Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XG6KxOQ4SfT3huy15qyEkX27D4Y.roa
File: XG6KxOQ4SfT3huy15qyEkX27D4Y.roa (raw, json)
Hash identifier: FD5QkvqGlPvGJsYSGbMn0LQ891rjpLVj8L6GVxDrD7I=
Subject key identifier: 5C:6E:8A:C4:E4:38:49:F4:F7:86:EC:B5:E6:AC:84:91:7D:BB:0F:86
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019703782536252F7670131F6133E46C28D8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XG6KxOQ4SfT3huy15qyEkX27D4Y.roa
Signing time: Sat 24 May 2025 18:04:54 +0000
ROA not before: Sat 24 May 2025 18:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 84.21.188.0/24 maxlen: 24
2a06:a600::/29 maxlen: 29
2a06:b5c0::/29 maxlen: 29
2a06:bf40::/29 maxlen: 29
2a0e:1a84::/32 maxlen: 32
2a0e:f600:5f::/48 maxlen: 48
2a0f:1e84:20::/48 maxlen: 48
2a0f:3047::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
2a13:e100:323::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 25 May 2025 06:55:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:03:78:25:36:25:2f:76:70:13:1f:61:33:e4:6c:28:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 24 18:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c6e8ac4e43849f4f786ecb5e6ac84917dbb0f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:89:d5:7e:c7:d2:0c:a0:1e:f6:b7:e2:33:2b:
bc:67:0e:3d:da:ca:73:ae:e1:59:b1:5f:11:fb:eb:
c8:32:af:db:b7:1d:60:2c:7f:41:50:41:e9:65:71:
6a:54:c0:32:60:50:25:81:2d:cf:f3:7d:bd:c1:59:
64:1f:05:23:05:12:12:6e:11:76:f8:4a:f2:c7:a8:
a7:ed:1a:15:62:90:6d:a5:26:c9:07:8c:fe:2f:45:
68:3a:71:96:d3:7b:8c:14:8a:86:39:d0:ae:e8:2d:
ac:31:8e:7c:1e:eb:f7:b6:30:f5:8d:b1:15:69:29:
ef:1e:d0:58:50:75:6e:83:46:1f:c8:b6:a1:98:8b:
1b:51:cd:da:ec:36:41:b8:9b:1a:04:a4:35:1e:47:
77:7c:8e:41:94:7e:0e:b6:68:6c:58:10:ce:c6:b7:
a0:ac:56:f7:ff:cc:02:0a:48:bb:92:aa:b7:f4:1e:
cb:2c:71:07:a7:37:eb:15:e7:2a:34:a4:4e:e7:63:
75:3a:28:e4:0a:ff:d5:de:8e:65:a7:84:0a:45:51:
20:82:dc:b2:ac:72:bf:74:cd:cc:7e:6f:f6:d9:c5:
6b:e4:9b:59:e8:98:58:3e:bf:ef:e7:c6:5d:da:c8:
dd:b6:bf:7e:de:89:0d:6f:34:dc:f2:d6:f1:a0:bb:
09:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6E:8A:C4:E4:38:49:F4:F7:86:EC:B5:E6:AC:84:91:7D:BB:0F:86
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/XG6KxOQ4SfT3huy15qyEkX27D4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.188.0/24
IPv6:
2a06:a600::/29
2a06:b5c0::/29
2a06:bf40::/29
2a0e:1a84::/32
2a0e:f600:5f::/48
2a0f:1e84:20::/48
2a0f:3047::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a13:2b40::/29
2a13:e100:323::/48
Signature Algorithm: sha256WithRSAEncryption
77:d7:31:be:01:29:71:1d:b3:38:00:0b:1e:f7:20:94:33:42:
9b:3d:78:8b:75:8c:cc:6e:16:b7:f9:d6:f8:de:91:db:25:cb:
4c:4e:19:ce:fb:48:c6:f9:f7:7c:1c:8d:bd:86:d9:50:72:f7:
55:48:89:c8:d4:04:24:b3:e6:0e:50:57:7e:ea:20:b4:1d:84:
59:ae:9e:d6:ae:53:cc:18:fa:16:32:4c:ca:f5:41:84:77:88:
28:68:74:98:3a:17:ae:24:62:c2:e5:93:2a:32:76:a1:57:43:
a8:40:f9:8b:e4:df:29:17:cf:89:6e:63:30:8c:e1:d0:d6:00:
5c:ad:84:11:d3:c9:3c:af:00:f2:9b:04:fd:a0:12:aa:15:4c:
71:ed:40:5e:89:52:4c:10:83:86:ff:1c:89:e1:46:60:ef:a3:
14:2d:fb:d9:e6:92:fc:84:c5:2e:f6:2c:7b:62:6d:b5:45:fb:
a7:f4:3d:7d:8c:05:49:01:07:c7:57:51:64:45:cf:fe:1f:62:
14:16:25:b3:85:b3:5c:36:33:19:99:28:40:a9:de:24:0d:72:
80:10:3d:02:3b:3a:76:da:74:89:81:94:d9:a9:a4:8f:d4:80:
64:42:eb:8a:df:4f:fa:c7:d2:fa:7d:53:fa:91:cc:18:76:3d:
49:f2:fc:bd
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZcDeCU2JS92cBMfYTPkbCjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTI0MTgwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzZlOGFjNGU0Mzg0OWY0Zjc4NmVjYjVlNmFjODQ5MTdkYmIwZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYnVfsfSDKAe9rfiMyu8Zw492spz
ruFZsV8R++vIMq/btx1gLH9BUEHpZXFqVMAyYFAlgS3P8329wVlkHwUjBRISbhF2
+Eryx6in7RoVYpBtpSbJB4z+L0VoOnGW03uMFIqGOdCu6C2sMY58Huv3tjD1jbEV
aSnvHtBYUHVug0YfyLahmIsbUc3a7DZBuJsaBKQ1Hkd3fI5BlH4OtmhsWBDOxreg
rFb3/8wCCki7kqq39B7LLHEHpzfrFecqNKRO52N1OijkCv/V3o5lp4QKRVEggtyy
rHK/dM3Mfm/22cVr5JtZ6JhYPr/v58Zd2sjdtr9+3okNbzTc8tbxoLsJDQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFFxuisTkOEn094bsteashJF9uw+GMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWEc2S3hPUTRTZlQzaHV5MTVxeUVrWDI3RDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wDAQCAAEwBgMEAFQVvDBf
BAIAAjBZAwUDKgamAAMFAyoGtcADBQMqBr9AAwUAKg4ahAMHACoO9gAAXwMHACoP
HoQAIAMHACoPMEcAAAMHACoPfQAAAQMHACoPvAChxAMFAyoTK0ADBwAqE+EAAyMw
DQYJKoZIhvcNAQELBQADggEBAHfXMb4BKXEdszgACx73IJQzQps9eIt1jMxuFrf5
1vjekdsly0xOGc77SMb593wcjb2G2VBy91VIicjUBCSz5g5QV37qILQdhFmuntau
U8wY+hYyTMr1QYR3iChodJg6F64kYsLlkyoydqFXQ6hA+Yvk3ykXz4luYzCM4dDW
AFythBHTyTyvAPKbBP2gEqoVTHHtQF6JUkwQg4b/HInhRmDvoxQt+9nmkvyExS72
LHtibbVF+6f0PX2MBUkBB8dXUWRFz/4fYhQWJbOFs1w2MxmZKECp3iQNcoAQPQI7
OnbadImBlNmppI/UgGRC64rfT/rH0vp9U/qRzBh2PUny/L0=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:14:04 2025 by rpki-client