Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/QzOMlbEr0Y5aggk-GiAHw0sncPs.roa
File: QzOMlbEr0Y5aggk-GiAHw0sncPs.roa (raw, json)
Hash identifier: xhyiWGNxiq9UbVZXsQuFu3se6tISoWMt6MEdUoK4BCo=
Subject key identifier: 43:33:8C:95:B1:2B:D1:8E:5A:82:09:3E:1A:20:07:C3:4B:27:70:FB
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0191B25F1BB1E047B1194009892996E00B76
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/QzOMlbEr0Y5aggk-GiAHw0sncPs.roa
Signing time: Mon 02 Sep 2024 10:54:22 +0000
ROA not before: Mon 02 Sep 2024 10:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2a04:a5c0::/32 maxlen: 32
2a04:a5c1::/32 maxlen: 32
2a04:a5c2::/32 maxlen: 32
2a04:a5c3::/32 maxlen: 32
2a04:a5c4::/32 maxlen: 32
2a04:a5c5::/32 maxlen: 32
2a04:a5c6::/32 maxlen: 32
2a04:a5c7::/32 maxlen: 32
2a0e:d00::/32 maxlen: 32
2a0e:d01::/32 maxlen: 32
2a0e:d02::/32 maxlen: 32
2a0e:d03::/32 maxlen: 32
2a0e:d04::/32 maxlen: 32
2a0e:d05::/32 maxlen: 32
2a0e:d06::/32 maxlen: 32
2a0e:d07::/32 maxlen: 32
2a0e:b140::/32 maxlen: 32
2a0e:b141::/32 maxlen: 32
2a0e:b142::/32 maxlen: 32
2a0e:b143::/32 maxlen: 32
2a0e:b144::/32 maxlen: 32
2a0e:b145::/32 maxlen: 32
2a0e:b146::/32 maxlen: 32
2a0e:b147::/32 maxlen: 32
2a0f:db80::/32 maxlen: 32
2a0f:db81::/32 maxlen: 32
2a0f:db82::/32 maxlen: 32
2a0f:db83::/32 maxlen: 32
2a0f:db84::/32 maxlen: 32
2a0f:db85::/32 maxlen: 32
2a0f:db86::/32 maxlen: 32
2a0f:db87::/32 maxlen: 32
2a10:4700::/31 maxlen: 31
2a10:4702::/31 maxlen: 31
2a10:4704::/31 maxlen: 31
2a10:4706::/31 maxlen: 31
2a11:4b41::/32 maxlen: 32
2a12:4300::/31 maxlen: 31
2a12:4302::/31 maxlen: 31
2a12:4304::/31 maxlen: 31
2a12:4306::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 02 Sep 2024 10:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:5f:1b:b1:e0:47:b1:19:40:09:89:29:96:e0:0b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 2 10:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43338c95b12bd18e5a82093e1a2007c34b2770fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:99:f5:a8:3f:3c:37:93:f6:89:0c:ec:c3:0f:
05:c4:4b:1a:32:59:4b:ab:16:48:af:79:25:10:63:
41:d8:f7:d6:13:b0:54:d2:86:bc:93:53:39:4e:17:
5c:f3:20:8e:61:39:a4:b8:fb:08:ca:f9:50:b7:62:
1e:d6:c6:da:d6:b9:a0:8b:ab:2f:90:b5:43:4b:d4:
b7:6d:56:88:9b:41:7b:ea:98:bf:1c:f0:07:ac:8a:
5f:c9:b1:13:97:1f:ae:3b:de:0b:7b:ce:25:72:ab:
cf:12:06:e9:72:4e:d1:2e:06:c8:51:84:2c:cc:14:
62:c3:f7:57:c1:27:99:72:98:90:b0:ae:2b:99:15:
29:95:18:64:ef:7b:db:d8:bd:9f:89:0c:31:f3:ab:
5a:ca:c7:c9:8c:b5:53:cd:f4:b7:e4:5c:6c:52:2b:
fe:d5:04:80:4b:77:e9:1b:78:d7:c8:05:89:10:36:
6e:ce:ed:39:15:83:74:be:86:47:09:d8:b3:90:10:
00:b0:b9:cc:e1:f1:20:dc:78:8f:43:82:c6:c8:59:
b2:bc:d4:06:c8:95:cf:77:1a:ac:b9:7b:b6:61:fa:
b1:9f:79:98:85:15:76:41:f2:18:cb:a3:48:7c:3f:
b0:77:cf:6f:c5:eb:f7:41:aa:17:54:8d:ac:e6:47:
e0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:33:8C:95:B1:2B:D1:8E:5A:82:09:3E:1A:20:07:C3:4B:27:70:FB
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/QzOMlbEr0Y5aggk-GiAHw0sncPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a5c0::/29
2a0e:d00::/29
2a0e:b140::/29
2a0f:db80::/29
2a10:4700::/29
2a11:4b41::/32
2a12:4300::/29
Signature Algorithm: sha256WithRSAEncryption
1e:72:32:54:d1:cd:b0:fa:4e:72:eb:92:85:ce:4d:51:9c:55:
71:19:c4:50:49:14:3b:2d:07:fb:d2:2f:51:0d:13:e9:a9:8c:
14:69:d0:35:9c:dc:00:4f:23:f4:a8:55:0e:32:39:50:c5:2f:
74:6a:f6:66:3f:43:59:9d:0a:31:f4:55:3d:c1:19:af:b8:fb:
60:56:a1:36:f2:8e:29:3a:ce:b4:aa:20:18:9e:bb:8c:02:47:
96:2e:c2:50:f5:b1:82:25:2a:96:57:5a:ee:c1:7a:5b:6d:33:
32:84:8f:45:59:93:37:5e:c5:7e:6a:0c:2b:f4:de:98:ed:f9:
a7:eb:1f:d6:ac:a0:35:79:da:b2:d4:26:42:94:30:2a:65:2d:
dd:f2:fc:b7:a4:fc:99:bc:bc:be:ed:6f:18:b7:31:0a:41:eb:
37:65:b7:af:0e:0b:69:2c:70:c4:3c:08:6f:cc:fd:e6:c1:0d:
5e:f7:8e:c7:d3:30:76:51:01:77:cd:63:0e:0a:d7:e5:bb:86:
c7:9d:f5:26:72:69:24:f0:f6:0c:6e:fd:45:31:f9:d5:88:96:
6b:b0:23:d8:32:28:68:c4:ca:fd:68:b8:46:c4:74:0d:e5:dc:
ef:6c:47:5a:7e:e8:45:de:cd:46:36:ae:91:cc:19:4b:d0:90:
0c:5d:7c:dc
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZGyXxux4EexGUAJiSmW4At2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwOTAyMTA1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzMzOGM5NWIxMmJkMThlNWE4MjA5M2UxYTIwMDdjMzRiMjc3MGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5n1qD88N5P2iQzsww8FxEsaMllL
qxZIr3klEGNB2PfWE7BU0oa8k1M5Thdc8yCOYTmkuPsIyvlQt2Ie1sba1rmgi6sv
kLVDS9S3bVaIm0F76pi/HPAHrIpfybETlx+uO94Le84lcqvPEgbpck7RLgbIUYQs
zBRiw/dXwSeZcpiQsK4rmRUplRhk73vb2L2fiQwx86taysfJjLVTzfS35FxsUiv+
1QSAS3fpG3jXyAWJEDZuzu05FYN0voZHCdizkBAAsLnM4fEg3HiPQ4LGyFmyvNQG
yJXPdxqsuXu2Yfqxn3mYhRV2QfIYy6NIfD+wd89vxev3QaoXVI2s5kfgEwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFEMzjJWxK9GOWoIJPhogB8NLJ3D7MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvUXpPTWxiRXIwWTVhZ2drLUdpQUh3MHNuY1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgSlwAMF
AyoODQADBQMqDrFAAwUDKg/bgAMFAyoQRwADBQAqEUtBAwUDKhJDADANBgkqhkiG
9w0BAQsFAAOCAQEAHnIyVNHNsPpOcuuShc5NUZxVcRnEUEkUOy0H+9IvUQ0T6amM
FGnQNZzcAE8j9KhVDjI5UMUvdGr2Zj9DWZ0KMfRVPcEZr7j7YFahNvKOKTrOtKog
GJ67jAJHli7CUPWxgiUqllda7sF6W20zMoSPRVmTN17FfmoMK/TemO35p+sf1qyg
NXnastQmQpQwKmUt3fL8t6T8mby8vu1vGLcxCkHrN2W3rw4LaSxwxDwIb8z95sEN
XveOx9MwdlEBd81jDgrX5buGx531JnJpJPD2DG79RTH51YiWa7Aj2DIoaMTK/Wi4
RsR0DeXc72xHWn7oRd7NRjaukcwZS9CQDF183A==
-----END CERTIFICATE-----
Generated at Thu May 8 01:28:51 2025 by rpki-client