Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D6XPE1wfM6WtaZ-KZXas5Ixa0eQ.roa
File: D6XPE1wfM6WtaZ-KZXas5Ixa0eQ.roa (raw, json)
Hash identifier: AHFtVWg2UoYyyi6gpkcR6xF4pwVPzKSP+GWXwqz2pkg=
Subject key identifier: 0F:A5:CF:13:5C:1F:33:A5:AD:69:9F:8A:65:76:AC:E4:8C:5A:D1:E4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0194CB080048E8346469E52766602B401E43
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D6XPE1wfM6WtaZ-KZXas5Ixa0eQ.roa
Signing time: Mon 03 Feb 2025 08:58:06 +0000
ROA not before: Mon 03 Feb 2025 08:58:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.124.227.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 14 Feb 2025 05:51:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:08:00:48:e8:34:64:69:e5:27:66:60:2b:40:1e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 3 08:58:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fa5cf135c1f33a5ad699f8a6576ace48c5ad1e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a6:75:24:04:12:6f:45:39:3c:f7:f4:51:02:
3c:ea:ba:93:6d:58:61:00:8e:9f:93:fb:1b:e2:7e:
b9:9c:45:29:39:c4:8a:bf:6f:54:d5:2e:e5:73:71:
5a:65:f2:1f:12:9c:fb:df:d3:3d:ee:37:ef:6f:f5:
47:3a:e8:48:b2:be:e2:2b:5b:d0:90:67:19:72:70:
f7:07:e5:c9:ed:95:52:e7:ac:cc:1d:52:8e:26:5f:
7e:28:e8:16:cd:38:48:0c:55:10:12:e9:b0:0b:8c:
03:b9:b5:6a:7c:fa:c9:bb:9f:c4:58:a6:7a:f1:c1:
18:34:b1:1d:3d:e6:21:95:f5:08:e1:b4:a0:85:2f:
f5:25:b2:84:fd:1c:f9:f0:74:b3:b2:96:79:7d:b1:
03:1f:9e:f8:ad:69:f3:a3:1c:97:44:5f:68:81:53:
36:65:89:5c:87:ea:18:6c:38:45:0f:cf:77:a7:7d:
ee:56:85:56:35:b8:1d:5c:0a:5c:34:67:07:f1:37:
31:50:a8:cd:67:e6:50:16:99:4b:f2:69:3f:7d:72:
b6:75:27:0a:91:0a:d8:12:8a:5c:fe:70:63:80:b7:
ee:d3:7a:1b:46:12:8c:c4:8a:47:97:ba:9f:1d:5c:
7b:a6:46:fe:5d:7f:93:39:32:60:dc:91:1b:28:98:
7b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A5:CF:13:5C:1F:33:A5:AD:69:9F:8A:65:76:AC:E4:8C:5A:D1:E4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/D6XPE1wfM6WtaZ-KZXas5Ixa0eQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.227.0/24
194.58.36.0/24
194.58.155.0/24
194.87.169.0/24
194.87.224.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
1d:8c:4f:2a:74:ab:e2:ca:2b:55:c8:31:6a:a4:1c:e9:b8:e4:
2b:a9:e4:55:ac:13:46:bb:16:9f:7a:6d:8c:89:5a:1d:2b:f7:
01:f0:b8:9b:22:90:3f:f9:b8:4a:85:17:d1:38:35:89:31:07:
e3:30:8e:3e:bd:aa:c5:ec:d2:65:31:cb:3d:7d:59:31:8a:8a:
4e:bd:db:6c:20:d5:bf:ca:67:b8:3a:a1:53:67:e5:2b:10:7e:
96:04:30:16:29:8a:fd:0f:d9:6c:f1:36:3d:80:bc:67:01:2f:
54:33:19:9f:c5:4f:dd:ed:0b:4e:37:55:bc:6c:5d:c7:34:a1:
b5:ce:04:f5:90:20:2f:e4:74:a5:75:2b:d7:bc:6a:dd:79:c3:
ab:b5:47:6a:a0:ad:43:d6:c3:9c:0d:d2:5a:2a:8e:f7:22:40:
30:f3:06:dd:df:be:38:6a:54:9b:65:62:16:c3:ca:00:c5:9c:
65:8e:93:72:2c:63:50:de:80:8e:49:fc:95:95:05:4a:cb:85:
8d:a5:e9:64:42:db:65:02:36:44:14:4b:46:04:38:cf:53:8c:
f7:96:75:36:03:c4:13:00:d3:ec:a8:eb:1c:ab:cc:6f:b6:33:
a2:3e:b1:1b:eb:94:70:f3:de:7c:19:47:1d:8b:4a:27:a9:a1:
99:f9:f4:12
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZTLCABI6DRkaeUnZmArQB5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMjAzMDg1ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmE1Y2YxMzVjMWYzM2E1YWQ2OTlmOGE2NTc2YWNlNDhjNWFkMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqZ1JAQSb0U5PPf0UQI86rqTbVhh
AI6fk/sb4n65nEUpOcSKv29U1S7lc3FaZfIfEpz739M97jfvb/VHOuhIsr7iK1vQ
kGcZcnD3B+XJ7ZVS56zMHVKOJl9+KOgWzThIDFUQEumwC4wDubVqfPrJu5/EWKZ6
8cEYNLEdPeYhlfUI4bSghS/1JbKE/Rz58HSzspZ5fbEDH574rWnzoxyXRF9ogVM2
ZYlch+oYbDhFD893p33uVoVWNbgdXApcNGcH8TcxUKjNZ+ZQFplL8mk/fXK2dScK
kQrYEopc/nBjgLfu03obRhKMxIpHl7qfHVx7pkb+XX+TOTJg3JEbKJh7kwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFA+lzxNcHzOlrWmfimV2rOSMWtHkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRDZYUEUxd2ZNNld0YVotS1pYYXM1SXhhMGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQAwXzjAwQA
wjokAwQAwjqbAwQAwlepAwQAwlfgAwQBw4UYAwQBw4UoAwQBw4UyAwQBw4VcAwQB
1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAHYxP
KnSr4sorVcgxaqQc6bjkK6nkVawTRrsWn3ptjIlaHSv3AfC4myKQP/m4SoUX0Tg1
iTEH4zCOPr2qxezSZTHLPX1ZMYqKTr3bbCDVv8pnuDqhU2flKxB+lgQwFimK/Q/Z
bPE2PYC8ZwEvVDMZn8VP3e0LTjdVvGxdxzShtc4E9ZAgL+R0pXUr17xq3XnDq7VH
aqCtQ9bDnA3SWiqO9yJAMPMG3d++OGpUm2ViFsPKAMWcZY6TcixjUN6Ajkn8lZUF
SsuFjaXpZELbZQI2RBRLRgQ4z1OM95Z1NgPEEwDT7KjrHKvMb7Yzoj6xG+uUcPPe
fBlHHYtKJ6mhmfn0Eg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:51:30 2025 by rpki-client