSCCgW2GqNJM25TfhE.roa
Signing time: Tue 25 Feb 2025 11:21:03 +0000
ROA not before: Tue 25 Feb 2025 11:21:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198831
IP address blocks: 93.88.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 13:38:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:d6:c6:73:d2:87:b0:27:db:bd:32:e4:5f:33:dd:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 25 11:21:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4104fc22d17e8174820a05b61aa349336e537e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ee:cd:63:b7:0c:0d:63:12:9d:1d:54:78:98:
40:0a:39:3e:39:9f:b8:41:ad:14:b5:bd:05:8c:24:
b1:29:9d:1b:ea:c6:44:9d:7f:c7:aa:cb:2d:64:00:
aa:84:7d:14:f5:e2:7b:05:31:5a:bb:89:67:e2:5b:
3b:46:b2:92:05:62:58:f0:f8:9c:57:9a:fa:af:22:
d8:8a:36:a2:fa:73:23:99:90:ad:86:eb:30:fb:04:
94:23:c3:35:c7:22:eb:21:b4:59:a6:8b:88:84:a5:
59:ce:ab:06:31:75:34:e3:96:25:7e:af:5e:de:8a:
8f:8b:09:12:72:70:99:aa:07:e2:e2:9e:5d:58:30:
49:c8:1c:5c:d0:31:27:2b:d5:95:25:ae:06:31:23:
6c:93:c0:22:7a:73:b3:97:06:ed:61:28:b7:a5:f5:
0c:c9:e9:21:a4:45:54:6e:ac:84:c8:76:03:9b:c7:
b7:3d:06:7a:49:2d:36:82:21:d4:f6:d5:4d:28:ff:
35:b1:0e:97:f7:8f:32:26:a2:c1:f2:1c:57:25:b9:
d2:a5:03:02:b9:5e:18:1b:61:04:64:95:27:bc:b8:
43:37:29:a4:78:09:08:bb:36:44:4b:8d:b3:d9:41:
59:be:c4:fc:c9:b8:ea:e3:9d:f9:d8:c6:15:8a:ae:
66:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:04:FC:22:D1:7E:81:74:82:0A:05:B6:1A:A3:49:33:6E:53:7E:11
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/QQT8ItF-gXSCCgW2GqNJM25TfhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.205.0/24
Signature Algorithm: sha256WithRSAEncryption
46:8d:99:2b:d3:03:13:7c:da:84:4d:2d:81:b2:40:86:79:d0:
4d:e7:4c:05:5f:ac:14:be:01:76:04:9e:4e:c0:48:54:21:19:
e7:96:7c:66:49:99:b5:02:76:78:a8:cb:c9:cd:8c:6c:03:e3:
eb:cb:37:bf:28:5f:07:fa:8a:66:21:a1:c2:45:bb:27:2e:68:
21:97:16:09:32:d5:33:8b:3d:73:b8:f1:79:34:c6:86:c6:26:
37:29:f8:35:42:38:50:ca:5f:5b:91:54:3d:3b:9e:fd:c2:d1:
f7:e3:ae:5e:7f:b4:b6:e0:8a:9c:5c:65:84:7c:18:0c:7c:e3:
9f:f0:48:5d:20:fe:08:b1:a0:98:5e:ad:eb:a0:83:4c:21:93:
0d:4c:4a:17:60:ff:ac:90:0d:af:fa:0b:62:8f:66:f0:06:6d:
32:bf:98:cd:2d:f3:67:00:30:c7:14:cd:a9:9d:1c:79:54:75:
ba:51:38:47:17:a2:d3:77:84:1e:02:53:c5:cd:79:ac:10:f9:
ed:08:b0:cc:0c:3d:50:d5:0c:21:e7:67:9b:e6:5e:e7:1e:03:
c5:25:b6:be:29:d0:70:a1:64:4b:71:81:52:e0:cd:cd:2b:04:
83:89:32:8e:17:a3:8f:df:78:ab:90:cb:ac:8a:63:1a:6c:af:
b8:75:73:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU81sZz0oewJ9u9MuRfM93uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMjI1MTEyMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTA0ZmMyMmQxN2U4MTc0ODIwYTA1YjYxYWEzNDkzMzZlNTM3ZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie7NY7cMDWMSnR1UeJhACjk+OZ+4
Qa0Utb0FjCSxKZ0b6sZEnX/HqsstZACqhH0U9eJ7BTFau4ln4ls7RrKSBWJY8Pic
V5r6ryLYijai+nMjmZCthusw+wSUI8M1xyLrIbRZpouIhKVZzqsGMXU045Ylfq9e
3oqPiwkScnCZqgfi4p5dWDBJyBxc0DEnK9WVJa4GMSNsk8AienOzlwbtYSi3pfUM
yekhpEVUbqyEyHYDm8e3PQZ6SS02giHU9tVNKP81sQ6X948yJqLB8hxXJbnSpQMC
uV4YG2EEZJUnvLhDNymkeAkIuzZES42z2UFZvsT8ybjq45352MYViq5miQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEEE/CLRfoF0ggoFthqjSTNuU34RMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvUVFUOEl0Ri1nWFNDQ2dXMkdxTkpNMjVUZmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXVjNMA0G
CSqGSIb3DQEBCwUAA4IBAQBGjZkr0wMTfNqETS2BskCGedBN50wFX6wUvgF2BJ5O
wEhUIRnnlnxmSZm1AnZ4qMvJzYxsA+Pryze/KF8H+opmIaHCRbsnLmghlxYJMtUz
iz1zuPF5NMaGxiY3Kfg1QjhQyl9bkVQ9O579wtH3465ef7S24IqcXGWEfBgMfOOf
8EhdIP4IsaCYXq3roINMIZMNTEoXYP+skA2v+gtij2bwBm0yv5jNLfNnADDHFM2p
nRx5VHW6UThHF6LTd4QeAlPFzXmsEPntCLDMDD1Q1Qwh52eb5l7nHgPFJba+KdBw
oWRLcYFS4M3NKwSDiTKOF6OP33irkMusimMabK+4dXMd
-----END CERTIFICATE-----
Generated at Wed Jun 18 23:37:43 2025 by rpki-client