Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/x9xru9UMbhTasLgT8QvEI_8i_UM.roa
File: x9xru9UMbhTasLgT8QvEI_8i_UM.roa (raw, json)
Hash identifier: Gnrf6sIILnN3agcIcpkET+YG1ZF1EQ6UTG8bGHlX8PI=
Subject key identifier: C7:DC:6B:BB:D5:0C:6E:14:DA:B0:B8:13:F1:0B:C4:23:FF:22:FD:43
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 0196BBEF16962FC3B9C09606067100FB43E5
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/x9xru9UMbhTasLgT8QvEI_8i_UM.roa
Signing time: Sat 10 May 2025 20:42:10 +0000
ROA not before: Sat 10 May 2025 20:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43733
IP address blocks: 46.130.0.0/16 maxlen: 16
46.130.0.0/17 maxlen: 17
46.130.128.0/17 maxlen: 17
46.130.255.0/24 maxlen: 24
83.139.24.0/21 maxlen: 21
83.139.24.0/22 maxlen: 22
83.139.28.0/22 maxlen: 22
83.139.32.0/22 maxlen: 22
185.36.36.0/22 maxlen: 22
185.36.36.0/24 maxlen: 24
217.76.0.0/20 maxlen: 20
217.76.0.0/21 maxlen: 21
217.76.0.0/24 maxlen: 24
217.76.1.0/24 maxlen: 24
217.76.2.0/24 maxlen: 24
217.76.8.0/21 maxlen: 21
2a00:1f28::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 12 May 2025 11:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bb:ef:16:96:2f:c3:b9:c0:96:06:06:71:00:fb:43:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: May 10 20:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7dc6bbbd50c6e14dab0b813f10bc423ff22fd43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:40:ef:f8:60:1f:bd:66:97:56:cf:9d:1c:55:
d9:9d:a4:56:73:21:c6:25:18:07:92:0f:c5:d5:4c:
a9:8b:29:36:f1:57:b7:10:b9:11:a4:00:6c:7c:9f:
30:d7:ce:95:5f:65:c3:0c:50:7c:9b:0b:4c:53:1a:
b0:6a:55:0a:73:98:19:91:14:a9:77:0a:ff:ba:fc:
b0:d4:5f:7b:3a:2d:b8:7c:8d:68:60:72:d3:ed:54:
d8:20:14:46:b6:5d:3d:6a:b9:c9:10:40:8b:c1:35:
64:0e:71:b0:a9:ba:03:db:ec:03:dd:83:58:f7:50:
3b:d1:e7:1b:f4:5d:6b:b3:af:ff:03:61:6d:b2:38:
53:94:d1:d9:af:5f:cb:dc:b1:9e:aa:92:74:34:5c:
42:2f:2b:ee:8b:d1:78:28:c9:f5:76:4e:4d:dc:db:
82:31:7b:bb:1e:59:ba:4c:10:82:73:06:31:4b:0b:
bc:db:c1:b1:46:47:2a:f6:d3:b6:a9:c7:a3:4b:e5:
fd:a4:b5:e2:4d:af:5f:54:82:93:98:1a:7a:66:bc:
fb:7a:c9:e0:18:0e:7b:72:35:5e:10:bb:17:13:15:
91:f4:69:d9:55:51:ed:59:06:1b:f8:dc:d4:65:41:
9d:45:b9:88:09:8a:48:28:7a:cc:b0:1f:64:0e:79:
11:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DC:6B:BB:D5:0C:6E:14:DA:B0:B8:13:F1:0B:C4:23:FF:22:FD:43
