Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7hIGoWh0PryIjgC_Dhhb1m_RAcE.roa
File: 7hIGoWh0PryIjgC_Dhhb1m_RAcE.roa (raw, json)
Hash identifier: 8kUJyZD8WZup0E/8OrbKORvGjFWNid/dyIqvwRv/u6M=
Subject key identifier: EE:12:06:A1:68:74:3E:BC:88:8E:00:BF:0E:18:5B:D6:6F:D1:01:C1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196A4FD12547C11B64E9029D79A07390FBD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7hIGoWh0PryIjgC_Dhhb1m_RAcE.roa
Signing time: Tue 06 May 2025 09:46:10 +0000
ROA not before: Tue 06 May 2025 09:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 06 May 2025 11:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:fd:12:54:7c:11:b6:4e:90:29:d7:9a:07:39:0f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 6 09:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee1206a168743ebc888e00bf0e185bd66fd101c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a2:25:6f:f6:01:f4:3e:0e:46:b9:d3:02:f8:
aa:77:cd:eb:97:d3:7d:8e:ad:2c:b5:ba:fd:f0:f6:
af:ba:6a:ed:d3:44:ab:a6:70:3b:f1:47:ab:6a:ab:
38:c5:2f:f1:78:05:74:26:27:9f:27:bc:fb:29:58:
90:10:53:cd:5f:cb:eb:ed:49:e6:14:f5:c5:df:cf:
34:8f:38:97:83:5e:21:47:b0:9d:fc:8d:98:41:91:
70:06:60:b8:fb:22:b9:ee:57:31:e6:ad:05:c5:3b:
07:95:cf:96:22:de:50:4a:a2:8c:d9:12:fe:71:14:
94:41:e3:73:2c:e3:99:a9:c7:02:b7:8b:1b:44:ea:
2c:4d:5c:a1:5a:d4:f1:51:3b:73:2f:20:95:83:3a:
9e:10:62:02:0d:df:0e:c1:59:f4:81:fb:d0:18:0e:
7a:c2:39:af:ad:bf:6c:50:ee:25:af:d3:0b:48:e6:
a7:c7:23:3e:e8:66:11:1e:2f:e8:ac:1c:08:79:e0:
5c:c5:26:bc:80:f8:6d:25:10:57:73:34:df:61:f7:
50:84:37:4b:76:95:d5:3a:fd:e4:60:cd:0f:a2:50:
b8:5a:eb:c1:9e:a7:14:e9:43:26:d8:a4:18:ba:7e:
5d:b4:ae:5a:1a:42:f3:ed:7c:26:e5:63:cb:b0:fb:
9d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:12:06:A1:68:74:3E:BC:88:8E:00:BF:0E:18:5B:D6:6F:D1:01:C1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/7hIGoWh0PryIjgC_Dhhb1m_RAcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.58.155.0/24
194.87.53.0/24
194.87.119.0/24
194.87.169.0/24
194.87.179.0/24
195.133.24.0/23
195.133.29.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
7d:c3:18:6b:d7:12:dc:45:ae:07:e7:d5:e1:c7:ca:b7:81:31:
1f:22:fa:83:db:0a:6f:77:aa:b5:5e:58:05:cf:45:a6:95:42:
a6:d3:c2:64:b2:1b:23:a0:9c:e8:38:f9:dc:39:c7:0f:28:12:
56:20:f3:6d:2c:8c:53:44:74:1d:1e:85:9c:b1:56:ac:d3:12:
97:85:d4:59:e2:ef:8d:57:28:d3:d6:33:f4:ce:2a:63:c0:72:
f1:29:7f:d2:fa:82:c9:ee:b1:92:96:87:50:23:14:4e:fa:93:
0c:70:e8:fb:e1:7c:55:ab:52:30:49:ea:a1:65:b6:e1:20:dd:
16:ce:04:24:af:05:0e:2d:01:97:43:c2:40:9f:83:3f:99:4d:
d9:a4:47:96:dc:08:78:6a:76:ff:1b:47:05:c0:99:c0:2d:a0:
19:7a:90:a4:9c:16:63:a9:d5:2a:e8:11:d4:46:a9:c9:24:ff:
5c:9f:10:ae:8d:ad:be:ba:a8:00:13:f9:bc:f0:4b:a7:26:96:
98:9d:6a:4a:55:99:83:49:7a:a8:71:79:47:a6:2d:bb:46:9b:
72:4e:83:ca:b7:39:2b:d1:c6:dc:ec:a0:e9:5e:65:d3:3f:11:
bd:1f:a3:23:b2:75:01:15:f4:58:0a:68:de:8d:c9:7d:2f:86:
f7:9e:55:f8
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZak/RJUfBG2TpAp15oHOQ+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTA2MDk0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTEyMDZhMTY4NzQzZWJjODg4ZTAwYmYwZTE4NWJkNjZmZDEwMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaIlb/YB9D4ORrnTAviqd83rl9N9
jq0stbr98Pavumrt00SrpnA78Ueraqs4xS/xeAV0JiefJ7z7KViQEFPNX8vr7Unm
FPXF3880jziXg14hR7Cd/I2YQZFwBmC4+yK57lcx5q0FxTsHlc+WIt5QSqKM2RL+
cRSUQeNzLOOZqccCt4sbROosTVyhWtTxUTtzLyCVgzqeEGICDd8OwVn0gfvQGA56
wjmvrb9sUO4lr9MLSOanxyM+6GYRHi/orBwIeeBcxSa8gPhtJRBXczTfYfdQhDdL
dpXVOv3kYM0PolC4WuvBnqcU6UMm2KQYun5dtK5aGkLz7Xwm5WPLsPud3wIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFO4SBqFodD68iI4Avw4YW9Zv0QHBMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvN2hJR29XaDBQcnlJamdDX0RoaGIxbV9SQWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQAwXwHAwQA
wjqbAwQAwlc1AwQAwld3AwQAwlepAwQAwlezAwQBw4UYAwQAw4UdAwQBw4UoAwQB
w4UyAwQBw4VcAwQA1MDxAwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkq
hkiG9w0BAQsFAAOCAQEAfcMYa9cS3EWuB+fV4cfKt4ExHyL6g9sKb3eqtV5YBc9F
ppVCptPCZLIbI6Cc6Dj53DnHDygSViDzbSyMU0R0HR6FnLFWrNMSl4XUWeLvjVco
09Yz9M4qY8By8Sl/0vqCye6xkpaHUCMUTvqTDHDo++F8VatSMEnqoWW24SDdFs4E
JK8FDi0Bl0PCQJ+DP5lN2aRHltwIeGp2/xtHBcCZwC2gGXqQpJwWY6nVKugR1Eap
yST/XJ8Qro2tvrqoABP5vPBLpyaWmJ1qSlWZg0l6qHF5R6Ytu0abck6Dyrc5K9HG
3Oyg6V5l0z8RvR+jI7J1ARX0WApo3o3JfS+G955V+A==
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:12:05 2025 by rpki-client