Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/D-Sv3RHoonqEglWfBGhMZixXEaw.roa
File: D-Sv3RHoonqEglWfBGhMZixXEaw.roa (raw, json)
Hash identifier: OljBu2o0/f6ocmc4agC6eNtgRidkm1ywXtlkR3uvBlE=
Subject key identifier: 0F:E4:AF:DD:11:E8:A2:7A:84:82:55:9F:04:68:4C:66:2C:57:11:AC
Certificate issuer: /CN=0d031379700d35dd0092bd061c603e6cb2561a75
Certificate serial: 019744BBF3CCF76A1A69B6EFA28F79A79B64
Authority key identifier: 0D:03:13:79:70:0D:35:DD:00:92:BD:06:1C:60:3E:6C:B2:56:1A:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQMTeXANNd0Akr0GHGA-bLJWGnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/D-Sv3RHoonqEglWfBGhMZixXEaw.roa
Signing time: Fri 06 Jun 2025 10:14:17 +0000
ROA not before: Fri 06 Jun 2025 10:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.23.56.0/22 maxlen: 22
185.55.252.0/24 maxlen: 24
185.55.253.0/24 maxlen: 24
185.55.254.0/24 maxlen: 24
185.55.255.0/24 maxlen: 24
2a00:6be0::/32 maxlen: 32
2a04:d780::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 10 Jun 2025 08:18:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:44:bb:f3:cc:f7:6a:1a:69:b6:ef:a2:8f:79:a7:9b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d031379700d35dd0092bd061c603e6cb2561a75
Validity
Not Before: Jun 6 10:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fe4afdd11e8a27a8482559f04684c662c5711ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6d:30:6a:ed:e9:33:c4:96:56:68:2b:d8:02:
2f:64:64:8f:cc:ad:1c:14:c7:9a:f2:9a:4b:76:11:
24:a7:ac:2b:5f:ba:02:2a:b5:b2:99:7b:e4:db:ea:
07:0e:eb:40:08:d0:c5:22:74:05:85:d7:4f:63:33:
b9:5d:d7:2b:12:51:2f:f5:81:2d:c9:b9:6f:c9:d1:
13:1a:69:69:d6:77:05:df:82:21:56:d7:08:60:12:
63:7e:5a:85:00:95:a2:99:69:eb:8b:37:bf:46:36:
4f:35:02:62:fc:40:14:59:22:cc:38:57:a2:78:a7:
ad:bf:07:7c:ab:32:5a:fc:20:39:05:f0:d5:90:0c:
80:51:7d:eb:ad:f5:59:3e:ad:7c:67:5d:7d:99:53:
40:a4:5f:b8:06:9e:41:61:1b:dd:9d:71:eb:1f:39:
83:e8:12:77:a8:66:a7:d1:83:88:ba:12:05:bf:5a:
5b:dc:3c:d3:78:47:f2:95:c6:e7:15:07:67:ff:b4:
32:95:a8:0c:4d:b7:13:a6:ab:bb:2c:a6:fd:5b:20:
d6:90:19:df:f9:6e:b6:21:6f:ab:19:ec:e0:ae:2c:
89:7f:db:b1:e5:cc:fe:b1:77:a2:df:0c:79:01:f7:
b7:57:13:ee:c9:5a:fd:b2:ab:9b:97:c4:5e:dc:70:
0c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E4:AF:DD:11:E8:A2:7A:84:82:55:9F:04:68:4C:66:2C:57:11:AC
X509v3 Authority Key Identifier:
keyid:0D:03:13:79:70:0D:35:DD:00:92:BD:06:1C:60:3E:6C:B2:56:1A:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQMTeXANNd0Akr0GHGA-bLJWGnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/D-Sv3RHoonqEglWfBGhMZixXEaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/409752-9d8c-40f5-9125-9c06737979d1/1/DQMTeXANNd0Akr0GHGA-bLJWGnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.56.0/22
