Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CeGYg_gXPdc3-IbloFbv1fAMQXA.roa
File: CeGYg_gXPdc3-IbloFbv1fAMQXA.roa (raw, json)
Hash identifier: BncQQGxYiE8noMKkBtsLLWHPZf/o7qpPiES+sIU1x+w=
Subject key identifier: 09:E1:98:83:F8:17:3D:D7:37:F8:86:E5:A0:56:EF:D5:F0:0C:41:70
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0196FCEBD1D86003017607F9A371E79C6D29
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CeGYg_gXPdc3-IbloFbv1fAMQXA.roa
Signing time: Fri 23 May 2025 11:33:55 +0000
ROA not before: Fri 23 May 2025 11:33:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 79.135.152.0/24 maxlen: 24
79.135.153.0/24 maxlen: 24
79.135.155.0/24 maxlen: 24
80.255.224.0/24 maxlen: 24
80.255.225.0/24 maxlen: 24
80.255.226.0/24 maxlen: 24
80.255.227.0/24 maxlen: 24
85.254.47.0/24 maxlen: 24
85.254.62.0/24 maxlen: 24
85.254.104.0/24 maxlen: 24
85.254.105.0/24 maxlen: 24
85.254.106.0/24 maxlen: 24
85.254.107.0/24 maxlen: 24
85.254.108.0/24 maxlen: 24
85.254.109.0/24 maxlen: 24
85.254.110.0/24 maxlen: 24
85.254.111.0/24 maxlen: 24
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
91.190.63.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 May 2025 14:33:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:eb:d1:d8:60:03:01:76:07:f9:a3:71:e7:9c:6d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 23 11:33:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09e19883f8173dd737f886e5a056efd5f00c4170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:16:fe:28:93:3d:d0:4f:97:48:14:27:84:30:
32:da:c3:92:22:78:a2:8d:65:97:bb:31:44:d9:a5:
98:13:f9:44:1b:1a:0c:c2:b9:c4:fc:59:e9:bd:0b:
c7:86:3d:13:72:cd:e7:d4:12:4b:71:ef:c2:3e:79:
86:63:fb:7e:e6:28:3d:e6:6c:dd:93:8e:97:8d:e7:
5f:0b:75:57:7a:11:ba:dd:c9:c6:6f:44:6a:ea:f4:
73:0a:89:1e:a5:b6:25:db:fa:d3:74:01:74:78:e5:
0e:aa:64:ce:f8:d7:cd:5d:db:80:08:ec:61:26:45:
0a:f7:af:88:61:b8:db:ce:ca:d6:02:12:89:4f:2e:
f4:0a:0e:9a:8c:b3:39:69:b0:f2:db:ea:22:82:fd:
34:c3:9d:5b:ec:75:7b:45:f8:36:cb:0d:8c:5d:55:
1a:1f:ef:9d:11:c6:9a:01:cb:39:40:e1:99:ef:fb:
c7:bf:3a:37:bd:24:51:5d:11:25:99:9f:b8:da:75:
78:a5:68:68:81:44:69:a1:74:80:a2:cd:a6:0c:95:
e3:12:5c:f0:77:cb:d9:b3:59:3e:93:4b:56:d3:13:
c3:97:8a:ca:61:b1:76:73:18:4e:a8:bd:21:ae:8a:
11:01:43:60:76:44:d2:4f:4f:3d:d9:47:48:22:bc:
48:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E1:98:83:F8:17:3D:D7:37:F8:86:E5:A0:56:EF:D5:F0:0C:41:70
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CeGYg_gXPdc3-IbloFbv1fAMQXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.135.152.0/23
