Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/ehKvi-daDAyLw68fDoyNXXFz-Oo.roa
File: ehKvi-daDAyLw68fDoyNXXFz-Oo.roa (raw, json)
Hash identifier: x4vFnPhyCQtJWalJ6hc0JJb1H0T0TUOMTChexFft5X8=
Subject key identifier: 7A:12:AF:8B:E7:5A:0C:0C:8B:C3:AF:1F:0E:8C:8D:5D:71:73:F8:EA
Certificate issuer: /CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Certificate serial: 0197C6F65B0D08C487889AEF5F2A5038025E
Authority key identifier: ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/ehKvi-daDAyLw68fDoyNXXFz-Oo.roa
Signing time: Tue 01 Jul 2025 17:08:43 +0000
ROA not before: Tue 01 Jul 2025 17:08:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29551
IP address blocks: 46.253.112.0/20 maxlen: 20
80.66.204.0/22 maxlen: 22
82.149.224.0/19 maxlen: 19
82.149.232.0/24 maxlen: 24
82.149.233.0/24 maxlen: 24
82.149.234.0/24 maxlen: 24
82.149.235.0/24 maxlen: 24
83.141.0.0/18 maxlen: 18
83.141.10.0/24 maxlen: 24
83.141.15.0/24 maxlen: 24
83.141.16.0/24 maxlen: 24
83.141.26.0/24 maxlen: 24
83.141.27.0/24 maxlen: 24
83.141.28.0/24 maxlen: 24
83.141.29.0/24 maxlen: 24
83.141.57.0/24 maxlen: 24
83.141.60.0/22 maxlen: 22
83.141.60.0/24 maxlen: 24
83.141.62.0/24 maxlen: 24
83.141.63.0/24 maxlen: 24
109.71.24.0/21 maxlen: 21
109.71.31.0/24 maxlen: 24
178.19.64.0/20 maxlen: 20
185.37.16.0/22 maxlen: 22
195.225.196.0/22 maxlen: 22
2a00:f520::/32 maxlen: 32
2a01:440::/29 maxlen: 48
2a01:440:50f::/48 maxlen: 48
2a01:440:1509::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 04 Jul 2025 21:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:f6:5b:0d:08:c4:87:88:9a:ef:5f:2a:50:38:02:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da82dbc7d7e2818f96680b66efcedb1087947
Validity
Not Before: Jul 1 17:08:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a12af8be75a0c0c8bc3af1f0e8c8d5d7173f8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5f:3a:36:34:41:ca:6e:68:82:d1:b6:58:d0:
27:b6:52:dd:8e:28:f4:89:15:a9:0a:e9:54:9e:de:
72:1b:a3:2f:13:16:1b:ee:67:b6:7e:7f:b8:52:9e:
7a:ab:1d:05:38:c3:38:80:13:bd:10:0a:36:43:73:
1b:4b:b1:84:d2:cf:24:e0:74:17:b5:06:df:de:6f:
ac:4f:0c:ea:b5:0b:24:95:3c:0c:39:90:aa:e3:d0:
4f:cc:da:85:bb:89:2e:95:6b:c5:89:6f:eb:8d:af:
da:1d:ff:b2:ee:45:de:f7:ac:07:58:e2:92:88:5b:
fc:53:af:d0:91:d3:ac:28:96:4e:2d:a4:eb:35:2e:
e5:5e:14:6a:a3:84:1e:86:23:d4:85:91:6d:31:e8:
d5:32:4c:cd:19:00:6e:73:6d:5b:7e:1f:b2:dd:f4:
6d:28:43:b3:77:5c:2c:9e:16:a9:31:e6:9c:07:e5:
b8:86:7d:fc:b6:a5:3b:db:4d:ff:a7:ea:83:5d:ab:
b5:ef:d8:63:3b:b2:29:55:d7:40:9a:a9:65:9d:18:
d0:fa:c9:06:06:3c:a3:48:03:29:b3:4c:59:d6:bc:
f4:d6:08:71:3c:13:77:5d:4c:44:38:9a:98:7b:06:
e1:de:e8:13:44:ce:23:87:d9:dc:26:ab:5e:b2:c6:
c8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:12:AF:8B:E7:5A:0C:0C:8B:C3:AF:1F:0E:8C:8D:5D:71:73:F8:EA
X509v3 Authority Key Identifier:
