Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xGj6aXNnJ4W38MPZMH0MxNbjWFE.roa
File: xGj6aXNnJ4W38MPZMH0MxNbjWFE.roa (raw, json)
Hash identifier: K7c8yUCP9+nVxx3avGYi7QULHeBkc07QEsJ66WuBdj0=
Subject key identifier: C4:68:FA:69:73:67:27:85:B7:F0:C3:D9:30:7D:0C:C4:D6:E3:58:51
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01968F843D4CC1E355519F14AB8DF1E27FB1
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xGj6aXNnJ4W38MPZMH0MxNbjWFE.roa
Signing time: Fri 02 May 2025 05:42:10 +0000
ROA not before: Fri 02 May 2025 05:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 04 May 2025 08:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8f:84:3d:4c:c1:e3:55:51:9f:14:ab:8d:f1:e2:7f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 2 05:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c468fa6973672785b7f0c3d9307d0cc4d6e35851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2b:ee:c8:4e:b6:fa:41:fe:ea:fd:b1:a4:a5:
74:b8:5b:3a:ac:53:9f:a4:ed:e5:e9:63:c5:1e:c7:
1f:52:a7:cf:6b:b5:01:6e:8f:05:3a:8b:ae:81:96:
c5:29:14:5f:70:a0:b3:fb:00:69:9d:49:7f:de:73:
5e:d7:19:d7:71:47:7f:4f:91:12:45:a1:37:30:26:
2f:40:bd:99:5b:04:d1:75:b1:c2:f9:eb:35:76:05:
44:63:5b:90:76:06:0b:12:d3:fc:9d:6d:af:e3:58:
37:6a:1f:f5:fe:44:cf:4e:57:e2:a4:83:9e:96:1a:
00:59:b1:6c:47:75:e3:5d:29:78:43:df:dd:0b:67:
86:c9:a0:27:be:ca:9f:b6:39:6c:8e:8a:5f:9b:f9:
af:d5:a0:b9:8d:18:b6:b0:c2:64:18:2f:1d:59:9c:
87:ad:5a:4a:b0:17:a4:05:ad:85:d7:5c:c7:4b:87:
9b:58:a5:1c:9b:8c:ee:d8:bd:fb:5a:8a:bf:d7:cb:
4f:2b:7c:24:33:35:70:a5:69:51:e7:bf:70:8d:f1:
8e:f6:ad:fa:99:5e:da:39:47:12:f8:26:b9:b6:1b:
f0:c5:a8:ef:8d:e6:63:79:5b:ea:95:30:d5:72:96:
90:f9:be:78:7c:16:8a:fe:f2:9e:d6:47:45:4f:ee:
4d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:68:FA:69:73:67:27:85:B7:F0:C3:D9:30:7D:0C:C4:D6:E3:58:51
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xGj6aXNnJ4W38MPZMH0MxNbjWFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.119.0/24
194.87.169.0/24
194.87.179.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
7b:b6:18:27:69:81:c8:51:b8:47:6f:b2:a9:3b:69:f2:a6:c8:
9a:76:72:9c:39:df:ad:a0:ee:8e:92:19:54:2e:ba:5e:04:0c:
8c:ee:af:c5:04:5c:c5:5d:08:60:2a:26:b5:5f:81:36:66:2d:
2e:08:e1:9e:23:18:3b:2b:c2:17:6f:81:93:f0:6b:f1:65:02:
10:bf:de:01:2a:62:64:23:45:57:b2:25:3b:0b:89:3a:53:96:
7e:e9:61:dc:b5:d3:8c:f3:cd:f9:ff:8a:f8:c9:73:e6:fb:5b:
ea:1e:40:83:71:1c:40:40:9b:cd:0f:c0:5e:f3:21:09:89:a0:
62:e4:14:09:98:40:a6:c8:40:42:5d:6b:bd:cc:19:c8:4b:e4:
df:71:9e:b5:6e:bd:f1:21:3b:1a:07:f7:d7:b8:52:cb:92:54:
3e:dc:68:e9:a0:20:13:6d:64:93:48:f0:b8:83:9e:8c:dd:0c:
8d:90:eb:b9:bb:10:7c:d2:90:09:c9:66:44:9f:81:15:8d:df:
7d:99:57:64:55:e4:06:7d:72:ab:8b:9a:94:5f:93:ef:ce:20:
c5:ab:c3:08:78:61:37:96:38:fa:da:d8:a2:9b:2b:ab:48:d2:
bd:05:22:c5:a9:3f:5e:66:aa:5e:22:4b:ae:a4:59:79:2c:aa:
dd:54:25:21
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZaPhD1MweNVUZ8Uq43x4n+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTAyMDU0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY4ZmE2OTczNjcyNzg1YjdmMGMzZDkzMDdkMGNjNGQ2ZTM1ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiivuyE62+kH+6v2xpKV0uFs6rFOf
pO3l6WPFHscfUqfPa7UBbo8FOouugZbFKRRfcKCz+wBpnUl/3nNe1xnXcUd/T5ES
RaE3MCYvQL2ZWwTRdbHC+es1dgVEY1uQdgYLEtP8nW2v41g3ah/1/kTPTlfipIOe
lhoAWbFsR3XjXSl4Q9/dC2eGyaAnvsqftjlsjopfm/mv1aC5jRi2sMJkGC8dWZyH
rVpKsBekBa2F11zHS4ebWKUcm4zu2L37Woq/18tPK3wkMzVwpWlR579wjfGO9q36
mV7aOUcS+Ca5thvwxajvjeZjeVvqlTDVcpaQ+b54fBaK/vKe1kdFT+5NuwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFMRo+mlzZyeFt/DD2TB9DMTW41hRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveEdqNmFYTm5KNFczOE1QWk1IME14TmJqV0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwYAQCAAEwWgMEAMF8BwME
AMI6JAMEAMI6mwMEAMI63wMEAMJXNQMEAMJXdwMEAMJXqQMEAMJXswMEAMOFCQME
AcOFGAMEAcOFKAMEAcOFMgMEAcOFXAMEANTA8QMEAdTBGjAUBAIAAjAOAwUDKgFX
wAMFAyoM/0AwDQYJKoZIhvcNAQELBQADggEBAHu2GCdpgchRuEdvsqk7afKmyJp2
cpw5362g7o6SGVQuul4EDIzur8UEXMVdCGAqJrVfgTZmLS4I4Z4jGDsrwhdvgZPw
a/FlAhC/3gEqYmQjRVeyJTsLiTpTln7pYdy104zzzfn/ivjJc+b7W+oeQINxHEBA
m80PwF7zIQmJoGLkFAmYQKbIQEJda73MGchL5N9xnrVuvfEhOxoH99e4UsuSVD7c
aOmgIBNtZJNI8LiDnozdDI2Q67m7EHzSkAnJZkSfgRWN332ZV2RV5AZ9cquLmpRf
k+/OIMWrwwh4YTeWOPra2KKbK6tI0r0FIsWpP15mql4iS66kWXksqt1UJSE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:01:54 2025 by rpki-client