Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Qgvz3qeamfuL3u6R2fQCsmpxSRw.roa
File: Qgvz3qeamfuL3u6R2fQCsmpxSRw.roa (raw, json)
Hash identifier: Fthf6nbQ6BOb4+e4Sn3jtmrBprh7tBkDmIQLTEMcHSw=
Subject key identifier: 42:0B:F3:DE:A7:9A:99:FB:8B:DE:EE:91:D9:F4:02:B2:6A:71:49:1C
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 01963C082BE2FBC9DFFFE2324FAA5CA1FB5E
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Qgvz3qeamfuL3u6R2fQCsmpxSRw.roa
Signing time: Wed 16 Apr 2025 00:38:10 +0000
ROA not before: Wed 16 Apr 2025 00:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
46.16.131.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.236.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:1::/48 maxlen: 48
2a11:840:3::/48 maxlen: 48
2a11:840:5::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:28::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
2a11:840:72::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 29 Apr 2025 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3c:08:2b:e2:fb:c9:df:ff:e2:32:4f:aa:5c:a1:fb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Apr 16 00:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=420bf3dea79a99fb8bdeee91d9f402b26a71491c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f6:1a:03:27:ed:02:eb:59:50:3b:94:48:f2:
73:ce:5c:c7:52:fa:b5:8a:36:a1:da:4c:b7:6c:e7:
eb:ee:7e:95:3f:2e:5b:8f:7d:27:92:eb:ef:1a:e6:
7b:c0:4e:95:3c:d3:31:e5:98:ae:09:cb:54:5e:ac:
8a:9f:00:73:12:c6:ff:eb:0f:18:90:c0:56:e9:8a:
67:65:5b:d9:00:a0:f5:e0:46:3a:5d:2f:15:31:07:
5d:3c:e9:da:12:a6:14:45:aa:65:e2:4c:17:00:dc:
df:b5:82:d7:d3:16:55:ad:9f:58:42:9a:0e:4a:a9:
eb:d5:da:86:ea:64:f2:0a:41:fc:04:ab:f6:6b:75:
01:b2:b2:d8:12:2a:9e:1a:4b:92:2d:45:fd:c8:73:
c5:5e:d0:30:b3:47:0b:ed:d8:bc:a0:46:4a:41:b9:
72:00:27:00:3c:0b:e0:f6:2b:7c:34:be:c6:76:92:
88:6b:9f:73:24:c8:6c:54:87:6b:fb:f7:32:dc:aa:
05:c1:83:04:b9:5b:5e:63:d5:9e:53:d9:25:79:c7:
ef:63:a2:99:44:8e:8c:1e:67:3d:da:46:64:63:1d:
86:b9:3b:9d:61:5e:5d:22:72:85:2f:3f:eb:e1:2c:
58:74:0a:6a:bf:fa:28:6e:6d:4c:4f:d4:51:a1:97:
c5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0B:F3:DE:A7:9A:99:FB:8B:DE:EE:91:D9:F4:02:B2:6A:71:49:1C
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Qgvz3qeamfuL3u6R2fQCsmpxSRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0/22
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.236.0/22
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:1::/48
2a11:840:3::/48
2a11:840:5::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:28::/48
