Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1P5YGQ8GcLudQxFmeMYEqzf69vY.roa
File: 1P5YGQ8GcLudQxFmeMYEqzf69vY.roa (raw, json)
Hash identifier: PbBYqpqXPOL/6CUr5+CjKbBIl+PJP73vFbOex4obWqQ=
Subject key identifier: D4:FE:58:19:0F:06:70:BB:9D:43:11:66:78:C6:04:AB:37:FA:F6:F6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01970DB462B9E07704738B4A193BB1E7F242
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1P5YGQ8GcLudQxFmeMYEqzf69vY.roa
Signing time: Mon 26 May 2025 17:46:54 +0000
ROA not before: Mon 26 May 2025 17:46:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 195.211.188.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120:6::/48 maxlen: 48
2a01:7120:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 May 2025 15:28:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:b4:62:b9:e0:77:04:73:8b:4a:19:3b:b1:e7:f2:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: May 26 17:46:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4fe58190f0670bb9d43116678c604ab37faf6f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2c:63:dd:10:4d:aa:87:a4:1e:76:7a:60:9d:
ae:d6:47:74:b6:6d:f5:df:42:f2:a6:c7:45:9b:41:
b8:81:e3:a7:01:ca:59:b7:8d:e7:60:e5:29:d8:8b:
26:2c:dd:2f:a0:06:a0:35:45:bb:38:88:e3:bc:ab:
7c:15:73:39:26:9c:1d:fd:4a:a3:24:5e:f4:75:bf:
01:96:57:d0:76:08:2d:6e:9d:49:0b:8a:96:82:0b:
50:9f:4e:05:74:0d:1d:ba:8b:61:ae:41:7d:66:be:
16:81:fe:f8:13:a1:d6:28:e3:e3:42:f4:cd:6d:2f:
34:70:00:07:77:25:d0:eb:3a:0b:68:23:5e:c8:e0:
26:53:0e:ed:29:9b:37:8e:43:61:19:f3:9d:7d:37:
a8:82:f1:24:bf:6f:17:e8:3f:da:f3:0a:96:bd:ef:
21:03:df:44:f5:08:46:c2:c2:ee:b2:d3:61:a6:8c:
15:90:73:35:b8:2a:2e:a3:eb:e3:71:6b:2f:05:71:
d9:24:4e:98:9b:d8:58:b0:3d:a4:1a:d2:c1:dd:69:
25:b9:b0:c4:ae:e2:e0:b0:8e:66:7c:13:bf:35:3c:
89:6e:41:38:d4:86:4c:a2:4f:43:d1:d5:f8:a7:e4:
27:b0:3f:8e:58:3f:43:1e:3d:79:41:c2:f6:1a:25:
e0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:FE:58:19:0F:06:70:BB:9D:43:11:66:78:C6:04:AB:37:FA:F6:F6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1P5YGQ8GcLudQxFmeMYEqzf69vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.188.0/24
195.211.190.0/24
IPv6:
2a01:7120:6::/47
Signature Algorithm: sha256WithRSAEncryption
71:56:c6:89:20:21:2a:80:ae:b0:3f:a0:e6:d6:50:7a:6e:f4:
7b:c2:8e:9a:c3:7c:49:50:c2:32:33:5d:b2:f2:9a:2f:ac:ca:
85:32:1d:80:3b:6a:87:61:91:bc:7b:b1:88:67:b7:fd:35:93:
56:77:80:73:26:19:05:4c:6e:0e:5f:f6:6e:27:0d:29:7c:ab:
43:c1:53:69:83:62:1f:2b:b5:53:ad:90:ed:92:9a:79:f3:c3:
5e:8a:46:58:dc:0e:28:37:6f:fa:5f:83:2f:da:31:7b:5a:45:
5f:1f:da:7c:dd:d9:99:bd:d5:56:9c:81:19:11:04:18:4a:d4:
3f:ff:20:ae:e1:7a:6f:f5:86:ab:a4:68:dc:e9:bc:72:ae:15:
dc:33:12:52:71:28:a6:85:d9:72:0b:47:30:e4:4a:16:92:16:
41:d7:9c:58:2c:9f:e6:93:76:c8:6a:88:e3:f1:8a:b6:9a:fe:
85:8a:ed:22:73:78:b7:73:79:17:4d:1b:cc:db:f2:81:4b:5f:
96:b1:e6:a9:d2:f2:35:79:80:b4:ee:79:0c:95:29:e2:e8:c9:
61:9a:34:71:4e:4c:c4:0f:1d:df:94:91:15:a4:cc:fe:10:24:
5a:42:e0:b3:3e:6e:ef:04:90:9a:58:1f:26:92:a0:12:83:df:
82:b0:59:10
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZcNtGK54HcEc4tKGTux5/JCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNTI2MTc0NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGZlNTgxOTBmMDY3MGJiOWQ0MzExNjY3OGM2MDRhYjM3ZmFmNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyxj3RBNqoekHnZ6YJ2u1kd0tm31
30LypsdFm0G4geOnAcpZt43nYOUp2IsmLN0voAagNUW7OIjjvKt8FXM5Jpwd/Uqj
JF70db8BllfQdggtbp1JC4qWggtQn04FdA0duothrkF9Zr4Wgf74E6HWKOPjQvTN
bS80cAAHdyXQ6zoLaCNeyOAmUw7tKZs3jkNhGfOdfTeogvEkv28X6D/a8wqWve8h
A99E9QhGwsLustNhpowVkHM1uCouo+vjcWsvBXHZJE6Ym9hYsD2kGtLB3WklubDE
ruLgsI5mfBO/NTyJbkE41IZMok9D0dX4p+QnsD+OWD9DHj15QcL2GiXgOwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNT+WBkPBnC7nUMRZnjGBKs3+vb2MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvMVA1WUdROEdjTHVkUXhGbWVNWUVxemY2OXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAw9O8AwQA
w9O+MA8EAgACMAkDBwEqAXEgAAYwDQYJKoZIhvcNAQELBQADggEBAHFWxokgISqA
rrA/oObWUHpu9HvCjprDfElQwjIzXbLymi+syoUyHYA7aodhkbx7sYhnt/01k1Z3
gHMmGQVMbg5f9m4nDSl8q0PBU2mDYh8rtVOtkO2Smnnzw16KRljcDig3b/pfgy/a
MXtaRV8f2nzd2Zm91VacgRkRBBhK1D//IK7hem/1hqukaNzpvHKuFdwzElJxKKaF
2XILRzDkShaSFkHXnFgsn+aTdshqiOPxiraa/oWK7SJzeLdzeRdNG8zb8oFLX5ax
5qnS8jV5gLTueQyVKeLoyWGaNHFOTMQPHd+UkRWkzP4QJFpC4LM+bu8EkJpYHyaS
oBKD34KwWRA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:25:10 2025 by rpki-client