Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xcwlUwpvlbWTW6ax9YPh_qKRnAw.roa
File: xcwlUwpvlbWTW6ax9YPh_qKRnAw.roa (raw, json)
Hash identifier: 5P46roQc5rDwpGunbNxCcbtS88KLY5Jau90S3pj2g4Q=
Subject key identifier: C5:CC:25:53:0A:6F:95:B5:93:5B:A6:B1:F5:83:E1:FE:A2:91:9C:0C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01956608FD970F4F8276EAC9EDCD3DD99117
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xcwlUwpvlbWTW6ax9YPh_qKRnAw.roa
Signing time: Wed 05 Mar 2025 11:20:19 +0000
ROA not before: Wed 05 Mar 2025 11:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Mar 2025 14:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:08:fd:97:0f:4f:82:76:ea:c9:ed:cd:3d:d9:91:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 5 11:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5cc25530a6f95b5935ba6b1f583e1fea2919c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:0b:9d:c0:e5:b4:5f:09:da:05:c8:3c:95:2e:
f4:26:9c:e0:21:bf:02:f8:79:6c:c9:ff:e2:9e:b1:
3e:d8:f1:31:64:c7:e9:71:43:37:3f:d2:e4:ec:69:
c5:1c:15:5e:86:ef:a7:a8:9e:78:ae:d4:a4:bb:55:
fe:32:70:2e:ac:c8:67:e7:9c:d2:99:9a:0a:e2:68:
40:86:6f:45:d9:08:12:e6:4e:22:e5:03:ae:b9:52:
d4:ef:3b:a6:e1:a1:e6:8d:ee:cc:fd:1c:1f:88:86:
db:cc:16:3a:55:a9:b3:41:15:13:3e:a0:d5:72:61:
e8:92:c3:71:92:fb:09:1f:1a:7b:13:81:77:1a:9f:
5a:3b:c9:d1:a3:91:3c:fb:e7:c5:e2:18:57:dc:7d:
c2:07:e7:69:1e:2d:4d:66:ae:b0:ba:bf:03:d1:eb:
fd:24:6d:85:df:e7:11:30:cc:8d:ee:33:84:dc:91:
b8:2b:cf:72:75:aa:50:85:3b:de:47:4b:06:86:5f:
08:fd:ad:e1:cb:9b:41:3d:04:f0:82:9e:61:ce:29:
f0:6e:6b:06:ff:12:e8:6c:d1:ea:f7:8d:51:fd:cd:
bc:dc:d0:7b:f4:bb:4f:ea:17:94:c1:d2:bb:36:f7:
37:52:8d:62:f9:f5:71:95:c3:91:51:20:18:53:ae:
99:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CC:25:53:0A:6F:95:B5:93:5B:A6:B1:F5:83:E1:FE:A2:91:9C:0C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xcwlUwpvlbWTW6ax9YPh_qKRnAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.38.0-194.58.40.255
194.58.59.0/24
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.17.0-194.87.18.255
194.87.23.0/24
194.87.30.0/24
194.87.39.0/24
194.87.47.0/24
194.87.58.0/24
194.87.73.0/24
194.87.82.0/24
194.87.105.0/24
194.87.108.0/24
194.87.123.0/24
194.87.178.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
194.87.240.0/24
194.87.245.0/24
195.133.55.0/24
195.133.67.0/24
195.133.83.0/24
195.133.92.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:04:cf:81:35:ea:70:2d:b0:5d:5c:ed:13:6a:94:c0:8a:1c:
e4:c9:7c:c7:46:cf:aa:55:be:08:92:b2:9c:36:32:58:9e:9f:
52:67:95:7d:23:5c:4c:1d:d8:11:45:65:cd:6b:75:e0:2b:1e:
5e:85:0e:8d:73:9a:a3:f3:99:0b:f9:05:e7:64:40:e7:93:2e:
48:49:20:72:67:32:7b:ef:91:5f:7e:9d:a5:3d:e4:49:58:89:
e6:da:75:2b:8a:6c:20:43:12:ed:7d:6e:4f:84:eb:ca:3f:82:
20:df:6f:c1:2d:d8:e9:07:17:ee:a1:c4:af:98:ff:59:fd:c2:
12:8f:10:e1:4c:bd:42:9d:97:a5:39:be:01:6c:fc:31:6a:0d:
1f:e3:64:08:b7:18:a8:3c:b5:48:80:8e:bb:29:e8:f2:b7:05:
0a:c4:cd:e4:6d:71:be:c7:75:00:1f:31:3e:e8:e4:c6:12:54:
7d:89:9a:ca:24:83:82:d0:54:2b:c3:21:8b:85:c2:6a:c6:94:
90:53:92:a3:d7:77:f5:b0:ca:ec:1d:4e:9e:f3:a1:a4:7f:07:
1a:75:ee:c2:54:fc:14:d0:85:38:e4:5d:4a:21:24:0a:58:1b:
5b:57:05:f5:c7:12:9e:9d:6d:e4:8c:62:70:cc:5e:c1:24:df:
2d:6b:77:d9
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAZVmCP2XD0+CdurJ7c092ZEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwMzA1MTEyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWNjMjU1MzBhNmY5NWI1OTM1YmE2YjFmNTgzZTFmZWEyOTE5YzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9wudwOW0XwnaBcg8lS70JpzgIb8C
+Hlsyf/inrE+2PExZMfpcUM3P9Lk7GnFHBVehu+nqJ54rtSku1X+MnAurMhn55zS
mZoK4mhAhm9F2QgS5k4i5QOuuVLU7zum4aHmje7M/RwfiIbbzBY6VamzQRUTPqDV
cmHoksNxkvsJHxp7E4F3Gp9aO8nRo5E8++fF4hhX3H3CB+dpHi1NZq6wur8D0ev9
JG2F3+cRMMyN7jOE3JG4K89ydapQhTveR0sGhl8I/a3hy5tBPQTwgp5hzinwbmsG
/xLobNHq941R/c283NB79LtP6heUwdK7Nvc3Uo1i+fVxlcORUSAYU66Z3QIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFMXMJVMKb5W1k1umsfWD4f6ikZwMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveGN3bFV3cHZsYldUVzZheDlZUGhfcUtSbkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYD
BAA+TOoDBAA+TO8DBADAfLADBADAfNEDBADBfBYDBADBfCkDBADBfC4wDAMEAcI6
JgMEAMI6KAMEAMI6OwMEAMI6QgMEAMI6RAMEAMJXCjAMAwQAwlcRAwQAwlcSAwQA
wlcXAwQAwlceAwQAwlcnAwQAwlcvAwQAwlc6AwQAwldJAwQAwldSAwQAwldpAwQA
wldsAwQAwld7AwQAwleyAwQAwlfGAwQAwlfjAwQAwlfmAwQAwlfwAwQAwlf1AwQA
w4U3AwQAw4VDAwQAw4VTAwQAw4VcAwQA1MDdAwQA1MDfMAwDBADUwQEDBADUwQID
BADUwQYwDQYJKoZIhvcNAQELBQADggEBAH8Ez4E16nAtsF1c7RNqlMCKHOTJfMdG
z6pVvgiSspw2Mlien1JnlX0jXEwd2BFFZc1rdeArHl6FDo1zmqPzmQv5BedkQOeT
LkhJIHJnMnvvkV9+naU95ElYiebadSuKbCBDEu19bk+E68o/giDfb8Et2OkHF+6h
xK+Y/1n9whKPEOFMvUKdl6U5vgFs/DFqDR/jZAi3GKg8tUiAjrsp6PK3BQrEzeRt
cb7HdQAfMT7o5MYSVH2Jmsokg4LQVCvDIYuFwmrGlJBTkqPXd/WwyuwdTp7zoaR/
Bxp17sJU/BTQhTjkXUohJApYG1tXBfXHEp6dbeSMYnDMXsEk3y1rd9k=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:28 2025 by rpki-client