Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0ebRnTEmJfeTWzJ8hY4MXXmkCC0.roa
File: 0ebRnTEmJfeTWzJ8hY4MXXmkCC0.roa (raw, json)
Hash identifier: xkOzwylSuFfzNckB1A6ntAemFSQV6iCzHTQffLjNFp0=
Subject key identifier: D1:E6:D1:9D:31:26:25:F7:93:5B:32:7C:85:8E:0C:5D:79:A4:08:2D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196206D8AFE36570057F2EFF26E0AAB10C5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0ebRnTEmJfeTWzJ8hY4MXXmkCC0.roa
Signing time: Thu 10 Apr 2025 15:59:32 +0000
ROA not before: Thu 10 Apr 2025 15:59:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.238.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 13 Apr 2025 10:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:6d:8a:fe:36:57:00:57:f2:ef:f2:6e:0a:ab:10:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 10 15:59:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1e6d19d312625f7935b327c858e0c5d79a4082d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:13:1e:1f:a3:ed:53:2a:db:9e:0f:bd:31:8f:
9e:43:69:ed:08:9a:50:7b:5e:1c:35:59:8f:d7:19:
0c:9a:31:f0:d4:00:b5:63:56:60:f1:74:55:fd:9e:
4d:f9:7b:91:59:1c:7a:2e:ad:d1:90:c8:cf:2b:de:
af:9f:9a:cc:10:76:f6:ca:ed:af:89:1d:65:bb:4f:
6c:b0:c7:d2:d7:33:31:e5:11:62:3a:f8:60:92:38:
5b:29:3f:34:a5:f9:5b:ee:42:40:2a:07:c7:e1:97:
b0:9b:12:5b:c5:db:20:b3:e9:6e:e9:02:1a:17:db:
bd:d6:f8:b3:2a:b6:ea:7c:6e:81:ad:80:4b:a6:a1:
76:03:bb:7b:79:c2:40:a4:5c:f5:9f:f4:e5:f3:3e:
06:e4:8d:6e:d2:82:3f:ed:78:fd:cf:42:6b:70:19:
7f:ec:54:78:ad:1a:de:23:22:f5:2e:dd:40:b7:f7:
35:54:35:33:d3:c7:8e:1d:2e:a7:b0:86:0b:22:a9:
d5:f6:5e:30:74:85:4b:a1:35:e4:3f:33:69:12:a4:
dd:95:ca:ba:d2:3b:ea:d7:da:4d:25:6e:6a:21:07:
68:1b:ee:bc:14:53:6f:bc:fe:24:3b:d5:31:71:3a:
a8:4b:ed:e3:fa:28:30:59:8e:64:aa:6c:af:2f:51:
19:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E6:D1:9D:31:26:25:F7:93:5B:32:7C:85:8E:0C:5D:79:A4:08:2D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/0ebRnTEmJfeTWzJ8hY4MXXmkCC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.238.0/24
193.108.112.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.119.0/24
194.87.126.0/24
194.87.169.0/24
194.87.179.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
7a:54:41:02:ca:94:79:c6:65:a9:1c:6a:b7:2f:1c:84:c9:c0:
48:8b:87:e1:6c:58:19:a6:d8:68:cb:70:89:33:3a:10:db:6d:
ed:7c:ff:84:57:b9:75:a2:84:d8:2a:f6:05:cc:3c:5a:45:cd:
d2:64:ca:60:ba:fc:60:8e:a2:88:40:6f:6e:c3:c0:18:da:a1:
3d:42:ff:c8:19:47:f6:34:98:80:89:69:ff:50:6b:cf:21:ed:
99:0d:cb:84:8d:97:00:cb:64:bb:ea:ea:44:e6:e1:27:a9:d7:
7f:63:d6:c9:23:30:f4:d3:c9:ac:c1:ac:be:8b:ab:4a:87:c8:
d3:e0:2b:12:e2:ae:6e:65:6b:1e:21:6d:b4:dd:e7:55:a2:cf:
cc:48:d3:e7:81:2e:80:ac:fa:74:92:77:3d:c4:80:db:bd:e7:
a8:d1:58:45:13:9f:fd:08:61:9a:5a:a9:38:39:7e:ae:00:10:
65:e2:17:6e:20:f4:c9:04:0c:46:77:b8:9a:13:86:f6:df:60:
65:98:cb:b0:f4:a1:14:6b:bd:69:98:b4:5a:38:06:3a:28:5b:
b9:18:21:35:40:67:25:79:da:d0:ef:56:57:94:95:1b:16:69:
50:03:23:cf:a5:5e:b3:d8:44:66:2b:71:90:09:60:aa:dc:7f:
52:d4:11:7b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZYgbYr+NlcAV/Lv8m4KqxDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDEwMTU1OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWU2ZDE5ZDMxMjYyNWY3OTM1YjMyN2M4NThlMGM1ZDc5YTQwODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBMeH6PtUyrbng+9MY+eQ2ntCJpQ
e14cNVmP1xkMmjHw1AC1Y1Zg8XRV/Z5N+XuRWRx6Lq3RkMjPK96vn5rMEHb2yu2v
iR1lu09ssMfS1zMx5RFiOvhgkjhbKT80pflb7kJAKgfH4ZewmxJbxdsgs+lu6QIa
F9u91vizKrbqfG6BrYBLpqF2A7t7ecJApFz1n/Tl8z4G5I1u0oI/7Xj9z0JrcBl/
7FR4rRreIyL1Lt1At/c1VDUz08eOHS6nsIYLIqnV9l4wdIVLoTXkPzNpEqTdlcq6
0jvq19pNJW5qIQdoG+68FFNvvP4kO9UxcTqoS+3j+igwWY5kqmyvL1EZ1wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFNHm0Z0xJiX3k1syfIWODF15pAgtMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMGViUm5URW1KZmVUV3pKOGhZNE1YWG1rQ0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB4BAIAATByAwQAPkzu
AwQAwWxwAwQAwXwHAwQAwXwsAwQAwjokAwQAwjqbAwQAwjrfAwQAwlc1AwQAwld3
AwQAwld+AwQAwlepAwQAwlezAwQAw4UJAwQBw4UYAwQBw4UoAwQBw4UyAwQBw4Vc
AwQA1MDxAwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsF
AAOCAQEAelRBAsqUecZlqRxqty8chMnASIuH4WxYGabYaMtwiTM6ENtt7Xz/hFe5
daKE2Cr2Bcw8WkXN0mTKYLr8YI6iiEBvbsPAGNqhPUL/yBlH9jSYgIlp/1BrzyHt
mQ3LhI2XAMtku+rqRObhJ6nXf2PWySMw9NPJrMGsvourSofI0+ArEuKubmVrHiFt
tN3nVaLPzEjT54EugKz6dJJ3PcSA273nqNFYRROf/QhhmlqpODl+rgAQZeIXbiD0
yQQMRne4mhOG9t9gZZjLsPShFGu9aZi0WjgGOihbuRghNUBnJXna0O9WV5SVGxZp
UAMjz6Ves9hEZitxkAlgqtx/UtQRew==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:10 2025 by rpki-client