Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/6S-AILF10rvGWseR6FBPl3_0xIo.roa
File: 6S-AILF10rvGWseR6FBPl3_0xIo.roa (raw, json)
Hash identifier: hNN4uigYtcUpeVnyGKBVtCSNbHzvcjSxEL4/ErIfOcI=
Subject key identifier: E9:2F:80:20:B1:75:D2:BB:C6:5A:C7:91:E8:50:4F:97:7F:F4:C4:8A
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 0196C42B8BA0AC1743EB2CE628222D16870E
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/6S-AILF10rvGWseR6FBPl3_0xIo.roa
Signing time: Mon 12 May 2025 11:05:10 +0000
ROA not before: Mon 12 May 2025 11:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43733
IP address blocks: 46.130.0.0/16 maxlen: 16
46.130.0.0/17 maxlen: 17
46.130.128.0/17 maxlen: 17
46.130.255.0/24 maxlen: 24
83.139.24.0/21 maxlen: 21
83.139.24.0/22 maxlen: 22
83.139.28.0/22 maxlen: 22
83.139.32.0/22 maxlen: 22
185.36.36.0/22 maxlen: 22
185.36.36.0/24 maxlen: 24
217.76.0.0/20 maxlen: 20
217.76.0.0/21 maxlen: 21
217.76.8.0/21 maxlen: 21
2a00:1f28::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 May 2025 11:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:2b:8b:a0:ac:17:43:eb:2c:e6:28:22:2d:16:87:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: May 12 11:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e92f8020b175d2bbc65ac791e8504f977ff4c48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:47:23:34:0e:2a:0c:02:50:5c:61:4b:f1:42:
b0:e7:0b:71:b5:9c:3b:5f:26:1b:40:e2:4e:af:37:
c4:a3:a2:a8:be:ce:27:cf:2b:07:87:91:a8:be:b4:
7d:58:31:a8:61:9d:2f:76:b2:a9:56:4d:1a:80:b4:
19:3f:99:ab:14:3c:93:af:2a:5f:90:ad:64:a4:f1:
dd:4e:4f:55:59:a5:81:25:92:dd:17:b9:f2:61:f3:
dd:1e:67:d5:3e:98:75:52:e4:73:db:34:a5:85:b6:
46:76:b6:20:64:ed:d4:a4:96:be:c9:50:1b:be:7c:
fc:be:eb:79:d6:41:13:47:ca:74:95:45:41:89:98:
e7:e1:8f:50:02:fa:90:a9:5e:43:3e:00:d2:a8:66:
c0:d7:1d:00:17:de:6c:24:1e:dd:75:e8:70:9c:c6:
a9:bc:85:31:4a:af:80:e8:09:a9:b9:5c:6f:13:a8:
c1:cb:ef:19:a2:6d:95:6b:8b:9c:03:2e:26:f5:03:
14:92:fc:49:93:26:43:fc:44:ce:e8:c8:4f:5d:48:
79:1d:1c:cf:2d:1f:67:6a:ba:13:1b:5d:b2:e3:40:
c0:f6:d7:82:a5:14:0c:e0:2b:e1:ce:c1:5a:63:36:
78:a3:21:79:45:7c:ef:9b:8a:98:b4:d9:8c:b9:69:
a7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:2F:80:20:B1:75:D2:BB:C6:5A:C7:91:E8:50:4F:97:7F:F4:C4:8A
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/6S-AILF10rvGWseR6FBPl3_0xIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.130.0.0/16
83.139.24.0-83.139.35.255
185.36.36.0/22
217.76.0.0/20
IPv6:
2a00:1f28::/32
Signature Algorithm: sha256WithRSAEncryption
79:ec:15:97:2a:f6:d0:eb:e0:64:b1:77:49:91:b4:dc:aa:50:
a2:c1:ec:e9:f2:ae:8c:7e:48:d4:7a:da:3e:56:2b:28:48:1e:
34:0b:b5:41:e5:1d:54:c4:b1:69:96:62:c2:6d:8c:a2:e6:ce:
75:e2:d0:55:e4:e9:d3:1b:59:b5:ec:c6:de:43:37:d1:57:8e:
09:b7:08:80:4c:1c:76:6f:14:75:bc:5e:e9:bd:9a:3e:c0:a6:
2b:ee:e0:a9:be:05:46:0a:3a:08:3b:e6:8a:74:0a:37:bf:10:
0f:90:20:ee:67:dd:52:89:0a:93:ea:d0:32:f9:94:67:ac:07:
57:92:2b:94:ca:56:af:7a:5a:12:d7:8f:f7:52:39:23:56:43:
25:e6:fe:28:e2:8a:f5:20:fe:64:c2:1e:25:24:87:70:0e:90:
36:73:44:f9:ee:15:e5:c4:b0:53:71:97:40:60:59:08:1b:50:
00:86:43:1b:70:5e:31:0a:ff:47:6c:61:b0:45:75:1a:95:db:
d0:f1:ab:d8:c9:5d:62:c5:b8:77:39:94:d6:a9:4c:b6:fc:db:
41:19:7a:a0:41:fe:bd:15:21:0a:db:9d:f1:3f:5b:7f:07:0f:
5c:5a:93:70:2d:95:81:24:93:75:53:b8:6d:28:77:fd:c8:9b:
f6:e7:d0:ab
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZbEK4ugrBdD6yzmKCItFocOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjUwNTEyMTEwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTJmODAyMGIxNzVkMmJiYzY1YWM3OTFlODUwNGY5NzdmZjRjNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkcjNA4qDAJQXGFL8UKw5wtxtZw7
XyYbQOJOrzfEo6Kovs4nzysHh5GovrR9WDGoYZ0vdrKpVk0agLQZP5mrFDyTrypf
kK1kpPHdTk9VWaWBJZLdF7nyYfPdHmfVPph1UuRz2zSlhbZGdrYgZO3UpJa+yVAb
vnz8vut51kETR8p0lUVBiZjn4Y9QAvqQqV5DPgDSqGbA1x0AF95sJB7ddehwnMap
vIUxSq+A6AmpuVxvE6jBy+8Zom2Va4ucAy4m9QMUkvxJkyZD/ETO6MhPXUh5HRzP
LR9naroTG12y40DA9teCpRQM4CvhzsFaYzZ4oyF5RXzvm4qYtNmMuWmn7QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOkvgCCxddK7xlrHkehQT5d/9MSKMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvNlMtQUlMRjEwcnZHV3NlUjZGQlBsM18weElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwMALoIwDAME
A1OLGAMEAlOLIAMEArkkJAMEBNlMADANBAIAAjAHAwUAKgAfKDANBgkqhkiG9w0B
AQsFAAOCAQEAeewVlyr20OvgZLF3SZG03KpQosHs6fKujH5I1HraPlYrKEgeNAu1
QeUdVMSxaZZiwm2MoubOdeLQVeTp0xtZtezG3kM30VeOCbcIgEwcdm8Udbxe6b2a
PsCmK+7gqb4FRgo6CDvminQKN78QD5Ag7mfdUokKk+rQMvmUZ6wHV5IrlMpWr3pa
EteP91I5I1ZDJeb+KOKK9SD+ZMIeJSSHcA6QNnNE+e4V5cSwU3GXQGBZCBtQAIZD
G3BeMQr/R2xhsEV1GpXb0PGr2MldYsW4dzmU1qlMtvzbQRl6oEH+vRUhCtud8T9b
fwcPXFqTcC2VgSSTdVO4bSh3/cib9ufQqw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:27:27 2025 by rpki-client