Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jqlrvx4jCPXLyVL7KhJLHA-m_oQ.roa
File: jqlrvx4jCPXLyVL7KhJLHA-m_oQ.roa (raw, json)
Hash identifier: z+YKuNj6vYehOEJ8JxFfM/C6IBhp59DUfYtZZ10xcZE=
Subject key identifier: 8E:A9:6B:BF:1E:23:08:F5:CB:C9:52:FB:2A:12:4B:1C:0F:A6:FE:84
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01973BB1831D5D6437EE160D903CB61CA1BE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jqlrvx4jCPXLyVL7KhJLHA-m_oQ.roa
Signing time: Wed 04 Jun 2025 16:06:18 +0000
ROA not before: Wed 04 Jun 2025 16:06:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 109.176.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Jun 2025 16:16:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:b1:83:1d:5d:64:37:ee:16:0d:90:3c:b6:1c:a1:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 4 16:06:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ea96bbf1e2308f5cbc952fb2a124b1c0fa6fe84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:32:77:d4:32:11:20:c6:e0:af:13:90:b6:8b:
a2:5b:28:75:a2:e3:23:75:ac:ff:46:df:ca:dc:18:
75:96:7b:0e:7d:0a:47:a3:46:97:34:a1:4b:d9:a6:
9d:aa:e6:30:90:b5:01:c3:d3:48:19:1d:89:31:0e:
fe:78:f3:bd:e8:4a:22:81:48:6e:09:33:ee:02:c3:
ac:f7:69:31:3f:3d:43:14:7b:ce:b6:ed:0f:cf:90:
20:43:ae:2e:0d:df:d2:14:34:6e:ca:4b:6a:9b:fe:
5f:0d:7f:df:29:61:62:08:37:28:90:7b:4f:40:6f:
a1:31:d9:0f:84:b3:e9:8b:1c:b7:d7:0d:8a:f6:97:
c2:60:d6:9f:a7:7a:08:65:42:8a:34:e1:ef:bf:44:
5c:7b:dd:32:da:bb:c7:71:33:bb:e5:3a:3f:ab:83:
b5:0e:fc:35:75:21:e0:32:55:3c:f5:48:ac:36:32:
2b:f3:35:3b:f7:15:c4:cc:ad:7d:dc:99:eb:48:0d:
d0:0a:40:86:ff:3a:14:8a:af:1e:23:7f:ef:a8:cd:
fc:ff:5e:92:45:d3:1d:f2:1b:09:a9:23:40:9e:d6:
cb:b9:5a:85:33:a8:cd:c9:21:31:47:66:c2:fc:23:
ad:b9:a9:6a:a7:4a:d4:02:49:87:98:1a:f9:61:6f:
90:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A9:6B:BF:1E:23:08:F5:CB:C9:52:FB:2A:12:4B:1C:0F:A6:FE:84
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jqlrvx4jCPXLyVL7KhJLHA-m_oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.14.0/24
Signature Algorithm: sha256WithRSAEncryption
27:3d:f4:64:fd:37:85:71:85:a8:b0:ed:35:5e:3b:1b:3a:27:
c8:0b:ba:d7:8a:99:94:e0:58:f7:29:4a:ee:bf:81:dd:83:a3:
05:2d:8d:b6:7a:9d:3f:84:dd:ba:82:6f:e3:0d:3f:65:5f:ad:
1f:64:db:82:0b:c1:93:04:0f:8b:82:25:37:8d:99:37:00:41:
b6:9a:4a:13:9f:7d:46:73:08:be:87:c9:a5:03:21:05:e3:1c:
24:0d:a3:b1:06:d0:32:7d:8f:ac:b6:f8:71:7a:ab:13:e7:17:
ce:dc:30:da:1d:ab:82:a2:18:6f:c6:6e:f9:f4:92:e5:f2:63:
a0:70:52:7e:36:b0:f2:b9:8d:9b:24:22:83:4b:f8:b1:6c:9d:
74:b0:30:10:f4:76:00:5c:aa:8f:0f:eb:35:f8:ec:4f:f7:6c:
01:bf:60:f9:87:d9:64:71:73:e6:2c:44:79:1c:0d:38:30:8a:
50:bd:5e:d2:88:e2:a7:30:b6:1b:a0:d9:76:c1:91:93:49:cc:
c8:91:dd:1a:bd:9f:87:8f:5d:54:61:f1:6b:3a:a6:0b:a9:87:
bc:cb:97:93:05:12:fb:e7:13:48:4f:a4:7c:a2:c2:64:58:e6:
60:af:3f:9a:44:70:10:17:07:5f:bd:be:5d:6c:60:ae:b0:b5:
d0:22:83:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc7sYMdXWQ37hYNkDy2HKG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjA0MTYwNjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWE5NmJiZjFlMjMwOGY1Y2JjOTUyZmIyYTEyNGIxYzBmYTZmZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzJ31DIRIMbgrxOQtouiWyh1ouMj
daz/Rt/K3Bh1lnsOfQpHo0aXNKFL2aadquYwkLUBw9NIGR2JMQ7+ePO96EoigUhu
CTPuAsOs92kxPz1DFHvOtu0Pz5AgQ64uDd/SFDRuyktqm/5fDX/fKWFiCDcokHtP
QG+hMdkPhLPpixy31w2K9pfCYNafp3oIZUKKNOHvv0Rce90y2rvHcTO75To/q4O1
Dvw1dSHgMlU89UisNjIr8zU79xXEzK193JnrSA3QCkCG/zoUiq8eI3/vqM38/16S
RdMd8hsJqSNAntbLuVqFM6jNySExR2bC/COtualqp0rUAkmHmBr5YW+QTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI6pa78eIwj1y8lS+yoSSxwPpv6EMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvanFscnZ4NGpDUFhMeVZMN0toSkxIQS1tX29RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbAOMA0G
CSqGSIb3DQEBCwUAA4IBAQAnPfRk/TeFcYWosO01XjsbOifIC7rXipmU4Fj3KUru
v4Hdg6MFLY22ep0/hN26gm/jDT9lX60fZNuCC8GTBA+LgiU3jZk3AEG2mkoTn31G
cwi+h8mlAyEF4xwkDaOxBtAyfY+stvhxeqsT5xfO3DDaHauCohhvxm759JLl8mOg
cFJ+NrDyuY2bJCKDS/ixbJ10sDAQ9HYAXKqPD+s1+OxP92wBv2D5h9lkcXPmLER5
HA04MIpQvV7SiOKnMLYboNl2wZGTSczIkd0avZ+Hj11UYfFrOqYLqYe8y5eTBRL7
5xNIT6R8osJkWOZgrz+aRHAQFwdfvb5dbGCusLXQIoNJ
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:50:11 2025 by rpki-client