Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6mxRoe5aOHhADYkgWaj-w-28mWQ.roa
File: 6mxRoe5aOHhADYkgWaj-w-28mWQ.roa (raw, json)
Hash identifier: OQOuhX2YO3VHWZv+HBl3567fGzQmREuDU78dqu0Uevs=
Subject key identifier: EA:6C:51:A1:EE:5A:38:78:40:0D:89:20:59:A8:FE:C3:ED:BC:99:64
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019736EC30A70A178B005AE24372978127D1
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6mxRoe5aOHhADYkgWaj-w-28mWQ.roa
Signing time: Tue 03 Jun 2025 17:52:18 +0000
ROA not before: Tue 03 Jun 2025 17:52:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30738
IP address blocks: 109.248.220.0/23 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 04 Jun 2025 05:28:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:ec:30:a7:0a:17:8b:00:5a:e2:43:72:97:81:27:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 3 17:52:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea6c51a1ee5a3878400d892059a8fec3edbc9964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2b:b2:19:19:98:fa:e3:a7:4a:54:0b:1d:df:
5d:64:92:67:15:12:ef:da:84:50:ef:fa:39:5d:1f:
4a:69:03:91:98:81:13:cc:cb:de:4f:ab:08:41:f2:
c5:38:8b:65:62:c8:74:d0:ab:70:69:44:ff:f7:c5:
4a:24:bc:c2:3a:a8:38:39:6b:c0:06:77:2d:df:8d:
11:05:77:fa:c6:89:6a:ed:54:b9:9f:6f:c0:bb:29:
d5:26:a3:dc:7d:98:69:b5:5c:01:b2:ef:40:23:b3:
82:2c:21:5b:22:ce:ba:bf:3d:9c:74:f0:3d:9e:fd:
43:97:9d:e2:79:99:ac:a5:87:9e:5a:48:2f:2a:e2:
04:5a:98:6a:4f:3c:6a:5f:0b:75:5c:39:d5:4e:0c:
f1:22:81:88:3a:c4:5c:5f:e2:a9:99:b3:02:5b:c6:
0a:34:3e:3c:f1:3d:3c:ac:07:ae:5f:b3:b1:0e:c6:
85:24:b5:6b:e5:ee:0c:4f:cb:0b:11:be:46:09:36:
cf:6b:e9:6e:ad:19:80:b9:72:63:d5:63:a5:f5:0a:
b9:89:46:2b:ac:c1:93:13:29:fb:56:af:47:99:75:
cd:ba:13:30:04:3d:58:1e:11:24:ae:88:21:9c:2b:
a2:c8:cc:8b:d2:82:f0:f9:f1:9d:da:17:d5:d1:67:
6a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:6C:51:A1:EE:5A:38:78:40:0D:89:20:59:A8:FE:C3:ED:BC:99:64
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6mxRoe5aOHhADYkgWaj-w-28mWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.220.0/23
188.130.182.0/24
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
29:17:39:d1:cd:b5:6c:a0:42:9f:4c:ba:82:c2:71:f6:2d:b6:
66:5f:a5:c8:9e:d4:76:72:c6:41:95:3c:a7:d2:ce:17:42:2e:
83:55:28:e8:8e:58:78:87:de:db:e0:28:08:8f:42:65:6b:05:
2f:5f:f4:57:0e:3d:3d:f0:15:3e:d8:1f:4d:c8:1f:ad:44:a2:
00:1f:02:58:31:55:ff:64:4f:44:d8:ac:f7:f2:cc:ad:c6:fb:
74:a0:cf:d2:d1:a2:f2:06:95:64:34:1f:35:2e:a2:08:b3:d4:
f7:fe:f7:35:ab:14:02:0b:d7:bd:f7:74:33:44:cb:36:8e:ff:
d6:73:a2:1b:17:db:5b:27:88:a1:3f:26:79:ec:ee:65:d3:0a:
28:ad:d8:62:be:0c:3e:c4:f0:ec:4f:0a:3d:f0:26:77:a1:53:
bc:d5:e0:3e:36:40:fb:d9:0f:3e:52:2c:e6:14:4b:2a:bd:b8:
9c:2b:12:57:82:4b:30:97:92:a9:40:e4:d9:ed:08:01:1b:d0:
77:6b:f5:76:23:1d:bc:52:12:50:6e:1c:5c:6c:52:07:52:20:
7d:cb:fa:75:41:77:a8:a5:e2:5c:31:12:d8:9e:eb:75:f8:2b:
37:2a:1a:c4:0e:2a:50:7c:85:d7:52:bc:61:12:76:04:2e:ed:
f8:b8:dc:5d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZc27DCnCheLAFriQ3KXgSfRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwNjAzMTc1MjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTZjNTFhMWVlNWEzODc4NDAwZDg5MjA1OWE4ZmVjM2VkYmM5OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyuyGRmY+uOnSlQLHd9dZJJnFRLv
2oRQ7/o5XR9KaQORmIETzMveT6sIQfLFOItlYsh00KtwaUT/98VKJLzCOqg4OWvA
Bnct340RBXf6xolq7VS5n2/AuynVJqPcfZhptVwBsu9AI7OCLCFbIs66vz2cdPA9
nv1Dl53ieZmspYeeWkgvKuIEWphqTzxqXwt1XDnVTgzxIoGIOsRcX+KpmbMCW8YK
ND488T08rAeuX7OxDsaFJLVr5e4MT8sLEb5GCTbPa+lurRmAuXJj1WOl9Qq5iUYr
rMGTEyn7Vq9HmXXNuhMwBD1YHhEkroghnCuiyMyL0oLw+fGd2hfV0WdqqwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOpsUaHuWjh4QA2JIFmo/sPtvJlkMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvNm14Um9lNWFPSGhBRFlrZ1dhai13LTI4bVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBbfjcAwQA
vIK2AwQCw9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQApFznR
zbVsoEKfTLqCwnH2LbZmX6XIntR2csZBlTyn0s4XQi6DVSjojlh4h97b4CgIj0Jl
awUvX/RXDj098BU+2B9NyB+tRKIAHwJYMVX/ZE9E2Kz38sytxvt0oM/S0aLyBpVk
NB81LqIIs9T3/vc1qxQCC9e993QzRMs2jv/Wc6IbF9tbJ4ihPyZ57O5l0woordhi
vgw+xPDsTwo98CZ3oVO81eA+NkD72Q8+UizmFEsqvbicKxJXgkswl5KpQOTZ7QgB
G9B3a/V2Ix28UhJQbhxcbFIHUiB9y/p1QXeopeJcMRLYnut1+Cs3KhrEDipQfIXX
UrxhEnYELu34uNxd
-----END CERTIFICATE-----
Generated at Wed Jun 11 12:29:59 2025 by rpki-client