Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xdhHOB9DQoSFmVkrPUn4HKy6Kso.roa
File: xdhHOB9DQoSFmVkrPUn4HKy6Kso.roa (raw, json)
Hash identifier: bqOgvLVMRDeN26Kkw9I40Pfp0z/hiGSZkpcbjvXPDDU=
Subject key identifier: C5:D8:47:38:1F:43:42:84:85:99:59:2B:3D:49:F8:1C:AC:BA:2A:CA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196206D8C147EBA49E49F10CF016A81F3E6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xdhHOB9DQoSFmVkrPUn4HKy6Kso.roa
Signing time: Thu 10 Apr 2025 15:59:32 +0000
ROA not before: Thu 10 Apr 2025 15:59:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.234.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.48.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 13 Apr 2025 10:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:6d:8c:14:7e:ba:49:e4:9f:10:cf:01:6a:81:f3:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 10 15:59:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5d847381f4342848599592b3d49f81cacba2aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f3:ba:45:d0:03:58:6c:30:a6:d2:72:31:19:
3b:13:54:e3:cd:60:31:38:85:9b:aa:2c:96:32:e6:
d3:6e:91:c7:4f:f4:40:6b:26:07:f5:d5:a2:c2:c6:
46:62:00:0a:92:97:61:0f:22:43:e1:de:ad:09:6a:
d8:2d:4f:9d:22:1e:7e:a1:7a:90:39:53:48:32:d4:
5d:11:48:e7:79:46:a9:3a:4d:0a:45:44:ec:13:e9:
52:02:1a:f8:88:86:c0:89:96:fe:5f:cc:27:ae:75:
30:5b:ae:59:80:48:d5:bf:4f:2a:e2:92:03:3b:b9:
53:aa:6b:68:fc:32:8c:1f:f2:5c:2e:ad:7e:e5:04:
74:d1:d8:36:73:a4:d5:60:9a:e9:2f:f1:7b:b4:cc:
8f:9e:42:46:6a:a6:e8:a4:6c:de:e8:82:f0:8c:dd:
30:99:31:ab:79:93:2b:e3:b3:a9:3d:d8:96:69:fd:
f0:4f:9f:40:ed:54:4c:28:06:8f:ba:ac:4b:cf:36:
60:2b:01:1c:db:30:a7:5b:04:ae:2c:76:c7:26:c4:
ee:fa:8c:a9:aa:1a:e8:d5:6a:5b:72:74:d5:a3:2d:
1f:96:61:f2:4a:d9:05:65:38:5a:0b:db:75:a2:c7:
c4:b4:c2:1a:9c:2a:ca:35:22:b2:8f:7c:51:91:a6:
5d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D8:47:38:1F:43:42:84:85:99:59:2B:3D:49:F8:1C:AC:BA:2A:CA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xdhHOB9DQoSFmVkrPUn4HKy6Kso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.234.0/24
62.76.239.0/24
192.124.176.0/24
192.124.209.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.38.0-194.58.40.255
194.58.59.0/24
194.58.66.0/24
194.58.68.0/24
194.87.10.0/24
194.87.17.0-194.87.18.255
194.87.23.0/24
194.87.30.0/24
194.87.39.0/24
194.87.47.0-194.87.48.255
194.87.58.0/24
194.87.73.0/24
194.87.82.0/24
194.87.89.0/24
194.87.105.0/24
194.87.108.0/24
194.87.123.0/24
194.87.128.0/24
194.87.162.0/24
194.87.178.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
194.87.240.0/24
194.87.245.0/24
