Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/_35Z09eVBrIRgYr8_DYIBWkB04M.roa
File: _35Z09eVBrIRgYr8_DYIBWkB04M.roa (raw, json)
Hash identifier: izgny7eu+99I0aH6THspdvcRf4AezUTK1sTyQxFdxQg=
Subject key identifier: FF:7E:59:D3:D7:95:06:B2:11:81:8A:FC:FC:36:08:05:69:01:D3:83
Certificate issuer: /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial: 0196ABD38D8E8ADD849F6B0F722F878DBD6E
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/_35Z09eVBrIRgYr8_DYIBWkB04M.roa
Signing time: Wed 07 May 2025 17:38:10 +0000
ROA not before: Wed 07 May 2025 17:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214717
IP address blocks: 176.65.134.0/24 maxlen: 24
176.65.138.0/24 maxlen: 24
176.65.139.0/24 maxlen: 24
176.65.140.0/24 maxlen: 24
176.65.141.0/24 maxlen: 24
176.65.142.0/24 maxlen: 24
176.65.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 May 2025 10:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ab:d3:8d:8e:8a:dd:84:9f:6b:0f:72:2f:87:8d:bd:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Validity
Not Before: May 7 17:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff7e59d3d79506b211818afcfc3608056901d383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:27:a5:31:60:18:8b:d6:bf:df:99:22:5e:86:
c5:62:cb:9d:60:9c:d9:02:c0:ce:ec:61:92:7d:29:
58:3a:f1:7a:32:3d:d7:58:43:49:ef:5b:95:11:9a:
b5:48:0e:03:51:e8:94:19:62:55:82:e8:80:6b:74:
30:38:2e:6f:78:8b:e2:78:d3:9c:50:e3:98:ac:63:
db:c3:be:f5:46:1c:6f:93:39:f7:28:e7:65:38:e7:
9c:44:ed:aa:5f:0a:6c:44:4b:58:d0:73:65:c8:06:
c3:9f:99:f9:7d:1d:0b:a8:d0:2c:e7:c7:3c:f7:a5:
ea:ed:9b:99:e5:98:48:3d:0f:18:53:37:74:2b:cc:
a6:01:db:45:c2:06:b9:55:32:3d:35:10:2f:8e:58:
e0:49:98:46:c3:fd:88:83:73:01:a4:5e:d2:a9:d4:
30:fe:97:9d:5c:75:42:5a:2c:18:7f:dc:51:1e:b1:
18:67:9e:3c:b1:24:32:24:6a:df:1a:b8:ba:d3:3d:
0c:ca:35:da:f5:91:97:cb:1b:c9:28:3d:f9:42:b5:
e8:6b:bd:e9:24:3b:d6:0a:38:a0:df:ca:3c:72:97:
57:c7:35:ac:1a:55:b6:51:2f:ca:5d:42:62:67:b4:
0b:6c:1a:a4:09:9f:5f:9d:7a:73:74:ec:cf:55:08:
0a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:7E:59:D3:D7:95:06:B2:11:81:8A:FC:FC:36:08:05:69:01:D3:83
X509v3 Authority Key Identifier:
keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/_35Z09eVBrIRgYr8_DYIBWkB04M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.65.134.0/24
176.65.138.0-176.65.142.255
176.65.144.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f4:3e:1a:d0:30:7d:ec:4d:a9:f8:2c:77:35:5c:15:2e:fd:
be:79:f1:03:54:72:b2:7f:5e:1e:83:90:c8:d9:a0:87:bf:0d:
e9:8b:4d:4e:7e:9b:f3:77:97:71:9e:bb:e2:8f:eb:7e:d0:85:
c6:68:cb:66:a9:c6:8e:20:4a:9c:24:57:66:34:dc:53:85:bb:
24:2d:d0:b8:9d:1f:fe:f7:f7:1d:1c:61:c8:0d:34:f5:91:98:
d6:2b:6a:36:2d:fe:b5:c3:0d:e2:9e:e3:84:cd:f5:f1:68:40:
75:90:5e:40:bf:0a:d8:eb:b8:3f:b7:c5:a3:68:c6:92:34:e0:
31:d2:9b:80:d9:58:f4:0f:a3:9b:a6:68:b3:0e:d8:58:83:ec:
6c:85:64:9d:a0:da:10:54:13:c6:60:d7:32:fb:9a:df:5b:6a:
24:b7:99:86:83:65:f7:71:a7:4b:f9:49:88:a1:3c:27:1e:74:
37:1f:3e:aa:7f:3b:b9:c3:6a:f9:fc:f4:7b:27:71:84:92:5e:
42:5e:f1:92:cb:11:db:2f:5f:65:6f:bf:b5:81:4b:d9:29:c5:
22:85:65:a0:28:6f:7a:3f:c8:53:7c:73:22:62:72:70:b3:7e:
a9:d8:c1:e4:da:8f:1c:aa:8f:69:a5:bb:c9:6d:47:68:5c:ae:
28:36:4d:e9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZar042Oit2En2sPci+Hjb1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjUwNTA3MTczODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjdlNTlkM2Q3OTUwNmIyMTE4MThhZmNmYzM2MDgwNTY5MDFkMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmielMWAYi9a/35kiXobFYsudYJzZ
AsDO7GGSfSlYOvF6Mj3XWENJ71uVEZq1SA4DUeiUGWJVguiAa3QwOC5veIvieNOc
UOOYrGPbw771Rhxvkzn3KOdlOOecRO2qXwpsREtY0HNlyAbDn5n5fR0LqNAs58c8
96Xq7ZuZ5ZhIPQ8YUzd0K8ymAdtFwga5VTI9NRAvjljgSZhGw/2Ig3MBpF7SqdQw
/pedXHVCWiwYf9xRHrEYZ548sSQyJGrfGri60z0MyjXa9ZGXyxvJKD35QrXoa73p
JDvWCjig38o8cpdXxzWsGlW2US/KXUJiZ7QLbBqkCZ9fnXpzdOzPVQgK/wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP9+WdPXlQayEYGK/Pw2CAVpAdODMB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvXzM1WjA5ZVZCcklSZ1lyOF9EWUlCV2tCMDRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAsEGGMAwD
BAGwQYoDBACwQY4DBACwQZAwDQYJKoZIhvcNAQELBQADggEBAH/0PhrQMH3sTan4
LHc1XBUu/b558QNUcrJ/Xh6DkMjZoIe/DemLTU5+m/N3l3Geu+KP637QhcZoy2ap
xo4gSpwkV2Y03FOFuyQt0LidH/739x0cYcgNNPWRmNYrajYt/rXDDeKe44TN9fFo
QHWQXkC/CtjruD+3xaNoxpI04DHSm4DZWPQPo5umaLMO2FiD7GyFZJ2g2hBUE8Zg
1zL7mt9baiS3mYaDZfdxp0v5SYihPCcedDcfPqp/O7nDavn89HsncYSSXkJe8ZLL
EdsvX2Vvv7WBS9kpxSKFZaAob3o/yFN8cyJicnCzfqnYweTajxyqj2mlu8ltR2hc
rig2Tek=
-----END CERTIFICATE-----
Generated at Mon May 12 18:39:31 2025 by rpki-client