Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pkvJ3FGxCD59KeIjTipu4_Ddm54.roa
File: pkvJ3FGxCD59KeIjTipu4_Ddm54.roa (raw, json)
Hash identifier: Vtaj6DtYfl2EfA2Ehvm6ugJrvFY4U1ih8G1dgry50ak=
Subject key identifier: A6:4B:C9:DC:51:B1:08:3E:7D:29:E2:23:4E:2A:6E:E3:F0:DD:9B:9E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0197393AB40EA00B1A4FA4C1AE05F630DC37
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pkvJ3FGxCD59KeIjTipu4_Ddm54.roa
Signing time: Wed 04 Jun 2025 04:37:17 +0000
ROA not before: Wed 04 Jun 2025 04:37:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51659
IP address blocks: 194.87.68.0/22 maxlen: 22
194.87.68.0/23 maxlen: 23
194.87.70.0/24 maxlen: 24
194.87.106.0/24 maxlen: 24
194.87.196.0/23 maxlen: 23
195.58.48.0/23 maxlen: 23
195.133.5.0/24 maxlen: 24
195.133.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 04:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:39:3a:b4:0e:a0:0b:1a:4f:a4:c1:ae:05:f6:30:dc:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 4 04:37:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a64bc9dc51b1083e7d29e2234e2a6ee3f0dd9b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:55:64:f9:e6:44:a9:e0:6d:2e:4f:93:d2:ac:
b9:84:6e:d5:3a:86:05:b7:eb:30:30:0f:a0:f3:8c:
ae:0b:f7:94:a1:6d:ad:0b:3e:48:68:df:9b:f3:22:
42:07:66:0c:e8:e7:5f:17:1a:aa:ea:8e:6c:82:2d:
7e:8d:db:d2:b9:47:ff:0f:df:dd:e4:36:4b:98:b5:
53:5d:45:2a:4e:e8:2d:6b:4e:91:4d:6b:ee:48:8a:
be:84:c5:15:87:4e:e4:85:97:5e:60:5b:57:2f:ea:
43:1d:d4:48:4b:74:eb:51:f1:7d:72:f4:c0:6b:cb:
6d:7f:cf:35:69:2a:5a:3a:31:39:a5:30:36:70:b5:
5a:93:96:6f:41:ff:07:77:b1:9e:76:ed:66:cb:0d:
85:05:7c:ca:da:26:68:cf:fd:40:46:e8:22:ef:0a:
5e:50:71:10:8a:a8:a7:d2:73:bb:96:27:08:46:c8:
64:8a:0e:4d:db:47:be:f9:ac:e8:7c:72:06:f7:36:
f9:c6:29:84:ae:cf:7b:e5:f6:32:54:10:fb:65:e8:
33:58:80:17:d9:b1:07:a0:24:80:b1:08:77:88:69:
3b:4f:2d:cd:61:18:85:bf:de:71:e4:fb:fe:ad:13:
df:b1:33:c5:14:09:6e:ca:a0:0a:d6:dd:d1:5f:5c:
fd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4B:C9:DC:51:B1:08:3E:7D:29:E2:23:4E:2A:6E:E3:F0:DD:9B:9E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/pkvJ3FGxCD59KeIjTipu4_Ddm54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.68.0/22
194.87.106.0/24
194.87.196.0/23
195.58.48.0/23
195.133.5.0/24
195.133.23.0/24
Signature Algorithm: sha256WithRSAEncryption
65:8c:0b:4e:e1:ae:16:42:af:22:4c:a4:71:ff:54:4c:f1:2e:
35:76:d9:dc:42:c5:97:e6:7e:9c:71:b4:89:84:fe:fb:0e:ce:
d0:f4:1e:62:77:cd:20:0a:91:8b:8b:8e:d7:2f:e6:57:3f:17:
e4:22:cc:53:46:d0:5f:b2:09:6e:fd:4c:2a:02:c0:b6:91:6c:
8a:08:eb:bb:2b:42:df:ad:d0:30:94:8e:f7:f8:7f:68:f7:dc:
8b:3f:d0:04:1d:bc:3f:f9:8f:69:34:04:cd:69:2c:3a:e0:29:
a4:0b:2e:55:5d:14:90:ba:20:28:55:d6:fb:af:c2:a5:4c:49:
c5:6d:b4:57:74:c1:d8:70:44:ac:bd:26:34:b9:ed:71:68:ea:
cb:24:71:ca:0a:d1:2f:7f:49:22:67:5c:92:ea:b8:3b:d4:f3:
c0:99:53:79:04:54:8f:17:f2:7d:18:38:2c:6c:5a:1a:7a:51:
4b:e4:06:a5:cb:8e:19:69:58:ac:55:0a:27:b3:e2:0e:c9:6c:
4d:75:21:d4:81:f6:02:d9:9e:1f:25:54:f8:58:a6:ef:bd:c4:
3c:0d:f7:6a:3d:84:3a:52:58:8d:c6:b3:ed:84:07:0c:dc:80:
fe:6e:be:ba:8a:21:58:84:be:01:52:fe:43:37:3d:36:ae:4d:
64:8d:a3:d2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZc5OrQOoAsaT6TBrgX2MNw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNjA0MDQzNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjRiYzlkYzUxYjEwODNlN2QyOWUyMjM0ZTJhNmVlM2YwZGQ5YjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VVk+eZEqeBtLk+T0qy5hG7VOoYF
t+swMA+g84yuC/eUoW2tCz5IaN+b8yJCB2YM6OdfFxqq6o5sgi1+jdvSuUf/D9/d
5DZLmLVTXUUqTugta06RTWvuSIq+hMUVh07khZdeYFtXL+pDHdRIS3TrUfF9cvTA
a8ttf881aSpaOjE5pTA2cLVak5ZvQf8Hd7Gedu1myw2FBXzK2iZoz/1ARugi7wpe
UHEQiqin0nO7licIRshkig5N20e++azofHIG9zb5ximErs975fYyVBD7ZegzWIAX
2bEHoCSAsQh3iGk7Ty3NYRiFv95x5Pv+rRPfsTPFFAluyqAK1t3RX1z92wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKZLydxRsQg+fSniI04qbuPw3ZueMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcGt2SjNGR3hDRDU5S2VJalRpcHU0X0RkbTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCwldEAwQA
wldqAwQBwlfEAwQBwzowAwQAw4UFAwQAw4UXMA0GCSqGSIb3DQEBCwUAA4IBAQBl
jAtO4a4WQq8iTKRx/1RM8S41dtncQsWX5n6ccbSJhP77Ds7Q9B5id80gCpGLi47X
L+ZXPxfkIsxTRtBfsglu/UwqAsC2kWyKCOu7K0LfrdAwlI73+H9o99yLP9AEHbw/
+Y9pNATNaSw64CmkCy5VXRSQuiAoVdb7r8KlTEnFbbRXdMHYcESsvSY0ue1xaOrL
JHHKCtEvf0kiZ1yS6rg71PPAmVN5BFSPF/J9GDgsbFoaelFL5Aaly44ZaVisVQon
s+IOyWxNdSHUgfYC2Z4fJVT4WKbvvcQ8DfdqPYQ6UliNxrPthAcM3ID+br66iiFY
hL4BUv5DNz02rk1kjaPS
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:56:26 2025 by rpki-client