Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/7OMggPUGwwcU0FvVITyRUkwadjA.roa
File: 7OMggPUGwwcU0FvVITyRUkwadjA.roa (raw, json)
Hash identifier: wjX6guqxLHeKRhblx7jKpkorlxRBOHorulA5jHrhdOY=
Subject key identifier: EC:E3:20:80:F5:06:C3:07:14:D0:5B:D5:21:3C:91:52:4C:1A:76:30
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 0196A4E284F6F38D4E4AE3CF7A96D24E626C
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/7OMggPUGwwcU0FvVITyRUkwadjA.roa
Signing time: Tue 06 May 2025 09:17:10 +0000
ROA not before: Tue 06 May 2025 09:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15576
IP address blocks: 77.95.120.0/21 maxlen: 21
85.118.216.0/21 maxlen: 21
185.63.149.0/24 maxlen: 24
212.103.64.0/19 maxlen: 19
212.103.64.0/24 maxlen: 24
212.103.65.0/24 maxlen: 24
217.11.208.0/20 maxlen: 20
217.146.160.0/20 maxlen: 20
217.146.165.0/24 maxlen: 24
2a00:c38::/32 maxlen: 32
2a00:c38:1a5::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 May 2025 09:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:e2:84:f6:f3:8d:4e:4a:e3:cf:7a:96:d2:4e:62:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: May 6 09:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ece32080f506c30714d05bd5213c91524c1a7630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:33:35:b0:ae:26:8e:f8:ed:50:da:28:5f:ad:
b2:24:66:d6:b1:6d:f3:66:b2:24:3d:8d:32:cb:ee:
cb:0d:5f:52:df:64:e5:02:e7:36:e7:7f:a3:19:47:
ba:0c:4b:d5:8a:02:5a:04:73:d4:57:0b:19:46:ed:
a7:9a:ac:8b:35:dc:65:c7:4d:96:32:22:e3:01:87:
3b:bd:26:5d:be:b7:f8:29:ea:15:ff:2e:c9:47:1d:
b9:fe:dd:2c:b0:9e:50:34:3f:64:4d:e6:89:33:6d:
84:f7:1e:de:f1:52:06:bb:75:91:29:6e:89:b3:8f:
4c:7d:86:b5:d8:96:40:19:3f:27:6a:12:86:e6:58:
7f:4f:02:53:0b:77:bf:7d:d7:35:73:3a:1b:4b:ab:
f7:4c:62:38:62:57:2e:20:92:bc:6f:4f:56:a6:8c:
3b:9b:49:6b:3c:ec:f6:0b:95:d9:23:ca:c9:25:b8:
29:5b:43:cc:48:7d:a4:d5:60:fb:99:8a:f6:ba:cd:
93:48:c7:16:cc:de:72:4c:d9:30:ed:e6:9a:d4:0f:
8a:1b:95:15:f2:10:06:95:ef:ff:f7:5c:1f:04:cc:
9e:5f:b6:14:89:e6:32:69:47:09:bb:64:3d:9a:9a:
fa:b7:d7:11:62:62:79:24:4e:9e:f5:3c:6c:18:50:
c9:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E3:20:80:F5:06:C3:07:14:D0:5B:D5:21:3C:91:52:4C:1A:76:30
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/7OMggPUGwwcU0FvVITyRUkwadjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/21
85.118.216.0/21
185.63.149.0/24
212.103.64.0/19
217.11.208.0/20
217.146.160.0/20
IPv6:
2a00:c38::/32
Signature Algorithm: sha256WithRSAEncryption
53:ce:d1:02:36:b7:d7:5a:f6:20:c7:3b:8e:50:55:ed:76:56:
33:d9:55:88:e4:82:47:43:ac:0a:95:ec:b9:9c:4d:78:5b:a6:
32:1d:35:0e:53:e4:df:13:25:ec:f7:d8:d5:4b:61:95:9d:47:
4c:62:02:73:89:50:37:c3:54:91:32:48:97:bd:35:ae:85:81:
ca:ef:2e:9b:27:78:c7:b8:7c:f3:68:01:b1:81:e3:18:6c:a5:
d4:07:00:7c:b7:30:0c:b1:74:bd:29:a1:f3:d6:0c:fb:aa:f4:
52:53:64:e0:0d:ab:dd:20:f7:f9:f7:da:18:3f:0a:03:1b:e3:
42:d8:5f:fe:ac:c1:10:07:30:4e:32:c5:5c:d7:59:7d:d4:18:
94:2b:d8:d8:eb:42:a6:e1:7d:fe:14:00:95:9a:1c:2e:09:33:
5c:0b:39:69:df:26:46:2b:f5:c5:d9:af:9d:ae:a4:28:62:66:
0f:9b:d1:06:90:a2:40:97:92:ef:dd:59:4c:1d:56:58:39:9e:
ac:26:da:25:c5:66:6e:61:e7:bc:bc:d4:b3:bd:54:10:ae:92:
d6:8f:5c:37:8a:86:01:a7:cb:d1:3b:dd:d7:1c:af:41:be:f3:
e1:11:36:58:d4:a2:3b:be:14:cf:8c:bb:71:eb:a1:c3:76:e9:
0c:01:d5:30
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZak4oT2841OSuPPepbSTmJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjUwNTA2MDkxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2UzMjA4MGY1MDZjMzA3MTRkMDViZDUyMTNjOTE1MjRjMWE3NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TM1sK4mjvjtUNooX62yJGbWsW3z
ZrIkPY0yy+7LDV9S32TlAuc253+jGUe6DEvVigJaBHPUVwsZRu2nmqyLNdxlx02W
MiLjAYc7vSZdvrf4KeoV/y7JRx25/t0ssJ5QND9kTeaJM22E9x7e8VIGu3WRKW6J
s49MfYa12JZAGT8nahKG5lh/TwJTC3e/fdc1czobS6v3TGI4YlcuIJK8b09Wpow7
m0lrPOz2C5XZI8rJJbgpW0PMSH2k1WD7mYr2us2TSMcWzN5yTNkw7eaa1A+KG5UV
8hAGle//91wfBMyeX7YUieYyaUcJu2Q9mpr6t9cRYmJ5JE6e9TxsGFDJEwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOzjIID1BsMHFNBb1SE8kVJMGnYwMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvN09NZ2dQVUd3d2NVMEZ2VklUeVJVa3dhZGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDTV94AwQD
VXbYAwQAuT+VAwQF1GdAAwQE2QvQAwQE2ZKgMA0EAgACMAcDBQAqAAw4MA0GCSqG
SIb3DQEBCwUAA4IBAQBTztECNrfXWvYgxzuOUFXtdlYz2VWI5IJHQ6wKley5nE14
W6YyHTUOU+TfEyXs99jVS2GVnUdMYgJziVA3w1SRMkiXvTWuhYHK7y6bJ3jHuHzz
aAGxgeMYbKXUBwB8tzAMsXS9KaHz1gz7qvRSU2TgDavdIPf599oYPwoDG+NC2F/+
rMEQBzBOMsVc11l91BiUK9jY60Km4X3+FACVmhwuCTNcCzlp3yZGK/XF2a+drqQo
YmYPm9EGkKJAl5Lv3VlMHVZYOZ6sJtolxWZuYee8vNSzvVQQrpLWj1w3ioYBp8vR
O93XHK9BvvPhETZY1KI7vhTPjLtx66HDdukMAdUw
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:20:40 2025 by rpki-client