Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/_qEl-lUbzlEeaECivD2A3JFphWY.roa
File: _qEl-lUbzlEeaECivD2A3JFphWY.roa (raw, json)
Hash identifier: WbTRPGEryqXBoP5oO3x6Z/rHE1HeLJjMrQ2xElOd73U=
Subject key identifier: FE:A1:25:FA:55:1B:CE:51:1E:68:40:A2:BC:3D:80:DC:91:69:85:66
Certificate issuer: /CN=b14aba8b60749393478e83c360e6cbd75d156f89
Certificate serial: 01977E30F828B69DA31F1511858BFF758BC0
Authority key identifier: B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/_qEl-lUbzlEeaECivD2A3JFphWY.roa
Signing time: Tue 17 Jun 2025 14:00:27 +0000
ROA not before: Tue 17 Jun 2025 14:00:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44565
IP address blocks: 79.171.16.0/24 maxlen: 24
79.171.17.0/24 maxlen: 24
79.171.18.0/24 maxlen: 24
79.171.19.0/24 maxlen: 24
79.171.20.0/24 maxlen: 24
79.171.21.0/24 maxlen: 24
93.186.112.0/24 maxlen: 24
93.186.113.0/24 maxlen: 24
93.186.114.0/24 maxlen: 24
93.186.115.0/24 maxlen: 24
93.186.116.0/24 maxlen: 24
93.186.117.0/24 maxlen: 24
93.186.118.0/24 maxlen: 24
93.186.119.0/24 maxlen: 24
93.186.120.0/24 maxlen: 24
93.186.121.0/24 maxlen: 24
93.186.122.0/24 maxlen: 24
93.186.123.0/24 maxlen: 24
93.186.124.0/24 maxlen: 24
93.186.126.0/24 maxlen: 24
93.186.127.0/24 maxlen: 24
188.124.1.0/24 maxlen: 24
188.124.2.0/24 maxlen: 24
188.124.4.0/24 maxlen: 24
188.124.6.0/24 maxlen: 24
188.124.7.0/24 maxlen: 24
188.124.8.0/24 maxlen: 24
188.124.9.0/24 maxlen: 24
188.124.10.0/24 maxlen: 24
188.124.11.0/24 maxlen: 24
188.124.12.0/24 maxlen: 24
188.124.13.0/24 maxlen: 24
188.124.14.0/24 maxlen: 24
188.124.15.0/24 maxlen: 24
188.124.16.0/24 maxlen: 24
188.124.17.0/24 maxlen: 24
188.124.18.0/24 maxlen: 24
188.124.19.0/24 maxlen: 24
188.124.20.0/24 maxlen: 24
188.124.21.0/24 maxlen: 24
188.124.23.0/24 maxlen: 24
188.124.24.0/24 maxlen: 24
188.124.25.0/24 maxlen: 24
188.124.26.0/24 maxlen: 24
188.124.27.0/24 maxlen: 24
188.124.28.0/24 maxlen: 24
188.124.29.0/24 maxlen: 24
188.124.30.0/24 maxlen: 24
188.124.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Jun 2025 06:29:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:30:f8:28:b6:9d:a3:1f:15:11:85:8b:ff:75:8b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b14aba8b60749393478e83c360e6cbd75d156f89
Validity
Not Before: Jun 17 14:00:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fea125fa551bce511e6840a2bc3d80dc91698566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b2:13:fb:b1:66:6f:82:4d:d4:97:73:cf:14:
d3:10:14:b1:a1:40:bb:e2:e0:7a:7b:d4:a2:28:63:
9e:74:05:64:a6:37:8b:0c:3b:1b:2a:ba:3e:8a:31:
d2:8e:81:d5:70:3d:e2:1c:48:b9:c8:7a:52:21:21:
ca:68:27:d7:ba:67:da:fa:61:ab:90:b4:7c:84:24:
4b:ae:e7:d1:79:04:23:1a:aa:74:5a:b2:43:32:00:
cd:17:12:92:57:bb:ef:25:ba:28:b5:a9:e2:ed:06:
75:ed:4f:fa:8e:71:89:ca:8b:6a:a4:26:1c:bc:26:
3b:70:53:0d:28:bc:9a:69:50:de:7b:f4:9b:2e:ce:
d2:a6:04:89:cf:5f:a2:17:ba:58:2c:37:a3:eb:95:
bc:9f:09:ba:ff:34:4f:4b:7a:fb:b0:6c:b3:5a:ee:
82:86:7e:5e:0a:ba:5a:90:23:4c:12:61:96:23:d3:
47:0a:ca:8a:f7:50:01:a2:5d:70:eb:25:95:60:63:
b7:4c:c2:35:82:b4:4b:63:15:72:0f:5a:02:44:a9:
07:de:0e:67:66:2b:26:ce:a8:f9:36:6f:89:40:32:
11:5d:95:74:70:24:d6:61:77:6b:98:07:a3:b1:a4:
3c:7f:ff:9e:bc:43:04:6f:a3:92:3f:41:c9:d3:f9:
