Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/E6OEHEnH-RbK0yBNJXuSSzLiDZs.roa
File: E6OEHEnH-RbK0yBNJXuSSzLiDZs.roa (raw, json)
Hash identifier: OFnXg/MA4bJx+DLSEGDfYkRSV/re70C6ARtDCkPC4tc=
Subject key identifier: 13:A3:84:1C:49:C7:F9:16:CA:D3:20:4D:25:7B:92:4B:32:E2:0D:9B
Certificate issuer: /CN=af6da9d56b42c2b816b1ae6b185125abf21593ef
Certificate serial: 01976076F35B2F7AEC372E01BE28D213F30C
Authority key identifier: AF:6D:A9:D5:6B:42:C2:B8:16:B1:AE:6B:18:51:25:AB:F2:15:93:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r22p1WtCwrgWsa5rGFElq_IVk-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/E6OEHEnH-RbK0yBNJXuSSzLiDZs.roa
Signing time: Wed 11 Jun 2025 19:28:17 +0000
ROA not before: Wed 11 Jun 2025 19:28:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25090
IP address blocks: 193.8.222.0/23 maxlen: 23
194.56.96.0/22 maxlen: 24
194.56.112.0/22 maxlen: 24
194.56.116.0/22 maxlen: 24
194.56.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 07:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:60:76:f3:5b:2f:7a:ec:37:2e:01:be:28:d2:13:f3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af6da9d56b42c2b816b1ae6b185125abf21593ef
Validity
Not Before: Jun 11 19:28:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13a3841c49c7f916cad3204d257b924b32e20d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:bf:32:6e:23:16:dd:a0:fc:68:d3:b6:5f:79:
74:ef:f3:98:d7:85:94:1b:e2:fa:62:ec:e2:ec:f1:
b9:a4:d7:a7:61:10:6a:fe:e8:3a:a8:6d:0c:0c:91:
70:89:77:35:51:5e:03:e1:f9:7e:fb:e9:a7:6e:b2:
00:f8:29:ba:76:12:a8:c6:a7:ee:44:1e:37:07:22:
7d:42:7d:4a:e7:87:7b:f7:bd:79:2d:82:ee:5f:96:
a0:39:72:85:d2:ad:a1:c4:1e:55:bd:6b:5c:a8:40:
5a:af:5f:28:93:0a:e5:03:c8:63:fd:55:18:f0:01:
0e:f0:46:6a:6f:ea:97:d4:ab:ee:dc:2d:0a:fc:67:
d0:33:ca:f5:b3:48:31:10:99:8a:a8:cc:af:20:dd:
a6:bb:61:3b:57:a7:dd:fa:38:4b:ce:4f:d8:49:6e:
4f:d5:ce:cd:ec:32:1d:ad:7d:3d:35:61:c0:41:f2:
b8:65:80:c1:98:eb:2a:3d:13:cf:ce:e0:51:95:d8:
f4:eb:f2:a9:3a:b0:c9:b1:8c:7a:1f:1e:e0:94:d2:
1a:40:1a:d8:f3:62:6d:81:b3:81:f5:a8:de:d6:6f:
2f:8a:dc:d5:27:d6:3c:3c:8c:2d:cd:56:46:83:cc:
52:10:18:4b:b5:bf:bf:e1:01:e9:27:61:4d:42:30:
db:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A3:84:1C:49:C7:F9:16:CA:D3:20:4D:25:7B:92:4B:32:E2:0D:9B
X509v3 Authority Key Identifier:
keyid:AF:6D:A9:D5:6B:42:C2:B8:16:B1:AE:6B:18:51:25:AB:F2:15:93:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r22p1WtCwrgWsa5rGFElq_IVk-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/E6OEHEnH-RbK0yBNJXuSSzLiDZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/r22p1WtCwrgWsa5rGFElq_IVk-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.222.0/23
