Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/_p1jL7ZxBfEdZTOOpmVgSrzfVN0.roa
File: _p1jL7ZxBfEdZTOOpmVgSrzfVN0.roa (raw, json)
Hash identifier: hMTjQqH6pTxJuA9kGVmRXTmIZKvxmATW2MOvtUVBqw8=
Subject key identifier: FE:9D:63:2F:B6:71:05:F1:1D:65:33:8E:A6:65:60:4A:BC:DF:54:DD
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0196D9836A4BABCFA7753DABAD21067E9BE0
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/_p1jL7ZxBfEdZTOOpmVgSrzfVN0.roa
Signing time: Fri 16 May 2025 14:33:10 +0000
ROA not before: Fri 16 May 2025 14:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211659
IP address blocks: 80.64.18.0/24 maxlen: 24
185.39.16.0/24 maxlen: 24
185.39.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 May 2025 17:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d9:83:6a:4b:ab:cf:a7:75:3d:ab:ad:21:06:7e:9b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: May 16 14:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe9d632fb67105f11d65338ea665604abcdf54dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:70:fa:aa:46:22:4a:98:67:4d:7d:db:f8:3d:
cb:68:b1:0a:9b:60:f7:c6:e9:14:eb:b3:24:d7:c5:
fb:46:1e:6e:ac:3c:3f:bd:4f:29:7e:e6:7c:97:d4:
84:74:87:8e:73:3b:59:75:88:04:dc:12:b4:8f:a1:
53:49:3a:11:d7:79:11:e9:61:e5:1a:b6:f6:b9:0b:
c3:d0:c7:28:6a:60:dc:40:86:d2:e3:87:d4:bc:7f:
e6:ba:82:de:af:33:5c:03:28:4e:f8:6a:e6:fa:31:
60:fd:3d:7e:e2:5c:8c:96:f4:33:be:8c:0e:32:54:
51:61:1a:00:02:4c:87:bb:c5:80:de:00:c7:ca:0e:
c5:69:dc:55:e4:e1:fa:cf:99:76:ba:10:9f:c8:15:
81:94:b7:a5:be:95:04:ea:f7:2a:94:0f:e4:8c:53:
ce:cd:59:b0:98:af:c9:11:3d:69:e8:05:d1:6c:fe:
cc:9c:1c:4e:5b:93:95:d2:6d:09:c6:43:27:08:d1:
f5:15:ff:96:de:84:36:f3:1d:1e:e3:51:eb:fe:5f:
19:70:dc:12:5e:4f:1a:10:94:3c:fa:b6:0b:b1:1a:
5a:cc:fd:74:b0:a7:02:48:d3:48:c5:58:d3:1a:05:
c8:2b:7f:87:c0:78:07:c9:9a:66:7f:d2:5a:fa:e9:
3d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9D:63:2F:B6:71:05:F1:1D:65:33:8E:A6:65:60:4A:BC:DF:54:DD
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/_p1jL7ZxBfEdZTOOpmVgSrzfVN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.18.0/24
185.39.16.0/24
185.39.19.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:a7:98:77:84:87:b8:4a:c3:2f:c6:95:03:9c:59:35:95:62:
21:86:66:f7:06:cd:d4:e4:bf:ef:a3:10:c5:c2:85:5f:96:2f:
98:20:f3:98:64:7d:e1:17:9b:4a:be:58:05:cf:5c:d2:d3:c3:
0d:4f:40:f3:3b:d8:e2:59:ed:17:b5:92:63:9d:a5:2b:90:ba:
82:c7:9d:45:1a:38:6b:f2:31:06:12:91:d8:5c:c6:3a:ff:d2:
8e:f8:a0:30:59:40:e9:5a:ba:39:95:b8:1d:a0:a8:ed:58:80:
7b:81:da:a6:2c:eb:9e:59:8f:be:85:6b:14:2b:9a:1d:f5:67:
01:ea:b0:4f:40:33:cf:23:3b:c5:a7:ee:e6:71:42:e8:8b:43:
1c:3e:b3:5b:cb:0c:d3:93:c0:3a:0d:c3:01:7c:27:ab:a3:6c:
37:14:73:e0:fa:1e:53:1f:1b:53:27:ff:b7:16:1c:85:46:5a:
dd:c8:6c:4f:4b:03:10:02:c5:82:ea:04:81:1c:0b:25:e5:6c:
36:e4:0c:45:1f:c6:7c:07:34:43:dd:72:53:de:9a:a6:cb:b2:
df:3a:ea:08:5a:cd:48:58:2b:66:f2:bb:21:a3:51:49:3b:e3:
bc:12:36:91:91:1c:9d:41:83:db:11:49:8b:35:21:44:ad:d9:
01:96:0c:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZbZg2pLq8+ndT2rrSEGfpvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwNTE2MTQzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTlkNjMyZmI2NzEwNWYxMWQ2NTMzOGVhNjY1NjA0YWJjZGY1NGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3D6qkYiSphnTX3b+D3LaLEKm2D3
xukU67Mk18X7Rh5urDw/vU8pfuZ8l9SEdIeOcztZdYgE3BK0j6FTSToR13kR6WHl
Grb2uQvD0McoamDcQIbS44fUvH/muoLerzNcAyhO+Grm+jFg/T1+4lyMlvQzvowO
MlRRYRoAAkyHu8WA3gDHyg7FadxV5OH6z5l2uhCfyBWBlLelvpUE6vcqlA/kjFPO
zVmwmK/JET1p6AXRbP7MnBxOW5OV0m0JxkMnCNH1Ff+W3oQ28x0e41Hr/l8ZcNwS
Xk8aEJQ8+rYLsRpazP10sKcCSNNIxVjTGgXIK3+HwHgHyZpmf9Ja+uk9DwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP6dYy+2cQXxHWUzjqZlYEq831TdMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvX3Axakw3WnhCZkVkWlRPT3BtVmdTcnpmVk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEASAwQA
uScQAwQAuScTMA0GCSqGSIb3DQEBCwUAA4IBAQBdp5h3hIe4SsMvxpUDnFk1lWIh
hmb3Bs3U5L/voxDFwoVfli+YIPOYZH3hF5tKvlgFz1zS08MNT0DzO9jiWe0XtZJj
naUrkLqCx51FGjhr8jEGEpHYXMY6/9KO+KAwWUDpWro5lbgdoKjtWIB7gdqmLOue
WY++hWsUK5od9WcB6rBPQDPPIzvFp+7mcULoi0McPrNbywzTk8A6DcMBfCero2w3
FHPg+h5THxtTJ/+3FhyFRlrdyGxPSwMQAsWC6gSBHAsl5Ww25AxFH8Z8BzRD3XJT
3pqmy7LfOuoIWs1IWCtm8rsho1FJO+O8EjaRkRydQYPbEUmLNSFErdkBlgy5
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:43:38 2025 by rpki-client