Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/l5DsQvdv-qv2sTx5Ph7OPQ1elP8.roa
File: l5DsQvdv-qv2sTx5Ph7OPQ1elP8.roa (raw, json)
Hash identifier: 41DHQ1t0k4PTBEQ4gKJZpkQRK9JQAiDKDplT26MtqlM=
Subject key identifier: 97:90:EC:42:F7:6F:FA:AB:F6:B1:3C:79:3E:1E:CE:3D:0D:5E:94:FF
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019701B036BE5515CF5902D93E1EED9489F8
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/l5DsQvdv-qv2sTx5Ph7OPQ1elP8.roa
Signing time: Sat 24 May 2025 09:46:54 +0000
ROA not before: Sat 24 May 2025 09:46:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 77.76.4.0/22 maxlen: 22
78.128.2.0/23 maxlen: 23
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.128.52.0/22 maxlen: 22
78.128.56.0/22 maxlen: 22
78.128.82.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.88.0/22 maxlen: 22
78.128.96.0/23 maxlen: 23
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.116.0/23 maxlen: 23
78.128.120.0/23 maxlen: 23
78.128.122.0/24 maxlen: 24
78.128.123.0/24 maxlen: 24
78.142.9.0/24 maxlen: 24
78.142.10.0/23 maxlen: 23
78.142.12.0/22 maxlen: 22
78.142.30.0/23 maxlen: 23
84.201.224.0/20 maxlen: 20
91.148.149.0/24 maxlen: 24
91.148.150.0/23 maxlen: 23
91.148.152.0/21 maxlen: 21
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
91.148.166.0/24 maxlen: 24
91.148.169.0/24 maxlen: 24
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
91.148.186.0/23 maxlen: 23
130.185.227.0/24 maxlen: 24
193.24.240.0/22 maxlen: 22
193.200.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 02 Jun 2025 07:25:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:01:b0:36:be:55:15:cf:59:02:d9:3e:1e:ed:94:89:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: May 24 09:46:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9790ec42f76ffaabf6b13c793e1ece3d0d5e94ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c8:f7:d1:14:8a:55:bd:4f:b7:73:c4:54:94:
76:22:6e:85:79:bb:3e:25:e7:f0:6f:74:84:93:f1:
fc:26:8e:95:42:3b:6a:aa:a4:03:05:a8:13:35:ce:
5a:4d:d2:26:7f:13:bc:3b:6b:3f:d2:48:01:57:25:
c8:0b:27:a8:fc:97:2c:b9:27:7f:2a:3f:99:23:26:
90:66:76:de:20:00:49:e8:e4:48:5e:a8:ca:c3:3b:
84:f7:45:48:87:48:67:6b:eb:42:e7:45:dc:06:7b:
bd:11:a9:40:99:e2:77:b7:50:bd:c0:e5:b5:28:a7:
5b:0d:6b:d1:8b:eb:20:e4:e4:7a:59:3b:f6:d0:e4:
0e:6d:4e:31:8d:ae:86:5b:81:67:3d:cb:3b:24:ea:
1b:03:5b:f4:ad:06:ec:e7:0b:f4:cd:65:67:4d:cb:
62:3b:27:57:3e:90:6a:84:b8:4f:68:75:68:84:bd:
83:28:b4:d0:1e:fc:f3:bc:da:2b:d2:1f:37:63:40:
b1:5c:14:d5:8b:c2:0f:1c:c3:ab:da:27:2d:de:9f:
68:d2:07:16:48:c4:78:7f:87:c9:18:ef:03:f4:45:
0d:24:ed:cb:7a:4f:3e:f3:17:6f:ab:7d:22:25:56:
3b:46:fc:27:1f:a4:b0:50:99:8d:e5:b1:f5:34:8e:
d8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:90:EC:42:F7:6F:FA:AB:F6:B1:3C:79:3E:1E:CE:3D:0D:5E:94:FF
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/l5DsQvdv-qv2sTx5Ph7OPQ1elP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.4.0/22