79.135.155.0/24
80.255.224.0/22
85.254.47.0/24
85.254.62.0/24
85.254.104.0/21
85.254.116.0/24
85.254.122.0/24
91.190.63.0/24
159.148.125.0/24
159.148.138.0/24
159.148.150.0/24
159.148.222.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:37:b5:42:28:1d:fc:2c:34:5e:e7:4b:56:04:df:7f:30:f7:
d8:b8:23:92:17:48:af:ba:47:c8:3c:8a:6e:76:fa:01:58:57:
92:0d:e8:8d:c9:9b:03:28:55:be:f9:2c:0d:b5:db:91:63:68:
21:4a:d5:59:5e:0d:6a:cf:18:db:7c:b0:dd:50:b5:aa:da:78:
78:61:37:4d:f2:50:15:64:10:86:e2:2f:eb:41:6b:a0:0d:8e:
6b:44:71:2d:64:ae:40:dd:a1:2c:9f:a7:5c:3f:5f:76:9c:b6:
71:42:ab:0b:49:1b:93:e6:15:69:38:a1:83:ce:9d:29:a3:0e:
67:0a:65:de:5e:9a:6e:9d:67:0f:95:6c:54:db:c2:98:19:4f:
97:c5:91:4b:a0:5a:c8:8e:07:97:f6:6f:37:a1:37:36:6c:13:
08:7d:17:dc:31:d4:dc:6d:1b:be:65:74:2c:7d:30:6e:03:71:
37:15:1c:68:be:19:ef:3d:0d:71:e0:84:03:d2:7c:05:07:5a:
47:07:49:3a:31:1a:d5:d2:1a:a3:20:ce:5f:8d:f4:2d:71:ed:
07:a0:59:46:57:6b:a8:6a:42:a9:c7:d7:e5:59:11:5f:6c:78:
41:55:39:2c:b7:0f:f9:03:49:c8:25:d4:77:9e:67:10:e3:23:
e6:be:1a:91
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZb869HYYAMBdgf5o3HnnG0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNTIzMTEzMzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWUxOTg4M2Y4MTczZGQ3MzdmODg2ZTVhMDU2ZWZkNWYwMGM0MTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xb+KJM90E+XSBQnhDAy2sOSInii
jWWXuzFE2aWYE/lEGxoMwrnE/FnpvQvHhj0Tcs3n1BJLce/CPnmGY/t+5ig95mzd
k46XjedfC3VXehG63cnGb0Rq6vRzCokepbYl2/rTdAF0eOUOqmTO+NfNXduACOxh
JkUK96+IYbjbzsrWAhKJTy70Cg6ajLM5abDy2+oigv00w51b7HV7Rfg2yw2MXVUa
H++dEcaaAcs5QOGZ7/vHvzo3vSRRXRElmZ+42nV4pWhogURpoXSAos2mDJXjElzw
d8vZs1k+k0tW0xPDl4rKYbF2cxhOqL0hrooRAUNgdkTST0892UdIIrxIUwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAnhmIP4Fz3XN/iG5aBW79XwDEFwMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQ2VHWWdfZ1hQZGMzLUlibG9GYnYxZkFNUVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBT4eYAwQA
T4ebAwQCUP/gAwQAVf4vAwQAVf4+AwQDVf5oAwQAVf50AwQAVf56AwQAW74/AwQA
n5R9AwQAn5SKAwQAn5SWAwQAn5TeMA0GCSqGSIb3DQEBCwUAA4IBAQCgN7VCKB38
LDRe50tWBN9/MPfYuCOSF0ivukfIPIpudvoBWFeSDeiNyZsDKFW++SwNtduRY2gh
StVZXg1qzxjbfLDdULWq2nh4YTdN8lAVZBCG4i/rQWugDY5rRHEtZK5A3aEsn6dc
P192nLZxQqsLSRuT5hVpOKGDzp0pow5nCmXeXppunWcPlWxU28KYGU+XxZFLoFrI
jgeX9m83oTc2bBMIfRfcMdTcbRu+ZXQsfTBuA3E3FRxovhnvPQ1x4IQD0nwFB1pH
B0k6MRrV0hqjIM5fjfQtce0HoFlGV2uoakKpx9flWRFfbHhBVTkstw/5A0nIJdR3
nmcQ4yPmvhqR
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:39:18 2025 by rpki-client