Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/56JA3cuTZAsWRdan7CVaeuF_mlM.roa
File: 56JA3cuTZAsWRdan7CVaeuF_mlM.roa (raw, json)
Hash identifier: vnYfL8S8fPpzcWFZP8kxPKrdjaaUJrkKLM7KXzivX80=
Subject key identifier: E7:A2:40:DD:CB:93:64:0B:16:45:D6:A7:EC:25:5A:7A:E1:7F:9A:53
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0196FD99C4FB641BAA500FA3D41FA22848F3
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/56JA3cuTZAsWRdan7CVaeuF_mlM.roa
Signing time: Fri 23 May 2025 14:43:55 +0000
ROA not before: Fri 23 May 2025 14:43:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 79.135.152.0/24 maxlen: 24
79.135.153.0/24 maxlen: 24
79.135.155.0/24 maxlen: 24
80.81.40.0/24 maxlen: 24
80.81.49.0/24 maxlen: 24
80.81.50.0/24 maxlen: 24
80.81.52.0/24 maxlen: 24
80.81.56.0/24 maxlen: 24
80.255.224.0/24 maxlen: 24
80.255.225.0/24 maxlen: 24
80.255.226.0/24 maxlen: 24
80.255.227.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.45.0/24 maxlen: 24
85.254.47.0/24 maxlen: 24
85.254.62.0/24 maxlen: 24
85.254.63.0/24 maxlen: 24
85.254.70.0/24 maxlen: 24
85.254.72.0/24 maxlen: 24
85.254.104.0/24 maxlen: 24
85.254.105.0/24 maxlen: 24
85.254.106.0/24 maxlen: 24
85.254.107.0/24 maxlen: 24
85.254.108.0/24 maxlen: 24
85.254.109.0/24 maxlen: 24
85.254.110.0/24 maxlen: 24
85.254.111.0/24 maxlen: 24
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
85.254.188.0/24 maxlen: 24
85.254.189.0/24 maxlen: 24
85.254.191.0/24 maxlen: 24
91.190.40.0/24 maxlen: 24
91.190.41.0/24 maxlen: 24
91.190.43.0/24 maxlen: 24
91.190.44.0/24 maxlen: 24
91.190.46.0/24 maxlen: 24
91.190.62.0/24 maxlen: 24
91.190.63.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.242.0/24 maxlen: 24
159.148.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 13:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:99:c4:fb:64:1b:aa:50:0f:a3:d4:1f:a2:28:48:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 23 14:43:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7a240ddcb93640b1645d6a7ec255a7ae17f9a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:21:1b:47:8a:e5:90:94:78:53:42:89:e3:da:
8c:eb:6f:e0:de:bc:d9:83:5d:d4:d3:d6:6f:f0:e5:
75:22:a5:2d:73:5b:49:e5:0b:fa:f2:96:3f:ae:ab:
cc:f7:ec:5a:b3:4a:8f:7d:2a:ea:0e:08:b0:54:75:
1c:29:8c:e3:1f:3f:42:0b:1c:6a:5c:71:f8:a1:6e:
5f:08:80:f8:e5:99:b1:29:fe:0e:f3:42:18:ca:57:
88:da:65:ae:fd:54:73:f7:60:4a:58:93:19:dd:b8:
00:3a:5d:cf:94:db:ce:63:e3:e1:b1:ab:1f:d5:9d:
a5:ac:50:72:67:67:54:90:a7:c9:60:5e:20:a8:6b:
d1:d5:86:83:ed:45:b1:8b:f0:a8:76:c0:87:b0:b8:
28:9f:62:43:fb:e9:22:72:1b:4e:4d:54:24:b2:f3:
06:56:c1:46:9a:05:11:8f:15:58:60:84:37:56:3c:
62:15:eb:52:93:e1:f8:4a:23:a4:d5:5d:84:14:86:
ba:7d:6b:d0:5f:74:3b:71:66:d0:55:d5:79:8e:c9:
bd:da:ed:92:be:55:ec:ca:4c:bc:2b:09:c7:23:b5:
a5:0e:f2:3f:15:dc:78:0a:5a:c4:5c:e3:d8:d3:8e:
17:3f:76:bb:04:dd:9e:48:35:b5:aa:00:b2:0b:7e:
89:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A2:40:DD:CB:93:64:0B:16:45:D6:A7:EC:25:5A:7A:E1:7F:9A:53
