Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/qN96aV-XdEfzWkxlZ9bnowXuFRA.roa
File: qN96aV-XdEfzWkxlZ9bnowXuFRA.roa (raw, json)
Hash identifier: vKMO3y3lQva//6FnDT0FrioqQtTsfQoysNqUTedsc3Y=
Subject key identifier: A8:DF:7A:69:5F:97:74:47:F3:5A:4C:65:67:D6:E7:A3:05:EE:15:10
Certificate issuer: /CN=0241154462e5adcca9d2bcbd1443fcc637879537
Certificate serial: 0195541E321411E703BF1B2EE20284CD1759
Authority key identifier: 02:41:15:44:62:E5:AD:CC:A9:D2:BC:BD:14:43:FC:C6:37:87:95:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AkEVRGLlrcyp0ry9FEP8xjeHlTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/qN96aV-XdEfzWkxlZ9bnowXuFRA.roa
Signing time: Sat 01 Mar 2025 23:50:19 +0000
ROA not before: Sat 01 Mar 2025 23:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201150
IP address blocks: 94.199.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 09 Mar 2025 14:21:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:54:1e:32:14:11:e7:03:bf:1b:2e:e2:02:84:cd:17:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0241154462e5adcca9d2bcbd1443fcc637879537
Validity
Not Before: Mar 1 23:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8df7a695f977447f35a4c6567d6e7a305ee1510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:74:58:9a:9e:71:20:db:15:83:80:b6:2c:62:
4b:e9:02:f7:17:12:81:5d:ba:72:8d:4b:a3:4a:e7:
a4:0d:e3:a4:d4:6c:5e:05:b0:cd:25:0d:d0:fb:e5:
8f:0f:ef:5f:c8:6b:32:c4:92:b7:c7:23:f2:de:20:
0e:b1:3a:5c:aa:f7:88:e3:ff:eb:1c:90:a2:03:68:
1b:b3:9a:28:13:8b:f4:e6:41:3f:6c:a2:06:f0:63:
4c:e1:c8:eb:ed:a6:82:8f:7d:00:99:14:83:9f:ee:
fa:f4:df:c1:f2:b9:2a:1d:8f:7c:ed:58:32:8a:d7:
89:37:5f:8c:db:e8:9e:57:4e:b6:4b:ec:1b:05:ba:
a6:30:b4:a4:e4:d5:45:9f:cb:d8:09:ce:cd:83:b0:
7b:cb:fb:15:a6:4c:00:cb:a5:b4:3c:5a:6c:1d:f2:
b3:26:e2:f8:2e:e4:2b:54:33:3c:a3:b1:e2:75:ef:
0a:93:f6:52:61:bf:5e:6d:e3:cb:b9:8a:49:a3:1c:
91:1d:91:f6:07:37:a9:8e:e3:8d:cd:61:1a:e1:8d:
63:dd:a7:f7:20:c7:9b:d5:a2:f1:d8:f6:02:b8:73:
b7:f9:80:97:8d:cf:0d:f9:e9:6c:cd:90:33:29:f9:
f4:14:84:5d:b7:26:7c:04:92:44:87:d9:62:66:28:
8e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DF:7A:69:5F:97:74:47:F3:5A:4C:65:67:D6:E7:A3:05:EE:15:10
X509v3 Authority Key Identifier:
keyid:02:41:15:44:62:E5:AD:CC:A9:D2:BC:BD:14:43:FC:C6:37:87:95:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AkEVRGLlrcyp0ry9FEP8xjeHlTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/qN96aV-XdEfzWkxlZ9bnowXuFRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09761d-6e5c-451b-8e8a-e92ee5eed226/1/AkEVRGLlrcyp0ry9FEP8xjeHlTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.0.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:3d:c6:49:29:1e:41:b5:a2:d1:e4:dc:75:2f:c3:fb:e8:c7:
d1:f3:dc:87:2f:6c:11:27:ce:12:2e:19:09:41:3d:87:e1:d6:
c5:ea:ee:83:37:ab:2b:33:d9:1d:e8:89:02:3e:a7:31:f1:58:
d5:72:ec:48:b4:04:25:63:c0:3d:bf:4a:eb:b6:66:cd:86:dd:
06:41:a7:2e:82:02:eb:3b:52:cb:8d:2c:82:d5:ee:46:31:30:
61:c2:f9:2d:06:09:cc:e4:c2:61:d1:3e:17:fd:be:6d:8d:df:
62:0a:da:a9:cf:aa:c3:d2:bc:dd:2a:cd:d6:c5:4b:d6:30:04:
d6:be:10:8c:b5:e9:80:3f:4d:9e:82:f8:69:77:e6:a9:e2:6b:
47:fa:13:63:fa:dd:f1:e3:e2:93:ec:cf:28:b8:c9:a4:f1:87:
a5:91:71:57:77:91:c3:85:2e:99:6f:8c:45:3c:63:2e:ee:b7:
0a:f8:c5:bc:a4:50:d5:15:5e:56:bd:fe:aa:73:2f:60:ae:3b:
48:33:4b:c6:1f:e8:3b:cf:52:e8:b4:48:14:13:05:b6:1f:04:
5a:b4:c3:6a:45:70:3b:85:33:ce:b2:97:9a:70:86:c4:32:47:
df:3a:63:41:00:14:dc:b5:b2:ec:a5:35:96:b3:9d:a5:ec:e9:
d5:a2:6c:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVUHjIUEecDvxsu4gKEzRdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDExNTQ0NjJlNWFkY2NhOWQyYmNiZDE0NDNmY2M2Mzc4
Nzk1MzcwHhcNMjUwMzAxMjM1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRmN2E2OTVmOTc3NDQ3ZjM1YTRjNjU2N2Q2ZTdhMzA1ZWUxNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3RYmp5xINsVg4C2LGJL6QL3FxKB
XbpyjUujSuekDeOk1GxeBbDNJQ3Q++WPD+9fyGsyxJK3xyPy3iAOsTpcqveI4//r
HJCiA2gbs5ooE4v05kE/bKIG8GNM4cjr7aaCj30AmRSDn+769N/B8rkqHY987Vgy
iteJN1+M2+ieV062S+wbBbqmMLSk5NVFn8vYCc7Ng7B7y/sVpkwAy6W0PFpsHfKz
JuL4LuQrVDM8o7Hide8Kk/ZSYb9ebePLuYpJoxyRHZH2BzepjuONzWEa4Y1j3af3
IMeb1aLx2PYCuHO3+YCXjc8N+elszZAzKfn0FIRdtyZ8BJJEh9liZiiObQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjfemlfl3RH81pMZWfW56MF7hUQMB8GA1UdIwQY
MBaAFAJBFURi5a3MqdK8vRRD/MY3h5U3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtFVlJHTGxyY3lwMHJ5OUZFUDh4amVIbFRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOTc2MWQtNmU1Yy00NTFiLThlOGEt
ZTkyZWU1ZWVkMjI2LzEvcU45NmFWLVhkRWZ6V2t4bFo5Ym5vd1h1RlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOTc2MWQtNmU1Yy00NTFiLThlOGEtZTkyZWU1ZWVkMjI2
LzEvQWtFVlJHTGxyY3lwMHJ5OUZFUDh4amVIbFRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXscAMA0G
CSqGSIb3DQEBCwUAA4IBAQDRPcZJKR5BtaLR5Nx1L8P76MfR89yHL2wRJ84SLhkJ
QT2H4dbF6u6DN6srM9kd6IkCPqcx8VjVcuxItAQlY8A9v0rrtmbNht0GQacuggLr
O1LLjSyC1e5GMTBhwvktBgnM5MJh0T4X/b5tjd9iCtqpz6rD0rzdKs3WxUvWMATW
vhCMtemAP02egvhpd+ap4mtH+hNj+t3x4+KT7M8ouMmk8YelkXFXd5HDhS6Zb4xF
PGMu7rcK+MW8pFDVFV5Wvf6qcy9grjtIM0vGH+g7z1LotEgUEwW2HwRatMNqRXA7
hTPOspeacIbEMkffOmNBABTctbLspTWWs52l7OnVomxK
-----END CERTIFICATE-----
Generated at Wed Apr 30 12:14:07 2025 by rpki-client