Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/QbEeZXZJrIrIU4vFzh5-a2glLWA.roa
File: QbEeZXZJrIrIU4vFzh5-a2glLWA.roa (raw, json)
Hash identifier: Ccda/m8c/0XCPVZhmz6clvCk7q52pZ6KgG3nukiUFGg=
Subject key identifier: 41:B1:1E:65:76:49:AC:8A:C8:53:8B:C5:CE:1E:7E:6B:68:25:2D:60
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 0190A5DC9207574966349291B2BDF6C389EC
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/QbEeZXZJrIrIU4vFzh5-a2glLWA.roa
Signing time: Fri 12 Jul 2024 07:33:34 +0000
ROA not before: Fri 12 Jul 2024 07:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20875
IP address blocks: 5.133.128.0/19 maxlen: 24
37.8.128.0/20 maxlen: 24
46.35.128.0/19 maxlen: 24
62.113.0.0/19 maxlen: 24
85.94.128.0/19 maxlen: 24
92.240.32.0/19 maxlen: 24
95.156.128.0/18 maxlen: 24
159.20.16.0/21 maxlen: 24
185.17.44.0/22 maxlen: 24
185.38.144.0/22 maxlen: 24
212.39.96.0/19 maxlen: 24
212.125.144.0/20 maxlen: 24
2a02:28b8::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 12 Jul 2024 08:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a5:dc:92:07:57:49:66:34:92:91:b2:bd:f6:c3:89:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Jul 12 07:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41b11e657649ac8ac8538bc5ce1e7e6b68252d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f5:fb:24:3d:33:0a:a1:18:c2:d9:d0:f6:f0:
3a:25:e6:b0:52:fb:cf:9b:27:38:54:88:e6:f2:91:
f0:ee:8d:98:9d:9c:66:ee:b7:cc:1b:64:d4:98:13:
56:22:fa:63:19:aa:52:27:4f:de:d7:f0:6a:bf:b1:
60:65:e0:0a:36:38:79:de:cb:0a:60:66:2a:eb:7b:
e1:23:d8:7d:c6:34:85:eb:e9:2f:8c:a8:2b:90:34:
6b:2f:bc:d8:97:6e:32:b1:67:1d:82:72:28:80:26:
57:18:2a:72:6d:d1:97:c9:4f:f4:10:2c:fc:4f:ab:
88:6a:c7:84:3b:3d:e4:0f:63:39:97:12:e8:8d:f9:
77:30:7c:0b:a7:bd:9f:62:df:23:f1:96:e7:b4:3d:
b9:bb:75:f0:4a:f3:38:e5:cd:2c:31:ab:15:4b:89:
4f:ab:40:fe:54:1f:3f:b6:ab:f0:38:ff:83:32:0a:
34:b8:0e:24:cd:b6:ee:b8:e3:7e:10:fc:50:24:aa:
ee:e6:63:49:4b:2c:93:2f:79:77:d4:90:54:18:75:
db:17:32:0a:81:9d:07:10:59:f9:78:2c:05:ec:3d:
b3:78:a9:66:b3:a0:1c:6b:d6:a5:8c:c5:0f:db:96:
98:70:f8:b2:19:8c:79:04:ec:d5:a9:8a:8a:97:b9:
21:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B1:1E:65:76:49:AC:8A:C8:53:8B:C5:CE:1E:7E:6B:68:25:2D:60
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/QbEeZXZJrIrIU4vFzh5-a2glLWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.128.0/19
37.8.128.0/20
46.35.128.0/19
62.113.0.0/19
85.94.128.0/19
