Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_QA_vAgKpwbzBHciqCDvQe6J304.roa
File: _QA_vAgKpwbzBHciqCDvQe6J304.roa (raw, json)
Hash identifier: o/GJB3Db/Hv8x3Hfd4cV5ij00uE3jbn6dZMYngcnu7I=
Subject key identifier: FD:00:3F:BC:08:0A:A7:06:F3:04:77:22:A8:20:EF:41:EE:89:DF:4E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0196E194DBCEBA368E97EDA31B9B8E796A41
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_QA_vAgKpwbzBHciqCDvQe6J304.roa
Signing time: Sun 18 May 2025 04:09:11 +0000
ROA not before: Sun 18 May 2025 04:09:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215137
IP address blocks: 85.202.203.0/24 maxlen: 24
2a0e:97c1::/40 maxlen: 48
2a10:2f00:167::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 24 May 2025 07:52:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e1:94:db:ce:ba:36:8e:97:ed:a3:1b:9b:8e:79:6a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 18 04:09:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd003fbc080aa706f3047722a820ef41ee89df4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ea:d3:1c:dd:fe:24:c8:1b:33:87:cf:f2:db:
e6:6c:d2:ad:db:e4:a1:9d:3d:ec:34:f7:d2:7b:d7:
a7:00:8f:8e:22:d6:49:0b:3a:0f:d6:a9:4b:39:9b:
42:91:df:a6:57:b8:a1:ab:4b:2a:ce:d9:4e:18:ed:
a4:b4:b7:bd:f4:6e:d7:12:29:46:fa:b4:aa:a1:f1:
3a:16:d8:e0:6e:1b:5a:fd:66:e1:fa:01:fd:2a:fc:
a7:75:6a:4b:1a:76:81:a5:2d:d4:a0:f6:d8:46:fd:
24:f0:b2:28:0e:95:31:f8:c8:77:90:10:29:45:0e:
2f:1a:cc:96:34:aa:a0:9e:81:e7:b1:ec:f7:97:58:
f4:19:9a:ff:bc:62:bc:7f:57:a8:5b:18:5b:05:f7:
d0:7d:75:11:54:75:32:ea:37:d2:86:96:ad:5b:3d:
36:42:4e:f4:4b:4c:03:c2:1f:76:a1:cb:6f:04:18:
d9:55:0d:69:6e:43:91:23:ca:43:b6:b8:7a:03:30:
e3:57:f2:8f:0d:da:27:ba:ac:e0:f7:01:94:b3:f4:
7a:a0:84:e5:d6:d5:ff:e0:48:5f:65:64:41:2a:51:
62:ed:9f:ec:ca:1d:47:76:6c:85:1f:43:51:ab:4d:
10:58:ee:e3:8b:5a:43:df:05:33:08:4e:d4:50:ff:
a4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:00:3F:BC:08:0A:A7:06:F3:04:77:22:A8:20:EF:41:EE:89:DF:4E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_QA_vAgKpwbzBHciqCDvQe6J304.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.203.0/24
IPv6:
2a0e:97c1::/40
2a10:2f00:167::/48
Signature Algorithm: sha256WithRSAEncryption
14:a2:03:51:f6:68:20:56:d4:fa:cd:1b:a1:ee:e8:9e:d6:74:
13:4a:56:69:b8:dc:77:8e:1b:3c:cd:23:50:a2:56:57:f6:56:
43:7c:32:a8:da:b3:96:2e:9f:04:66:ee:76:e7:9d:76:c8:a0:
95:8c:bd:41:9a:cc:2d:c6:ee:2b:d5:a5:b4:a1:48:b2:ca:93:
ff:b1:89:24:75:4b:67:d8:b2:29:d5:f4:ef:7c:de:86:01:12:
bb:de:5f:7d:16:ff:20:9d:41:92:b2:5d:f1:54:f1:83:66:79:
6b:41:bf:89:2b:86:37:98:8f:99:99:47:40:c5:3b:46:cb:ea:
a2:36:10:a4:d0:ec:c7:9a:b4:8d:ec:6c:30:cb:c1:3d:f1:9c:
dd:48:51:da:f7:63:17:b2:8a:21:20:87:57:e6:7a:aa:82:44:
81:5c:a4:a3:7b:67:4c:c3:2f:1b:9e:e4:fc:31:2d:8e:e5:fb:
e4:90:ee:93:06:5c:22:00:fe:5d:ec:f3:61:6b:e1:07:14:5b:
cf:f8:89:9a:a2:6c:4d:59:74:67:f4:a2:83:ee:ab:26:9d:68:
5f:81:1b:6a:70:52:4a:50:2b:e7:7b:65:69:c4:05:20:f6:49:
27:ba:2d:00:e2:54:7f:a1:3a:98:5a:3b:78:ba:55:2d:b0:39:
09:fc:9a:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbhlNvOujaOl+2jG5uOeWpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNTE4MDQwOTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAwM2ZiYzA4MGFhNzA2ZjMwNDc3MjJhODIwZWY0MWVlODlkZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwerTHN3+JMgbM4fP8tvmbNKt2+Sh
nT3sNPfSe9enAI+OItZJCzoP1qlLOZtCkd+mV7ihq0sqztlOGO2ktLe99G7XEilG
+rSqofE6Ftjgbhta/Wbh+gH9KvyndWpLGnaBpS3UoPbYRv0k8LIoDpUx+Mh3kBAp
RQ4vGsyWNKqgnoHnsez3l1j0GZr/vGK8f1eoWxhbBffQfXURVHUy6jfShpatWz02
Qk70S0wDwh92octvBBjZVQ1pbkORI8pDtrh6AzDjV/KPDdonuqzg9wGUs/R6oITl
1tX/4EhfZWRBKlFi7Z/syh1HdmyFH0NRq00QWO7ji1pD3wUzCE7UUP+kowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0AP7wICqcG8wR3Iqgg70Huid9OMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX1FBX3ZBZ0twd2J6QkhjaXFDRHZRZTZKMzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQAVcrLMBcE
AgACMBEDBgAqDpfBAAMHACoQLwABZzANBgkqhkiG9w0BAQsFAAOCAQEAFKIDUfZo
IFbU+s0boe7ontZ0E0pWabjcd44bPM0jUKJWV/ZWQ3wyqNqzli6fBGbudueddsig
lYy9QZrMLcbuK9WltKFIssqT/7GJJHVLZ9iyKdX073zehgESu95ffRb/IJ1BkrJd
8VTxg2Z5a0G/iSuGN5iPmZlHQMU7RsvqojYQpNDsx5q0jexsMMvBPfGc3UhR2vdj
F7KKISCHV+Z6qoJEgVyko3tnTMMvG57k/DEtjuX75JDukwZcIgD+XezzYWvhBxRb
z/iJmqJsTVl0Z/Sig+6rJp1oX4EbanBSSlAr53tlacQFIPZJJ7otAOJUf6E6mFo7
eLpVLbA5CfyaKw==
-----END CERTIFICATE-----
Generated at Wed Jun 18 06:43:40 2025 by rpki-client