Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/aMcy3w-zwokSfBDlfrEB74EeNFE.roa
File: aMcy3w-zwokSfBDlfrEB74EeNFE.roa (raw, json)
Hash identifier: HDhh55sg1BxZfF9a7pAYBoflpRGNOYxhxpqgru7XE4M=
Subject key identifier: 68:C7:32:DF:0F:B3:C2:89:12:7C:10:E5:7E:B1:01:EF:81:1E:34:51
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0196DEEF5AC68FE5994B75DBF833321B2BBB
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/aMcy3w-zwokSfBDlfrEB74EeNFE.roa
Signing time: Sat 17 May 2025 15:49:10 +0000
ROA not before: Sat 17 May 2025 15:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 87.254.11.0/24 maxlen: 24
87.254.29.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
217.25.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jun 2025 16:29:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:de:ef:5a:c6:8f:e5:99:4b:75:db:f8:33:32:1b:2b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: May 17 15:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68c732df0fb3c289127c10e57eb101ef811e3451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:57:45:97:05:18:e5:ae:e8:ee:a5:67:a2:6b:
c9:0a:81:5c:3a:e7:40:37:39:94:a8:65:0b:6f:c9:
06:83:0d:b3:83:94:13:87:8b:10:6a:34:bf:32:3c:
d8:b4:2c:f2:f6:3e:bf:df:20:b6:28:32:17:72:36:
58:0d:ad:ae:7b:b7:f9:a5:0e:53:51:16:91:65:e1:
fb:aa:c9:90:01:0b:6f:34:1a:9c:f7:99:61:50:e9:
42:fc:cb:30:1c:fd:33:e1:9c:e8:33:1f:3d:ee:d8:
0b:ed:4c:a0:da:ab:7c:8f:98:06:1a:00:55:0b:06:
2c:5a:3a:b4:7d:9b:6b:07:5a:0d:09:b7:a4:1f:eb:
93:95:c5:56:69:c9:be:1d:66:64:fa:92:b9:24:6f:
eb:6c:59:06:2f:88:58:d6:6f:84:3d:fe:44:04:99:
1b:20:34:37:6a:24:db:12:5f:eb:00:1c:16:5e:11:
4a:8f:5e:f9:2f:71:e3:71:9e:26:df:f4:d0:ab:7c:
87:db:aa:b5:1a:ac:fb:77:f9:ee:c0:fe:64:05:a4:
b9:4e:b1:2c:8c:80:ea:ae:7e:a2:48:0f:3b:25:2a:
45:b8:97:0a:fb:b1:b6:69:41:3a:54:50:fe:82:64:
7a:59:59:4d:d8:68:e8:f4:61:71:a7:a8:0d:7b:c9:
43:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C7:32:DF:0F:B3:C2:89:12:7C:10:E5:7E:B1:01:EF:81:1E:34:51
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/aMcy3w-zwokSfBDlfrEB74EeNFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.11.0/24
87.254.29.0/24
185.210.168.0/23
217.25.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:fd:55:e4:6d:50:1a:e4:f4:5f:cb:21:68:f9:c5:cd:20:59:
bf:c7:c0:bd:0b:82:db:7d:90:52:56:f6:3f:5f:42:c7:bf:12:
89:e4:2e:ee:9b:45:53:aa:98:6d:3e:4c:38:b8:51:16:4b:78:
83:bc:a9:18:99:64:3d:65:b0:5b:7d:7e:da:8f:50:42:77:b3:
81:77:b0:9c:76:d4:ee:72:48:27:ea:09:85:a2:da:f1:78:f0:
f8:60:24:ff:e2:0d:9b:96:69:b9:5f:82:81:6f:92:31:2e:40:
35:1e:8b:73:b8:65:d4:f0:83:bd:8a:73:b2:4f:cf:50:b3:94:
bd:e9:0e:f7:63:42:32:e1:26:a2:e9:6e:95:91:b4:bc:17:81:
40:49:2c:e4:17:37:02:52:f8:ca:74:6c:9d:8a:cc:d9:dd:8b:
25:92:cc:80:40:5a:f1:35:da:47:1b:1d:a9:98:fe:ca:23:d4:
04:66:97:5f:75:51:ff:39:b3:49:1a:4b:75:f5:83:55:fd:fe:
10:51:f7:41:cb:dd:6a:bb:d5:d1:bc:f4:4f:e8:bf:e1:e5:40:
00:7a:12:27:4a:ae:8b:57:75:12:91:e9:db:f4:78:cb:57:48:
d8:c5:30:89:a3:e0:76:97:b5:53:7c:9d:70:5e:9e:10:5d:dd:
86:93:3d:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbe71rGj+WZS3Xb+DMyGyu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjUwNTE3MTU0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGM3MzJkZjBmYjNjMjg5MTI3YzEwZTU3ZWIxMDFlZjgxMWUzNDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21dFlwUY5a7o7qVnomvJCoFcOudA
NzmUqGULb8kGgw2zg5QTh4sQajS/MjzYtCzy9j6/3yC2KDIXcjZYDa2ue7f5pQ5T
URaRZeH7qsmQAQtvNBqc95lhUOlC/MswHP0z4ZzoMx897tgL7Uyg2qt8j5gGGgBV
CwYsWjq0fZtrB1oNCbekH+uTlcVWacm+HWZk+pK5JG/rbFkGL4hY1m+EPf5EBJkb
IDQ3aiTbEl/rABwWXhFKj175L3HjcZ4m3/TQq3yH26q1Gqz7d/nuwP5kBaS5TrEs
jIDqrn6iSA87JSpFuJcK+7G2aUE6VFD+gmR6WVlN2Gjo9GFxp6gNe8lDiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGjHMt8Ps8KJEnwQ5X6xAe+BHjRRMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvYU1jeTN3LXp3b2tTZkJEbGZyRUI3NEVlTkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV/4LAwQA
V/4dAwQBudKoAwQA2RkDMA0GCSqGSIb3DQEBCwUAA4IBAQCM/VXkbVAa5PRfyyFo
+cXNIFm/x8C9C4LbfZBSVvY/X0LHvxKJ5C7um0VTqphtPkw4uFEWS3iDvKkYmWQ9
ZbBbfX7aj1BCd7OBd7CcdtTuckgn6gmFotrxePD4YCT/4g2blmm5X4KBb5IxLkA1
HotzuGXU8IO9inOyT89Qs5S96Q73Y0Iy4Sai6W6VkbS8F4FASSzkFzcCUvjKdGyd
iszZ3YslksyAQFrxNdpHGx2pmP7KI9QEZpdfdVH/ObNJGkt19YNV/f4QUfdBy91q
u9XRvPRP6L/h5UAAehInSq6LV3USkenb9HjLV0jYxTCJo+B2l7VTfJ1wXp4QXd2G
kz2a
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:15:27 2025 by rpki-client