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/56JA3cuTZAsWRdan7CVaeuF_mlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.152.0/23
79.135.155.0/24
80.81.40.0/24
80.81.49.0-80.81.50.255
80.81.52.0/24
80.81.56.0/24
80.255.224.0/22
85.254.10.0/24
85.254.45.0/24
85.254.47.0/24
85.254.62.0/23
85.254.70.0/24
85.254.72.0/24
85.254.104.0/21
85.254.116.0/24
85.254.122.0/24
85.254.188.0/23
85.254.191.0/24
91.190.40.0/23
91.190.43.0-91.190.44.255
91.190.46.0/24
91.190.62.0/23
159.148.125.0/24
159.148.138.0/24
159.148.150.0/24
159.148.222.0/24
159.148.242.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:98:19:70:0b:1d:b7:6c:c2:ea:21:98:b4:0b:39:d9:05:27:
cd:a9:13:5a:3c:b0:43:a9:b6:18:1a:29:3c:f4:76:5f:af:6a:
56:14:27:1c:82:76:e7:4c:74:c5:e7:35:55:a8:ce:a6:4e:12:
6b:4a:d6:ae:14:58:fe:18:a7:c8:a6:d6:35:da:39:e4:ed:cd:
5c:39:00:75:ed:93:3d:dc:26:c2:db:55:46:ec:dc:5d:6b:79:
4f:58:58:3d:65:fb:f5:8f:37:91:71:2d:1b:12:5a:4f:74:86:
9f:1f:19:eb:58:c4:93:42:06:50:d8:2d:41:37:44:74:07:62:
4e:ec:a3:66:37:40:41:ed:40:78:3c:4c:61:dc:77:3d:81:0b:
18:61:80:a2:bb:ad:67:20:ef:26:c4:b8:71:3f:50:24:f3:f3:
0b:42:6c:15:9c:80:b2:91:78:f8:d6:7e:da:2f:ec:cc:d3:99:
8a:30:a3:2a:1c:d4:24:be:9b:10:a9:6d:13:d0:71:40:29:cc:
98:9c:f1:7f:b9:43:83:f4:d8:6e:35:fb:52:ff:97:3a:9b:78:
04:ef:6c:7f:c9:83:b8:dd:45:d9:b2:74:60:39:c3:0f:08:ec:
bf:ee:be:4e:01:a0:78:69:41:3d:57:5f:1b:fe:cb:dd:86:7d:
f6:f8:7c:57
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZb9mcT7ZBuqUA+j1B+iKEjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNTIzMTQ0MzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2EyNDBkZGNiOTM2NDBiMTY0NWQ2YTdlYzI1NWE3YWUxN2Y5YTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSEbR4rlkJR4U0KJ49qM62/g3rzZ
g13U09Zv8OV1IqUtc1tJ5Qv68pY/rqvM9+xas0qPfSrqDgiwVHUcKYzjHz9CCxxq
XHH4oW5fCID45ZmxKf4O80IYyleI2mWu/VRz92BKWJMZ3bgAOl3PlNvOY+Phsasf
1Z2lrFByZ2dUkKfJYF4gqGvR1YaD7UWxi/CodsCHsLgon2JD++kichtOTVQksvMG
VsFGmgURjxVYYIQ3VjxiFetSk+H4SiOk1V2EFIa6fWvQX3Q7cWbQVdV5jsm92u2S
vlXsyky8KwnHI7WlDvI/Fdx4ClrEXOPY044XP3a7BN2eSDW1qgCyC36JrQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFOeiQN3Lk2QLFkXWp+wlWnrhf5pTMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNTZKQTNjdVRaQXNXUmRhbjdDVmFldUZfbWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAFP
h5gDBABPh5sDBABQUSgwDAMEAFBRMQMEAFBRMgMEAFBRNAMEAFBROAMEAlD/4AME
AFX+CgMEAFX+LQMEAFX+LwMEAVX+PgMEAFX+RgMEAFX+SAMEA1X+aAMEAFX+dAME
AFX+egMEAVX+vAMEAFX+vwMEAVu+KDAMAwQAW74rAwQAW74sAwQAW74uAwQBW74+
AwQAn5R9AwQAn5SKAwQAn5SWAwQAn5TeAwQBn5TyMA0GCSqGSIb3DQEBCwUAA4IB
AQC4mBlwCx23bMLqIZi0CznZBSfNqRNaPLBDqbYYGik89HZfr2pWFCccgnbnTHTF
5zVVqM6mThJrStauFFj+GKfIptY12jnk7c1cOQB17ZM93CbC21VG7Nxda3lPWFg9
Zfv1jzeRcS0bElpPdIafHxnrWMSTQgZQ2C1BN0R0B2JO7KNmN0BB7UB4PExh3Hc9
gQsYYYCiu61nIO8mxLhxP1Ak8/MLQmwVnICykXj41n7aL+zM05mKMKMqHNQkvpsQ
qW0T0HFAKcyYnPF/uUOD9NhuNftS/5c6m3gE72x/yYO43UXZsnRgOcMPCOy/7r5O
AaB4aUE9V18b/svdhn32+HxX
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:09:29 2025 by rpki-client