keyid:ED:6D:A8:2D:BC:7D:7E:28:18:F9:66:80:B6:6E:FC:ED:B1:08:79:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2oLbx9figY-WaAtm787bEIeUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/ehKvi-daDAyLw68fDoyNXXFz-Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3549fb-e3a3-4124-b3b0-59957787b015/1/7W2oLbx9figY-WaAtm787bEIeUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.112.0/20
80.66.204.0/22
82.149.224.0/19
83.141.0.0/18
109.71.24.0/21
178.19.64.0/20
185.37.16.0/22
195.225.196.0/22
IPv6:
2a00:f520::/32
2a01:440::/29
Signature Algorithm: sha256WithRSAEncryption
5f:47:4b:fa:c9:c6:d5:93:5d:0f:8e:c0:4c:e4:d2:97:e5:03:
c2:db:a8:29:e8:5e:21:7f:30:86:fc:49:e0:b6:7b:02:30:e2:
e5:09:f8:36:99:ef:fb:99:c0:e2:e6:45:81:f4:0d:9d:61:51:
b1:94:69:98:39:f5:bc:2f:64:25:9c:8b:0f:85:c2:ff:04:d7:
93:6c:24:6a:c4:04:2a:1f:a0:69:66:1e:7a:7d:21:23:17:e4:
cd:42:ef:d5:e2:d0:ab:e4:82:bf:f0:17:4e:b3:69:7b:3e:99:
f8:d9:b9:ff:29:6a:3a:c3:21:f5:c2:be:f7:48:c3:73:7b:46:
35:26:c1:cb:54:65:0a:98:c8:e6:84:85:2e:16:3d:73:73:8c:
eb:67:b6:47:03:b1:1b:51:c3:82:ec:93:c6:6a:90:e2:cc:8d:
e8:9d:63:58:06:cd:54:b4:66:cc:a3:3a:2b:81:cc:8e:88:bb:
1b:98:5b:5a:f6:00:e8:34:9d:51:b5:4d:65:54:5f:6b:22:0b:
6a:08:59:9f:58:23:cf:ce:23:1b:87:14:b1:a6:77:b6:c9:10:
d7:83:3f:af:be:12:bf:79:1c:0e:ca:40:1f:88:9f:cf:08:3f:
21:d9:7c:7b:f5:ab:96:89:02:1f:0d:5b:65:f9:da:ef:8e:da:
3b:37:8a:92
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZfG9lsNCMSHiJrvXypQOAJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhODJkYmM3ZDdlMjgxOGY5NjY4MGI2NmVmY2VkYjEw
ODc5NDcwHhcNMjUwNzAxMTcwODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTEyYWY4YmU3NWEwYzBjOGJjM2FmMWYwZThjOGQ1ZDcxNzNmOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l86NjRBym5ogtG2WNAntlLdjij0
iRWpCulUnt5yG6MvExYb7me2fn+4Up56qx0FOMM4gBO9EAo2Q3MbS7GE0s8k4HQX
tQbf3m+sTwzqtQsklTwMOZCq49BPzNqFu4kulWvFiW/rja/aHf+y7kXe96wHWOKS
iFv8U6/QkdOsKJZOLaTrNS7lXhRqo4QehiPUhZFtMejVMkzNGQBuc21bfh+y3fRt
KEOzd1wsnhapMeacB+W4hn38tqU7203/p+qDXau179hjO7IpVddAmqllnRjQ+skG
BjyjSAMps0xZ1rz01ghxPBN3XUxEOJqYewbh3ugTRM4jh9ncJqtessbIOQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHoSr4vnWgwMi8OvHw6MjV1xc/jqMB8GA1UdIwQY
MBaAFO1tqC28fX4oGPlmgLZu/O2xCHlHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cyb0xieDlmaWdZLVdhQXRtNzg3YkVJZVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zNTQ5ZmItZTNhMy00MTI0LWIzYjAt
NTk5NTc3ODdiMDE1LzEvZWhLdmktZGFEQXlMdzY4ZkRveU5YWEZ6LU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zNTQ5ZmItZTNhMy00MTI0LWIzYjAtNTk5NTc3ODdiMDE1
LzEvN1cyb0xieDlmaWdZLVdhQXRtNzg3YkVJZVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQELv1wAwQC
UELMAwQFUpXgAwQGU40AAwQDbUcYAwQEshNAAwQCuSUQAwQCw+HEMBQEAgACMA4D
BQAqAPUgAwUDKgEEQDANBgkqhkiG9w0BAQsFAAOCAQEAX0dL+snG1ZNdD47ATOTS
l+UDwtuoKeheIX8whvxJ4LZ7AjDi5Qn4Npnv+5nA4uZFgfQNnWFRsZRpmDn1vC9k
JZyLD4XC/wTXk2wkasQEKh+gaWYeen0hIxfkzULv1eLQq+SCv/AXTrNpez6Z+Nm5
/ylqOsMh9cK+90jDc3tGNSbBy1RlCpjI5oSFLhY9c3OM62e2RwOxG1HDguyTxmqQ
4syN6J1jWAbNVLRmzKM6K4HMjoi7G5hbWvYA6DSdUbVNZVRfayILaghZn1gjz84j
G4cUsaZ3tskQ14M/r74Sv3kcDspAH4ifzwg/Idl8e/WrlokCHw1bZfna747aOzeK
kg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:17:34 2025 by rpki-client