Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/biQCi0iOXtwebueTVAcrBG3snxU.roa
File: biQCi0iOXtwebueTVAcrBG3snxU.roa (raw, json)
Hash identifier: 4Mu/l5sX4zZoe4VyuXZT347ppgn26N3OIw5+Fj2M9q0=
Subject key identifier: 6E:24:02:8B:48:8E:5E:DC:1E:6E:E7:93:54:07:2B:04:6D:EC:9F:15
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 0196C54A1B90EB4C18C7C51CA5BB8EE4153C
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/biQCi0iOXtwebueTVAcrBG3snxU.roa
Signing time: Mon 12 May 2025 16:18:10 +0000
ROA not before: Mon 12 May 2025 16:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3170
IP address blocks: 83.97.16.0/22 maxlen: 24
83.97.16.0/24 maxlen: 32
91.240.224.0/24 maxlen: 24
185.17.196.0/22 maxlen: 24
185.175.90.0/24 maxlen: 24
188.64.34.0/23 maxlen: 24
188.64.36.0/22 maxlen: 24
193.35.56.0/22 maxlen: 24
193.105.188.0/24 maxlen: 24
194.69.165.0/24 maxlen: 24
195.74.52.0/22 maxlen: 24
195.144.8.0/24 maxlen: 24
195.191.218.0/23 maxlen: 24
195.191.219.0/24 maxlen: 32
2a03:ee40::/32 maxlen: 32
2a07:240::/29 maxlen: 48
2a10:4740::/29 maxlen: 48
2a11:2640::/32 maxlen: 32
2a11:2641::/32 maxlen: 32
2a11:2647::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 13 May 2025 15:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:4a:1b:90:eb:4c:18:c7:c5:1c:a5:bb:8e:e4:15:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: May 12 16:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e24028b488e5edc1e6ee79354072b046dec9f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:0c:e7:f2:bd:7b:38:1f:2b:e5:b3:05:c2:9f:
8a:6b:69:1a:11:74:19:9d:f3:87:38:06:92:99:41:
2a:5b:b1:32:f7:23:e3:dd:db:8e:90:41:8a:b9:ec:
b2:bf:e8:83:a1:70:9c:12:b1:fe:04:d2:21:f3:68:
f5:a1:c5:99:6c:df:25:ed:2b:bc:06:44:ac:52:f5:
3c:cc:03:a6:b9:09:35:a0:f2:32:11:a4:15:35:21:
1e:7f:a8:f6:2f:91:bd:ff:59:90:4d:27:3d:40:1e:
6b:ad:a1:0f:77:dd:73:f1:74:52:12:80:71:a4:1a:
8b:ce:09:49:c9:31:21:fb:b3:b8:18:bb:33:9a:28:
11:7d:ed:0a:9d:cf:48:d0:a9:27:40:63:7a:e2:2f:
b0:be:11:aa:4b:b4:f9:0d:ac:aa:67:0f:0e:73:03:
25:e4:cf:22:19:52:9c:d2:f2:4f:44:83:31:83:b7:
e7:44:1e:7c:fb:32:c3:3e:f9:7a:fd:40:13:d4:ed:
d5:93:1f:d9:bc:9d:7c:ff:95:40:7b:05:6d:0c:ce:
bb:5c:e1:9a:ab:e6:84:66:c9:c2:26:89:5b:1f:a7:
bc:70:c7:ca:18:af:f9:32:71:54:76:58:d0:7a:80:
9e:c8:74:66:47:07:a8:66:f4:33:00:ac:ea:74:7e:
1f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:24:02:8B:48:8E:5E:DC:1E:6E:E7:93:54:07:2B:04:6D:EC:9F:15
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/biQCi0iOXtwebueTVAcrBG3snxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.16.0/22
91.240.224.0/24
