Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/QxgspgmmDgMkL5f-rY7R7qrgmck.roa
File: QxgspgmmDgMkL5f-rY7R7qrgmck.roa (raw, json)
Hash identifier: HkDIAzzN4mePz6TDd70APdTBGVVU25rU6PmDKU0q39E=
Subject key identifier: 43:18:2C:A6:09:A6:0E:03:24:2F:97:FE:AD:8E:D1:EE:AA:E0:99:C9
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01964A8C4B9DD2876D90CD50916C2B093F18
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/QxgspgmmDgMkL5f-rY7R7qrgmck.roa
Signing time: Fri 18 Apr 2025 20:17:10 +0000
ROA not before: Fri 18 Apr 2025 20:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 94.154.177.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
193.160.80.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 18 Apr 2025 20:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4a:8c:4b:9d:d2:87:6d:90:cd:50:91:6c:2b:09:3f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Apr 18 20:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43182ca609a60e03242f97fead8ed1eeaae099c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d9:18:64:9f:13:87:4b:a0:49:de:31:7a:5a:
5d:96:d2:b1:b5:a5:3b:dd:cb:90:21:bc:64:68:81:
bc:25:46:fd:42:83:66:ef:47:6c:ae:99:df:2e:95:
02:f4:a3:c9:5a:a0:0a:b5:d2:7b:32:15:e9:8d:a1:
d3:a9:fc:61:15:ff:24:17:e4:a0:75:b0:97:98:1e:
4d:94:f1:0a:8a:f3:70:4d:c5:93:b7:e0:8d:01:b3:
17:f5:a8:24:7a:f8:5a:6b:64:15:c1:4c:55:ef:48:
09:cb:2d:7e:92:a2:27:29:65:ba:46:76:79:80:bd:
0d:88:fa:2b:c4:4f:04:9d:08:72:57:c5:d6:4c:3c:
a1:27:0a:fd:a1:ff:5e:51:88:fb:5f:ee:69:27:47:
2e:c2:8d:03:8d:1e:eb:7b:7d:c6:09:84:89:e7:1d:
3e:9a:0f:1f:ab:07:e1:f0:22:00:8d:9d:1d:a3:44:
54:42:dd:66:af:73:c9:00:77:2f:31:c8:d8:08:a8:
58:0a:65:1d:17:02:e8:b1:dd:65:5d:af:6c:0d:e1:
74:d1:49:08:bc:35:80:1c:d7:5e:a3:4b:00:a5:8c:
59:4e:58:bc:6f:e8:ca:96:d3:fc:32:1e:43:03:28:
4a:18:44:28:76:ca:9d:bc:6e:59:90:4d:81:3c:41:
2a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:18:2C:A6:09:A6:0E:03:24:2F:97:FE:AD:8E:D1:EE:AA:E0:99:C9
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/QxgspgmmDgMkL5f-rY7R7qrgmck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.177.0/24
185.52.136.0/24
185.253.122.0/24
192.145.71.0/24
193.160.80.0/22
Signature Algorithm: sha256WithRSAEncryption
79:53:44:e0:87:ce:d8:d2:16:17:f6:24:d9:0a:52:c8:86:0c:
8a:47:3d:a7:2c:8f:b7:39:7c:9f:c4:b5:6c:7b:7a:f8:c8:63:
2b:73:e6:9a:ef:04:1d:64:2c:03:ca:fe:88:1a:52:ef:17:61:
40:15:b0:ef:0e:e5:c1:12:dd:c2:87:a3:a7:ae:66:ee:f2:a9:
2d:2c:45:f5:a1:43:c2:1a:f6:85:14:99:70:50:8e:ad:11:b4:
fc:d2:cb:85:5d:ca:15:4f:ac:3e:58:7c:e6:71:58:44:3a:fc:
a9:08:98:84:e8:8d:7a:66:b4:52:fc:e9:85:ab:8e:88:31:86:
ab:c2:21:31:8a:59:ba:0d:69:48:21:89:15:23:d4:e7:de:24:
27:8d:df:98:d7:b1:ff:70:3d:ca:59:76:a3:9c:0f:94:1c:9b:
7e:5b:61:bb:69:d9:00:28:b8:83:90:e4:39:55:d9:30:48:b4:
53:8b:cd:07:c1:dc:63:17:dd:d9:11:b8:cc:81:cf:b2:cc:00:
2c:aa:5e:22:d1:60:3d:a0:fc:c0:db:65:36:c9:ad:1e:9a:6f:
ec:e2:65:59:8b:f3:af:48:5b:42:1d:00:a8:3f:47:84:01:e7:
3b:fc:3b:2c:1d:5d:5b:10:81:53:2a:f4:c5:9c:4f:6f:91:58:
86:bc:d0:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZKjEud0odtkM1QkWwrCT8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNDE4MjAxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzE4MmNhNjA5YTYwZTAzMjQyZjk3ZmVhZDhlZDFlZWFhZTA5OWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtkYZJ8Th0ugSd4xelpdltKxtaU7
3cuQIbxkaIG8JUb9QoNm70dsrpnfLpUC9KPJWqAKtdJ7MhXpjaHTqfxhFf8kF+Sg
dbCXmB5NlPEKivNwTcWTt+CNAbMX9agkevhaa2QVwUxV70gJyy1+kqInKWW6RnZ5
gL0NiPorxE8EnQhyV8XWTDyhJwr9of9eUYj7X+5pJ0cuwo0DjR7re33GCYSJ5x0+
mg8fqwfh8CIAjZ0do0RUQt1mr3PJAHcvMcjYCKhYCmUdFwLosd1lXa9sDeF00UkI
vDWAHNdeo0sApYxZTli8b+jKltP8Mh5DAyhKGEQodsqdvG5ZkE2BPEEqSwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEMYLKYJpg4DJC+X/q2O0e6q4JnJMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvUXhnc3BnbW1EZ01rTDVmLXJZN1I3cXJnbWNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXpqxAwQA
uTSIAwQAuf16AwQAwJFHAwQCwaBQMA0GCSqGSIb3DQEBCwUAA4IBAQB5U0Tgh87Y
0hYX9iTZClLIhgyKRz2nLI+3OXyfxLVse3r4yGMrc+aa7wQdZCwDyv6IGlLvF2FA
FbDvDuXBEt3Ch6Onrmbu8qktLEX1oUPCGvaFFJlwUI6tEbT80suFXcoVT6w+WHzm
cVhEOvypCJiE6I16ZrRS/OmFq46IMYarwiExilm6DWlIIYkVI9Tn3iQnjd+Y17H/
cD3KWXajnA+UHJt+W2G7adkAKLiDkOQ5VdkwSLRTi80HwdxjF93ZEbjMgc+yzAAs
ql4i0WA9oPzA22U2ya0emm/s4mVZi/OvSFtCHQCoP0eEAec7/DssHV1bEIFTKvTF
nE9vkViGvNDS
-----END CERTIFICATE-----
Generated at Tue Apr 29 20:59:07 2025 by rpki-client