Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/nE6sW4O79UaW9f4nbtoYkqI6AqA.roa
File: nE6sW4O79UaW9f4nbtoYkqI6AqA.roa (raw, json)
Hash identifier: HJizuRWZHA6SJSKf68J3nQTbKkFstHlbSo+eJZ+RsqI=
Subject key identifier: 9C:4E:AC:5B:83:BB:F5:46:96:F5:FE:27:6E:DA:18:92:A2:3A:02:A0
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0196D80CF7FF36F293DE28E6D74F3A61F87B
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/nE6sW4O79UaW9f4nbtoYkqI6AqA.roa
Signing time: Fri 16 May 2025 07:44:10 +0000
ROA not before: Fri 16 May 2025 07:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 77.76.0.0/23 maxlen: 23
77.76.4.0/22 maxlen: 22
78.128.2.0/23 maxlen: 23
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.128.52.0/22 maxlen: 22
78.128.56.0/22 maxlen: 22
78.128.82.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.88.0/22 maxlen: 22
78.128.96.0/23 maxlen: 23
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.116.0/23 maxlen: 23
78.128.120.0/23 maxlen: 23
78.128.122.0/24 maxlen: 24
78.128.123.0/24 maxlen: 24
78.142.9.0/24 maxlen: 24
78.142.10.0/23 maxlen: 23
78.142.12.0/22 maxlen: 22
78.142.30.0/23 maxlen: 23
84.201.224.0/20 maxlen: 20
91.148.149.0/24 maxlen: 24
91.148.150.0/23 maxlen: 23
91.148.152.0/21 maxlen: 21
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
91.148.166.0/24 maxlen: 24
91.148.169.0/24 maxlen: 24
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
91.148.186.0/23 maxlen: 23
130.185.227.0/24 maxlen: 24
193.24.240.0/22 maxlen: 22
193.200.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 24 May 2025 09:46:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d8:0c:f7:ff:36:f2:93:de:28:e6:d7:4f:3a:61:f8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: May 16 07:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c4eac5b83bbf54696f5fe276eda1892a23a02a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d9:ec:bc:78:4f:96:b8:75:0a:5d:e3:a0:58:
02:71:81:b8:85:ff:81:af:46:ec:c1:95:c0:b2:6b:
fd:d6:86:1d:86:2d:f3:81:22:1a:b7:d1:49:13:ea:
81:45:7f:f8:af:19:a8:67:1b:23:5f:65:08:e6:44:
26:0f:78:e6:2f:52:fd:6f:71:82:0e:d8:61:b0:d1:
0a:d6:47:b9:36:7c:16:c2:00:35:12:50:f3:cd:5c:
db:ad:b8:a1:7f:4c:c4:3b:24:0a:39:14:83:05:0a:
c3:21:a4:bf:ab:5c:7c:c1:d4:ab:a7:92:ec:ab:95:
02:8c:19:9e:6b:a5:4a:44:8d:75:d6:8b:40:bf:e6:
61:78:25:20:60:14:09:a3:32:0e:e0:4c:47:79:28:
82:f8:63:f6:20:56:71:0e:41:2f:ab:05:bd:66:f4:
f3:f3:2b:3b:e4:12:00:9a:01:67:7a:f4:61:d8:48:
0b:04:b6:03:1d:74:f1:d3:b5:f5:ea:61:19:e7:10:
a0:42:f0:96:c8:31:10:f0:ea:a7:8d:e7:c3:06:8f:
aa:f0:a6:36:9f:5e:99:6b:2e:34:73:56:41:9d:ce:
65:0d:d2:22:da:0b:d7:ff:c4:7c:9c:64:1a:b2:38:
dc:7a:aa:55:2d:43:13:37:72:8a:1f:e6:d3:77:8e:
a0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4E:AC:5B:83:BB:F5:46:96:F5:FE:27:6E:DA:18:92:A2:3A:02:A0
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/nE6sW4O79UaW9f4nbtoYkqI6AqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.0.0/23
