Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/WrUi2nPl0pBDFbXDttymsEENr2Q.roa
File: WrUi2nPl0pBDFbXDttymsEENr2Q.roa (raw, json)
Hash identifier: aiEwZCz9GOVDkw4X+nCqVWtYyDmyGxrpldUWvksgPmo=
Subject key identifier: 5A:B5:22:DA:73:E5:D2:90:43:15:B5:C3:B6:DC:A6:B0:41:0D:AF:64
Certificate issuer: /CN=096c3e8654fe87bdab4711d776e44b4f0cd1b647
Certificate serial: 01979815ED43A13BF31D5742FF630D4B556A
Authority key identifier: 09:6C:3E:86:54:FE:87:BD:AB:47:11:D7:76:E4:4B:4F:0C:D1:B6:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/WrUi2nPl0pBDFbXDttymsEENr2Q.roa
Signing time: Sun 22 Jun 2025 14:41:03 +0000
ROA not before: Sun 22 Jun 2025 14:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7
IP address blocks: 192.35.94.0/24 maxlen: 24
192.67.43.0/24 maxlen: 24
194.32.69.0/24 maxlen: 24
194.32.218.0/23 maxlen: 24
194.34.138.0/24 maxlen: 24
194.61.92.0/23 maxlen: 24
2a0b:3b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 22 Jun 2025 15:54:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:98:15:ed:43:a1:3b:f3:1d:57:42:ff:63:0d:4b:55:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=096c3e8654fe87bdab4711d776e44b4f0cd1b647
Validity
Not Before: Jun 22 14:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ab522da73e5d2904315b5c3b6dca6b0410daf64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cf:d2:b7:73:e7:3b:cf:64:dc:cc:aa:84:29:
c8:7b:8e:25:b4:41:de:0d:c8:cf:e6:ff:e6:6f:97:
2f:37:0e:1f:b2:6d:2c:42:89:44:d6:5f:7f:37:bb:
7a:d4:cd:ad:8f:d1:a9:7f:18:5d:2e:34:c9:66:3c:
9f:50:8c:2d:6e:c5:ce:38:45:8d:b2:35:df:44:44:
b1:a3:50:69:d2:f2:16:b2:fb:a1:f2:98:e2:26:b8:
3a:6b:6a:20:a7:0e:5d:d9:d5:26:da:94:48:f6:fa:
12:8e:93:2f:0c:af:99:6f:12:47:05:c1:14:50:db:
32:d2:ad:b6:3c:ba:aa:b8:c7:1e:6b:e5:9b:76:27:
84:75:0c:63:bc:1f:be:15:33:3f:82:26:3c:fc:51:
97:39:34:2b:e4:18:37:4a:e8:ea:2f:d0:5a:c2:1e:
b5:fb:64:06:a5:d5:9f:06:ed:49:73:97:a1:ce:0a:
0c:06:44:81:a2:17:6d:07:b1:d1:95:01:4f:0b:c7:
5b:a4:20:df:46:bd:51:7e:3c:c7:77:87:79:fd:70:
a3:27:2b:2e:e8:7f:72:91:e5:ad:9e:14:fb:b2:a7:
b6:cb:aa:be:4e:67:51:f5:54:a9:f7:9f:eb:56:13:
ca:fc:56:0d:b3:7f:4c:92:f0:49:c9:5d:87:c1:ca:
3b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B5:22:DA:73:E5:D2:90:43:15:B5:C3:B6:DC:A6:B0:41:0D:AF:64
X509v3 Authority Key Identifier:
keyid:09:6C:3E:86:54:FE:87:BD:AB:47:11:D7:76:E4:4B:4F:0C:D1:B6:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/WrUi2nPl0pBDFbXDttymsEENr2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/CWw-hlT-h72rRxHXduRLTwzRtkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.35.94.0/24
192.67.43.0/24
194.32.69.0/24
194.32.218.0/23
194.34.138.0/24
194.61.92.0/23
