Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/3YjfmwGbdJdQDc3XPkwuECGites.roa
File: 3YjfmwGbdJdQDc3XPkwuECGites.roa (raw, json)
Hash identifier: xdgoeXc0RhDwu8ReIcTrr/QAkRghQ6un2e890tmqjfk=
Subject key identifier: DD:88:DF:9B:01:9B:74:97:50:0D:CD:D7:3E:4C:2E:10:21:A2:B5:EB
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0196F9284971143CD31EA02A845C8207A0A7
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/3YjfmwGbdJdQDc3XPkwuECGites.roa
Signing time: Thu 22 May 2025 18:01:29 +0000
ROA not before: Thu 22 May 2025 18:01:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 89.19.57.0/24 maxlen: 24
89.19.58.0/24 maxlen: 24
89.19.59.0/24 maxlen: 24
185.59.232.0/22 maxlen: 24
185.68.245.0/24 maxlen: 24
185.79.51.0/24 maxlen: 24
185.79.79.0/24 maxlen: 24
185.81.172.0/24 maxlen: 24
185.81.173.0/24 maxlen: 24
185.81.174.0/23 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/23 maxlen: 24
185.81.186.0/23 maxlen: 24
185.89.40.0/24 maxlen: 24
185.89.108.0/22 maxlen: 24
185.95.100.0/23 maxlen: 24
185.95.102.0/23 maxlen: 24
185.96.80.0/24 maxlen: 24
185.96.83.0/24 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
185.101.203.0/24 maxlen: 24
185.104.151.0/24 maxlen: 24
185.112.56.0/23 maxlen: 24
185.175.224.0/24 maxlen: 24
185.175.225.0/24 maxlen: 24
185.185.147.0/24 maxlen: 24
193.221.215.0/24 maxlen: 24
213.170.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 16:55:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f9:28:49:71:14:3c:d3:1e:a0:2a:84:5c:82:07:a0:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: May 22 18:01:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd88df9b019b7497500dcdd73e4c2e1021a2b5eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:01:0e:9e:ac:96:07:85:46:40:db:42:b4:4e:
65:7f:21:b2:90:ef:2d:47:40:68:25:e6:27:f2:d7:
b4:29:93:98:42:f3:cf:58:95:19:43:13:3a:9d:08:
8b:1b:59:52:27:0a:02:7d:a6:83:d8:dd:22:5f:39:
27:de:f0:ba:9e:23:b9:17:69:aa:5a:86:94:19:ca:
3d:5e:d6:a2:b8:b9:12:8b:19:4b:20:3b:55:fd:d8:
20:9a:f1:45:37:89:28:7c:4d:f1:b6:12:d4:f7:1d:
a9:a3:33:b5:b9:e2:ae:9d:dd:45:1c:02:14:bf:97:
3d:96:ed:a4:7a:77:f8:c2:a3:8b:24:8d:09:fd:52:
33:dc:fa:08:b6:64:2f:d0:f0:1f:b9:9f:3a:be:c7:
9d:e2:bc:6e:91:34:0c:bc:1c:07:23:be:32:e9:7a:
8e:f5:08:3b:1c:91:08:c9:70:36:f0:6f:f2:dd:05:
7f:71:18:28:40:a5:27:e5:30:86:c1:12:9f:fe:4c:
80:20:b2:41:77:c6:72:d4:6d:ba:14:d1:db:06:49:
95:dc:f8:fc:98:b6:33:18:7f:dc:6c:71:ba:5b:4d:
1e:b6:02:1f:fa:5f:98:bf:5b:40:c3:2a:5e:68:b3:
6a:18:14:95:aa:d4:35:56:d5:1e:f3:fb:d6:e7:13:
a9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:88:DF:9B:01:9B:74:97:50:0D:CD:D7:3E:4C:2E:10:21:A2:B5:EB
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/3YjfmwGbdJdQDc3XPkwuECGites.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.57.0-89.19.59.255
