Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZjXSHOEz0bjFKLXV1q8Hk09D4gw.roa
File: ZjXSHOEz0bjFKLXV1q8Hk09D4gw.roa (raw, json)
Hash identifier: DcYbZ6mqSbv3NWNqaqDrck7cRKkO0p9jYU6SstelCX0=
Subject key identifier: 66:35:D2:1C:E1:33:D1:B8:C5:28:B5:D5:D6:AF:07:93:4F:43:E2:0C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01960F3A21609A32F8434DAD0D1D86C28586
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZjXSHOEz0bjFKLXV1q8Hk09D4gw.roa
Signing time: Mon 07 Apr 2025 07:49:49 +0000
ROA not before: Mon 07 Apr 2025 07:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.238.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 07 Apr 2025 12:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:3a:21:60:9a:32:f8:43:4d:ad:0d:1d:86:c2:85:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 7 07:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6635d21ce133d1b8c528b5d5d6af07934f43e20c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fb:84:dc:fb:2a:a4:c6:53:dc:e4:e2:83:5a:
bb:65:a9:73:f5:39:2a:95:26:c8:4d:6a:57:4c:79:
d0:31:d1:62:62:1c:e0:31:f7:c1:a5:96:a9:48:66:
f3:b0:75:ee:7e:d9:62:a7:18:43:59:a4:21:b8:d1:
b2:27:43:64:1d:9b:a8:a0:f9:7d:0e:99:0b:da:60:
11:77:f8:e3:74:76:50:ab:72:9c:ab:bf:b4:b7:d4:
7b:b1:27:d2:e9:d5:71:7e:f3:21:82:66:84:eb:09:
d8:f2:94:80:a8:6e:f5:f9:d8:97:da:60:db:35:ab:
66:cc:b2:a2:e7:bd:af:ea:07:13:12:cf:cc:7b:37:
a6:96:f6:bc:6b:75:7a:6f:6b:15:c1:b4:c2:21:0f:
1f:fb:44:46:ad:6d:4a:58:d1:07:86:52:3d:99:a6:
34:ed:b9:a2:53:e1:ac:03:b7:ea:17:5e:72:7d:93:
4e:ca:65:ce:84:d2:9e:a8:97:7d:f6:d4:c5:a2:7c:
72:2e:5e:a2:86:dc:69:dd:9f:88:fd:0a:79:89:2c:
d4:64:39:a4:43:70:b7:8b:db:21:47:76:38:d8:d3:
ba:03:ca:58:21:cf:c4:6b:56:8d:14:eb:b8:c6:a0:
cd:2f:b6:46:b0:d4:fd:17:04:61:c7:83:61:e8:29:
10:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:35:D2:1C:E1:33:D1:B8:C5:28:B5:D5:D6:AF:07:93:4F:43:E2:0C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZjXSHOEz0bjFKLXV1q8Hk09D4gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.238.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.119.0/24
194.87.162.0/24
194.87.169.0/24
194.87.179.0/24
194.87.228.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
16:40:22:9a:f1:e3:0a:0a:fd:5b:e1:65:28:f0:80:1f:65:44:
6d:02:7a:b3:9c:bf:0a:b2:fa:9f:c7:06:08:98:8f:a5:b7:5a:
a7:da:77:e2:20:24:91:02:a6:1e:a7:57:fd:6f:4b:37:46:90:
a6:c0:95:b3:7e:e5:cd:90:10:bf:10:78:a8:02:d6:be:81:de:
e8:d1:0d:68:87:4a:da:ad:68:bf:f6:00:98:15:71:79:24:44:
de:eb:34:2c:6f:36:2a:3f:ac:19:50:50:88:5a:91:d2:ea:9f:
c6:c7:80:2f:2c:ff:e9:dc:2a:ad:9a:f4:ab:a6:88:f4:1a:8a:
fc:7e:38:26:7a:bf:de:64:93:b5:d1:ac:79:9c:e0:9f:d3:0c:
ce:31:0c:1b:b5:cc:e6:aa:9f:7d:8f:ec:ca:05:5a:4b:fd:a4:
ee:cc:48:e1:fc:1b:8e:02:3d:a7:a3:c6:de:f6:1e:1d:4c:7b:
d8:b0:7c:34:eb:f8:cb:f1:8b:dc:1e:b4:84:97:a9:b4:1c:24:
5e:63:a4:4f:4f:8f:bf:bd:ae:34:bb:f4:04:8a:6c:3b:02:c2:
82:de:b5:0a:34:bf:c6:24:2d:04:fa:79:11:57:f5:40:70:0d:
13:83:17:0f:e4:76:c6:c3:61:9c:d2:00:6e:37:ba:f1:3b:43:
fd:40:19:ee
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZYPOiFgmjL4Q02tDR2GwoWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDA3MDc0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjM1ZDIxY2UxMzNkMWI4YzUyOGI1ZDVkNmFmMDc5MzRmNDNlMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvuE3PsqpMZT3OTig1q7Zalz9Tkq
lSbITWpXTHnQMdFiYhzgMffBpZapSGbzsHXuftlipxhDWaQhuNGyJ0NkHZuooPl9
DpkL2mARd/jjdHZQq3Kcq7+0t9R7sSfS6dVxfvMhgmaE6wnY8pSAqG71+diX2mDb
NatmzLKi572v6gcTEs/Mezemlva8a3V6b2sVwbTCIQ8f+0RGrW1KWNEHhlI9maY0
7bmiU+GsA7fqF15yfZNOymXOhNKeqJd99tTFonxyLl6ihtxp3Z+I/Qp5iSzUZDmk
Q3C3i9shR3Y42NO6A8pYIc/Ea1aNFOu4xqDNL7ZGsNT9FwRhx4Nh6CkQjwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFGY10hzhM9G4xSi11davB5NPQ+IMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWmpYU0hPRXowYmpGS0xYVjFxOEhrMDlENGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB4BAIAATByAwQAPkzu
AwQAwXwHAwQAwXwsAwQAwjokAwQAwjqbAwQAwjrfAwQAwlc1AwQAwld3AwQAwlei
AwQAwlepAwQAwlezAwQAwlfkAwQAw4UJAwQBw4UYAwQBw4UoAwQBw4UyAwQBw4Vc
AwQA1MDxAwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsF
AAOCAQEAFkAimvHjCgr9W+FlKPCAH2VEbQJ6s5y/CrL6n8cGCJiPpbdap9p34iAk
kQKmHqdX/W9LN0aQpsCVs37lzZAQvxB4qALWvoHe6NENaIdK2q1ov/YAmBVxeSRE
3us0LG82Kj+sGVBQiFqR0uqfxseALyz/6dwqrZr0q6aI9BqK/H44Jnq/3mSTtdGs
eZzgn9MMzjEMG7XM5qqffY/sygVaS/2k7sxI4fwbjgI9p6PG3vYeHUx72LB8NOv4
y/GL3B60hJeptBwkXmOkT0+Pv72uNLv0BIpsOwLCgt61CjS/xiQtBPp5EVf1QHAN
E4MXD+R2xsNhnNIAbje68TtD/UAZ7g==
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:12:25 2025 by rpki-client