Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5knhkpW5qoALuxslMZkU6vppu70.roa
File: 5knhkpW5qoALuxslMZkU6vppu70.roa (raw, json)
Hash identifier: FxeWDYTl0TpnjOLsaEBwRpBCCYPQQs8+eCUKLR0is0E=
Subject key identifier: E6:49:E1:92:95:B9:AA:80:0B:BB:1B:25:31:99:14:EA:FA:69:BB:BD
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0195ECC15C6BE6E014B56577E759AB2420A9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5knhkpW5qoALuxslMZkU6vppu70.roa
Signing time: Mon 31 Mar 2025 15:10:49 +0000
ROA not before: Mon 31 Mar 2025 15:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.238.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 07 Apr 2025 07:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ec:c1:5c:6b:e6:e0:14:b5:65:77:e7:59:ab:24:20:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 31 15:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e649e19295b9aa800bbb1b25319914eafa69bbbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:ad:9c:0a:6f:b9:2d:23:d3:ff:b5:d6:b8:
05:96:61:b6:b1:7b:5d:48:69:9d:0d:59:97:26:58:
35:10:71:4b:63:01:8c:d4:02:51:46:ba:6d:20:56:
a1:cd:71:e6:cf:68:91:d1:e7:33:6a:89:31:e0:65:
20:f8:4e:a1:a2:94:94:a5:78:04:af:ed:01:e0:f2:
b8:a2:fb:3c:5f:d9:69:cb:fc:6b:9c:83:28:56:d3:
93:b9:c5:51:bf:21:16:e1:f9:ec:a5:c9:99:65:ae:
49:45:2e:6d:0a:28:5a:fe:ec:e4:cb:e9:eb:52:17:
43:c6:02:32:71:75:74:84:d6:b8:72:4f:d1:c8:69:
3f:f0:80:de:aa:5d:42:26:78:14:90:3e:c9:e2:12:
5d:cb:e7:18:ac:21:6b:bf:a8:38:36:e2:b8:f7:d9:
7a:27:39:54:92:37:9a:27:58:64:e6:23:ca:90:12:
85:ba:34:27:ce:fc:de:7b:c1:31:cc:ff:eb:48:76:
a5:8e:12:f2:38:4b:9a:27:5a:0d:84:4b:a0:ae:73:
44:30:8e:ab:82:85:a0:0c:d9:25:4d:a7:c6:94:27:
91:da:9e:c1:30:82:21:17:c6:53:61:43:2a:4c:46:
17:a1:fb:ab:ff:40:a8:88:12:93:ce:a2:77:c6:6e:
d9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:49:E1:92:95:B9:AA:80:0B:BB:1B:25:31:99:14:EA:FA:69:BB:BD
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5knhkpW5qoALuxslMZkU6vppu70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.238.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.162.0/24
194.87.169.0/24
194.87.179.0/24
194.87.228.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
66:34:37:31:54:e4:a4:ef:61:76:9d:41:9c:70:83:3f:39:00:
0f:4f:5c:21:5a:f7:83:9f:0e:7d:92:77:c2:d8:67:cd:31:aa:
7b:16:84:38:f2:ad:d2:38:29:dc:62:8c:3b:94:a1:03:d0:61:
32:f9:a3:a1:0d:46:3e:2c:66:01:bb:18:84:f7:ab:34:58:17:
12:75:a5:2e:db:b9:93:8e:0c:cb:1c:27:e2:25:44:08:ba:10:
41:4a:95:67:73:fb:48:a1:bc:42:76:ca:43:f6:2d:27:da:17:
50:f8:8a:aa:82:8d:44:50:a7:13:69:eb:6e:63:d3:55:cc:23:
1a:57:31:d8:df:46:24:41:28:7e:29:aa:db:0e:cc:d1:3f:63:
ef:1d:1e:34:1d:bb:5d:82:0d:ad:2a:50:b2:ae:8d:ea:6b:e0:
30:08:90:09:46:e5:02:29:78:a9:bb:c7:96:21:c2:c3:6f:12:
c1:72:9b:47:3d:3c:a9:e3:79:de:98:1d:87:4e:f4:15:d5:c0:
73:f9:0f:cd:ff:39:cf:85:8d:6d:43:2c:0d:4a:db:e8:1b:bd:
5c:f0:35:5d:64:d9:7d:66:c3:4d:4b:48:c6:2b:d3:68:49:55:
e2:43:e9:1d:d7:e0:5e:eb:17:82:c1:2a:1b:5d:5f:26:3e:50:
ce:ba:f8:e4
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZXswVxr5uAUtWV351mrJCCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMzMxMTUxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ5ZTE5Mjk1YjlhYTgwMGJiYjFiMjUzMTk5MTRlYWZhNjliYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpetnApvuS0j0/+11rgFlmG2sXtd
SGmdDVmXJlg1EHFLYwGM1AJRRrptIFahzXHmz2iR0eczaokx4GUg+E6hopSUpXgE
r+0B4PK4ovs8X9lpy/xrnIMoVtOTucVRvyEW4fnspcmZZa5JRS5tCiha/uzky+nr
UhdDxgIycXV0hNa4ck/RyGk/8IDeql1CJngUkD7J4hJdy+cYrCFrv6g4NuK499l6
JzlUkjeaJ1hk5iPKkBKFujQnzvzee8ExzP/rSHaljhLyOEuaJ1oNhEugrnNEMI6r
goWgDNklTafGlCeR2p7BMIIhF8ZTYUMqTEYXofur/0CoiBKTzqJ3xm7ZnwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFOZJ4ZKVuaqAC7sbJTGZFOr6abu9MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNWtuaGtwVzVxb0FMdXhzbE1aa1U2dnBwdTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQAPkzu
AwQAwXwHAwQAwXwsAwQAwjokAwQAwjqbAwQAwjrfAwQAwlc1AwQAwleiAwQAwlep
AwQAwlezAwQAwlfkAwQAw4UJAwQBw4UYAwQBw4UoAwQBw4UyAwQBw4VcAwQA1MDx
AwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEA
ZjQ3MVTkpO9hdp1BnHCDPzkAD09cIVr3g58OfZJ3wthnzTGqexaEOPKt0jgp3GKM
O5ShA9BhMvmjoQ1GPixmAbsYhPerNFgXEnWlLtu5k44Myxwn4iVECLoQQUqVZ3P7
SKG8QnbKQ/YtJ9oXUPiKqoKNRFCnE2nrbmPTVcwjGlcx2N9GJEEofimq2w7M0T9j
7x0eNB27XYINrSpQsq6N6mvgMAiQCUblAil4qbvHliHCw28SwXKbRz08qeN53pgd
h070FdXAc/kPzf85z4WNbUMsDUrb6Bu9XPA1XWTZfWbDTUtIxivTaElV4kPpHdfg
XusXgsEqG11fJj5Qzrr45A==
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:25:02 2025 by rpki-client