Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SVr-e91Z-9YGckzOcc2-PTy8jtY.roa
File: SVr-e91Z-9YGckzOcc2-PTy8jtY.roa (raw, json)
Hash identifier: Bqq3Irl+7EYQEjvd3M7L0cJfOy5FPOc7befbtuVTF7k=
Subject key identifier: 49:5A:FE:7B:DD:59:FB:D6:06:72:4C:CE:71:CD:BE:3D:3C:BC:8E:D6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0195D7C50C245091E5D5A2706C6655C292F5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SVr-e91Z-9YGckzOcc2-PTy8jtY.roa
Signing time: Thu 27 Mar 2025 13:22:49 +0000
ROA not before: Thu 27 Mar 2025 13:22:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.238.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 31 Mar 2025 15:10:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d7:c5:0c:24:50:91:e5:d5:a2:70:6c:66:55:c2:92:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 27 13:22:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=495afe7bdd59fbd606724cce71cdbe3d3cbc8ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d9:5b:36:0d:f2:e3:cc:ba:62:97:73:dc:ed:
c0:c1:e1:3b:8a:de:b1:3a:94:b6:a9:03:90:86:5c:
ac:4f:85:71:20:e1:9e:6f:6a:23:c4:f7:c7:d1:a2:
f3:c6:71:1e:b0:a5:a4:f5:75:93:0e:f2:fa:04:c5:
e2:a9:9c:38:2e:a5:d3:21:bd:3c:03:64:52:81:56:
5e:e1:61:64:44:26:ca:96:a3:e7:b8:bb:c3:ca:5b:
9c:29:9f:a3:1a:b7:a4:a5:07:eb:58:16:bf:43:c8:
27:4b:40:e4:20:22:37:5b:b1:09:03:83:9e:b9:4a:
70:ac:e6:f0:7c:4d:74:24:f7:36:d9:81:a6:a5:df:
99:28:9c:89:b8:88:53:5d:77:4a:40:f1:79:db:81:
86:db:b8:52:56:70:6f:27:95:2b:6a:ee:93:55:16:
6e:c6:26:bd:0f:65:81:74:64:ae:ce:43:c1:17:b8:
5f:3f:52:c7:39:ef:84:2a:3d:3d:ff:88:6a:e0:7e:
d1:90:a6:fe:f7:2f:0d:ab:78:3e:96:37:3d:8d:a0:
cd:60:58:7f:32:4f:08:0e:7f:d4:23:56:33:09:fd:
56:23:21:f3:ad:0a:3f:66:9e:b3:1f:4c:e7:6d:ea:
45:d9:91:38:55:b9:ee:23:a9:ca:1c:29:92:7d:86:
84:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:5A:FE:7B:DD:59:FB:D6:06:72:4C:CE:71:CD:BE:3D:3C:BC:8E:D6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/SVr-e91Z-9YGckzOcc2-PTy8jtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.238.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.169.0/24
194.87.179.0/24
194.87.228.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
5c:8d:67:74:02:8f:56:7c:6b:13:42:df:42:fd:4e:5d:f1:39:
23:ba:fa:91:96:65:f5:38:89:c7:ca:8b:7f:32:c4:0d:0e:2c:
22:c6:12:36:2c:aa:03:83:fd:d6:d2:64:a0:3a:94:a5:52:3b:
a2:f8:25:5a:61:10:92:79:f1:62:ca:89:64:4e:24:31:50:1f:
46:60:68:c7:73:95:60:38:c0:47:b6:ab:f0:bf:9b:54:78:b9:
f5:c1:9d:9e:08:5e:48:28:88:d2:40:59:8a:cf:b4:db:98:a5:
4d:b1:25:51:14:25:ef:ca:a4:3e:6a:da:52:b1:52:2a:d0:8c:
b5:87:1a:fe:5c:d6:83:89:f0:8a:18:84:41:85:87:7a:52:79:
52:15:c0:77:3d:e0:5c:2b:e5:f0:93:0c:3e:50:5e:10:5d:f0:
da:61:b2:6b:5f:a3:c7:d3:54:a1:3b:9f:68:52:0f:51:31:a5:
b1:3e:e5:4b:0f:85:ab:4c:93:bf:d3:d2:fd:57:35:a5:f5:59:
71:8e:f9:35:98:bd:8e:16:19:26:a1:df:ff:9d:19:68:3e:05:
44:83:20:ab:f7:cc:3b:0d:02:6f:87:07:18:ab:e3:d1:8c:b5:
25:6a:b7:db:21:bf:97:08:e3:9e:3b:e4:96:bc:da:5c:b9:db:
07:17:9c:c9
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZXXxQwkUJHl1aJwbGZVwpL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMzI3MTMyMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTVhZmU3YmRkNTlmYmQ2MDY3MjRjY2U3MWNkYmUzZDNjYmM4ZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtlbNg3y48y6Ypdz3O3AweE7it6x
OpS2qQOQhlysT4VxIOGeb2ojxPfH0aLzxnEesKWk9XWTDvL6BMXiqZw4LqXTIb08
A2RSgVZe4WFkRCbKlqPnuLvDylucKZ+jGrekpQfrWBa/Q8gnS0DkICI3W7EJA4Oe
uUpwrObwfE10JPc22YGmpd+ZKJyJuIhTXXdKQPF524GG27hSVnBvJ5Urau6TVRZu
xia9D2WBdGSuzkPBF7hfP1LHOe+EKj09/4hq4H7RkKb+9y8Nq3g+ljc9jaDNYFh/
Mk8IDn/UI1YzCf1WIyHzrQo/Zp6zH0znbepF2ZE4VbnuI6nKHCmSfYaE+wIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFEla/nvdWfvWBnJMznHNvj08vI7WMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvU1ZyLWU5MVotOVlHY2t6T2NjMi1QVHk4anRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBsBAIAATBmAwQAPkzu
AwQAwXwHAwQAwXwsAwQAwjokAwQAwjqbAwQAwjrfAwQAwlc1AwQAwlepAwQAwlez
AwQAwlfkAwQAw4UJAwQBw4UYAwQBw4UoAwQBw4UyAwQBw4VcAwQA1MDxAwQB1MEa
MBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAXI1ndAKP
VnxrE0LfQv1OXfE5I7r6kZZl9TiJx8qLfzLEDQ4sIsYSNiyqA4P91tJkoDqUpVI7
ovglWmEQknnxYsqJZE4kMVAfRmBox3OVYDjAR7ar8L+bVHi59cGdngheSCiI0kBZ
is+025ilTbElURQl78qkPmraUrFSKtCMtYca/lzWg4nwihiEQYWHelJ5UhXAdz3g
XCvl8JMMPlBeEF3w2mGya1+jx9NUoTufaFIPUTGlsT7lSw+Fq0yTv9PS/Vc1pfVZ
cY75NZi9jhYZJqHf/50ZaD4FRIMgq/fMOw0Cb4cHGKvj0Yy1JWq32yG/lwjjnjvk
lrzaXLnbBxecyQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:42:37 2025 by rpki-client