Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/kKOmwEU1i0sD5sS3Z4-973AbY9Q.roa
File: kKOmwEU1i0sD5sS3Z4-973AbY9Q.roa (raw, json)
Hash identifier: C/S9sFM/J6leDQGVhnye8/Y2OAN5yC/HjmlK4gcqPF8=
Subject key identifier: 90:A3:A6:C0:45:35:8B:4B:03:E6:C4:B7:67:8F:BD:EF:70:1B:63:D4
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0196BEA8B83BA347C48F315574D1034EC0E9
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/kKOmwEU1i0sD5sS3Z4-973AbY9Q.roa
Signing time: Sun 11 May 2025 09:24:10 +0000
ROA not before: Sun 11 May 2025 09:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 37.49.145.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
109.203.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 08:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:be:a8:b8:3b:a3:47:c4:8f:31:55:74:d1:03:4e:c0:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: May 11 09:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90a3a6c045358b4b03e6c4b7678fbdef701b63d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:58:95:6f:49:22:bc:c5:70:fa:0a:e2:10:4f:
aa:a1:42:6e:9b:00:0d:ef:c0:44:95:89:54:9d:58:
04:90:1b:83:f1:a8:86:e7:28:7b:62:67:b8:0c:08:
ea:56:ff:42:20:36:c6:63:c3:e3:be:fc:05:bd:e9:
29:d9:1f:68:a8:94:0f:c6:12:1a:de:b8:25:c6:56:
98:f2:43:47:f2:8d:53:de:57:32:47:89:fc:cb:4f:
91:6b:87:07:2b:07:dc:b6:d3:5f:94:46:11:bb:12:
76:44:c0:4a:5d:f2:82:1e:b7:b3:f9:b0:f9:db:77:
40:a8:dd:62:bd:d9:29:8b:20:d2:6a:ce:ae:b8:e8:
39:ec:1b:8b:31:ee:4e:29:6a:66:b0:a0:f0:59:1c:
40:28:14:fa:96:53:d4:44:60:b8:79:d9:bf:69:37:
f2:4a:f9:ec:b3:07:6f:8e:d6:43:03:a5:1f:e3:da:
c8:ac:d0:c2:3c:cd:86:ff:c4:59:41:6c:ef:98:d2:
58:a9:e8:96:76:78:64:be:05:50:db:e0:7f:32:19:
d8:e1:35:aa:34:12:b7:25:20:c9:eb:a5:dc:a5:3f:
c1:9a:1e:ae:a9:f0:1d:8f:c8:ad:c2:99:7d:f0:06:
6a:2b:cf:4b:ff:11:8d:96:51:83:62:d7:c8:fb:1c:
92:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A3:A6:C0:45:35:8B:4B:03:E6:C4:B7:67:8F:BD:EF:70:1B:63:D4
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/kKOmwEU1i0sD5sS3Z4-973AbY9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.145.0/24
37.49.151.0/24
94.74.147.0/24
94.74.168.0/24
109.203.160.0/24
Signature Algorithm: sha256WithRSAEncryption
28:14:c5:20:02:e3:0b:b3:1f:b9:7d:7f:51:7a:ee:76:8a:b7:
df:aa:a7:35:bb:0b:96:35:a0:e2:14:fd:48:45:d1:df:e1:75:
c6:57:f5:a2:34:fa:41:e5:3f:f7:91:0c:0e:b9:b6:06:36:ea:
83:c5:37:39:db:40:dc:14:01:a8:7a:57:6b:b3:24:50:4d:ed:
f1:e5:29:f2:b7:53:3b:a3:6d:0c:0e:1a:6a:e7:82:a7:91:3f:
24:c4:7f:70:f3:4d:3f:43:c9:ce:83:6c:d4:41:79:03:bd:64:
c6:6f:bf:8d:91:13:f8:a0:dd:8f:ad:ef:b2:b1:04:11:e4:ac:
6a:54:20:6a:cc:45:68:ba:ae:96:0d:88:df:12:a6:29:09:38:
4a:3b:81:f9:2f:09:79:39:5f:83:33:20:b1:8a:cd:de:ab:b9:
30:f5:8a:3c:92:d9:c7:90:0d:e8:c4:90:d7:54:ad:60:18:fd:
cf:5b:4c:3c:28:47:06:8e:fc:41:0d:76:3c:ee:4b:c6:8c:80:
18:5e:fc:29:ca:73:fd:ff:19:14:72:dc:17:17:8f:ae:2c:3b:
1e:6e:68:03:af:d1:84:7e:07:f6:0a:37:e6:65:e5:f4:38:01:
d5:89:16:c9:d6:6b:a1:81:ce:b3:07:94:dd:24:c7:81:5c:4a:
0e:dd:14:0c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZa+qLg7o0fEjzFVdNEDTsDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNTExMDkyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGEzYTZjMDQ1MzU4YjRiMDNlNmM0Yjc2NzhmYmRlZjcwMWI2M2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FiVb0kivMVw+griEE+qoUJumwAN
78BElYlUnVgEkBuD8aiG5yh7Yme4DAjqVv9CIDbGY8PjvvwFvekp2R9oqJQPxhIa
3rglxlaY8kNH8o1T3lcyR4n8y0+Ra4cHKwfcttNflEYRuxJ2RMBKXfKCHrez+bD5
23dAqN1ivdkpiyDSas6uuOg57BuLMe5OKWpmsKDwWRxAKBT6llPURGC4edm/aTfy
SvnsswdvjtZDA6Uf49rIrNDCPM2G/8RZQWzvmNJYqeiWdnhkvgVQ2+B/MhnY4TWq
NBK3JSDJ66XcpT/Bmh6uqfAdj8itwpl98AZqK89L/xGNllGDYtfI+xySUwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJCjpsBFNYtLA+bEt2ePve9wG2PUMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEva0tPbXdFVTFpMHNENXNTM1o0LTk3M0FiWTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJTGRAwQA
JTGXAwQAXkqTAwQAXkqoAwQAbcugMA0GCSqGSIb3DQEBCwUAA4IBAQAoFMUgAuML
sx+5fX9Reu52irffqqc1uwuWNaDiFP1IRdHf4XXGV/WiNPpB5T/3kQwOubYGNuqD
xTc520DcFAGoeldrsyRQTe3x5Snyt1M7o20MDhpq54KnkT8kxH9w800/Q8nOg2zU
QXkDvWTGb7+NkRP4oN2Pre+ysQQR5KxqVCBqzEVouq6WDYjfEqYpCThKO4H5Lwl5
OV+DMyCxis3eq7kw9Yo8ktnHkA3oxJDXVK1gGP3PW0w8KEcGjvxBDXY87kvGjIAY
XvwpynP9/xkUctwXF4+uLDsebmgDr9GEfgf2CjfmZeX0OAHViRbJ1muhgc6zB5Td
JMeBXEoO3RQM
-----END CERTIFICATE-----
Generated at Tue Jun 3 10:22:19 2025 by rpki-client