Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2mC5qVJvt16x_2HoDtntGT-29A4.roa
File: 2mC5qVJvt16x_2HoDtntGT-29A4.roa (raw, json)
Hash identifier: /RLOTdIH87Q24E4E8PDMphq03Nxw2fZL8DxobcuUDvM=
Subject key identifier: DA:60:B9:A9:52:6F:B7:5E:B1:FF:61:E8:0E:D9:ED:19:3F:B6:F4:0E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01967B9D54C8F24A6F3C54B2CBBC2B528266
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2mC5qVJvt16x_2HoDtntGT-29A4.roa
Signing time: Mon 28 Apr 2025 08:57:10 +0000
ROA not before: Mon 28 Apr 2025 08:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.229.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
192.124.175.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.8.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 29 Apr 2025 06:56:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:9d:54:c8:f2:4a:6f:3c:54:b2:cb:bc:2b:52:82:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 28 08:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da60b9a9526fb75eb1ff61e80ed9ed193fb6f40e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:97:30:9f:bb:b0:42:2a:e8:84:1e:7a:9d:fe:
a0:f3:ec:96:7e:16:52:45:10:bc:ca:38:cb:d3:07:
be:20:36:52:70:d2:04:d3:04:1e:aa:61:fa:9d:95:
df:fa:80:15:4d:10:b8:f1:cc:e9:8b:6f:12:6e:bf:
cd:0c:b3:55:d8:44:bb:ff:cf:4e:39:25:e6:2a:6d:
f7:ef:68:a9:4e:95:3b:77:0e:f7:ed:2b:61:5f:35:
8f:2e:76:12:77:2f:ab:7a:47:b7:04:da:df:55:c2:
78:05:c9:5d:7d:4c:97:6e:bf:8a:76:48:d7:dd:e3:
0b:97:09:ac:85:2a:74:78:95:6a:b2:7d:9d:6b:c2:
84:a9:28:fa:b4:c8:09:72:0b:98:b7:58:73:a4:c0:
57:a5:e1:3d:d1:51:43:72:63:96:54:2a:9b:64:57:
d6:57:09:fe:6a:24:15:e9:f4:d6:66:4d:a2:b9:b1:
49:e8:ef:1c:cc:e5:2c:5b:d2:84:66:6b:f2:33:da:
e8:21:ea:d1:09:b3:9c:96:e0:eb:69:a0:6d:b5:8c:
7e:b0:31:47:dc:e5:c6:ee:2c:ee:9c:74:af:e3:c4:
57:1e:21:30:f9:88:45:cd:fa:f9:f4:5c:4b:fc:6a:
0f:fe:a1:ad:bb:5d:3d:f7:d4:18:d1:11:38:ba:9f:
0c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:60:B9:A9:52:6F:B7:5E:B1:FF:61:E8:0E:D9:ED:19:3F:B6:F4:0E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2mC5qVJvt16x_2HoDtntGT-29A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.229.0/24
62.76.232.0/24
192.124.175.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.119.0/24
194.87.126.0/24
194.87.169.0/24
194.87.179.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.8.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
34:7e:31:a0:c9:d5:60:55:d9:4c:b1:03:89:a4:2d:31:b9:03:
03:22:e9:5a:1e:d3:7a:82:4a:4d:5c:5a:cb:11:d0:e9:1b:89:
c6:63:ab:b7:12:73:ed:14:cf:14:b9:fe:a9:a5:62:ad:af:30:
7e:24:44:1f:4a:7b:cc:35:31:f1:83:35:c3:26:32:3b:5c:51:
7b:df:ba:ad:2f:73:b9:b5:7b:d3:8a:0d:18:33:42:9a:d4:83:
cb:16:f6:a2:c9:60:1d:83:cf:f5:89:c8:29:96:b7:1a:be:08:
ce:0e:a5:96:d3:05:d1:bd:c3:0d:a0:74:da:9b:00:0e:0b:c9:
fa:fd:df:24:47:bb:c7:66:71:e2:ae:c9:cd:46:c4:ea:16:89:
cd:39:d5:ee:c4:60:2b:cf:ef:20:0c:fe:60:e7:20:b0:aa:23:
6e:27:66:a4:c5:ca:a6:c5:9f:da:84:44:eb:82:50:b9:8f:2a:
40:e2:74:33:da:ae:f2:59:8d:bc:25:03:4c:02:a5:5a:98:ad:
5a:89:f3:d0:9b:0e:43:f0:76:53:39:ff:67:8b:e3:da:b3:ce:
3a:83:fc:d1:c9:bb:9a:3f:d1:27:9b:11:71:02:9b:d4:a7:90:
44:88:34:4b:ed:78:e7:01:e6:ec:75:f1:2d:d0:11:f7:93:87:
c0:33:b5:2f
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZZ7nVTI8kpvPFSyy7wrUoJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDI4MDg1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTYwYjlhOTUyNmZiNzVlYjFmZjYxZTgwZWQ5ZWQxOTNmYjZmNDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZcwn7uwQirohB56nf6g8+yWfhZS
RRC8yjjL0we+IDZScNIE0wQeqmH6nZXf+oAVTRC48czpi28Sbr/NDLNV2ES7/89O
OSXmKm3372ipTpU7dw737SthXzWPLnYSdy+reke3BNrfVcJ4BcldfUyXbr+KdkjX
3eMLlwmshSp0eJVqsn2da8KEqSj6tMgJcguYt1hzpMBXpeE90VFDcmOWVCqbZFfW
Vwn+aiQV6fTWZk2iubFJ6O8czOUsW9KEZmvyM9roIerRCbOcluDraaBttYx+sDFH
3OXG7izunHSv48RXHiEw+YhFzfr59FxL/GoP/qGtu10999QY0RE4up8MOQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFNpgualSb7desf9h6A7Z7Rk/tvQOMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMm1DNXFWSnZ0MTZ4XzJIb0R0bnRHVC0yOUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBhAQCAAEwfgMEAD5M
5QMEAD5M6AMEAMB8rwMEAMF8BwMEAMF8LAMEAMI6JAMEAMI6mwMEAMI63wMEAMJX
NQMEAMJXdwMEAMJXfgMEAMJXqQMEAMJXswMEAMOFCQMEAcOFGAMEAcOFKAMEAcOF
MgMEAcOFXAMEANTA8QMEANTBCAMEAdTBGjAUBAIAAjAOAwUDKgFXwAMFAyoM/0Aw
DQYJKoZIhvcNAQELBQADggEBADR+MaDJ1WBV2UyxA4mkLTG5AwMi6Voe03qCSk1c
WssR0OkbicZjq7cSc+0UzxS5/qmlYq2vMH4kRB9Ke8w1MfGDNcMmMjtcUXvfuq0v
c7m1e9OKDRgzQprUg8sW9qLJYB2Dz/WJyCmWtxq+CM4OpZbTBdG9ww2gdNqbAA4L
yfr93yRHu8dmceKuyc1GxOoWic051e7EYCvP7yAM/mDnILCqI24nZqTFyqbFn9qE
ROuCULmPKkDidDParvJZjbwlA0wCpVqYrVqJ89CbDkPwdlM5/2eL49qzzjqD/NHJ
u5o/0SebEXECm9SnkESINEvteOcB5ux18S3QEfeTh8AztS8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:53:59 2025 by rpki-client