Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/qKWFjSjR2tAwfxGejusmXziP_3c.roa
File: qKWFjSjR2tAwfxGejusmXziP_3c.roa (raw, json)
Hash identifier: o5ijSxQf6Dp3ZJYb1Qhf2WY0RDHLhq8w+fbtkc9OdZM=
Subject key identifier: A8:A5:85:8D:28:D1:DA:D0:30:7F:11:9E:8E:EB:26:5F:38:8F:FF:77
Certificate issuer: /CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Certificate serial: 0194F17ABDE5DD5E2BCC0DF20CA23D139558
Authority key identifier: 92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/qKWFjSjR2tAwfxGejusmXziP_3c.roa
Signing time: Mon 10 Feb 2025 20:09:00 +0000
ROA not before: Mon 10 Feb 2025 20:09:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204544
IP address blocks: 79.143.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 20:20:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:7a:bd:e5:dd:5e:2b:cc:0d:f2:0c:a2:3d:13:95:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92bf6464ce6e19a4dcf8a32b27a2f1cbe1551055
Validity
Not Before: Feb 10 20:09:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8a5858d28d1dad0307f119e8eeb265f388fff77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:be:95:22:87:a5:56:4c:53:0a:b8:64:32:46:
e4:3f:70:2c:4e:be:a1:16:5d:3b:54:e6:ed:3e:43:
4b:66:05:12:24:71:58:df:96:f9:98:00:e6:53:98:
d6:bd:00:51:bb:d1:09:91:d6:fa:ef:b0:a4:30:88:
eb:dc:3e:10:64:7f:a0:b9:b4:f2:4a:20:83:cc:79:
cb:85:a3:ae:04:ef:e0:36:5b:49:76:df:1c:42:d0:
fa:44:9f:81:f9:32:92:ec:94:34:e9:64:19:71:35:
7f:ce:36:7f:6a:e3:0f:ba:df:a9:09:18:20:57:05:
a1:9c:5f:95:8e:80:e6:6f:48:dd:44:43:a5:8c:ce:
2e:31:44:90:bf:cd:06:80:5b:10:50:2a:92:a7:e0:
b1:58:14:8f:ac:bc:c3:07:64:c5:d2:98:03:72:36:
c3:dd:c4:02:69:db:3f:65:0e:6f:be:5c:ea:0b:fe:
ca:24:cd:2c:ed:a4:d2:b1:4f:0c:a2:f6:32:67:52:
08:71:68:42:e9:79:b5:a7:17:13:27:4a:c1:64:c1:
d2:a9:1a:7a:f1:ee:1c:a9:48:19:43:11:79:15:0b:
ab:03:9a:19:c9:a5:b8:7e:22:6c:c6:ef:8d:b5:2f:
88:a3:f9:23:79:42:4c:f3:7a:d7:6c:c7:67:8a:b2:
b5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A5:85:8D:28:D1:DA:D0:30:7F:11:9E:8E:EB:26:5F:38:8F:FF:77
X509v3 Authority Key Identifier:
keyid:92:BF:64:64:CE:6E:19:A4:DC:F8:A3:2B:27:A2:F1:CB:E1:55:10:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/qKWFjSjR2tAwfxGejusmXziP_3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f1d697-bc8e-4f14-8b37-b53e30e1412a/1/kr9kZM5uGaTc-KMrJ6Lxy-FVEFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.84.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:25:a3:a1:49:dc:0d:06:38:91:43:4d:f5:40:0f:ae:9e:f4:
48:60:06:ed:f6:00:3a:cd:0d:eb:f2:27:39:98:d0:6f:14:1b:
12:a3:2b:4a:e2:49:f3:e2:fc:bc:9e:5d:65:34:db:f6:d3:03:
81:fd:ca:2f:a1:c7:c8:10:2e:9a:62:81:79:b4:89:b8:1c:ad:
d3:0c:0c:6b:6b:62:e5:a8:3e:dd:e6:75:0d:e8:ee:1e:ab:d0:
57:d9:fd:2c:d4:34:91:22:56:3d:3c:75:41:4f:1e:4e:63:6c:
4a:6f:33:b7:7f:89:79:75:ed:d0:be:d5:00:79:b4:cc:dc:72:
e7:cb:32:b2:2e:6f:ae:94:e7:18:c5:32:ed:a1:e9:08:9d:00:
3b:79:80:21:e2:26:4a:0e:80:28:93:a9:94:88:34:fd:c4:46:
f1:e2:84:92:c2:56:5b:97:9d:88:04:07:83:53:4b:c7:3c:eb:
a2:e4:e6:e6:7b:0f:a3:7c:37:8c:87:64:2d:c5:01:62:bd:ac:
87:44:90:5f:65:6a:0c:d3:27:0c:fd:93:5e:62:fc:72:5c:b1:
6c:a6:d0:35:e3:4f:d9:bf:33:28:4d:c2:57:0d:07:05:21:d5:
ed:8f:f1:b0:32:f5:14:3b:eb:be:cd:5a:d8:8e:7d:4f:3b:59:
28:30:09:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTxer3l3V4rzA3yDKI9E5VYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYmY2NDY0Y2U2ZTE5YTRkY2Y4YTMyYjI3YTJmMWNiZTE1
NTEwNTUwHhcNMjUwMjEwMjAwOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE1ODU4ZDI4ZDFkYWQwMzA3ZjExOWU4ZWViMjY1ZjM4OGZmZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr6VIoelVkxTCrhkMkbkP3AsTr6h
Fl07VObtPkNLZgUSJHFY35b5mADmU5jWvQBRu9EJkdb677CkMIjr3D4QZH+gubTy
SiCDzHnLhaOuBO/gNltJdt8cQtD6RJ+B+TKS7JQ06WQZcTV/zjZ/auMPut+pCRgg
VwWhnF+VjoDmb0jdREOljM4uMUSQv80GgFsQUCqSp+CxWBSPrLzDB2TF0pgDcjbD
3cQCads/ZQ5vvlzqC/7KJM0s7aTSsU8MovYyZ1IIcWhC6Xm1pxcTJ0rBZMHSqRp6
8e4cqUgZQxF5FQurA5oZyaW4fiJsxu+NtS+Io/kjeUJM83rXbMdnirK1oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKilhY0o0drQMH8Rno7rJl84j/93MB8GA1UdIwQY
MBaAFJK/ZGTObhmk3PijKyei8cvhVRBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzct
YjUzZTMwZTE0MTJhLzEvcUtXRmpTalIydEF3ZnhHZWp1c21YemlQXzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mMWQ2OTctYmM4ZS00ZjE0LThiMzctYjUzZTMwZTE0MTJh
LzEva3I5a1pNNXVHYVRjLUtNcko2THh5LUZWRUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT49UMA0G
CSqGSIb3DQEBCwUAA4IBAQC2JaOhSdwNBjiRQ031QA+unvRIYAbt9gA6zQ3r8ic5
mNBvFBsSoytK4knz4vy8nl1lNNv20wOB/covocfIEC6aYoF5tIm4HK3TDAxra2Ll
qD7d5nUN6O4eq9BX2f0s1DSRIlY9PHVBTx5OY2xKbzO3f4l5de3QvtUAebTM3HLn
yzKyLm+ulOcYxTLtoekInQA7eYAh4iZKDoAok6mUiDT9xEbx4oSSwlZbl52IBAeD
U0vHPOui5Obmew+jfDeMh2QtxQFivayHRJBfZWoM0ycM/ZNeYvxyXLFsptA140/Z
vzMoTcJXDQcFIdXtj/GwMvUUO+u+zVrYjn1PO1koMAla
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:09:16 2025 by rpki-client