185.17.196.0/22
185.175.90.0/24
188.64.34.0-188.64.39.255
193.35.56.0/22
193.105.188.0/24
194.69.165.0/24
195.74.52.0/22
195.144.8.0/24
195.191.218.0/23
IPv6:
2a03:ee40::/32
2a07:240::/29
2a10:4740::/29
2a11:2640::/31
2a11:2647::/32
Signature Algorithm: sha256WithRSAEncryption
3c:07:3b:94:2d:2f:b1:41:ca:5b:5c:fe:80:f6:ff:b5:b9:25:
6a:17:62:cc:e7:1b:50:4d:95:cd:97:b1:2d:82:04:fa:b4:82:
28:73:7a:90:80:62:1b:2e:b6:1e:c0:dd:42:d1:67:79:68:23:
84:48:f8:50:06:87:6a:52:83:09:bb:f2:59:75:dc:15:ee:59:
9f:24:29:15:a9:14:ae:56:92:0b:b9:f0:c5:cd:e9:b7:0d:9f:
50:38:42:df:69:85:a2:03:bf:f3:cb:0b:3b:81:37:bb:5e:64:
06:ee:24:f1:9b:92:90:09:24:4b:dc:09:24:0f:ef:75:f9:9b:
5a:1d:f1:9c:74:26:e1:d6:38:79:ed:72:cc:57:08:17:dd:28:
12:35:21:85:49:6a:af:97:43:87:57:9e:d5:64:eb:09:4e:e9:
03:41:2c:37:dd:e4:2e:b0:b7:fb:24:6f:29:79:e6:a6:0c:cc:
40:46:0d:3e:5b:69:6c:97:fa:bc:ec:12:c7:cb:6c:37:2f:a7:
e8:0c:1d:09:33:7f:09:17:1c:fc:f0:b3:f3:0b:95:9f:f1:6f:
d6:d3:64:55:0b:07:aa:5f:d6:f7:a7:86:a0:de:fa:71:70:be:
be:ae:28:fc:47:0c:2d:e6:2c:94:17:e0:4e:95:c9:5e:54:ee:
6b:40:70:5a
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZbFShuQ60wYx8UcpbuO5BU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjUwNTEyMTYxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI0MDI4YjQ4OGU1ZWRjMWU2ZWU3OTM1NDA3MmIwNDZkZWM5ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Qzn8r17OB8r5bMFwp+Ka2kaEXQZ
nfOHOAaSmUEqW7Ey9yPj3duOkEGKueyyv+iDoXCcErH+BNIh82j1ocWZbN8l7Su8
BkSsUvU8zAOmuQk1oPIyEaQVNSEef6j2L5G9/1mQTSc9QB5rraEPd91z8XRSEoBx
pBqLzglJyTEh+7O4GLszmigRfe0Knc9I0KknQGN64i+wvhGqS7T5DayqZw8OcwMl
5M8iGVKc0vJPRIMxg7fnRB58+zLDPvl6/UAT1O3Vkx/ZvJ18/5VAewVtDM67XOGa
q+aEZsnCJolbH6e8cMfKGK/5MnFUdljQeoCeyHRmRweoZvQzAKzqdH4f2wIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFG4kAotIjl7cHm7nk1QHKwRt7J8VMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvYmlRQ2kwaU9YdHdlYnVlVFZBY3JCRzNzbnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wUAQCAAEwSgMEAlNhEAME
AFvw4AMEArkRxAMEALmvWjAMAwQBvEAiAwQDvEAgAwQCwSM4AwQAwWm8AwQAwkWl
AwQCw0o0AwQAw5AIAwQBw7/aMCkEAgACMCMDBQAqA+5AAwUDKgcCQAMFAyoQR0AD
BQEqESZAAwUAKhEmRzANBgkqhkiG9w0BAQsFAAOCAQEAPAc7lC0vsUHKW1z+gPb/
tbklahdizOcbUE2VzZexLYIE+rSCKHN6kIBiGy62HsDdQtFneWgjhEj4UAaHalKD
CbvyWXXcFe5ZnyQpFakUrlaSC7nwxc3ptw2fUDhC32mFogO/88sLO4E3u15kBu4k
8ZuSkAkkS9wJJA/vdfmbWh3xnHQm4dY4ee1yzFcIF90oEjUhhUlqr5dDh1ee1WTr
CU7pA0EsN93kLrC3+yRvKXnmpgzMQEYNPltpbJf6vOwSx8tsNy+n6AwdCTN/CRcc
/PCz8wuVn/Fv1tNkVQsHql/W96eGoN76cXC+vq4o/EcMLeYslBfgTpXJXlTua0Bw
Wg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 22:18:34 2025 by rpki-client