195.133.55.0/24
195.133.67.0/24
195.133.83.0/24
195.133.92.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:14:74:c2:e7:3e:52:fd:16:bb:32:10:f8:83:0c:c4:bc:12:
cb:38:7d:d0:a4:c5:d9:36:3f:90:ad:a9:b3:86:1e:f4:b4:e3:
32:e7:81:5e:7a:88:62:3d:b0:ac:14:67:2a:40:42:c3:a9:5a:
6a:65:45:3a:35:91:8d:03:e1:34:10:62:33:5b:da:c8:34:61:
0f:be:fa:19:4a:cd:9c:92:34:7e:57:fc:98:0d:eb:c7:ba:c6:
7c:c8:82:2d:a8:83:cb:10:49:26:91:8f:26:fd:27:44:8b:ba:
77:27:50:45:9e:e1:99:1c:7d:9d:61:2a:0c:97:28:d5:dd:2c:
e7:71:07:6b:56:2a:aa:ca:a1:97:b6:2a:60:6b:0f:be:e7:a6:
4f:38:2f:8e:27:31:45:35:04:2b:75:0c:28:a3:40:03:b1:a5:
a1:6e:6a:ec:36:b0:a3:d8:e1:16:ba:5a:c1:8e:fc:27:49:42:
30:81:31:3e:9c:4b:ba:90:54:d8:30:c6:12:55:d4:4d:06:41:
ab:c7:77:d5:8c:19:3e:08:0a:5c:36:44:db:88:e9:66:14:f2:
79:c6:73:1f:a7:7a:4d:fb:18:20:b5:a5:a6:61:7b:12:b1:63:
17:c0:73:5d:f9:e3:55:66:e7:a9:3e:d4:e2:78:54:d1:6f:3e:
1a:c1:65:92
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAZYgbYwUfrpJ5J8QzwFqgfPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDEwMTU1OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWQ4NDczODFmNDM0Mjg0ODU5OTU5MmIzZDQ5ZjgxY2FjYmEyYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPO6RdADWGwwptJyMRk7E1TjzWAx
OIWbqiyWMubTbpHHT/RAayYH9dWiwsZGYgAKkpdhDyJD4d6tCWrYLU+dIh5+oXqQ
OVNIMtRdEUjneUapOk0KRUTsE+lSAhr4iIbAiZb+X8wnrnUwW65ZgEjVv08q4pID
O7lTqmto/DKMH/JcLq1+5QR00dg2c6TVYJrpL/F7tMyPnkJGaqbopGze6ILwjN0w
mTGreZMr47OpPdiWaf3wT59A7VRMKAaPuqxLzzZgKwEc2zCnWwSuLHbHJsTu+oyp
qhro1WpbcnTVoy0flmHyStkFZThaC9t1osfEtMIanCrKNSKyj3xRkaZdCQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFMXYRzgfQ0KEhZlZKz1J+BysuirKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveGRoSE9COURRb1NGbVZrclBVbjRIS3k2S3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEAD5M6gMEAD5M7wMEAMB8sAMEAMB80QMEAMF8FgMEAMF8KQMEAMF8LjAMAwQB
wjomAwQAwjooAwQAwjo7AwQAwjpCAwQAwjpEAwQAwlcKMAwDBADCVxEDBADCVxID
BADCVxcDBADCVx4DBADCVycwDAMEAMJXLwMEAMJXMAMEAMJXOgMEAMJXSQMEAMJX
UgMEAMJXWQMEAMJXaQMEAMJXbAMEAMJXewMEAMJXgAMEAMJXogMEAMJXsgMEAMJX
xgMEAMJX4wMEAMJX5gMEAMJX8AMEAMJX9QMEAMOFNwMEAMOFQwMEAMOFUwMEAMOF
XAMEANTA3QMEANTA3zAMAwQA1MEBAwQA1MECAwQA1MEGMA0GCSqGSIb3DQEBCwUA
A4IBAQBeFHTC5z5S/Ra7MhD4gwzEvBLLOH3QpMXZNj+Qramzhh70tOMy54Feeohi
PbCsFGcqQELDqVpqZUU6NZGNA+E0EGIzW9rINGEPvvoZSs2ckjR+V/yYDevHusZ8
yIItqIPLEEkmkY8m/SdEi7p3J1BFnuGZHH2dYSoMlyjV3SzncQdrViqqyqGXtipg
aw++56ZPOC+OJzFFNQQrdQwoo0ADsaWhbmrsNrCj2OEWulrBjvwnSUIwgTE+nEu6
kFTYMMYSVdRNBkGrx3fVjBk+CApcNkTbiOlmFPJ5xnMfp3pN+xggtaWmYXsSsWMX
wHNd+eNVZuepPtTieFTRbz4awWWS
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:21:34 2025 by rpki-client