78.128.2.0/23
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.82.0-78.128.91.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.116.0/23
78.128.120.0/22
78.142.9.0-78.142.15.255
78.142.30.0/23
84.201.224.0/20
91.148.149.0-91.148.159.255
91.148.162.0-91.148.166.255
91.148.169.0-91.148.183.255
91.148.186.0/23
130.185.227.0/24
193.24.240.0/22
193.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:29:ae:22:1c:39:62:1f:80:64:e1:f4:1c:fd:26:5c:6c:59:
b3:7a:c7:0b:10:13:e7:6e:58:14:e3:2a:75:db:36:e5:bb:b5:
cf:8a:3f:03:0f:4c:9f:63:2a:8f:ff:50:c2:87:9d:97:c8:69:
be:11:64:39:e5:a8:7b:e0:b9:21:a4:7e:9f:d1:45:cb:e5:d2:
52:88:e6:c6:97:e7:70:b2:1c:d7:16:36:1c:3e:de:93:8b:be:
20:db:40:07:c5:16:d7:30:fd:30:b8:b8:34:49:f8:97:25:59:
71:ce:da:fe:6c:e5:d0:20:7d:55:90:cc:4b:81:6a:43:67:32:
c2:10:18:23:a2:a5:d7:bf:93:fe:e6:e4:ad:23:ef:5c:88:f6:
42:0c:b5:11:4e:e7:8e:f5:fd:60:04:b7:3a:b4:6b:0b:58:6e:
ed:39:89:fa:9d:86:38:c5:1a:f1:d8:71:e1:92:81:c8:fe:03:
da:e7:28:5a:88:9b:b6:27:e0:6e:34:6d:53:a0:15:ee:6f:64:
86:e6:0b:f1:da:0f:da:6b:10:82:76:6d:3f:3e:d1:f6:ae:fc:
91:ff:83:f1:94:f4:e2:be:1b:64:bb:23:6e:62:cf:c8:71:bf:
69:1b:37:c0:15:0a:03:28:46:1f:eb:17:43:dd:48:61:58:0b:
f1:d1:75:76
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAZcBsDa+VRXPWQLZPh7tlIn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwNTI0MDk0NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzkwZWM0MmY3NmZmYWFiZjZiMTNjNzkzZTFlY2UzZDBkNWU5NGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sj30RSKVb1Pt3PEVJR2Im6Febs+
Jefwb3SEk/H8Jo6VQjtqqqQDBagTNc5aTdImfxO8O2s/0kgBVyXICyeo/JcsuSd/
Kj+ZIyaQZnbeIABJ6ORIXqjKwzuE90VIh0hna+tC50XcBnu9EalAmeJ3t1C9wOW1
KKdbDWvRi+sg5OR6WTv20OQObU4xja6GW4FnPcs7JOobA1v0rQbs5wv0zWVnTcti
OydXPpBqhLhPaHVohL2DKLTQHvzzvNor0h83Y0CxXBTVi8IPHMOr2ict3p9o0gcW
SMR4f4fJGO8D9EUNJO3Lek8+8xdvq30iJVY7RvwnH6SwUJmN5bH1NI7YCQIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFJeQ7EL3b/qr9rE8eT4ezj0NXpT/MB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvbDVEc1F2ZHYtcXYyc1R4NVBoN09QUTFlbFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBAJN
TAQDBAFOgAIwDAMEAU6ACgMEBU6AADAMAwQCToAkAwQBToAoMAwDBAJOgDQDBAJO
gDgwDAMEAU6AUgMEAk6AWAMEAU6AYDAMAwQCToBkAwQCToBoAwQBToB0AwQCToB4
MAwDBABOjgkDBAROjgADBAFOjh4DBARUyeAwDAMEAFuUlQMEBVuUgDAMAwQBW5Si
AwQAW5SmMAwDBABblKkDBANblLADBAFblLoDBACCueMDBALBGPADBAHByA4wDQYJ
KoZIhvcNAQELBQADggEBAKspriIcOWIfgGTh9Bz9JlxsWbN6xwsQE+duWBTjKnXb
NuW7tc+KPwMPTJ9jKo//UMKHnZfIab4RZDnlqHvguSGkfp/RRcvl0lKI5saX53Cy
HNcWNhw+3pOLviDbQAfFFtcw/TC4uDRJ+JclWXHO2v5s5dAgfVWQzEuBakNnMsIQ
GCOipde/k/7m5K0j71yI9kIMtRFO5471/WAEtzq0awtYbu05ifqdhjjFGvHYceGS
gcj+A9rnKFqIm7Yn4G40bVOgFe5vZIbmC/HaD9prEIJ2bT8+0fau/JH/g/GU9OK+
G2S7I25iz8hxv2kbN8AVCgMoRh/rF0PdSGFYC/HRdXY=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:18:05 2025 by rpki-client