92.240.32.0/19
95.156.128.0/18
159.20.16.0/21
185.17.44.0/22
185.38.144.0/22
212.39.96.0/19
212.125.144.0/20
IPv6:
2a02:28b8::/29
Signature Algorithm: sha256WithRSAEncryption
10:d0:c7:36:9e:6a:44:b6:8a:6b:57:21:f2:a3:d8:43:6c:e4:
5a:81:58:ca:ed:b6:9d:ca:84:d6:24:a6:14:24:8a:0a:07:30:
72:fa:74:60:7d:a1:81:dd:c7:ee:ff:93:1a:c8:4b:a5:22:83:
da:f3:bd:0d:d4:e9:fb:d5:03:a4:5b:42:eb:9c:ad:ee:f1:9d:
99:70:46:0e:be:7f:d2:58:8d:99:34:7a:ab:2b:1f:eb:75:0b:
92:4f:09:06:39:f2:fe:01:bf:01:fc:c1:94:14:94:04:e9:1d:
78:29:23:17:ee:43:61:8e:71:00:2f:fc:f9:a3:ed:c7:53:ce:
e7:da:55:81:b0:e1:1d:50:de:22:e9:82:82:80:e8:0c:e8:0d:
f0:0c:29:91:bd:0c:c5:34:98:51:da:ef:8e:4c:58:6b:15:49:
ff:13:83:ea:36:b2:6a:c6:5d:cc:b2:14:f7:fe:0e:57:a5:79:
09:16:38:a5:da:43:08:a6:85:7c:4e:62:f2:90:b1:46:98:69:
d4:48:e4:ea:5e:60:3a:c4:f6:59:57:05:e1:76:ea:4b:c0:76:
13:07:69:dc:8b:bf:e8:a7:c5:74:5a:5b:a5:87:dd:34:09:51:
a6:03:e7:73:e1:c9:63:47:f0:3b:3d:08:93:72:de:b0:60:b0:
60:09:de:e5
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZCl3JIHV0lmNJKRsr32w4nsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjQwNzEyMDczMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWIxMWU2NTc2NDlhYzhhYzg1MzhiYzVjZTFlN2U2YjY4MjUyZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvX7JD0zCqEYwtnQ9vA6JeawUvvP
myc4VIjm8pHw7o2YnZxm7rfMG2TUmBNWIvpjGapSJ0/e1/Bqv7FgZeAKNjh53ssK
YGYq63vhI9h9xjSF6+kvjKgrkDRrL7zYl24ysWcdgnIogCZXGCpybdGXyU/0ECz8
T6uIaseEOz3kD2M5lxLojfl3MHwLp72fYt8j8ZbntD25u3XwSvM45c0sMasVS4lP
q0D+VB8/tqvwOP+DMgo0uA4kzbbuuON+EPxQJKru5mNJSyyTL3l31JBUGHXbFzIK
gZ0HEFn5eCwF7D2zeKlms6Aca9aljMUP25aYcPiyGYx5BOzVqYqKl7khFQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFEGxHmV2SayKyFOLxc4efmtoJS1gMB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvUWJFZVpYWkpySXJJVTR2RnpoNS1hMmdsTFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQFBYWAAwQE
JQiAAwQFLiOAAwQFPnEAAwQFVV6AAwQFXPAgAwQGX5yAAwQDnxQQAwQCuREsAwQC
uSaQAwQF1CdgAwQE1H2QMA0EAgACMAcDBQMqAii4MA0GCSqGSIb3DQEBCwUAA4IB
AQAQ0Mc2nmpEtoprVyHyo9hDbORagVjK7badyoTWJKYUJIoKBzBy+nRgfaGB3cfu
/5MayEulIoPa870N1On71QOkW0LrnK3u8Z2ZcEYOvn/SWI2ZNHqrKx/rdQuSTwkG
OfL+Ab8B/MGUFJQE6R14KSMX7kNhjnEAL/z5o+3HU87n2lWBsOEdUN4i6YKCgOgM
6A3wDCmRvQzFNJhR2u+OTFhrFUn/E4PqNrJqxl3MshT3/g5XpXkJFjil2kMIpoV8
TmLykLFGmGnUSOTqXmA6xPZZVwXhdupLwHYTB2nci7/op8V0Wlulh900CVGmA+dz
4cljR/A7PQiTct6wYLBgCd7l
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:13:55 2025 by rpki-client