Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/5Uc6OQRHRDBqElEZI67Xw0FC3iw.roa
File: 5Uc6OQRHRDBqElEZI67Xw0FC3iw.roa (raw, json)
Hash identifier: bzZwIdx5AbPYezkYN9Erg34zIPM8NNGyhalYAHbzJfM=
Subject key identifier: E5:47:3A:39:04:47:44:30:6A:12:51:19:23:AE:D7:C3:41:42:DE:2C
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0196D2248345E9FFDEE395694EE3CC399E4D
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/5Uc6OQRHRDBqElEZI67Xw0FC3iw.roa
Signing time: Thu 15 May 2025 04:12:10 +0000
ROA not before: Thu 15 May 2025 04:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46450
IP address blocks: 94.154.183.0/24 maxlen: 24
162.218.95.0/24 maxlen: 24
212.60.16.0/23 maxlen: 23
217.197.168.0/24 maxlen: 24
217.197.171.0/24 maxlen: 24
2a07:c6c0:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 May 2025 14:19:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d2:24:83:45:e9:ff:de:e3:95:69:4e:e3:cc:39:9e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: May 15 04:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5473a39044744306a12511923aed7c34142de2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2a:81:8f:0a:7d:73:ea:38:66:d2:01:3a:2d:
11:b7:00:85:0e:71:7b:c7:46:59:b6:b1:52:79:b8:
4e:18:2c:e7:94:a6:3b:d8:31:e6:a4:75:5f:d6:a5:
03:e1:ed:6b:88:31:21:94:ce:ae:19:cc:91:6b:b7:
33:fa:a3:02:9b:75:f1:e8:4f:b7:f5:c2:74:1d:fa:
ba:a6:7c:49:ab:63:70:da:d3:d3:62:7d:97:ea:a7:
fc:26:e8:af:cc:bd:08:65:74:40:c5:76:af:1a:42:
74:60:d4:18:05:e2:1a:93:ff:e7:25:aa:f8:2f:b9:
0e:65:c3:4e:77:3f:35:31:44:b0:41:25:2a:be:45:
d4:28:48:29:09:5f:93:72:3b:c3:0d:82:46:0f:1f:
98:3c:58:b9:09:8f:43:59:b7:2e:5b:e8:24:00:d6:
86:96:ad:d3:53:13:b1:85:3a:6a:5c:8d:43:7f:af:
ce:37:f5:e7:a0:15:44:5f:d9:9f:10:91:50:f2:02:
6c:a6:66:27:c5:9f:8a:b7:58:7d:7b:cb:41:04:3e:
47:07:6e:f4:dc:a3:65:28:12:48:a7:5f:b9:7d:de:
a4:5b:87:9c:00:de:21:ee:3e:a5:0a:1a:73:d1:e1:
0d:d3:ee:d2:1f:9f:a7:34:6c:65:44:45:fc:b5:b2:
28:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:47:3A:39:04:47:44:30:6A:12:51:19:23:AE:D7:C3:41:42:DE:2C
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/5Uc6OQRHRDBqElEZI67Xw0FC3iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.183.0/24
162.218.95.0/24
212.60.16.0/23
217.197.168.0/24
217.197.171.0/24
IPv6:
2a07:c6c0:9::/48
Signature Algorithm: sha256WithRSAEncryption
41:40:67:56:0f:bc:50:d7:07:d8:0d:39:3f:97:c2:eb:3e:f6:
ee:5c:30:a1:86:fe:d8:b0:9d:70:ee:93:19:4e:43:ca:06:43:
a2:3c:b3:a8:78:bb:db:a6:06:74:27:44:13:eb:f2:83:5a:25:
f8:10:58:8f:5f:17:16:68:df:bf:e7:88:ed:43:26:b8:76:68:
44:48:f0:e3:0d:b5:df:ac:b2:6f:ba:66:b8:68:53:03:0f:1c:
0a:5b:bb:54:87:a0:9c:ee:0a:9c:ca:98:0f:27:38:56:fe:f8:
5e:f1:5e:f8:e3:df:6b:8f:fb:1f:43:05:30:27:81:b5:de:6f:
97:23:43:35:5d:35:90:be:79:ee:a2:46:5c:27:9b:0a:a3:51:
18:2f:15:97:b9:3e:0d:0b:fb:ff:62:c8:55:3e:19:b0:83:0c:
11:03:5d:48:9a:51:10:91:07:b7:d3:ff:55:ad:e7:ca:31:13:
87:01:d3:38:a2:f4:b1:6c:67:f1:0f:43:20:87:e2:a4:ae:65:
88:c2:53:8d:4d:6f:ea:5d:4e:75:f6:c7:cc:89:70:03:47:39:
b3:b5:ef:26:cf:01:a6:d0:38:ee:0d:1a:87:19:8d:91:74:f5:
7e:77:2c:fb:98:22:f9:5e:4f:17:40:ae:3b:c7:db:39:1a:d0:
3d:d4:85:be
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZbSJINF6f/e45VpTuPMOZ5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNTE1MDQxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQ3M2EzOTA0NDc0NDMwNmExMjUxMTkyM2FlZDdjMzQxNDJkZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSqBjwp9c+o4ZtIBOi0RtwCFDnF7
x0ZZtrFSebhOGCznlKY72DHmpHVf1qUD4e1riDEhlM6uGcyRa7cz+qMCm3Xx6E+3
9cJ0Hfq6pnxJq2Nw2tPTYn2X6qf8JuivzL0IZXRAxXavGkJ0YNQYBeIak//nJar4
L7kOZcNOdz81MUSwQSUqvkXUKEgpCV+TcjvDDYJGDx+YPFi5CY9DWbcuW+gkANaG
lq3TUxOxhTpqXI1Df6/ON/XnoBVEX9mfEJFQ8gJspmYnxZ+Kt1h9e8tBBD5HB270
3KNlKBJIp1+5fd6kW4ecAN4h7j6lChpz0eEN0+7SH5+nNGxlREX8tbIoFwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFOVHOjkER0QwahJRGSOu18NBQt4sMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNVVjNk9RUkhSREJxRWxFWkk2N1h3MEZDM2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAXpq3AwQA
otpfAwQB1DwQAwQA2cWoAwQA2cWrMA8EAgACMAkDBwAqB8bAAAkwDQYJKoZIhvcN
AQELBQADggEBAEFAZ1YPvFDXB9gNOT+Xwus+9u5cMKGG/tiwnXDukxlOQ8oGQ6I8
s6h4u9umBnQnRBPr8oNaJfgQWI9fFxZo37/niO1DJrh2aERI8OMNtd+ssm+6Zrho
UwMPHApbu1SHoJzuCpzKmA8nOFb++F7xXvjj32uP+x9DBTAngbXeb5cjQzVdNZC+
ee6iRlwnmwqjURgvFZe5Pg0L+/9iyFU+GbCDDBEDXUiaURCRB7fT/1Wt58oxE4cB
0zii9LFsZ/EPQyCH4qSuZYjCU41Nb+pdTnX2x8yJcANHObO17ybPAabQOO4NGocZ
jZF09X53LPuYIvleTxdArjvH2zka0D3Uhb4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:18:02 2025 by rpki-client