77.76.4.0/22
78.128.2.0/23
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.82.0-78.128.91.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.116.0/23
78.128.120.0/22
78.142.9.0-78.142.15.255
78.142.30.0/23
84.201.224.0/20
91.148.149.0-91.148.159.255
91.148.162.0-91.148.166.255
91.148.169.0-91.148.183.255
91.148.186.0/23
130.185.227.0/24
193.24.240.0/22
193.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
99:54:1c:d8:91:da:ff:b2:06:c3:65:19:0a:f8:cd:c5:b4:b4:
ef:fb:ea:45:3a:73:3a:9b:99:d6:cf:74:e1:68:8f:03:ba:4d:
12:fe:02:67:4a:56:1e:2d:1d:3b:9b:d4:a0:4f:ac:91:e8:db:
ae:9c:45:18:d7:0a:d0:42:47:76:75:2b:15:c7:6e:35:a8:d5:
58:07:38:e2:d9:9f:8d:c6:a3:cf:8d:82:39:60:ad:aa:e6:54:
59:3b:41:9e:f6:ed:c2:35:fe:be:ec:fd:83:d0:33:05:af:03:
75:3f:8f:c5:3f:a7:70:f7:1c:be:d1:dd:76:b4:bf:83:b6:41:
66:a0:cf:88:eb:ee:77:01:dc:d1:be:ff:a7:f9:ac:6f:a2:2b:
66:05:d2:8a:98:65:74:77:21:0b:3c:3c:6e:74:62:21:35:c6:
a9:40:ba:a4:62:9e:70:da:0b:08:45:f8:13:11:92:7c:22:68:
66:05:d2:22:9c:04:a5:1c:e7:4b:c8:52:eb:9d:31:08:3f:07:
d2:aa:d8:22:b2:73:b7:61:68:ba:9e:bc:23:99:f3:75:ce:6e:
8c:0f:a6:46:b7:66:c4:ee:ff:54:3b:aa:b6:32:3b:b4:b2:85:
1c:c2:dd:bc:d8:b9:2a:ca:51:75:6c:ab:93:40:e8:9b:3f:e3:
33:20:27:45
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAZbYDPf/NvKT3ijm1086Yfh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwNTE2MDc0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRlYWM1YjgzYmJmNTQ2OTZmNWZlMjc2ZWRhMTg5MmEyM2EwMmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNnsvHhPlrh1Cl3joFgCcYG4hf+B
r0bswZXAsmv91oYdhi3zgSIat9FJE+qBRX/4rxmoZxsjX2UI5kQmD3jmL1L9b3GC
DthhsNEK1ke5NnwWwgA1ElDzzVzbrbihf0zEOyQKORSDBQrDIaS/q1x8wdSrp5Ls
q5UCjBmea6VKRI111otAv+ZheCUgYBQJozIO4ExHeSiC+GP2IFZxDkEvqwW9ZvTz
8ys75BIAmgFnevRh2EgLBLYDHXTx07X16mEZ5xCgQvCWyDEQ8OqnjefDBo+q8KY2
n16Zay40c1ZBnc5lDdIi2gvX/8R8nGQasjjceqpVLUMTN3KKH+bTd46gLwIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFJxOrFuDu/VGlvX+J27aGJKiOgKgMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvbkU2c1c0Tzc5VWFXOWY0bmJ0b1lrcUk2QXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBAFN
TAADBAJNTAQDBAFOgAIwDAMEAU6ACgMEBU6AADAMAwQCToAkAwQBToAoMAwDBAJO
gDQDBAJOgDgwDAMEAU6AUgMEAk6AWAMEAU6AYDAMAwQCToBkAwQCToBoAwQBToB0
AwQCToB4MAwDBABOjgkDBAROjgADBAFOjh4DBARUyeAwDAMEAFuUlQMEBVuUgDAM
AwQBW5SiAwQAW5SmMAwDBABblKkDBANblLADBAFblLoDBACCueMDBALBGPADBAHB
yA4wDQYJKoZIhvcNAQELBQADggEBAJlUHNiR2v+yBsNlGQr4zcW0tO/76kU6czqb
mdbPdOFojwO6TRL+AmdKVh4tHTub1KBPrJHo266cRRjXCtBCR3Z1KxXHbjWo1VgH
OOLZn43Go8+NgjlgrarmVFk7QZ727cI1/r7s/YPQMwWvA3U/j8U/p3D3HL7R3Xa0
v4O2QWagz4jr7ncB3NG+/6f5rG+iK2YF0oqYZXR3IQs8PG50YiE1xqlAuqRinnDa
CwhF+BMRknwiaGYF0iKcBKUc50vIUuudMQg/B9Kq2CKyc7dhaLqevCOZ83XObowP
pka3ZsTu/1Q7qrYyO7SyhRzC3bzYuSrKUXVsq5NA6Js/4zMgJ0U=
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:15:17 2025 by rpki-client