Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/k6nFevNLbJdT2qpk206OmsQf5xk.roa
File: k6nFevNLbJdT2qpk206OmsQf5xk.roa (raw, json)
Hash identifier: g/d6Owd1RnvqRUs3OQYV9Nhtpac+qSrBDQk9eCTwQd4=
Subject key identifier: 93:A9:C5:7A:F3:4B:6C:97:53:DA:AA:64:DB:4E:8E:9A:C4:1F:E7:19
Certificate issuer: /CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Certificate serial: 0196E41D095574AE588622BFA7674FCCEA96
Authority key identifier: 64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/k6nFevNLbJdT2qpk206OmsQf5xk.roa
Signing time: Sun 18 May 2025 15:57:10 +0000
ROA not before: Sun 18 May 2025 15:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208666
IP address blocks: 31.193.185.0/24 maxlen: 24
83.229.2.0/24 maxlen: 24
147.236.164.0/24 maxlen: 24
147.236.165.0/24 maxlen: 24
213.255.192.0/24 maxlen: 24
216.150.30.0/24 maxlen: 24
216.150.31.0/24 maxlen: 24
2a09:b300::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 06:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e4:1d:09:55:74:ae:58:86:22:bf:a7:67:4f:cc:ea:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Validity
Not Before: May 18 15:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93a9c57af34b6c9753daaa64db4e8e9ac41fe719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:69:60:83:b3:ce:4f:e2:db:16:13:10:0a:db:
68:10:94:dd:20:f9:59:be:29:1f:63:d0:7c:e5:c4:
36:ed:80:64:7f:22:b0:ba:8c:3c:f5:b5:3f:dc:bc:
55:00:b3:21:9a:aa:c9:c4:0e:f6:11:da:02:61:bf:
2c:e3:9a:f5:bc:23:9c:b1:82:b1:ed:55:19:43:55:
29:ea:d3:c2:c3:2c:8f:a9:f6:85:35:3d:bb:3a:a2:
f0:7a:bb:05:de:e4:29:96:55:a9:ba:05:16:3e:00:
e7:28:49:7e:b5:3f:72:da:ea:6c:91:21:7b:f0:5a:
7e:8b:99:79:c5:ce:fb:ae:39:4a:fc:0e:d3:d8:a0:
b7:49:cf:fc:94:52:c5:63:70:77:35:92:62:ba:71:
8e:f4:ce:a2:4e:3d:a3:19:85:99:0d:77:34:2c:3f:
4c:65:46:71:13:f9:4b:9d:2d:f4:72:d6:a7:25:ff:
44:8d:cc:1f:4e:91:d6:92:72:b3:cc:51:64:44:12:
72:08:0a:a2:0f:0d:ab:7b:b1:e2:05:aa:2f:27:34:
83:99:63:58:1e:f3:3c:0b:ce:e7:3d:c4:be:89:66:
91:7c:5b:bc:b6:b6:63:12:a5:62:4a:c2:ba:43:52:
ab:89:09:39:b3:8e:18:38:7c:55:81:fd:87:3f:98:
62:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A9:C5:7A:F3:4B:6C:97:53:DA:AA:64:DB:4E:8E:9A:C4:1F:E7:19
X509v3 Authority Key Identifier:
keyid:64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/k6nFevNLbJdT2qpk206OmsQf5xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZAGt7bycjxxs8jifx_dB7fTxnyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.185.0/24
83.229.2.0/24
147.236.164.0/23