IPv6:
2a0b:3b40::/29
Signature Algorithm: sha256WithRSAEncryption
bc:8f:73:91:32:cf:d7:b4:ed:40:c3:b2:4e:90:a3:1c:98:8f:
a8:91:de:1d:20:cd:a0:d8:17:00:d0:da:91:fb:bc:86:c7:14:
1e:2d:ea:19:64:7c:a6:a0:60:12:f4:6b:e1:64:24:71:37:5e:
b3:74:5f:8a:7d:af:23:d1:55:db:01:5e:80:7a:f2:e3:d5:d1:
fb:23:33:e1:63:f0:b6:33:3a:a4:d0:65:58:b6:40:49:b9:10:
3a:e2:23:7a:56:08:31:85:6b:c9:c8:a1:7d:35:eb:da:1e:30:
da:5e:c4:18:34:a4:b4:08:d1:f9:fc:eb:8c:1a:65:f9:95:8e:
b3:57:9a:c7:a9:a1:f0:24:0c:52:85:b4:c8:07:e0:d7:4c:63:
cf:62:67:4f:1e:9b:96:34:74:ce:89:fd:b1:80:94:76:74:ac:
a9:8d:54:6a:7d:25:59:14:db:ec:7a:7e:c5:83:b2:bb:d7:c2:
f3:b3:b4:a1:ac:df:ca:d6:4d:b7:f1:ba:b4:d1:de:9f:50:1d:
85:01:0d:5f:0b:82:f8:87:94:b5:49:78:88:2e:31:31:8f:fe:
fc:94:89:93:15:19:59:ce:48:04:47:4a:5c:d6:6c:8a:dc:b7:
b8:49:9a:03:b7:cd:85:ee:df:ee:93:f6:25:44:5a:94:32:ab:
33:a1:97:e9
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZeYFe1DoTvzHVdC/2MNS1VqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NmMzZTg2NTRmZTg3YmRhYjQ3MTFkNzc2ZTQ0YjRmMGNk
MWI2NDcwHhcNMjUwNjIyMTQ0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWI1MjJkYTczZTVkMjkwNDMxNWI1YzNiNmRjYTZiMDQxMGRhZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc/St3PnO89k3MyqhCnIe44ltEHe
DcjP5v/mb5cvNw4fsm0sQolE1l9/N7t61M2tj9GpfxhdLjTJZjyfUIwtbsXOOEWN
sjXfRESxo1Bp0vIWsvuh8pjiJrg6a2ogpw5d2dUm2pRI9voSjpMvDK+ZbxJHBcEU
UNsy0q22PLqquMcea+WbdieEdQxjvB++FTM/giY8/FGXOTQr5Bg3SujqL9Bawh61
+2QGpdWfBu1Jc5ehzgoMBkSBohdtB7HRlQFPC8dbpCDfRr1RfjzHd4d5/XCjJysu
6H9ykeWtnhT7sqe2y6q+TmdR9VSp95/rVhPK/FYNs39MkvBJyV2Hwco7IwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFq1Itpz5dKQQxW1w7bcprBBDa9kMB8GA1UdIwQY
MBaAFAlsPoZU/oe9q0cR13bkS08M0bZHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1d3LWhsVC1oNzJyUnhIWGR1UkxUd3pSdGtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MjVlMGUtZWJhOC00ZTg4LWEwMjEt
NGU3ZDU4NDhkZTAwLzEvV3JVaTJuUGwwcEJERmJYRHR0eW1zRUVOcjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82MjVlMGUtZWJhOC00ZTg4LWEwMjEtNGU3ZDU4NDhkZTAw
LzEvQ1d3LWhsVC1oNzJyUnhIWGR1UkxUd3pSdGtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAwCNeAwQA
wEMrAwQAwiBFAwQBwiDaAwQAwiKKAwQBwj1cMA0EAgACMAcDBQMqCztAMA0GCSqG
SIb3DQEBCwUAA4IBAQC8j3ORMs/XtO1Aw7JOkKMcmI+okd4dIM2g2BcA0NqR+7yG
xxQeLeoZZHymoGAS9GvhZCRxN16zdF+Kfa8j0VXbAV6AevLj1dH7IzPhY/C2Mzqk
0GVYtkBJuRA64iN6VggxhWvJyKF9NevaHjDaXsQYNKS0CNH5/OuMGmX5lY6zV5rH
qaHwJAxShbTIB+DXTGPPYmdPHpuWNHTOif2xgJR2dKypjVRqfSVZFNvsen7Fg7K7
18Lzs7ShrN/K1k238bq00d6fUB2FAQ1fC4L4h5S1SXiILjExj/78lImTFRlZzkgE
R0pc1myK3Le4SZoDt82F7t/uk/YlRFqUMqszoZfp
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:56:24 2025 by rpki-client