Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/QqVgvbS5LtjuXlgbUYo1TeDfxwo.roa
File: QqVgvbS5LtjuXlgbUYo1TeDfxwo.roa (raw, json)
Hash identifier: aLZaTNDNngwmfjHDO3aTmMSpniXCB+ImPEIOonoyYuQ=
Subject key identifier: 42:A5:60:BD:B4:B9:2E:D8:EE:5E:58:1B:51:8A:35:4D:E0:DF:C7:0A
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0196575E755FE40898F20CFE6E3E90F2B720
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/QqVgvbS5LtjuXlgbUYo1TeDfxwo.roa
Signing time: Mon 21 Apr 2025 08:02:10 +0000
ROA not before: Mon 21 Apr 2025 08:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.241.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
213.220.4.0/24 maxlen: 24
213.220.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 08:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:5e:75:5f:e4:08:98:f2:0c:fe:6e:3e:90:f2:b7:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 21 08:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42a560bdb4b92ed8ee5e581b518a354de0dfc70a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:97:62:5b:3e:26:12:3f:3a:b9:b5:a4:ae:d2:
3f:85:1b:d6:00:ca:aa:1e:d7:62:fa:d2:68:ad:61:
10:ab:4c:da:f4:23:40:44:4e:2e:c3:20:77:fb:e6:
c3:e5:be:ba:ba:92:9f:31:12:cc:18:2d:fe:e2:90:
24:e9:38:fb:43:bf:56:16:94:98:cd:5e:90:0b:39:
95:73:f8:a1:c7:91:91:91:18:c3:45:0a:29:63:fe:
e5:70:b5:26:cc:19:d4:71:21:a0:b4:38:cf:fa:a9:
9a:ca:cc:ff:db:c4:04:24:79:c1:48:0b:29:88:17:
41:1e:84:f6:9e:f8:0c:a7:28:03:5a:37:8b:d6:54:
d7:31:8c:f6:e9:fa:23:7f:1d:12:75:78:0c:96:67:
54:7f:dc:0c:a4:1b:5c:d8:43:74:d1:8b:d7:d7:bd:
5f:02:1e:f9:cc:f2:14:ba:a0:67:6f:0e:f5:4a:98:
0d:22:e8:24:fc:60:13:b8:4b:40:b0:de:4d:b3:6a:
48:7e:79:23:02:46:a8:f7:4f:18:4e:34:00:a1:ab:
85:9b:ce:a4:05:c4:e5:9e:8b:a7:aa:16:07:3f:5d:
64:a1:85:a2:7b:b3:19:d4:87:b5:ce:03:cb:3f:7d:
15:11:72:7d:cc:29:f7:6a:46:9d:2a:de:95:ce:41:
ac:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A5:60:BD:B4:B9:2E:D8:EE:5E:58:1B:51:8A:35:4D:E0:DF:C7:0A
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/QqVgvbS5LtjuXlgbUYo1TeDfxwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0-45.155.242.255
194.143.205.0-194.143.207.255
194.143.217.0/24
194.143.221.0/24
195.114.192.0/24
195.114.195.0/24
195.114.197.0/24
213.220.4.0/23
Signature Algorithm: sha256WithRSAEncryption
88:7e:b2:3f:7c:00:f5:3b:9a:84:29:01:cb:41:b0:3e:f6:54:
4a:ad:2b:c1:9f:bd:66:d6:5d:1b:74:b6:54:4b:eb:a7:c6:4d:
43:15:3b:d4:f0:7e:a1:3d:a4:45:05:b8:a9:00:b0:f5:e1:eb:
2c:9d:19:f6:fb:a8:2b:8c:09:f5:85:b6:2e:b7:9e:86:fe:7c:
22:61:8f:4f:da:f8:81:e2:4c:33:bf:30:24:71:f3:dd:8b:94:
7d:c1:2b:0f:c1:45:cf:0d:e4:7e:ec:ed:f7:57:08:f9:3b:c9:
53:ac:35:b7:ae:7e:2c:0d:ed:a7:d0:e9:74:4d:0c:27:14:b2:
a3:b3:13:1c:06:30:d3:cc:4d:9a:ac:dc:a8:38:c7:38:f5:af:
e6:11:35:82:86:00:43:e6:3d:db:cf:a0:0d:54:5a:32:78:bc:
63:ee:97:81:35:a8:67:df:cb:b1:3e:a9:04:95:ef:5b:e3:85:
0d:5a:e4:9f:76:bc:20:5a:da:84:1b:ee:af:e0:d4:bb:47:be:
0b:c7:19:5f:e4:b4:ff:22:f6:ce:1d:b0:85:95:e9:4d:0a:7f:
85:81:5d:9b:68:57:89:06:4e:87:94:65:ef:ab:ca:52:44:56:
da:3b:21:36:cc:a6:02:00:fe:a9:a5:39:16:1f:c2:72:92:8f:
67:44:13:e0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZZXXnVf5AiY8gz+bj6Q8rcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNDIxMDgwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmE1NjBiZGI0YjkyZWQ4ZWU1ZTU4MWI1MThhMzU0ZGUwZGZjNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5diWz4mEj86ubWkrtI/hRvWAMqq
Htdi+tJorWEQq0za9CNARE4uwyB3++bD5b66upKfMRLMGC3+4pAk6Tj7Q79WFpSY
zV6QCzmVc/ihx5GRkRjDRQopY/7lcLUmzBnUcSGgtDjP+qmaysz/28QEJHnBSAsp
iBdBHoT2nvgMpygDWjeL1lTXMYz26fojfx0SdXgMlmdUf9wMpBtc2EN00YvX171f
Ah75zPIUuqBnbw71SpgNIugk/GATuEtAsN5Ns2pIfnkjAkao908YTjQAoauFm86k
BcTlnounqhYHP11koYWie7MZ1Ie1zgPLP30VEXJ9zCn3akadKt6VzkGsqwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFEKlYL20uS7Y7l5YG1GKNU3g38cKMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvUXFWZ3ZiUzVMdGp1WGxnYlVZbzFUZURmeHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAQtm/AD
BAAtm/IwDAMEAMKPzQMEBMKPwAMEAMKP2QMEAMKP3QMEAMNywAMEAMNywwMEAMNy
xQMEAdXcBDANBgkqhkiG9w0BAQsFAAOCAQEAiH6yP3wA9TuahCkBy0GwPvZUSq0r
wZ+9ZtZdG3S2VEvrp8ZNQxU71PB+oT2kRQW4qQCw9eHrLJ0Z9vuoK4wJ9YW2Lree
hv58ImGPT9r4geJMM78wJHHz3YuUfcErD8FFzw3kfuzt91cI+TvJU6w1t65+LA3t
p9DpdE0MJxSyo7MTHAYw08xNmqzcqDjHOPWv5hE1goYAQ+Y928+gDVRaMni8Y+6X
gTWoZ9/LsT6pBJXvW+OFDVrkn3a8IFrahBvur+DUu0e+C8cZX+S0/yL2zh2whZXp
TQp/hYFdm2hXiQZOh5Rl76vKUkRW2jshNsymAgD+qaU5Fh/CcpKPZ0QT4A==
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:11:43 2025 by rpki-client