213.255.192.0/24
216.150.30.0/23
IPv6:
2a09:b300::/29
Signature Algorithm: sha256WithRSAEncryption
42:fc:dd:71:80:2c:20:21:c8:1b:01:07:71:c7:69:ae:3f:05:
07:44:20:68:53:21:e7:a8:a3:ff:d4:f2:b2:d6:93:55:a4:30:
0d:13:d2:f7:36:b4:0b:07:49:30:35:a5:59:7a:11:86:ac:54:
75:bc:d1:00:40:5f:c6:26:c2:ce:7b:16:a9:c7:cf:6e:77:24:
dd:bb:46:49:4f:f4:2a:a2:8f:80:78:13:d8:78:e3:0a:12:21:
47:a3:b2:86:5d:02:d2:43:70:cc:e7:7d:d4:8b:96:4e:bc:32:
bd:1d:3a:ea:81:3c:4d:5b:f2:7e:3b:6b:38:f5:83:3f:e1:c2:
33:73:7f:94:35:b9:22:98:dc:b0:28:5a:6e:7d:bc:04:49:c8:
ae:b7:2e:11:81:5f:3c:1e:b3:f7:b4:c1:fe:60:3d:8f:c8:a3:
c0:d9:d3:bd:b7:c5:f8:f7:9a:6d:4b:1e:9d:11:67:a8:38:33:
b5:48:b1:a5:2d:a2:c4:17:24:2c:c1:aa:72:d8:be:e6:8e:fd:
42:d5:69:10:21:2c:91:7c:53:df:68:61:d7:b4:37:22:e4:e5:
f7:15:bc:64:9f:5b:20:2e:7b:12:03:11:6c:e5:99:f9:fa:cf:
7d:e5:85:1a:41:52:bd:94:ce:42:b9:2f:3b:62:a0:72:13:c7:
c1:fc:47:27
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZbkHQlVdK5YhiK/p2dPzOqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MDFhZGVkYmM5YzhmMWM2Y2YyMzg5ZmM3Zjc0MWVkZjRm
MTlmMmMwHhcNMjUwNTE4MTU1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2E5YzU3YWYzNGI2Yzk3NTNkYWFhNjRkYjRlOGU5YWM0MWZlNzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2lgg7POT+LbFhMQCttoEJTdIPlZ
vikfY9B85cQ27YBkfyKwuow89bU/3LxVALMhmqrJxA72EdoCYb8s45r1vCOcsYKx
7VUZQ1Up6tPCwyyPqfaFNT27OqLwersF3uQpllWpugUWPgDnKEl+tT9y2upskSF7
8Fp+i5l5xc77rjlK/A7T2KC3Sc/8lFLFY3B3NZJiunGO9M6iTj2jGYWZDXc0LD9M
ZUZxE/lLnS30ctanJf9EjcwfTpHWknKzzFFkRBJyCAqiDw2re7HiBaovJzSDmWNY
HvM8C87nPcS+iWaRfFu8trZjEqViSsK6Q1KriQk5s44YOHxVgf2HP5hiUQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJOpxXrzS2yXU9qqZNtOjprEH+cZMB8GA1UdIwQY
MBaAFGQBre28nI8cbPI4n8f3Qe308Z8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEt
MzU2YzA5NmJjNmY5LzEvazZuRmV2TkxiSmRUMnFwazIwNk9tc1FmNXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEtMzU2YzA5NmJjNmY5
LzEvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAH8G5AwQA
U+UCAwQBk+ykAwQA1f/AAwQB2JYeMA0EAgACMAcDBQMqCbMAMA0GCSqGSIb3DQEB
CwUAA4IBAQBC/N1xgCwgIcgbAQdxx2muPwUHRCBoUyHnqKP/1PKy1pNVpDANE9L3
NrQLB0kwNaVZehGGrFR1vNEAQF/GJsLOexapx89udyTdu0ZJT/Qqoo+AeBPYeOMK
EiFHo7KGXQLSQ3DM533Ui5ZOvDK9HTrqgTxNW/J+O2s49YM/4cIzc3+UNbkimNyw
KFpufbwESciuty4RgV88HrP3tMH+YD2PyKPA2dO9t8X495ptSx6dEWeoODO1SLGl
LaLEFyQswapy2L7mjv1C1WkQISyRfFPfaGHXtDci5OX3Fbxkn1sgLnsSAxFs5Zn5
+s995YUaQVK9lM5CuS87YqByE8fB/Ecn
-----END CERTIFICATE-----
Generated at Mon Jun 9 20:15:58 2025 by rpki-client