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/x9xru9UMbhTasLgT8QvEI_8i_UM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.130.0.0/16
83.139.24.0-83.139.35.255
185.36.36.0/22
217.76.0.0/20
IPv6:
2a00:1f28::/32
Signature Algorithm: sha256WithRSAEncryption
9f:29:76:65:63:4d:cf:37:e3:00:6c:22:44:3e:32:c6:95:71:
9a:f8:d7:7b:f1:35:e2:49:55:07:df:4d:28:e3:44:ad:a6:f1:
f5:58:b4:66:54:7a:2a:63:1e:5e:c9:a5:42:15:ce:6c:cb:f4:
3f:db:10:dc:16:de:ff:1a:46:d7:76:44:70:82:4e:bc:10:03:
c2:0d:11:a3:1d:72:98:64:79:aa:eb:7d:fd:bb:2d:2c:c3:72:
6a:5f:15:90:26:5c:b0:de:fd:b1:cc:dc:1b:bd:c9:78:a3:30:
13:19:95:43:6a:50:c5:95:53:15:a2:04:fc:7d:26:47:5f:ff:
72:a1:3b:53:1c:3d:f9:de:50:5e:5b:2a:2c:2e:cc:39:74:56:
1e:6f:1c:bd:1a:04:d5:d5:b9:c0:a7:c3:3e:5d:ff:0a:e3:11:
6b:19:60:39:36:1c:c4:1e:78:73:5e:a4:69:d7:0e:27:c6:66:
d9:ff:4a:ad:6f:f6:f9:3e:1b:70:7a:df:56:12:3d:f3:fb:02:
81:61:4a:a3:5f:6b:df:e5:62:ab:6c:2f:d9:67:72:86:38:25:
21:9b:b0:0b:7f:40:92:01:a4:fb:81:9e:f9:7f:82:79:87:b3:
1c:66:61:65:00:37:a1:e9:d8:45:25:7f:e9:58:82:56:63:f0:
0c:93:61:cc
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZa77xaWL8O5wJYGBnEA+0PlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjUwNTEwMjA0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RjNmJiYmQ1MGM2ZTE0ZGFiMGI4MTNmMTBiYzQyM2ZmMjJmZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkDv+GAfvWaXVs+dHFXZnaRWcyHG
JRgHkg/F1Uypiyk28Ve3ELkRpABsfJ8w186VX2XDDFB8mwtMUxqwalUKc5gZkRSp
dwr/uvyw1F97Oi24fI1oYHLT7VTYIBRGtl09arnJEECLwTVkDnGwqboD2+wD3YNY
91A70ecb9F1rs6//A2FtsjhTlNHZr1/L3LGeqpJ0NFxCLyvui9F4KMn1dk5N3NuC
MXu7Hlm6TBCCcwYxSwu828GxRkcq9tO2qcejS+X9pLXiTa9fVIKTmBp6Zrz7esng
GA57cjVeELsXExWR9GnZVVHtWQYb+NzUZUGdRbmICYpIKHrMsB9kDnkRWQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMfca7vVDG4U2rC4E/ELxCP/Iv1DMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEveDl4cnU5VU1iaFRhc0xnVDhRdkVJXzhpX1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwMALoIwDAME
A1OLGAMEAlOLIAMEArkkJAMEBNlMADANBAIAAjAHAwUAKgAfKDANBgkqhkiG9w0B
AQsFAAOCAQEAnyl2ZWNNzzfjAGwiRD4yxpVxmvjXe/E14klVB99NKONErabx9Vi0
ZlR6KmMeXsmlQhXObMv0P9sQ3Bbe/xpG13ZEcIJOvBADwg0Rox1ymGR5qut9/bst
LMNyal8VkCZcsN79sczcG73JeKMwExmVQ2pQxZVTFaIE/H0mR1//cqE7Uxw9+d5Q
XlsqLC7MOXRWHm8cvRoE1dW5wKfDPl3/CuMRaxlgOTYcxB54c16kadcOJ8Zm2f9K
rW/2+T4bcHrfVhI98/sCgWFKo19r3+Viq2wv2WdyhjglIZuwC39AkgGk+4Ge+X+C
eYezHGZhZQA3oenYRSV/6ViCVmPwDJNhzA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:37:56 2025 by rpki-client