Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_0KFndrBNfig6UzfzFLi5QeyLoQ.roa
File: _0KFndrBNfig6UzfzFLi5QeyLoQ.roa (raw, json)
Hash identifier: 2Xm7TDlu1c+e8fVNms8IbO+vAlXEOFDkZIcDXYoRnzU=
Subject key identifier: FF:42:85:9D:DA:C1:35:F8:A0:E9:4C:DF:CC:52:E2:E5:07:B2:2E:84
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01964417C520C97BB8A487422A18030F1E9C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_0KFndrBNfig6UzfzFLi5QeyLoQ.roa
Signing time: Thu 17 Apr 2025 14:12:10 +0000
ROA not before: Thu 17 Apr 2025 14:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 18 Apr 2025 12:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:44:17:c5:20:c9:7b:b8:a4:87:42:2a:18:03:0f:1e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 17 14:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff42859ddac135f8a0e94cdfcc52e2e507b22e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d0:94:e1:c8:ef:2c:ce:41:3c:54:1f:d9:71:
f5:d3:0f:10:35:4c:2c:91:26:f1:cc:f1:e4:6e:94:
ae:11:0c:3a:07:dc:5a:e9:07:93:b2:84:f2:41:70:
55:4a:4d:96:81:50:69:fd:bf:d7:83:fd:77:a1:4a:
2c:5a:ed:4f:76:f8:df:8c:7f:72:28:08:90:c4:59:
73:95:4a:b6:a1:82:cf:75:20:d7:a5:e5:21:49:f6:
31:bb:c8:e0:7f:d4:fb:71:0d:4f:75:8d:91:cb:bd:
96:48:55:cc:d5:d7:cb:31:b3:3d:81:52:ed:9e:e0:
ee:18:d5:b3:e2:76:d4:bb:7f:7d:17:ea:ce:6f:8a:
29:2e:51:52:7a:67:09:3f:0a:93:24:b9:91:34:71:
10:b3:d7:79:6e:51:e0:c3:b9:c5:1e:89:8d:ff:55:
ef:30:cb:f1:23:b7:6c:ee:b7:65:b7:2c:8d:c9:49:
28:5a:04:16:38:f5:38:a3:cc:60:bb:49:14:ac:1f:
47:ac:1d:8c:11:c2:dd:60:bf:59:b1:a9:b3:79:d1:
f2:84:23:93:33:f5:1c:ba:ee:13:88:b8:15:6a:0e:
01:ab:f5:e4:3b:75:0d:4a:5a:ea:66:b9:32:11:b2:
e8:12:d9:07:03:2a:64:56:b9:29:ac:1f:6a:29:f9:
77:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:42:85:9D:DA:C1:35:F8:A0:E9:4C:DF:CC:52:E2:E5:07:B2:2E:84
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/_0KFndrBNfig6UzfzFLi5QeyLoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.119.0/24
194.87.126.0/24
194.87.169.0/24
194.87.179.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
6a:3e:ea:c4:3f:4e:3f:2c:60:07:e2:31:d4:08:eb:0f:99:c4:
a7:1a:1e:87:c1:ad:f3:46:af:7c:37:c2:f7:f6:a7:d7:e3:c9:
ee:38:09:e0:40:ff:7e:18:8a:e9:41:9f:3f:e0:11:65:43:3e:
dd:a4:94:82:6e:30:3b:8b:59:95:24:44:0b:59:95:af:bd:14:
31:fc:7c:b9:9b:6a:68:63:73:5a:b5:04:8e:de:35:68:89:96:
7b:80:d1:d8:7a:9e:1c:13:21:8b:29:1a:19:2c:2b:84:5b:86:
3f:bd:98:a2:75:54:03:d8:e2:20:40:50:92:f7:ab:c0:55:7f:
c5:f1:87:15:e2:7c:db:c3:a1:0b:95:23:0a:b1:54:95:73:80:
04:ab:98:d9:7d:f0:bd:f8:ef:3f:d6:7b:5a:64:0a:f3:59:3b:
f9:e1:38:36:ca:dc:e7:dd:54:e7:1b:85:1a:3c:be:d5:e7:c2:
ff:39:be:11:35:73:63:fb:71:38:97:25:03:a9:bc:3f:55:35:
db:75:ea:88:60:2a:78:5a:39:da:c8:95:57:18:1e:39:4c:1b:
1e:90:ba:ca:e9:89:d7:49:66:84:e9:17:cb:7e:54:2e:fe:49:
92:7b:1c:3a:c6:86:aa:1a:1f:7b:5b:19:1a:4e:1b:ae:3b:2b:
a7:b7:9a:48
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZZEF8UgyXu4pIdCKhgDDx6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDE3MTQxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQyODU5ZGRhYzEzNWY4YTBlOTRjZGZjYzUyZTJlNTA3YjIyZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9CU4cjvLM5BPFQf2XH10w8QNUws
kSbxzPHkbpSuEQw6B9xa6QeTsoTyQXBVSk2WgVBp/b/Xg/13oUosWu1PdvjfjH9y
KAiQxFlzlUq2oYLPdSDXpeUhSfYxu8jgf9T7cQ1PdY2Ry72WSFXM1dfLMbM9gVLt
nuDuGNWz4nbUu399F+rOb4opLlFSemcJPwqTJLmRNHEQs9d5blHgw7nFHomN/1Xv
MMvxI7ds7rdltyyNyUkoWgQWOPU4o8xgu0kUrB9HrB2MEcLdYL9ZsamzedHyhCOT
M/Ucuu4TiLgVag4Bq/XkO3UNSlrqZrkyEbLoEtkHAypkVrkprB9qKfl3XQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFP9ChZ3awTX4oOlM38xS4uUHsi6EMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvXzBLRm5kckJOZmlnNlV6ZnpGTGk1UWV5TG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBsBAIAATBmAwQAwXwH
AwQAwXwsAwQAwjokAwQAwjqbAwQAwjrfAwQAwlc1AwQAwld3AwQAwld+AwQAwlep
AwQAwlezAwQAw4UJAwQBw4UYAwQBw4UoAwQBw4UyAwQBw4VcAwQA1MDxAwQB1MEa
MBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAaj7qxD9O
PyxgB+Ix1AjrD5nEpxoeh8Gt80avfDfC9/an1+PJ7jgJ4ED/fhiK6UGfP+ARZUM+
3aSUgm4wO4tZlSREC1mVr70UMfx8uZtqaGNzWrUEjt41aImWe4DR2HqeHBMhiyka
GSwrhFuGP72YonVUA9jiIEBQkverwFV/xfGHFeJ828OhC5UjCrFUlXOABKuY2X3w
vfjvP9Z7WmQK81k7+eE4Nsrc591U5xuFGjy+1efC/zm+ETVzY/txOJclA6m8P1U1
23XqiGAqeFo52siVVxgeOUwbHpC6yumJ10lmhOkXy35ULv5JknscOsaGqhofe1sZ
Gk4brjsrp7eaSA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:28:39 2025 by rpki-client