Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/3ihE1qnXkLbxqf15mLtUIx8Xxhs.roa
File: 3ihE1qnXkLbxqf15mLtUIx8Xxhs.roa (raw, json)
Hash identifier: brSl4btbKY52ETE/HsNQ+C1b/Z57+idKPU0gmvaQdPk=
Subject key identifier: DE:28:44:D6:A9:D7:90:B6:F1:A9:FD:79:98:BB:54:23:1F:17:C6:1B
Certificate issuer: /CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Certificate serial: 01966C2D33906FDF9E91DE92984D2E7235B8
Authority key identifier: 7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/3ihE1qnXkLbxqf15mLtUIx8Xxhs.roa
Signing time: Fri 25 Apr 2025 09:00:23 +0000
ROA not before: Fri 25 Apr 2025 09:00:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58193
IP address blocks: 178.251.124.0/24 maxlen: 24
178.251.125.0/24 maxlen: 24
185.154.86.0/24 maxlen: 24
194.48.100.0/22 maxlen: 24
2a02:fae0::/29 maxlen: 29
2a02:fae0::/40 maxlen: 40
2a02:fae0:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 25 Apr 2025 09:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:2d:33:90:6f:df:9e:91:de:92:98:4d:2e:72:35:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Validity
Not Before: Apr 25 09:00:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de2844d6a9d790b6f1a9fd7998bb54231f17c61b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e2:53:57:59:8e:29:e6:ac:37:bc:cb:5d:6e:
17:43:9c:21:ab:42:ec:6d:e9:0f:41:5d:8a:c5:5d:
d7:49:a8:4d:78:3d:45:03:d5:eb:fe:11:3e:e0:74:
07:9f:81:26:cb:8c:e1:10:f3:5a:ef:19:f8:30:8c:
01:6b:82:55:12:43:8d:82:4b:e2:a4:51:06:b4:36:
6a:72:4d:d8:6d:bb:f7:20:4b:ef:df:97:71:02:82:
52:67:ec:4e:c6:de:5d:aa:0c:90:3e:df:0e:86:6d:
46:87:9e:19:2c:3a:45:9d:26:6d:fd:e9:a7:b7:99:
6f:bd:4a:e7:f1:d4:29:6c:b8:ee:90:f5:6e:c2:49:
8a:7f:92:e0:ca:42:0c:57:8f:2d:e0:e5:ae:2d:56:
8c:65:d3:6a:c8:89:98:a0:fe:d2:fb:87:bc:91:74:
9e:80:d0:07:50:25:69:fd:7f:d8:95:d5:02:59:7f:
8e:ab:7a:ad:28:02:12:68:b8:60:4e:ad:81:cc:d8:
74:9b:8e:b1:b7:5e:a3:9a:91:0f:48:26:42:f3:9c:
97:94:de:1d:6a:92:bb:91:16:67:b4:78:ca:58:37:
84:40:db:42:40:e1:77:8e:e9:de:57:12:29:5f:37:
f4:d7:f0:3e:49:ad:14:c7:09:53:c6:36:b6:ec:6a:
60:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:28:44:D6:A9:D7:90:B6:F1:A9:FD:79:98:BB:54:23:1F:17:C6:1B
X509v3 Authority Key Identifier:
keyid:7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/3ihE1qnXkLbxqf15mLtUIx8Xxhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/evoTWyBy38xO87VBwTa8gAHvQwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.124.0/23
185.154.86.0/24