185.55.252.0/22
IPv6:
2a00:6be0::/32
2a04:d780::/29
Signature Algorithm: sha256WithRSAEncryption
75:62:a1:e6:0b:00:97:0d:87:13:01:14:22:fd:32:89:63:39:
1e:70:e3:4c:aa:f8:b0:68:45:d6:9f:38:57:d3:ec:78:6d:fb:
30:dc:f7:d7:4c:a3:af:10:7f:b2:d4:d6:29:a1:0c:1e:d9:89:
e7:af:33:a3:30:b5:42:81:6b:5a:68:07:cb:0f:40:6e:9b:6d:
43:b0:c0:5e:d0:5c:df:60:44:ed:e6:85:13:4b:4e:d5:50:ac:
e0:4e:1a:27:9b:a4:e4:97:91:90:18:c2:83:9c:48:67:58:7f:
34:65:24:7d:f4:71:4f:79:e2:74:b9:e5:fb:8a:b4:03:28:d3:
ac:e7:4f:41:ac:14:77:73:33:6a:f7:1f:79:72:7b:cf:3c:7a:
15:86:6c:b6:69:c3:04:36:6f:b0:55:62:7b:10:a9:94:9a:84:
f9:8f:d2:5c:2d:71:5d:d6:2b:23:c1:05:3a:49:4e:89:a9:86:
f0:3c:c0:3e:1f:ef:49:c0:2b:cd:2a:e1:6b:b0:3b:22:e9:e4:
0c:89:a8:1a:3b:c2:de:de:ab:9b:85:bc:59:30:93:08:dc:07:
78:24:b5:47:18:a7:44:5e:bd:27:e2:7a:14:2a:a1:c2:3a:90:
5d:7b:5b:49:c7:ae:ba:f7:41:3e:89:02:dc:0f:da:0f:c2:83:
a8:e1:c4:1b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZdEu/PM92oaabbvoo95p5tkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDMxMzc5NzAwZDM1ZGQwMDkyYmQwNjFjNjAzZTZjYjI1
NjFhNzUwHhcNMjUwNjA2MTAxNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmU0YWZkZDExZThhMjdhODQ4MjU1OWYwNDY4NGM2NjJjNTcxMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr20wau3pM8SWVmgr2AIvZGSPzK0c
FMea8ppLdhEkp6wrX7oCKrWymXvk2+oHDutACNDFInQFhddPYzO5XdcrElEv9YEt
yblvydETGmlp1ncF34IhVtcIYBJjflqFAJWimWnrize/RjZPNQJi/EAUWSLMOFei
eKetvwd8qzJa/CA5BfDVkAyAUX3rrfVZPq18Z119mVNApF+4Bp5BYRvdnXHrHzmD
6BJ3qGan0YOIuhIFv1pb3DzTeEfylcbnFQdn/7QylagMTbcTpqu7LKb9WyDWkBnf
+W62IW+rGezgriyJf9ux5cz+sXei3wx5Afe3VxPuyVr9squbl8Re3HAMeQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA/kr90R6KJ6hIJVnwRoTGYsVxGsMB8GA1UdIwQY
MBaAFA0DE3lwDTXdAJK9BhxgPmyyVhp1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFNVGVYQU5OZDBBa3IwR0hHQS1iTEpXR25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS80MDk3NTItOWQ4Yy00MGY1LTkxMjUt
OWMwNjczNzk3OWQxLzEvRC1TdjNSSG9vbnFFZ2xXZkJHaE1aaXhYRWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS80MDk3NTItOWQ4Yy00MGY1LTkxMjUtOWMwNjczNzk3OWQx
LzEvRFFNVGVYQU5OZDBBa3IwR0hHQS1iTEpXR25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRc4AwQC
uTf8MBQEAgACMA4DBQAqAGvgAwUDKgTXgDANBgkqhkiG9w0BAQsFAAOCAQEAdWKh
5gsAlw2HEwEUIv0yiWM5HnDjTKr4sGhF1p84V9PseG37MNz310yjrxB/stTWKaEM
HtmJ568zozC1QoFrWmgHyw9AbpttQ7DAXtBc32BE7eaFE0tO1VCs4E4aJ5uk5JeR
kBjCg5xIZ1h/NGUkffRxT3nidLnl+4q0AyjTrOdPQawUd3MzavcfeXJ7zzx6FYZs
tmnDBDZvsFViexCplJqE+Y/SXC1xXdYrI8EFOklOiamG8DzAPh/vScArzSrha7A7
IunkDImoGjvC3t6rm4W8WTCTCNwHeCS1RxinRF69J+J6FCqhwjqQXXtbSceuuvdB
PokC3A/aD8KDqOHEGw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:38:05 2025 by rpki-client