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::-2a11:840:72:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:69:31:b3:16:10:ec:12:0c:b3:8f:07:1a:a9:cf:52:dd:0c:
ec:f9:bb:c0:61:ec:9b:9d:42:e2:63:fd:79:30:89:54:2a:9f:
9c:da:ce:46:25:c5:e3:94:f9:1d:b7:d3:63:9a:80:1a:62:fe:
da:cb:de:43:9d:24:64:fc:eb:40:73:ee:b6:29:33:78:0c:be:
ce:7d:93:a9:bb:5a:b0:12:b8:c0:12:fd:5b:81:37:2e:5a:c6:
65:d5:b4:ce:b4:e2:bd:89:56:da:51:16:5f:76:53:a5:7e:39:
b4:9c:7f:95:a7:1d:15:39:af:c1:ee:31:b5:11:d2:04:95:68:
6a:0b:5f:4d:9d:4f:9a:f9:6f:66:56:09:5a:3f:52:aa:75:f3:
36:b6:08:ef:60:26:67:a7:2b:1a:da:f2:16:6a:34:dd:e7:d4:
43:15:42:6b:e9:8b:26:df:ca:5b:df:f3:a6:3e:1f:f1:a5:34:
0f:41:0c:f9:e6:8a:2c:47:9e:89:b3:6f:18:23:22:5b:68:7c:
cb:b4:54:c4:e6:fa:41:be:a3:11:1e:4c:02:64:44:ab:7d:13:
e3:3b:a7:7c:ba:b0:46:f5:d1:98:b3:40:76:07:0c:8d:0e:c5:
e8:2f:f7:80:12:04:c7:a1:00:1e:15:e1:21:47:36:2b:88:41:
27:31:b2:53
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZY8CCvi+8nf/+IyT6pcofteMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjUwNDE2MDAzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjBiZjNkZWE3OWE5OWZiOGJkZWVlOTFkOWY0MDJiMjZhNzE0OTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPYaAyftAutZUDuUSPJzzlzHUvq1
ijah2ky3bOfr7n6VPy5bj30nkuvvGuZ7wE6VPNMx5ZiuCctUXqyKnwBzEsb/6w8Y
kMBW6YpnZVvZAKD14EY6XS8VMQddPOnaEqYURapl4kwXANzftYLX0xZVrZ9YQpoO
Sqnr1dqG6mTyCkH8BKv2a3UBsrLYEiqeGkuSLUX9yHPFXtAws0cL7di8oEZKQbly
ACcAPAvg9it8NL7GdpKIa59zJMhsVIdr+/cy3KoFwYMEuVteY9WeU9klecfvY6KZ
RI6MHmc92kZkYx2GuTudYV5dInKFLz/r4SxYdApqv/oobm1MT9RRoZfFeQIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFEIL896nmpn7i97ukdn0ArJqcUkcMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvUWd2ejNxZWFtZnVMM3U2UjJmUUNzbXB4U1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDAwBAIAATAqAwQC
LhCAAwQBbWiYAwQAbWibAwQCk04AAwQCuX7sAwQBudUUAwQAudUXMIHbBAIAAjCB
1AMHACoRCEAAAQMHACoRCEAAAzASAwcAKhEIQAAFAwcAKhEIQAAIMBIDBwQqEQhA
ABADBwAqEQhAABQwEgMHACoRCEAAFwMHASoRCEAAGDASAwcFKhEIQAAgAwcAKhEI
QAAmAwcAKhEIQAAoAwcAKhEIQAAwAwcAKhEIQAAzAwcBKhEIQABAMBIDBwAqEQhA
AEcDBwAqEQhAAEgDBwAqEQhAAFQDBwAqEQhAAFcwEgMHBSoRCEAAYAMHASoRCEAA
aDASAwcEKhEIQABwAwcAKhEIQAByMA0GCSqGSIb3DQEBCwUAA4IBAQALaTGzFhDs
Egyzjwcaqc9S3Qzs+bvAYeybnULiY/15MIlUKp+c2s5GJcXjlPkdt9NjmoAaYv7a
y95DnSRk/OtAc+62KTN4DL7OfZOpu1qwErjAEv1bgTcuWsZl1bTOtOK9iVbaURZf
dlOlfjm0nH+Vpx0VOa/B7jG1EdIElWhqC19NnU+a+W9mVglaP1KqdfM2tgjvYCZn
pysa2vIWajTd59RDFUJr6Ysm38pb3/OmPh/xpTQPQQz55oosR56Js28YIyJbaHzL
tFTE5vpBvqMRHkwCZESrfRPjO6d8urBG9dGYs0B2BwyNDsXoL/eAEgTHoQAeFeEh
RzYriEEnMbJT
-----END CERTIFICATE-----
Generated at Tue May 13 01:00:19 2025 by rpki-client