c1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A1:25:FA:55:1B:CE:51:1E:68:40:A2:BC:3D:80:DC:91:69:85:66
X509v3 Authority Key Identifier:
keyid:B1:4A:BA:8B:60:74:93:93:47:8E:83:C3:60:E6:CB:D7:5D:15:6F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUq6i2B0k5NHjoPDYObL110Vb4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/_qEl-lUbzlEeaECivD2A3JFphWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/461685-073e-41af-9bb6-cf6c305212eb/1/sUq6i2B0k5NHjoPDYObL110Vb4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.16.0-79.171.21.255
93.186.112.0-93.186.124.255
93.186.126.0/23
188.124.1.0-188.124.2.255
188.124.4.0/24
188.124.6.0-188.124.21.255
188.124.23.0-188.124.31.255
Signature Algorithm: sha256WithRSAEncryption
c5:96:80:97:a8:37:57:e5:40:f9:4c:d0:bc:94:19:85:8e:ce:
83:6f:49:28:b2:08:fb:21:78:1e:a0:f4:bd:ed:33:bb:42:6a:
09:74:19:27:38:26:60:04:fb:fd:ec:cc:a4:b4:04:35:0e:ce:
19:c0:61:d6:e1:fd:68:0d:0a:c5:d5:12:e8:8b:0b:92:0e:41:
bb:31:8e:17:65:45:1d:5a:9f:e6:4d:3d:22:06:be:50:1c:14:
63:e6:38:aa:d2:5b:e1:74:05:8b:c5:aa:9c:76:43:66:b8:dd:
fd:93:6b:b5:c5:c9:69:fc:ba:e5:20:e9:0b:be:e7:59:20:97:
af:55:6d:09:c3:86:10:62:74:de:fe:37:05:41:b2:d0:19:b4:
64:5f:4e:6f:43:81:cf:77:41:12:70:a5:fb:7b:43:4b:fc:17:
52:3a:ee:af:e5:fa:7a:61:38:de:c4:33:d3:73:e0:26:1a:61:
67:9f:16:9a:3f:64:10:34:a2:86:fb:d4:f0:0e:21:30:a0:7b:
a4:87:74:92:27:04:4d:26:60:2b:da:c1:04:d1:38:0d:1a:68:
21:e6:d5:4e:1e:1f:14:63:b6:d8:69:4f:2c:ad:e7:28:a1:e7:
b8:36:67:2d:e4:3f:8e:56:10:b5:ef:8c:b8:76:e3:45:a6:cd:
6c:c3:6f:b6
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZd+MPgotp2jHxURhYv/dYvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNGFiYThiNjA3NDkzOTM0NzhlODNjMzYwZTZjYmQ3NWQx
NTZmODkwHhcNMjUwNjE3MTQwMDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWExMjVmYTU1MWJjZTUxMWU2ODQwYTJiYzNkODBkYzkxNjk4NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbIT+7Fmb4JN1JdzzxTTEBSxoUC7
4uB6e9SiKGOedAVkpjeLDDsbKro+ijHSjoHVcD3iHEi5yHpSISHKaCfXumfa+mGr
kLR8hCRLrufReQQjGqp0WrJDMgDNFxKSV7vvJbootani7QZ17U/6jnGJyotqpCYc
vCY7cFMNKLyaaVDee/SbLs7SpgSJz1+iF7pYLDej65W8nwm6/zRPS3r7sGyzWu6C
hn5eCrpakCNMEmGWI9NHCsqK91ABol1w6yWVYGO3TMI1grRLYxVyD1oCRKkH3g5n
Zismzqj5Nm+JQDIRXZV0cCTWYXdrmAejsaQ8f/+evEMEb6OSP0HJ0/nBRwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFP6hJfpVG85RHmhAorw9gNyRaYVmMB8GA1UdIwQY
MBaAFLFKuotgdJOTR46Dw2Dmy9ddFW+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYt
Y2Y2YzMwNTIxMmViLzEvX3FFbC1sVWJ6bEVlYUVDaXZEMkEzSkZwaFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NjE2ODUtMDczZS00MWFmLTliYjYtY2Y2YzMwNTIxMmVi
LzEvc1VxNmkyQjBrNU5Iam9QRFlPYkwxMTBWYjRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBARPqxAD
BAFPqxQwDAMEBF26cAMEAF26fAMEAV26fjAMAwQAvHwBAwQAvHwCAwQAvHwEMAwD
BAG8fAYDBAG8fBQwDAMEALx8FwMEBbx8ADANBgkqhkiG9w0BAQsFAAOCAQEAxZaA
l6g3V+VA+UzQvJQZhY7Og29JKLII+yF4HqD0ve0zu0JqCXQZJzgmYAT7/ezMpLQE
NQ7OGcBh1uH9aA0KxdUS6IsLkg5BuzGOF2VFHVqf5k09Iga+UBwUY+Y4qtJb4XQF
i8WqnHZDZrjd/ZNrtcXJafy65SDpC77nWSCXr1VtCcOGEGJ03v43BUGy0Bm0ZF9O
b0OBz3dBEnCl+3tDS/wXUjrur+X6emE43sQz03PgJhphZ58Wmj9kEDSihvvU8A4h
MKB7pId0kicETSZgK9rBBNE4DRpoIebVTh4fFGO22GlPLK3nKKHnuDZnLeQ/jlYQ
te+MuHbjRabNbMNvtg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 06:09:45 2025 by rpki-client