Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cmEL41lOjeuuUyXgN7j-tkD0o9M.roa
File: cmEL41lOjeuuUyXgN7j-tkD0o9M.roa (raw, json)
Hash identifier: 2Uvp2XydNdUoX21R6BGKEVBlB7lRCfE3M5E8KAghNaU=
Subject key identifier: 72:61:0B:E3:59:4E:8D:EB:AE:53:25:E0:37:B8:FE:B6:40:F4:A3:D3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0195B917A7B5A27A209F62923D9C0DE8FD06
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cmEL41lOjeuuUyXgN7j-tkD0o9M.roa
Signing time: Fri 21 Mar 2025 14:24:49 +0000
ROA not before: Fri 21 Mar 2025 14:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.238.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 25 Mar 2025 14:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:17:a7:b5:a2:7a:20:9f:62:92:3d:9c:0d:e8:fd:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 21 14:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72610be3594e8debae5325e037b8feb640f4a3d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:84:83:b6:92:8c:0a:53:b2:5a:df:4c:60:ae:
84:6f:89:fa:83:01:ba:65:82:cf:9c:76:22:02:e3:
9c:ae:1c:49:53:d7:16:dc:29:37:14:a7:6d:5b:03:
70:80:9c:31:57:74:a4:0e:94:0c:4e:13:48:d2:d9:
11:78:e1:73:27:48:af:01:eb:4d:ee:15:91:3f:75:
84:51:34:e6:9a:f8:08:4a:0d:7e:ab:39:4d:08:67:
23:78:ac:d7:5c:15:fc:4d:e1:b0:e5:63:8c:a7:c2:
9c:d0:29:c5:9e:c6:23:43:79:3a:0b:0f:4f:fe:c7:
b1:8c:9b:0b:37:67:81:32:60:37:ff:74:0f:5d:f0:
e1:a4:f4:d4:52:7d:5a:d2:9a:19:29:df:0b:44:d5:
fb:73:f8:c4:35:cc:d7:e1:e0:da:a6:39:4a:6f:aa:
36:e1:74:1d:41:99:ac:0f:60:86:8b:96:2e:63:3b:
8f:e1:23:f3:75:84:de:89:0d:95:8f:ca:b6:06:7a:
ff:93:55:41:51:c2:ca:1d:f5:78:21:02:dd:d6:8e:
2d:6e:32:1f:aa:46:b4:57:ff:83:dd:d9:51:72:33:
9d:65:53:36:a3:1e:6e:87:63:73:cb:f7:1f:3f:a4:
9b:f6:4c:53:37:f6:a8:ac:a2:ea:ca:08:2c:78:94:
96:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:61:0B:E3:59:4E:8D:EB:AE:53:25:E0:37:B8:FE:B6:40:F4:A3:D3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cmEL41lOjeuuUyXgN7j-tkD0o9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.238.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.169.0/24
194.87.179.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
41:b6:bd:6e:ba:ba:e3:ac:e7:54:be:c6:4e:a3:a1:0a:8c:fd:
78:fd:02:d2:04:32:af:f4:c6:e9:40:e8:83:1b:6b:41:c4:d5:
8e:c7:78:c1:f8:2f:c0:28:1d:ba:ce:75:14:4d:73:bf:1a:60:
c3:a9:07:1f:95:b0:19:82:e0:d2:4a:c0:51:df:3e:da:ed:89:
55:ca:04:08:4e:2e:90:31:bf:4b:99:a3:8c:35:9a:a7:94:ad:
6b:d8:80:db:01:58:52:e3:eb:da:34:68:38:4e:ea:9e:25:d3:
de:99:43:f1:81:25:0d:7c:fa:71:c9:0b:90:af:72:f5:bc:b9:
06:38:34:a0:2c:d5:2c:b9:37:e1:19:4b:ed:43:56:72:1c:6a:
fb:d0:62:17:c3:31:80:9d:a2:d6:b1:67:ab:40:b1:89:89:2a:
3f:a0:a2:7c:c1:6b:c6:a7:e5:ec:1c:57:23:a9:85:7b:45:9f:
1c:a6:de:fc:7f:04:92:6a:93:13:f9:10:bb:5c:cf:e4:91:8e:
50:26:7c:6a:c0:5c:76:68:4e:43:31:38:a0:8b:9f:b2:65:e6:
c5:14:fb:36:48:d1:3a:f8:2f:8a:e0:69:07:2e:63:ac:0b:36:
9b:ce:d7:6e:8c:79:69:6a:9e:0b:36:27:f0:7a:4c:3a:18:32:
67:e8:39:54
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZW5F6e1onogn2KSPZwN6P0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMzIxMTQyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjYxMGJlMzU5NGU4ZGViYWU1MzI1ZTAzN2I4ZmViNjQwZjRhM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYSDtpKMClOyWt9MYK6Eb4n6gwG6
ZYLPnHYiAuOcrhxJU9cW3Ck3FKdtWwNwgJwxV3SkDpQMThNI0tkReOFzJ0ivAetN
7hWRP3WEUTTmmvgISg1+qzlNCGcjeKzXXBX8TeGw5WOMp8Kc0CnFnsYjQ3k6Cw9P
/sexjJsLN2eBMmA3/3QPXfDhpPTUUn1a0poZKd8LRNX7c/jENczX4eDapjlKb6o2
4XQdQZmsD2CGi5YuYzuP4SPzdYTeiQ2Vj8q2Bnr/k1VBUcLKHfV4IQLd1o4tbjIf
qka0V/+D3dlRcjOdZVM2ox5uh2Nzy/cfP6Sb9kxTN/aorKLqyggseJSWCQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFHJhC+NZTo3rrlMl4De4/rZA9KPTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY21FTDQxbE9qZXV1VXlYZ043ai10a0QwbzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwYAQCAAEwWgMEAD5M7gME
AMF8BwMEAMF8LAMEAMI6JAMEAMI6mwMEAMI63wMEAMJXNQMEAMJXqQMEAMJXswME
AMOFCQMEAcOFGAMEAcOFKAMEAcOFMgMEAcOFXAMEAdTBGjAUBAIAAjAOAwUDKgFX
wAMFAyoM/0AwDQYJKoZIhvcNAQELBQADggEBAEG2vW66uuOs51S+xk6joQqM/Xj9
AtIEMq/0xulA6IMba0HE1Y7HeMH4L8AoHbrOdRRNc78aYMOpBx+VsBmC4NJKwFHf
PtrtiVXKBAhOLpAxv0uZo4w1mqeUrWvYgNsBWFLj69o0aDhO6p4l096ZQ/GBJQ18
+nHJC5CvcvW8uQY4NKAs1Sy5N+EZS+1DVnIcavvQYhfDMYCdotaxZ6tAsYmJKj+g
onzBa8an5ewcVyOphXtFnxym3vx/BJJqkxP5ELtcz+SRjlAmfGrAXHZoTkMxOKCL
n7Jl5sUU+zZI0Tr4L4rgaQcuY6wLNpvO126MeWlqngs2J/B6TDoYMmfoOVQ=
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:36:29 2025 by rpki-client