Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y6f17IQ4M7yfJwr9sSXc0YI46B4.roa
File: y6f17IQ4M7yfJwr9sSXc0YI46B4.roa (raw, json)
Hash identifier: hyGbKlWx7WefUwIBOxPrDHO0aUJ17fz++Lc25FSU2GY=
Subject key identifier: CB:A7:F5:EC:84:38:33:BC:9F:27:0A:FD:B1:25:DC:D1:82:38:E8:1E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196F24F71440DC1443D84CD277809293960
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y6f17IQ4M7yfJwr9sSXc0YI46B4.roa
Signing time: Wed 21 May 2025 10:06:54 +0000
ROA not before: Wed 21 May 2025 10:06:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.225.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.158.0/24 maxlen: 24
193.124.159.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.3.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
195.133.200.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 21 May 2025 11:44:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:4f:71:44:0d:c1:44:3d:84:cd:27:78:09:29:39:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 21 10:06:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cba7f5ec843833bc9f270afdb125dcd18238e81e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ef:22:a7:69:15:4e:36:2b:e9:75:69:88:9e:
ef:53:6d:cf:5f:46:ae:88:48:1a:1e:02:04:45:40:
80:4e:25:9d:7a:71:83:15:ce:d5:50:97:d5:26:05:
8f:7b:13:b1:40:e8:73:6b:70:3b:27:95:2e:cd:e3:
da:0b:38:42:86:1e:5d:f4:40:d2:f9:5e:e5:94:1b:
0b:c2:22:f1:e5:4a:22:e1:26:49:80:b2:18:39:32:
63:96:3e:fe:f0:40:b1:b9:3e:6a:2f:7f:04:f5:71:
3c:58:7f:32:0c:0b:4a:7e:ef:75:e7:8f:af:c4:83:
46:85:cc:65:79:b4:66:90:f5:12:89:61:30:06:fd:
f9:c8:80:ab:84:27:71:f6:6d:de:2e:02:0e:b3:24:
3a:41:ff:2a:5d:75:aa:a7:92:54:e2:18:74:b0:8c:
95:4e:8c:e8:8c:0a:2d:02:bb:67:ff:2f:02:fa:76:
2e:eb:c4:70:03:5b:17:b1:d8:e3:3c:39:aa:3c:43:
58:6a:de:58:e7:d9:bd:d1:7b:4d:5f:9b:1d:7a:87:
85:42:53:87:5e:5a:8f:2a:8d:c5:60:af:37:49:c7:
54:4e:59:ef:b5:f4:27:a9:9e:ad:81:f5:ce:24:05:
90:be:12:a5:be:94:a5:c6:94:db:e9:51:4b:60:9f:
79:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A7:F5:EC:84:38:33:BC:9F:27:0A:FD:B1:25:DC:D1:82:38:E8:1E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/y6f17IQ4M7yfJwr9sSXc0YI46B4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0/24
193.124.7.0/24
193.124.158.0/23
194.58.155.0/24
194.87.53.0/24
194.87.119.0/24
194.87.169.0/24
194.87.179.0/24
195.133.3.0/24
195.133.24.0/23
195.133.29.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
195.133.200.0/24
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
96:b4:70:05:12:f9:a1:98:bc:0e:63:47:1c:c4:4c:e8:5a:df:
a5:2c:27:78:1b:f5:0d:95:19:b8:4d:69:3e:e4:44:d8:c7:f6:
c4:f4:85:2f:88:4d:43:62:63:68:c8:01:c7:56:40:3c:cf:bc:
1e:14:36:05:fa:31:fa:06:ea:68:a7:eb:5b:96:26:8e:71:02:
3e:b1:df:83:34:19:4a:22:aa:4e:e4:b5:ec:04:4d:9f:1d:0f:
9c:c8:00:ed:86:45:69:c5:80:6a:6a:12:b8:f6:8f:26:54:9c:
ba:ca:bc:d8:55:31:47:93:6b:37:a1:dc:c5:f7:c9:83:01:bf:
4e:44:3b:cb:2e:f6:02:02:9d:7c:1d:85:41:bd:42:f1:7d:04:
1d:2f:52:e4:e6:35:14:56:d0:12:76:f5:d9:18:47:14:2e:15:
18:9d:ec:9a:9c:3f:05:78:be:c2:f0:32:a6:7f:b5:5b:d4:8c:
69:cd:f9:f0:75:9d:bd:f1:72:a4:db:55:71:af:1a:0b:a5:60:
09:e1:dc:32:aa:b0:fe:56:5b:b9:c0:80:9f:22:f3:ca:cc:72:
0b:a0:a1:9c:62:b9:67:9b:ec:11:d7:70:51:79:c2:f0:28:1c:
60:42:e0:c0:96:b0:17:fd:3b:6e:59:0c:f1:68:f4:39:e9:98:
eb:8e:43:ae
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZbyT3FEDcFEPYTNJ3gJKTlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTIxMTAwNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmE3ZjVlYzg0MzgzM2JjOWYyNzBhZmRiMTI1ZGNkMTgyMzhlODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu8ip2kVTjYr6XVpiJ7vU23PX0au
iEgaHgIERUCATiWdenGDFc7VUJfVJgWPexOxQOhza3A7J5UuzePaCzhChh5d9EDS
+V7llBsLwiLx5Uoi4SZJgLIYOTJjlj7+8ECxuT5qL38E9XE8WH8yDAtKfu9154+v
xINGhcxlebRmkPUSiWEwBv35yICrhCdx9m3eLgIOsyQ6Qf8qXXWqp5JU4hh0sIyV
TozojAotArtn/y8C+nYu68RwA1sXsdjjPDmqPENYat5Y59m90XtNX5sdeoeFQlOH
XlqPKo3FYK83ScdUTlnvtfQnqZ6tgfXOJAWQvhKlvpSlxpTb6VFLYJ951wIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFMun9eyEODO8nycK/bEl3NGCOOgeMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveTZmMTdJUTRNN3lmSndyOXNTWGMwWUk0NkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBsBAIAATBmAwQAPkzh
AwQAwXwHAwQBwXyeAwQAwjqbAwQAwlc1AwQAwld3AwQAwlepAwQAwlezAwQAw4UD
AwQBw4UYAwQAw4UdAwQBw4UoAwQBw4UyAwQBw4VcAwQAw4XIAwQA1MDxAwQB1MEa
MBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAlrRwBRL5
oZi8DmNHHMRM6FrfpSwneBv1DZUZuE1pPuRE2Mf2xPSFL4hNQ2JjaMgBx1ZAPM+8
HhQ2Bfox+gbqaKfrW5YmjnECPrHfgzQZSiKqTuS17ARNnx0PnMgA7YZFacWAamoS
uPaPJlScusq82FUxR5NrN6HcxffJgwG/TkQ7yy72AgKdfB2FQb1C8X0EHS9S5OY1
FFbQEnb12RhHFC4VGJ3smpw/BXi+wvAypn+1W9SMac358HWdvfFypNtVca8aC6Vg
CeHcMqqw/lZbucCAnyLzysxyC6ChnGK5Z5vsEddwUXnC8CgcYELgwJawF/07blkM
8Wj0OemY645Drg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:17:09 2025 by rpki-client