Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/qp0RQFJ_UzuMpdsdljNCbSo2lls.roa
File: qp0RQFJ_UzuMpdsdljNCbSo2lls.roa (raw, json)
Hash identifier: 3IFq+QrvFbfsKMf8l0deW0EjR8XyvOxigvaWrns4o8o=
Subject key identifier: AA:9D:11:40:52:7F:53:3B:8C:A5:DB:1D:96:33:42:6D:2A:36:96:5B
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0195F672717004EAF96C0FB5659DACECEC69
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/qp0RQFJ_UzuMpdsdljNCbSo2lls.roa
Signing time: Wed 02 Apr 2025 12:20:50 +0000
ROA not before: Wed 02 Apr 2025 12:20:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34879
IP address blocks: 195.208.64.0/24 maxlen: 24
195.208.65.0/24 maxlen: 24
195.209.72.0/23 maxlen: 24
195.209.74.0/24 maxlen: 24
195.209.77.0/24 maxlen: 24
195.209.84.0/24 maxlen: 24
195.209.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 13:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:72:71:70:04:ea:f9:6c:0f:b5:65:9d:ac:ec:ec:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Apr 2 12:20:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa9d1140527f533b8ca5db1d9633426d2a36965b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:16:24:a0:e4:5d:31:bb:8f:61:21:5b:b3:db:
85:fe:73:6f:64:0e:c5:73:70:fb:2f:35:c5:7c:41:
ea:34:7c:46:13:c4:0a:47:ef:bf:9d:64:f3:da:59:
1c:21:a3:7d:a4:a3:fb:e3:91:fe:f0:ad:fb:a2:a3:
c1:0a:d5:9c:12:c0:b1:f7:b8:13:05:3b:17:b4:c4:
b1:02:11:d4:8d:d8:ff:3d:b5:96:51:9e:d7:b9:f0:
3e:3d:ec:cf:e5:35:d6:09:14:3c:cc:20:6d:27:ba:
9b:a7:27:4b:9c:6e:7d:3f:b2:b7:1f:47:98:ab:bc:
98:78:ca:5b:92:62:a1:0a:bd:fc:ca:88:d8:dc:f5:
89:74:d7:cc:9a:28:c8:5f:9f:bf:5a:c6:d0:a8:a8:
16:b0:0b:0f:b4:e4:98:b1:ea:06:45:10:ba:86:b2:
18:fd:01:0a:e3:71:2d:22:ca:aa:9c:ba:73:53:88:
30:66:9d:71:c2:21:70:68:c8:f6:01:f6:e6:45:fc:
b6:d6:37:09:c6:75:06:1c:39:95:1e:b5:22:93:b5:
6a:aa:cc:4e:1c:df:fb:8f:a6:b0:69:70:c4:0a:05:
7e:90:01:65:05:12:e1:b7:8a:93:0a:d1:cd:18:84:
5d:aa:2b:64:88:9d:b0:75:d0:0c:66:2d:df:28:15:
b5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9D:11:40:52:7F:53:3B:8C:A5:DB:1D:96:33:42:6D:2A:36:96:5B
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/qp0RQFJ_UzuMpdsdljNCbSo2lls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.208.64.0/23
195.209.72.0-195.209.74.255
195.209.77.0/24
195.209.84.0/24
195.209.86.0/24
Signature Algorithm: sha256WithRSAEncryption
96:e4:bc:a4:a3:c1:e3:c4:f9:5c:98:2e:6f:7c:c4:ac:c4:6f:
e2:91:dc:89:d2:79:13:e3:83:18:7a:d2:51:cd:fc:5c:d4:90:
9a:e5:a9:95:f4:3f:f1:43:d1:c5:6b:4a:6e:76:04:a7:b7:a4:
62:5c:ba:36:0c:77:91:74:14:1f:e0:41:ff:80:bf:de:8f:aa:
3c:f6:79:46:cc:9a:17:a4:17:b6:52:c4:be:55:48:f2:c7:83:
bf:8f:88:3a:25:d4:96:94:58:2b:a9:4a:09:6e:2e:b8:58:28:
32:1d:c2:5a:ca:b0:92:a5:6f:3f:23:b4:e3:47:3b:10:3b:de:
a6:17:8a:21:9f:5f:dc:ce:ac:3c:14:64:42:de:25:9d:79:37:
fd:7c:ff:1e:eb:b8:78:c9:d5:8e:70:13:81:1d:ca:1c:e6:f2:
4d:22:23:c6:46:46:e0:40:b3:f1:88:6b:4e:01:ba:cc:71:5a:
68:c5:be:0d:db:f2:31:32:ae:90:dd:c7:d7:1e:3f:37:1d:b3:
91:f3:13:48:d0:bb:d5:c5:63:e8:88:a1:44:10:0c:64:99:76:
3d:4e:b2:07:73:7b:9c:6b:a7:db:a6:ef:85:7a:06:1f:7a:a3:
e5:f0:87:a8:b2:22:4b:80:19:2a:5d:32:a8:ea:ee:ab:20:ef:
ec:68:b0:ef
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZX2cnFwBOr5bA+1ZZ2s7OxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwNDAyMTIyMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTlkMTE0MDUyN2Y1MzNiOGNhNWRiMWQ5NjMzNDI2ZDJhMzY5NjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxYkoORdMbuPYSFbs9uF/nNvZA7F
c3D7LzXFfEHqNHxGE8QKR++/nWTz2lkcIaN9pKP745H+8K37oqPBCtWcEsCx97gT
BTsXtMSxAhHUjdj/PbWWUZ7XufA+PezP5TXWCRQ8zCBtJ7qbpydLnG59P7K3H0eY
q7yYeMpbkmKhCr38yojY3PWJdNfMmijIX5+/WsbQqKgWsAsPtOSYseoGRRC6hrIY
/QEK43EtIsqqnLpzU4gwZp1xwiFwaMj2AfbmRfy21jcJxnUGHDmVHrUik7VqqsxO
HN/7j6awaXDECgV+kAFlBRLht4qTCtHNGIRdqitkiJ2wddAMZi3fKBW1qQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKqdEUBSf1M7jKXbHZYzQm0qNpZbMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvcXAwUlFGSl9VenVNcGRzZGxqTkNiU28ybGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBw9BAMAwD
BAPD0UgDBADD0UoDBADD0U0DBADD0VQDBADD0VYwDQYJKoZIhvcNAQELBQADggEB
AJbkvKSjwePE+VyYLm98xKzEb+KR3InSeRPjgxh60lHN/FzUkJrlqZX0P/FD0cVr
Sm52BKe3pGJcujYMd5F0FB/gQf+Av96Pqjz2eUbMmhekF7ZSxL5VSPLHg7+PiDol
1JaUWCupSgluLrhYKDIdwlrKsJKlbz8jtONHOxA73qYXiiGfX9zOrDwUZELeJZ15
N/18/x7ruHjJ1Y5wE4Edyhzm8k0iI8ZGRuBAs/GIa04BusxxWmjFvg3b8jEyrpDd
x9cePzcds5HzE0jQu9XFY+iIoUQQDGSZdj1Osgdze5xrp9um74V6Bh96o+Xwh6iy
IkuAGSpdMqjq7qsg7+xosO8=
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:45:47 2025 by rpki-client