185.59.232.0/22
185.68.245.0/24
185.79.51.0/24
185.79.79.0/24
185.81.172.0/22
185.81.184.0/22
185.89.40.0/24
185.89.108.0/22
185.95.100.0/22
185.96.80.0/24
185.96.83.0/24
185.97.1.0/24
185.97.3.0/24
185.101.203.0/24
185.104.151.0/24
185.112.56.0/23
185.175.224.0/23
185.185.147.0/24
193.221.215.0/24
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:70:1a:01:8f:38:16:10:83:5f:e6:42:06:ef:78:2f:e7:0e:
de:fa:c0:e1:d9:0f:71:cb:ed:0e:88:eb:ef:8e:e6:ad:d3:f8:
10:54:cf:54:4d:3d:b9:8a:7a:5f:1b:7d:2f:7b:0a:d9:f9:31:
ad:d9:2f:4d:55:9c:69:e7:49:67:dd:5e:8f:3d:42:8a:29:3f:
83:6b:39:e5:e1:04:53:47:1d:5a:4a:f4:a4:4f:fb:8b:37:0a:
1b:c0:e5:9c:d5:8a:1e:fb:02:95:5b:77:34:b9:5c:b9:43:35:
a9:e3:72:79:9d:cd:83:4d:39:8c:5f:c0:e3:92:31:c1:7d:ce:
2f:22:24:de:ae:20:e1:53:cf:80:99:42:1b:e9:18:c0:18:9a:
0d:74:6a:18:af:ff:82:02:d4:62:39:ab:8e:2c:dd:03:90:ed:
2e:96:cb:b5:ae:40:0b:48:e2:16:a2:1c:d8:c0:ab:ba:c9:95:
d2:a1:fc:20:71:92:8a:57:73:03:9a:5d:15:b6:28:99:96:2a:
bd:a4:1f:64:d4:0d:d8:de:ad:9d:53:93:0f:3c:e4:1d:9e:e1:
83:1c:ef:84:d5:c8:b2:9c:77:af:28:4a:6e:9b:e1:03:57:70:
69:3b:cb:24:85:05:98:e2:21:eb:7b:6c:19:26:f3:a1:3d:5c:
98:8d:ae:b6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZb5KElxFDzTHqAqhFyCB6CnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNTIyMTgwMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDg4ZGY5YjAxOWI3NDk3NTAwZGNkZDczZTRjMmUxMDIxYTJiNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wEOnqyWB4VGQNtCtE5lfyGykO8t
R0BoJeYn8te0KZOYQvPPWJUZQxM6nQiLG1lSJwoCfaaD2N0iXzkn3vC6niO5F2mq
WoaUGco9XtaiuLkSixlLIDtV/dggmvFFN4kofE3xthLU9x2pozO1ueKund1FHAIU
v5c9lu2kenf4wqOLJI0J/VIz3PoItmQv0PAfuZ86vsed4rxukTQMvBwHI74y6XqO
9Qg7HJEIyXA28G/y3QV/cRgoQKUn5TCGwRKf/kyAILJBd8Zy1G26FNHbBkmV3Pj8
mLYzGH/cbHG6W00etgIf+l+Yv1tAwypeaLNqGBSVqtQ1VtUe8/vW5xOpxwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFN2I35sBm3SXUA3N1z5MLhAhorXrMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvM1lqZm13R2JkSmRRRGMzWFBrd3VFQ0dpdGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYwDAME
AFkTOQMEAlkTOAMEArk76AMEALlE9QMEALlPMwMEALlPTwMEArlRrAMEArlRuAME
ALlZKAMEArlZbAMEArlfZAMEALlgUAMEALlgUwMEALlhAQMEALlhAwMEALllywME
ALlolwMEAblwOAMEAbmv4AMEALm5kwMEAMHd1wMEANWq3zANBgkqhkiG9w0BAQsF
AAOCAQEAinAaAY84FhCDX+ZCBu94L+cO3vrA4dkPccvtDojr747mrdP4EFTPVE09
uYp6Xxt9L3sK2fkxrdkvTVWcaedJZ91ejz1Ciik/g2s55eEEU0cdWkr0pE/7izcK
G8DlnNWKHvsClVt3NLlcuUM1qeNyeZ3Ng005jF/A45IxwX3OLyIk3q4g4VPPgJlC
G+kYwBiaDXRqGK//ggLUYjmrjizdA5DtLpbLta5AC0jiFqIc2MCrusmV0qH8IHGS
ildzA5pdFbYomZYqvaQfZNQN2N6tnVOTDzzkHZ7hgxzvhNXIspx3ryhKbpvhA1dw
aTvLJIUFmOIh63tsGSbzoT1cmI2utg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:11:31 2025 by rpki-client