Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iahBXEa_wv3QJ12Dv8GFXbM40xc.roa
File: iahBXEa_wv3QJ12Dv8GFXbM40xc.roa (raw, json)
Hash identifier: rIiYVvnvyO1SsjMRnFvI8wXq5whaQk9bcE7plHARY2w=
Subject key identifier: 89:A8:41:5C:46:BF:C2:FD:D0:27:5D:83:BF:C1:85:5D:B3:38:D3:17
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019648C631777A4A413D1B6D44A8576280D3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iahBXEa_wv3QJ12Dv8GFXbM40xc.roa
Signing time: Fri 18 Apr 2025 12:01:10 +0000
ROA not before: Fri 18 Apr 2025 12:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 192.124.175.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 23 Apr 2025 08:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:c6:31:77:7a:4a:41:3d:1b:6d:44:a8:57:62:80:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 18 12:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89a8415c46bfc2fdd0275d83bfc1855db338d317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9f:e2:67:af:14:56:cd:ea:26:49:5f:1d:13:
e0:fd:6f:9a:5e:18:cc:9f:18:f6:a2:e0:a3:25:12:
0a:06:da:be:a1:b6:06:5e:38:1f:f6:4a:1a:61:44:
dc:26:9a:be:4e:bc:c6:bd:21:39:0c:d1:c3:f7:cc:
fb:51:ae:fc:1d:40:46:69:af:5a:fc:ca:15:1b:3b:
03:03:6e:52:49:81:5c:2c:00:23:81:da:68:a6:63:
9a:41:1d:8f:1e:53:8a:70:c1:ca:27:8b:c9:79:6e:
fb:d7:f3:67:bf:c0:fa:3a:11:4a:51:a1:f3:3a:6b:
2a:15:db:86:a6:86:27:2b:60:24:d3:82:16:f7:6b:
f7:32:33:ac:30:8f:d8:cf:77:8e:82:66:37:cc:95:
72:85:04:c1:8c:b5:59:99:fd:aa:48:ea:bf:18:59:
a5:27:e1:cc:65:6d:a4:61:65:f0:eb:d6:91:8c:ed:
af:8f:30:f1:2e:ee:f2:35:cd:e8:c8:2f:5e:4b:24:
db:d4:86:9a:76:54:c3:df:65:d1:36:e8:85:6b:11:
90:49:ca:f6:84:bc:51:4a:b2:03:dc:3b:ec:d4:3a:
9e:20:57:09:3f:96:c7:58:94:78:85:5e:5e:c1:c4:
e0:82:a9:54:20:90:69:11:b9:50:8b:fc:33:27:c7:
e7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A8:41:5C:46:BF:C2:FD:D0:27:5D:83:BF:C1:85:5D:B3:38:D3:17
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/iahBXEa_wv3QJ12Dv8GFXbM40xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.175.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.119.0/24
194.87.126.0/24
194.87.169.0/24
194.87.179.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
84:25:38:52:38:c1:16:01:3a:ca:72:97:b8:d9:65:ad:ff:35:
c0:be:06:0c:09:9d:60:c6:4d:fc:f8:eb:31:9a:4f:9b:a4:a4:
d7:e5:87:63:a1:eb:b9:aa:91:f6:70:89:09:52:53:f7:cc:e0:
43:63:19:1e:b7:61:21:be:db:41:7c:3d:e7:e8:13:06:38:92:
9f:3f:6c:64:16:a4:96:3a:5f:6f:8e:c9:5b:96:b9:79:86:b3:
b1:13:79:01:76:f5:5e:c3:24:50:a3:8b:c0:38:6a:0a:11:f9:
4d:2d:91:ee:81:44:73:95:02:c3:ac:a3:cc:10:bc:a7:b4:3f:
d7:97:46:b7:66:32:39:01:1b:26:84:bf:af:03:c9:68:10:18:
41:52:f0:a2:5e:8b:fa:40:a1:c6:62:8d:8d:45:97:f7:56:a0:
3b:ad:0d:4f:a6:ff:46:78:48:47:0a:94:ab:62:b1:8d:6e:6c:
a4:8f:41:2f:cc:e4:c5:61:a1:c9:f3:00:12:cc:3b:72:6d:80:
fa:b3:19:92:df:10:22:24:72:65:12:ff:ce:2a:06:4d:58:1f:
51:05:71:86:49:ab:e6:d8:dc:d9:51:a6:2d:68:f0:d6:57:78:
21:1e:d2:7b:2b:3b:3b:04:1e:29:06:ad:6a:78:63:31:61:e0:
90:ff:64:da
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZZIxjF3ekpBPRttRKhXYoDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDE4MTIwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE4NDE1YzQ2YmZjMmZkZDAyNzVkODNiZmMxODU1ZGIzMzhkMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZ/iZ68UVs3qJklfHRPg/W+aXhjM
nxj2ouCjJRIKBtq+obYGXjgf9koaYUTcJpq+TrzGvSE5DNHD98z7Ua78HUBGaa9a
/MoVGzsDA25SSYFcLAAjgdpopmOaQR2PHlOKcMHKJ4vJeW771/Nnv8D6OhFKUaHz
OmsqFduGpoYnK2Ak04IW92v3MjOsMI/Yz3eOgmY3zJVyhQTBjLVZmf2qSOq/GFml
J+HMZW2kYWXw69aRjO2vjzDxLu7yNc3oyC9eSyTb1IaadlTD32XRNuiFaxGQScr2
hLxRSrID3Dvs1DqeIFcJP5bHWJR4hV5ewcTggqlUIJBpEblQi/wzJ8fnxwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFImoQVxGv8L90Cddg7/BhV2zONMXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaWFoQlhFYV93djNRSjEyRHY4R0ZYYk00MHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQAwHyv
AwQAwXwHAwQAwXwsAwQAwjokAwQAwjqbAwQAwjrfAwQAwlc1AwQAwld3AwQAwld+
AwQAwlepAwQAwlezAwQAw4UJAwQBw4UYAwQBw4UoAwQBw4UyAwQBw4VcAwQA1MDx
AwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEA
hCU4UjjBFgE6ynKXuNllrf81wL4GDAmdYMZN/PjrMZpPm6Sk1+WHY6HruaqR9nCJ
CVJT98zgQ2MZHrdhIb7bQXw95+gTBjiSnz9sZBakljpfb47JW5a5eYazsRN5AXb1
XsMkUKOLwDhqChH5TS2R7oFEc5UCw6yjzBC8p7Q/15dGt2YyOQEbJoS/rwPJaBAY
QVLwol6L+kChxmKNjUWX91agO60NT6b/RnhIRwqUq2KxjW5spI9BL8zkxWGhyfMA
Esw7cm2A+rMZkt8QIiRyZRL/zioGTVgfUQVxhkmr5tjc2VGmLWjw1ld4IR7Seys7
OwQeKQatanhjMWHgkP9k2g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:07:27 2025 by rpki-client