Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/6znyplDZGmozET83cUXB7ZVQ8-I.roa
File: 6znyplDZGmozET83cUXB7ZVQ8-I.roa (raw, json)
Hash identifier: 0Rw9mF01jL6s9VjQ5NNvonW4Nf6GtwfWO0AkLMzesKw=
Subject key identifier: EB:39:F2:A6:50:D9:1A:6A:33:11:3F:37:71:45:C1:ED:95:50:F3:E2
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 01973A3A234F6310ACF444DD5B826526D941
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/6znyplDZGmozET83cUXB7ZVQ8-I.roa
Signing time: Wed 04 Jun 2025 09:16:17 +0000
ROA not before: Wed 04 Jun 2025 09:16:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58325
IP address blocks: 212.68.176.0/22 maxlen: 22
212.68.176.0/24 maxlen: 24
212.68.177.0/24 maxlen: 24
212.68.178.0/24 maxlen: 24
212.68.179.0/24 maxlen: 24
212.68.184.0/22 maxlen: 22
212.68.184.0/24 maxlen: 24
212.68.185.0/24 maxlen: 24
212.68.186.0/24 maxlen: 24
212.68.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 13:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:3a:23:4f:63:10:ac:f4:44:dd:5b:82:65:26:d9:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Jun 4 09:16:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb39f2a650d91a6a33113f377145c1ed9550f3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4c:96:72:7a:2f:f1:65:3b:a1:ef:a4:a0:b8:
44:13:3d:ed:46:79:b7:a3:34:0c:2f:79:da:a1:19:
35:62:c3:55:d6:28:00:e3:e0:b3:6a:ac:ba:c4:b4:
6e:f3:1a:0f:f8:18:c0:a6:ed:f2:bd:e0:4f:34:29:
bc:b4:7f:a1:9b:d4:d5:c0:30:cc:ec:cc:4c:ae:f4:
2e:e5:cc:ac:b7:a0:72:2c:6a:40:47:ef:a2:a0:74:
0d:fb:b0:b3:3c:b5:5e:48:9e:fd:df:13:3e:c5:f0:
ac:db:bc:6a:62:b9:69:a1:0d:2f:e1:25:7a:8d:f9:
71:57:59:26:72:91:a1:09:52:0f:e6:31:82:93:50:
c9:f5:c0:2e:f1:b8:2a:ac:1e:d3:fa:08:e0:91:c4:
d2:95:ba:ea:1c:a2:de:f8:9b:93:33:e6:01:50:c8:
ba:a9:ec:11:18:da:d4:39:ca:f3:d7:e7:e1:6b:d2:
86:55:50:3d:db:21:0c:17:a7:44:50:b6:52:52:ca:
68:a3:95:2f:59:ca:96:80:cf:34:24:2b:3f:2e:4d:
79:b1:39:76:79:8c:95:6c:84:88:1a:af:96:9f:5e:
a3:2e:df:d2:a8:43:57:54:01:2e:37:f5:30:dc:08:
a7:91:f7:14:8f:11:91:06:ef:30:84:58:a9:b4:17:
57:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:39:F2:A6:50:D9:1A:6A:33:11:3F:37:71:45:C1:ED:95:50:F3:E2
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/6znyplDZGmozET83cUXB7ZVQ8-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.176.0/22
212.68.184.0/22
Signature Algorithm: sha256WithRSAEncryption
72:e7:53:ef:93:bb:f4:b6:18:40:f6:c8:ee:ad:f7:69:29:eb:
b0:40:3d:8a:89:1b:c0:e1:da:e2:68:5a:f2:11:dc:84:9c:9c:
6e:3e:33:bb:4d:46:04:97:fb:3f:4f:71:07:3f:3b:b5:c6:cf:
6b:40:a2:c4:ff:a8:50:e5:81:71:1a:da:c9:cf:7e:0b:e3:89:
f1:7e:63:03:84:a8:be:e7:73:d7:a9:7c:9a:61:58:2d:50:0b:
01:25:a8:4c:b8:fe:08:db:03:8c:44:83:16:e0:61:96:78:c0:
b8:1b:c6:5c:0b:f8:ce:1d:e2:a7:b2:3c:b2:98:5e:41:2e:2b:
0e:3f:d9:b7:f8:d5:4d:58:05:2c:4d:7e:db:71:c3:05:6d:c2:
80:31:a6:61:6b:5d:29:2a:9e:e3:c4:b4:f4:b7:58:1f:a0:2f:
4b:8f:9f:9c:cd:45:f2:d2:6c:ad:d1:b7:00:5e:15:07:fb:b8:
60:af:58:a5:72:5a:61:f6:4b:9e:f0:74:48:77:b9:eb:b3:ac:
04:cb:63:7d:ec:38:32:5a:cc:24:ef:47:44:69:c3:6c:28:6c:
af:65:0c:12:16:48:56:45:d9:3f:85:ac:5d:06:f2:8c:94:90:
6c:44:18:3a:69:9d:71:85:d3:fb:3e:d2:cc:58:fc:59:9f:66:
91:83:96:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZc6OiNPYxCs9ETdW4JlJtlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjUwNjA0MDkxNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjM5ZjJhNjUwZDkxYTZhMzMxMTNmMzc3MTQ1YzFlZDk1NTBmM2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0yWcnov8WU7oe+koLhEEz3tRnm3
ozQML3naoRk1YsNV1igA4+Czaqy6xLRu8xoP+BjApu3yveBPNCm8tH+hm9TVwDDM
7MxMrvQu5cyst6ByLGpAR++ioHQN+7CzPLVeSJ793xM+xfCs27xqYrlpoQ0v4SV6
jflxV1kmcpGhCVIP5jGCk1DJ9cAu8bgqrB7T+gjgkcTSlbrqHKLe+JuTM+YBUMi6
qewRGNrUOcrz1+fha9KGVVA92yEMF6dEULZSUspoo5UvWcqWgM80JCs/Lk15sTl2
eYyVbISIGq+Wn16jLt/SqENXVAEuN/Uw3AinkfcUjxGRBu8whFiptBdXQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOs58qZQ2RpqMxE/N3FFwe2VUPPiMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvNnpueXBsRFpHbW96RVQ4M2NVWEI3WlZROC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1ESwAwQC
1ES4MA0GCSqGSIb3DQEBCwUAA4IBAQBy51Pvk7v0thhA9sjurfdpKeuwQD2KiRvA
4driaFryEdyEnJxuPjO7TUYEl/s/T3EHPzu1xs9rQKLE/6hQ5YFxGtrJz34L44nx
fmMDhKi+53PXqXyaYVgtUAsBJahMuP4I2wOMRIMW4GGWeMC4G8ZcC/jOHeKnsjyy
mF5BLisOP9m3+NVNWAUsTX7bccMFbcKAMaZha10pKp7jxLT0t1gfoC9Lj5+czUXy
0myt0bcAXhUH+7hgr1ilclph9kue8HRId7nrs6wEy2N97DgyWswk70dEacNsKGyv
ZQwSFkhWRdk/haxdBvKMlJBsRBg6aZ1xhdP7PtLMWPxZn2aRg5Yf
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:58:07 2025 by rpki-client