Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Qvh2agBupptXOTAVJeAsHaq6DiQ.roa
File: Qvh2agBupptXOTAVJeAsHaq6DiQ.roa (raw, json)
Hash identifier: sQ+kfWO0ho6WEFMe7pg982ygeMb4r2UdnnW7/jMpFBE=
Subject key identifier: 42:F8:76:6A:00:6E:A6:9B:57:39:30:15:25:E0:2C:1D:AA:BA:0E:24
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01960F451EB81EB49AABDBF9396081C01C17
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Qvh2agBupptXOTAVJeAsHaq6DiQ.roa
Signing time: Mon 07 Apr 2025 08:01:50 +0000
ROA not before: Mon 07 Apr 2025 08:01:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214654
IP address blocks: 212.38.81.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 12:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:45:1e:b8:1e:b4:9a:ab:db:f9:39:60:81:c0:1c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 7 08:01:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42f8766a006ea69b5739301525e02c1daaba0e24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:b4:09:67:3a:74:f5:63:b0:1f:7d:25:63:
47:d8:17:a7:da:b3:f4:df:26:5f:ea:29:db:2f:ca:
b8:ab:a6:f2:3a:db:fb:66:17:56:0c:e4:9a:b4:dd:
a1:49:94:68:d8:a7:48:93:b7:ea:d3:31:3a:df:fb:
1e:e5:a8:15:a4:d9:9e:f7:77:65:bb:3c:5d:6f:98:
46:f5:66:ac:d3:f7:83:0e:3f:e7:5a:c1:26:7b:63:
29:28:41:38:28:01:96:f4:a5:53:29:61:2a:06:2f:
8c:29:30:08:90:e4:e2:83:7d:c6:95:dc:20:d0:56:
66:f7:bb:87:b9:6f:ff:b4:2f:20:50:f9:2b:b5:ff:
e2:7b:34:58:d6:dd:c9:b0:42:4e:c3:69:9d:c3:9d:
75:37:1b:51:61:98:64:ff:5e:53:d7:96:ae:fe:11:
fc:6c:4b:b3:bf:54:42:89:c2:36:b9:34:17:df:33:
3d:4c:e0:5e:fe:d7:d1:24:c3:08:2e:68:b2:8d:66:
aa:0d:af:76:12:11:5a:24:41:47:e9:75:ab:0a:d9:
7b:cc:92:c3:54:5a:8f:50:c2:c5:98:fe:35:33:ea:
30:b0:0b:21:b0:b9:62:fa:15:ab:ab:73:ad:70:17:
bf:22:0b:21:63:5a:61:0c:16:4e:d6:61:ef:1d:56:
73:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F8:76:6A:00:6E:A6:9B:57:39:30:15:25:E0:2C:1D:AA:BA:0E:24
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Qvh2agBupptXOTAVJeAsHaq6DiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.38.81.0/24
213.210.52.0/23
213.218.239.0/24
Signature Algorithm: sha256WithRSAEncryption
24:4e:54:e5:40:e7:e7:5c:76:18:ce:57:ca:b2:f2:df:d4:69:
f3:71:ec:be:6b:94:29:90:b4:63:0d:b3:21:6b:b2:51:2c:f5:
68:70:50:d2:4d:fd:51:d3:89:78:9b:f2:cf:c7:3f:61:b8:38:
8a:bb:19:85:de:80:e6:06:ab:02:93:0a:f5:bb:71:1f:6e:11:
ea:8b:4d:66:98:63:86:3d:42:99:0b:11:21:d9:6b:a9:43:42:
35:a8:ce:f5:b3:13:df:8a:f7:b7:67:2c:63:09:67:79:d0:c0:
a5:c7:71:18:a0:45:be:e6:8e:dc:42:63:7b:02:d9:3d:8f:be:
43:a1:d5:46:49:b4:9c:03:3b:34:35:60:46:e2:cc:4c:37:c9:
b2:e5:c4:0d:83:49:7b:c6:39:fd:60:f4:a8:15:bb:88:8d:05:
a2:26:bd:dd:09:04:bd:70:b9:2a:cc:34:95:ef:0a:50:9b:84:
a4:e5:61:37:74:70:d4:70:0f:5b:4e:aa:61:87:a6:52:5d:c1:
a1:1b:a7:a6:d8:a2:27:72:74:07:65:c9:68:26:0b:90:9e:75:
0d:57:64:45:ac:d0:85:a5:78:ef:7f:a3:b8:80:9d:d0:9e:eb:
35:d4:68:a9:52:73:38:53:48:7f:32:4a:d1:36:a9:a8:fd:11:
50:06:45:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZYPRR64HrSaq9v5OWCBwBwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDA3MDgwMTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmY4NzY2YTAwNmVhNjliNTczOTMwMTUyNWUwMmMxZGFhYmEwZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYq0CWc6dPVjsB99JWNH2Ben2rP0
3yZf6inbL8q4q6byOtv7ZhdWDOSatN2hSZRo2KdIk7fq0zE63/se5agVpNme93dl
uzxdb5hG9Was0/eDDj/nWsEme2MpKEE4KAGW9KVTKWEqBi+MKTAIkOTig33Gldwg
0FZm97uHuW//tC8gUPkrtf/iezRY1t3JsEJOw2mdw511NxtRYZhk/15T15au/hH8
bEuzv1RCicI2uTQX3zM9TOBe/tfRJMMILmiyjWaqDa92EhFaJEFH6XWrCtl7zJLD
VFqPUMLFmP41M+owsAshsLli+hWrq3OtcBe/IgshY1phDBZO1mHvHVZz5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEL4dmoAbqabVzkwFSXgLB2qug4kMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUXZoMmFnQnVwcHRYT1RBVkplQXNIYXE2RGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1CZRAwQB
1dI0AwQA1drvMA0GCSqGSIb3DQEBCwUAA4IBAQAkTlTlQOfnXHYYzlfKsvLf1Gnz
cey+a5QpkLRjDbMha7JRLPVocFDSTf1R04l4m/LPxz9huDiKuxmF3oDmBqsCkwr1
u3EfbhHqi01mmGOGPUKZCxEh2WupQ0I1qM71sxPfive3ZyxjCWd50MClx3EYoEW+
5o7cQmN7Atk9j75DodVGSbScAzs0NWBG4sxMN8my5cQNg0l7xjn9YPSoFbuIjQWi
Jr3dCQS9cLkqzDSV7wpQm4Sk5WE3dHDUcA9bTqphh6ZSXcGhG6em2KIncnQHZclo
JguQnnUNV2RFrNCFpXjvf6O4gJ3Qnus11GipUnM4U0h/MkrRNqmo/RFQBkW4
-----END CERTIFICATE-----
Generated at Fri May 2 10:23:51 2025 by rpki-client