Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PKnTsCjJwNbOokNGnnpr9VReG-A.roa
File: PKnTsCjJwNbOokNGnnpr9VReG-A.roa (raw, json)
Hash identifier: pHKsHyy7oosIenW6GStn/ErpP426xwTrJgzlSv8+rVM=
Subject key identifier: 3C:A9:D3:B0:28:C9:C0:D6:CE:A2:43:46:9E:7A:6B:F5:54:5E:1B:E0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0195421F008657BE8D6D31F839C2DAE5BD82
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PKnTsCjJwNbOokNGnnpr9VReG-A.roa
Signing time: Wed 26 Feb 2025 11:58:02 +0000
ROA not before: Wed 26 Feb 2025 11:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 62.76.230.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.59.0/24 maxlen: 24
194.87.64.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 12:34:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:42:1f:00:86:57:be:8d:6d:31:f8:39:c2:da:e5:bd:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 26 11:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ca9d3b028c9c0d6cea243469e7a6bf5545e1be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3a:b4:e6:9e:15:d7:cf:bc:c0:f7:ba:b1:ca:
b6:47:7f:ca:d0:48:9c:12:b5:33:94:9a:ce:7f:cf:
58:48:08:ac:16:be:a2:8e:c1:15:ad:5b:35:de:11:
c4:e7:12:ed:08:89:6d:e3:08:5b:96:51:c7:83:73:
a1:35:32:7e:f0:05:54:2f:a3:e3:0e:ce:d1:7e:9e:
e9:20:ba:14:78:f3:30:3a:16:18:9c:03:a3:8e:65:
b8:89:65:78:a8:bc:de:ca:5d:ce:08:2a:f8:b6:ca:
58:28:37:f2:f7:8e:29:4d:c7:c3:6d:d1:72:f7:c9:
40:e8:97:40:0e:9a:73:36:4b:30:66:df:7f:6b:45:
7f:56:95:fc:9d:69:cc:7d:85:77:9d:7b:1a:2a:c8:
bd:62:94:44:0b:79:24:6d:06:6b:99:05:a6:18:8c:
0b:5f:69:6e:44:72:c2:b0:2b:01:8e:8a:7f:4b:f8:
a9:49:b4:9a:9b:e7:e7:d8:32:94:89:39:b0:59:70:
3b:dc:8c:eb:8b:61:6b:c5:b9:f3:cb:5c:37:a8:11:
d4:cb:a2:32:11:da:ea:84:83:78:b1:c8:8a:2d:17:
62:8c:0d:f7:d6:cb:65:79:1f:ad:a6:5e:58:1f:cf:
7f:4b:9a:07:96:9f:41:6a:62:33:d3:ef:c8:27:65:
13:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A9:D3:B0:28:C9:C0:D6:CE:A2:43:46:9E:7A:6B:F5:54:5E:1B:E0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PKnTsCjJwNbOokNGnnpr9VReG-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
193.124.90.0/24
194.87.59.0/24
194.87.64.0/24
194.87.75.0/24
195.58.63.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:8b:af:67:4f:04:ef:4a:58:65:89:e2:73:9c:cf:88:b7:9b:
cd:53:80:3a:87:95:99:c7:e4:6b:18:46:5e:f8:d8:3a:f6:6d:
51:44:be:fe:8c:29:b6:26:d1:41:ae:5c:7a:47:ab:15:3c:be:
ba:8b:a7:9a:63:2b:83:04:e1:d5:94:a5:66:ff:cc:9e:b0:3c:
0c:a4:3e:dd:2a:ce:88:e3:60:45:9b:01:98:8c:32:ce:9b:a8:
e2:7c:6b:a0:c6:3c:21:ca:01:6d:bf:37:8f:10:46:30:2e:ec:
0f:13:d6:15:54:1f:31:4c:f1:d7:c8:5f:45:dd:51:e8:74:c3:
33:57:76:e8:b6:fd:42:f9:3a:6d:b2:b2:7e:94:f5:e8:1a:d0:
65:23:58:69:02:04:89:8c:8e:99:f8:f1:6c:65:0e:e5:b9:27:
83:ce:87:06:87:13:34:82:61:04:94:e0:8e:3f:85:db:5c:93:
02:75:1a:0f:18:43:bd:a5:04:37:78:78:61:00:46:e5:6c:7f:
f9:fd:bd:d5:3c:77:6e:75:5e:03:e5:25:fd:00:12:51:3d:69:
c6:aa:19:32:e0:87:6a:7e:05:03:6f:e5:2e:4f:6b:52:8f:37:
b0:fe:e2:67:e0:b6:96:40:2d:ee:a7:55:15:b0:46:fa:9f:d7:
5f:ef:46:d0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZVCHwCGV76NbTH4OcLa5b2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMjI2MTE1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E5ZDNiMDI4YzljMGQ2Y2VhMjQzNDY5ZTdhNmJmNTU0NWUxYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTq05p4V18+8wPe6scq2R3/K0Eic
ErUzlJrOf89YSAisFr6ijsEVrVs13hHE5xLtCIlt4whbllHHg3OhNTJ+8AVUL6Pj
Ds7Rfp7pILoUePMwOhYYnAOjjmW4iWV4qLzeyl3OCCr4tspYKDfy944pTcfDbdFy
98lA6JdADppzNkswZt9/a0V/VpX8nWnMfYV3nXsaKsi9YpREC3kkbQZrmQWmGIwL
X2luRHLCsCsBjop/S/ipSbSam+fn2DKUiTmwWXA73Izri2Frxbnzy1w3qBHUy6Iy
EdrqhIN4sciKLRdijA331stleR+tpl5YH89/S5oHlp9BamIz0+/IJ2UT2QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDyp07AoycDWzqJDRp56a/VUXhvgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUEtuVHNDakp3TmJPb2tOR25ucHI5VlJlRy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPkzmAwQA
wXxaAwQAwlc7AwQAwldAAwQAwldLAwQAwzo/MA0GCSqGSIb3DQEBCwUAA4IBAQBM
i69nTwTvSlhlieJznM+It5vNU4A6h5WZx+RrGEZe+Ng69m1RRL7+jCm2JtFBrlx6
R6sVPL66i6eaYyuDBOHVlKVm/8yesDwMpD7dKs6I42BFmwGYjDLOm6jifGugxjwh
ygFtvzePEEYwLuwPE9YVVB8xTPHXyF9F3VHodMMzV3botv1C+TptsrJ+lPXoGtBl
I1hpAgSJjI6Z+PFsZQ7luSeDzocGhxM0gmEElOCOP4XbXJMCdRoPGEO9pQQ3eHhh
AEblbH/5/b3VPHdudV4D5SX9ABJRPWnGqhky4IdqfgUDb+UuT2tSjzew/uJn4LaW
QC3up1UVsEb6n9df70bQ
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:49:28 2025 by rpki-client