194.48.100.0/22
IPv6:
2a02:fae0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:e4:58:6f:b6:af:64:3a:4c:41:11:a9:a2:60:fc:bc:43:8a:
b0:6f:03:97:20:16:74:e8:2d:cc:96:4a:a0:50:1d:17:f4:db:
d3:43:50:69:64:26:bf:c0:8e:e6:78:23:59:d0:d9:a0:3f:3e:
79:c2:42:fd:cb:18:24:a2:db:b3:55:13:01:e3:7c:2d:08:83:
dc:6e:dc:10:dc:e3:02:ce:e3:a2:f6:67:27:f8:70:7e:d9:4a:
ed:d0:7a:81:8a:8d:49:33:ce:fe:ef:10:74:75:01:60:0c:6b:
e6:67:27:43:ec:c5:9c:8b:03:da:a9:be:f0:3d:89:94:78:6c:
df:b8:66:04:53:6e:e3:57:cd:7d:30:2d:39:43:e6:d5:30:56:
25:9e:7e:81:43:ea:ed:d7:b8:80:2e:9e:b2:5b:01:ed:9f:31:
3a:74:7b:a1:dd:bb:89:29:61:c1:17:1e:86:a3:32:de:ff:6d:
13:63:b6:4c:f0:af:7c:d8:21:62:05:f9:7d:5a:85:b2:0d:d4:
f2:74:fe:f1:57:ee:58:18:f2:05:9e:a1:71:59:c6:a6:4a:e9:
ed:da:9f:3a:fe:7b:71:24:a3:0c:6b:52:d6:21:b1:82:da:b5:
c9:02:0c:ef:e6:64:05:97:75:69:0a:36:81:4c:6e:bd:70:e4:
86:45:4b:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZZsLTOQb9+ekd6SmE0ucjW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZmExMzViMjA3MmRmY2M0ZWYzYjU0MWMxMzZiYzgwMDFl
ZjQzMDcwHhcNMjUwNDI1MDkwMDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI4NDRkNmE5ZDc5MGI2ZjFhOWZkNzk5OGJiNTQyMzFmMTdjNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+JTV1mOKeasN7zLXW4XQ5whq0Ls
bekPQV2KxV3XSahNeD1FA9Xr/hE+4HQHn4Emy4zhEPNa7xn4MIwBa4JVEkONgkvi
pFEGtDZqck3Ybbv3IEvv35dxAoJSZ+xOxt5dqgyQPt8Ohm1Gh54ZLDpFnSZt/emn
t5lvvUrn8dQpbLjukPVuwkmKf5LgykIMV48t4OWuLVaMZdNqyImYoP7S+4e8kXSe
gNAHUCVp/X/YldUCWX+Oq3qtKAISaLhgTq2BzNh0m46xt16jmpEPSCZC85yXlN4d
apK7kRZntHjKWDeEQNtCQOF3juneVxIpXzf01/A+Sa0UxwlTxja27GpgNwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFN4oRNap15C28an9eZi7VCMfF8YbMB8GA1UdIwQY
MBaAFHr6E1sgct/MTvO1QcE2vIAB70MHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQt
ZjVkZWFhOWJmMGY3LzEvM2loRTFxblhrTGJ4cWYxNW1MdFVJeDhYeGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQtZjVkZWFhOWJmMGY3
LzEvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBsvt8AwQA
uZpWAwQCwjBkMA0EAgACMAcDBQMqAvrgMA0GCSqGSIb3DQEBCwUAA4IBAQAN5Fhv
tq9kOkxBEamiYPy8Q4qwbwOXIBZ06C3MlkqgUB0X9NvTQ1BpZCa/wI7meCNZ0Nmg
Pz55wkL9yxgkotuzVRMB43wtCIPcbtwQ3OMCzuOi9mcn+HB+2Urt0HqBio1JM87+
7xB0dQFgDGvmZydD7MWciwPaqb7wPYmUeGzfuGYEU27jV819MC05Q+bVMFYlnn6B
Q+rt17iALp6yWwHtnzE6dHuh3buJKWHBFx6GozLe/20TY7ZM8K982CFiBfl9WoWy
DdTydP7xV+5YGPIFnqFxWcamSunt2p86/ntxJKMMa1LWIbGC2rXJAgzv5mQFl3Vp
CjaBTG69cOSGRUtM
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:00:34 2025 by rpki-client