194.56.96.0/22
194.56.112.0-194.56.123.255
Signature Algorithm: sha256WithRSAEncryption
65:14:24:ca:53:7b:9f:18:56:4a:88:56:50:9b:fe:e0:88:c4:
de:74:f7:68:71:3c:12:62:d8:4c:4b:3c:c6:a3:a3:09:03:54:
7e:d0:00:4d:20:b3:3e:27:15:27:dc:6b:b0:10:61:25:6d:73:
6e:c3:38:e4:5a:a1:64:cd:70:8e:6c:f6:aa:9b:6a:21:b1:bc:
fe:45:f1:09:5b:59:d8:c0:74:32:96:e9:24:de:76:b3:0c:46:
65:a9:06:5d:93:22:92:41:3d:72:d1:5a:13:d4:a5:37:81:91:
46:af:b9:1a:17:55:7c:cc:be:77:cc:6b:67:92:01:1a:0c:29:
a1:42:c4:08:7b:2d:a9:75:e0:8a:11:aa:54:f9:9c:63:88:d7:
6a:86:d3:46:77:62:a0:96:6e:c2:60:31:69:7f:ea:2b:5e:85:
9c:ed:70:90:14:00:5f:6d:eb:4b:a3:8a:7a:91:14:5c:42:83:
a4:7d:fc:e5:ba:41:c8:a5:48:1f:95:f1:37:62:42:fe:e9:27:
d6:e9:2d:a9:2d:95:9b:2a:63:ff:3e:86:2b:b2:ca:7b:f9:0b:
ba:7d:67:63:8e:62:5d:d9:55:c7:a3:b8:f0:9d:4f:9a:b8:87:
72:70:a9:1b:d6:b5:83:d4:cb:04:4d:dd:79:a3:07:f0:9b:64:
dc:d3:49:05
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZdgdvNbL3rsNy4BvijSE/MMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNmRhOWQ1NmI0MmMyYjgxNmIxYWU2YjE4NTEyNWFiZjIx
NTkzZWYwHhcNMjUwNjExMTkyODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2EzODQxYzQ5YzdmOTE2Y2FkMzIwNGQyNTdiOTI0YjMyZTIwZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb8ybiMW3aD8aNO2X3l07/OY14WU
G+L6Yuzi7PG5pNenYRBq/ug6qG0MDJFwiXc1UV4D4fl+++mnbrIA+Cm6dhKoxqfu
RB43ByJ9Qn1K54d79715LYLuX5agOXKF0q2hxB5VvWtcqEBar18okwrlA8hj/VUY
8AEO8EZqb+qX1Kvu3C0K/GfQM8r1s0gxEJmKqMyvIN2mu2E7V6fd+jhLzk/YSW5P
1c7N7DIdrX09NWHAQfK4ZYDBmOsqPRPPzuBRldj06/KpOrDJsYx6Hx7glNIaQBrY
82JtgbOB9aje1m8vitzVJ9Y8PIwtzVZGg8xSEBhLtb+/4QHpJ2FNQjDbKwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBOjhBxJx/kWytMgTSV7kksy4g2bMB8GA1UdIwQY
MBaAFK9tqdVrQsK4FrGuaxhRJavyFZPvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjIycDFXdEN3cmdXc2E1ckdGRWxxX0lWay04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy84OTczNzgtYzU1Ni00MzUyLTlhMDQt
YjEwYTgzMmJjYTQzLzEvRTZPRUhFbkgtUmJLMHlCTkpYdVNTekxpRFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy84OTczNzgtYzU1Ni00MzUyLTlhMDQtYjEwYTgzMmJjYTQz
LzEvcjIycDFXdEN3cmdXc2E1ckdGRWxxX0lWay04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBwQjeAwQC
wjhgMAwDBATCOHADBALCOHgwDQYJKoZIhvcNAQELBQADggEBAGUUJMpTe58YVkqI
VlCb/uCIxN5092hxPBJi2ExLPMajowkDVH7QAE0gsz4nFSfca7AQYSVtc27DOORa
oWTNcI5s9qqbaiGxvP5F8QlbWdjAdDKW6STedrMMRmWpBl2TIpJBPXLRWhPUpTeB
kUavuRoXVXzMvnfMa2eSARoMKaFCxAh7Lal14IoRqlT5nGOI12qG00Z3YqCWbsJg
MWl/6itehZztcJAUAF9t60ujinqRFFxCg6R9/OW6QcilSB+V8TdiQv7pJ9bpLakt
lZsqY/8+hiuyynv5C7p9Z2OOYl3ZVcejuPCdT5q4h3JwqRvWtYPUywRN3XmjB/Cb
ZNzTSQU=
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:52:35 2025 by rpki-client