Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/0fYah3WL7425AEsBHfkczny2BLA.roa
File: 0fYah3WL7425AEsBHfkczny2BLA.roa (raw, json)
Hash identifier: TRM2hFqFxt6eP8Dk9uVSeU3VP06E83QfsKCR8OJ8x7Q=
Subject key identifier: D1:F6:1A:87:75:8B:EF:8D:B9:00:4B:01:1D:F9:1C:CE:7C:B6:04:B0
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 0196E801218C8549866F2FED69F75B4C7EB1
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/0fYah3WL7425AEsBHfkczny2BLA.roa
Signing time: Mon 19 May 2025 10:05:10 +0000
ROA not before: Mon 19 May 2025 10:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12338
IP address blocks: 77.26.0.0/18 maxlen: 18
77.26.64.0/18 maxlen: 18
77.26.128.0/18 maxlen: 18
77.26.192.0/18 maxlen: 18
77.27.0.0/18 maxlen: 18
77.27.64.0/18 maxlen: 18
77.27.128.0/18 maxlen: 18
77.27.192.0/18 maxlen: 18
83.165.0.0/18 maxlen: 18
83.165.64.0/18 maxlen: 18
83.165.128.0/18 maxlen: 18
83.165.192.0/18 maxlen: 18
85.152.104.0/22 maxlen: 22
85.152.124.0/22 maxlen: 22
91.116.128.0/18 maxlen: 18
91.116.192.0/18 maxlen: 18
91.117.0.0/18 maxlen: 18
91.117.64.0/18 maxlen: 18
91.117.128.0/18 maxlen: 18
91.117.192.0/18 maxlen: 18
178.60.128.0/18 maxlen: 18
178.60.192.0/18 maxlen: 18
178.60.197.0/24 maxlen: 24
188.171.234.0/24 maxlen: 24
188.171.240.0/21 maxlen: 21
188.171.248.0/21 maxlen: 21
213.60.0.0/18 maxlen: 18
213.60.64.0/18 maxlen: 18
213.60.128.0/18 maxlen: 18
213.60.192.0/18 maxlen: 18
Validation: Failed, certificate revoked on Fri 06 Jun 2025 06:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:01:21:8c:85:49:86:6f:2f:ed:69:f7:5b:4c:7e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: May 19 10:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1f61a87758bef8db9004b011df91cce7cb604b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2c:28:3b:17:c4:44:04:8c:52:cd:1b:79:6d:
e8:14:d2:bd:45:0b:4b:f0:a3:8d:0d:d3:d6:b0:58:
ef:70:d8:8f:d8:5f:0a:2e:fb:53:b1:3a:81:31:df:
f9:8a:ad:37:b0:14:89:16:36:09:01:28:e9:89:07:
34:00:28:dd:21:3e:16:b9:b2:c6:d9:bd:71:72:52:
1b:60:6f:ca:02:7d:72:0d:a1:99:c4:d8:fb:7c:f8:
09:ed:b9:de:44:af:ed:9a:34:05:4b:15:0a:53:20:
1d:c4:e2:e7:88:88:11:a2:03:c1:a0:2c:5e:88:53:
e4:57:b4:4e:07:d2:64:35:3e:45:dd:0e:c5:98:e9:
dd:59:84:ce:09:27:fa:f6:b7:41:88:3a:5e:07:70:
11:24:ee:10:33:53:fa:d2:ec:41:ee:31:06:8c:e6:
d6:4d:ef:70:b5:fb:2c:1f:f8:0d:2d:09:dd:88:a1:
d9:28:35:50:f4:05:1d:ef:36:d0:15:2c:e1:19:1f:
3e:e1:bb:25:70:79:20:ff:aa:d9:cc:b8:04:10:ce:
58:35:87:77:59:53:1f:56:39:eb:63:69:3d:7b:5f:
c9:89:d6:c9:f8:07:04:af:08:61:30:16:9e:e7:04:
b5:88:eb:c5:88:1b:dc:4f:1e:f0:10:4c:41:a3:bc:
36:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:F6:1A:87:75:8B:EF:8D:B9:00:4B:01:1D:F9:1C:CE:7C:B6:04:B0
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/0fYah3WL7425AEsBHfkczny2BLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.26.0.0/15
83.165.0.0/16
85.152.104.0/22
85.152.124.0/22
91.116.128.0-91.117.255.255
178.60.128.0/17
188.171.234.0/24
188.171.240.0/20
213.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:50:4e:7a:17:98:36:bb:1f:ea:2f:43:53:23:34:15:6e:dd:
05:7d:a9:29:5e:71:09:7a:17:cf:e0:4b:15:28:03:85:ec:da:
68:ee:2f:65:c1:e8:31:59:8f:35:ec:c5:4d:c5:85:15:52:45:
73:43:13:b0:3a:0d:6a:70:4a:2b:c4:af:96:b3:83:dd:c3:2e:
8b:a1:57:25:c2:ce:ae:4b:0f:bd:4f:9b:b0:6a:4d:cd:23:34:
ef:a4:57:68:05:92:de:66:be:a2:5f:02:c3:da:69:f0:49:9a:
a7:6d:a9:af:df:02:f8:72:b2:ba:96:3c:34:d6:e7:b8:75:9a:
ce:c0:83:4e:be:34:ad:5d:74:16:dc:76:62:d7:48:15:63:7f:
2c:f0:cf:bd:0f:f3:40:ec:26:72:65:66:98:65:ef:d5:7c:0b:
d6:26:ec:f1:12:7f:50:12:2e:31:63:32:5f:c6:c9:e9:ec:4f:
9d:e9:81:79:d3:64:c9:53:1e:69:0f:7b:30:83:04:89:1e:22:
0c:ff:c3:ac:4e:91:8f:4a:6f:28:e0:56:ce:05:7a:f9:75:8a:
8c:30:f6:c1:87:d5:70:96:95:f5:bb:7c:8b:03:cb:93:05:05:
e6:52:47:8f:6a:4f:65:51:8f:b8:25:f6:92:2b:83:c7:29:0e:
6e:3d:b1:5a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZboASGMhUmGby/tafdbTH6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjUwNTE5MTAwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWY2MWE4Nzc1OGJlZjhkYjkwMDRiMDExZGY5MWNjZTdjYjYwNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCwoOxfERASMUs0beW3oFNK9RQtL
8KONDdPWsFjvcNiP2F8KLvtTsTqBMd/5iq03sBSJFjYJASjpiQc0ACjdIT4WubLG
2b1xclIbYG/KAn1yDaGZxNj7fPgJ7bneRK/tmjQFSxUKUyAdxOLniIgRogPBoCxe
iFPkV7ROB9JkNT5F3Q7FmOndWYTOCSf69rdBiDpeB3ARJO4QM1P60uxB7jEGjObW
Te9wtfssH/gNLQndiKHZKDVQ9AUd7zbQFSzhGR8+4bslcHkg/6rZzLgEEM5YNYd3
WVMfVjnrY2k9e1/JidbJ+AcErwhhMBae5wS1iOvFiBvcTx7wEExBo7w2rQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFNH2God1i++NuQBLAR35HM58tgSwMB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvMGZZYWgzV0w3NDI1QUVzQkhma2N6bnkyQkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwMBTRoDAwBT
pQMEAlWYaAMEAlWYfDALAwQHW3SAAwMBW3QDBAeyPIADBAC8q+oDBAS8q/ADAwDV
PDANBgkqhkiG9w0BAQsFAAOCAQEApFBOeheYNrsf6i9DUyM0FW7dBX2pKV5xCXoX
z+BLFSgDhezaaO4vZcHoMVmPNezFTcWFFVJFc0MTsDoNanBKK8SvlrOD3cMui6FX
JcLOrksPvU+bsGpNzSM076RXaAWS3ma+ol8Cw9pp8Emap22pr98C+HKyupY8NNbn
uHWazsCDTr40rV10Ftx2YtdIFWN/LPDPvQ/zQOwmcmVmmGXv1XwL1ibs8RJ/UBIu
MWMyX8bJ6exPnemBedNkyVMeaQ97MIMEiR4iDP/DrE6Rj0pvKOBWzgV6+XWKjDD2
wYfVcJaV9bt8iwPLkwUF5lJHj2pPZVGPuCX2kiuDxykObj2xWg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:11:33 2025 by rpki-client