Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/AbMC-uCs7slVFGZAL7TclsHp_g4.roa
File: AbMC-uCs7slVFGZAL7TclsHp_g4.roa (raw, json)
Hash identifier: FWhCaCKOhoNVOjvP6h/wKTnNY21QV1BPVgLANISx2oM=
Subject key identifier: 01:B3:02:FA:E0:AC:EE:C9:55:14:66:40:2F:B4:DC:96:C1:E9:FE:0E
Certificate issuer: /CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8
Certificate serial: 01965F991619AC77859580806679F7D260B9
Authority key identifier: 03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/AbMC-uCs7slVFGZAL7TclsHp_g4.roa
Signing time: Tue 22 Apr 2025 22:23:10 +0000
ROA not before: Tue 22 Apr 2025 22:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6753
IP address blocks: 176.118.193.0/24 maxlen: 24
185.115.205.0/24 maxlen: 24
192.35.206.0/24 maxlen: 24
198.135.220.0/24 maxlen: 24
212.11.93.0/24 maxlen: 24
212.104.211.0/24 maxlen: 24
2a0c:a300::/29 maxlen: 29
2a12:ea80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 28 Apr 2025 23:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5f:99:16:19:ac:77:85:95:80:80:66:79:f7:d2:60:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8
Validity
Not Before: Apr 22 22:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01b302fae0aceec9551466402fb4dc96c1e9fe0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6f:35:aa:5e:b2:ad:fa:b2:6e:91:f1:7b:ae:
da:4d:08:6b:b8:51:c8:f8:f6:2d:5c:a6:13:ea:1e:
51:e4:0b:ab:bf:db:bc:46:d6:f8:16:e5:31:fe:25:
e6:81:14:e5:43:db:7c:2e:fc:a6:96:d6:83:ea:02:
b4:5c:fb:33:8c:21:ae:e8:c9:e1:d2:05:1e:c7:9f:
aa:32:81:24:31:e3:ba:2f:d3:4c:4c:7a:ae:61:2f:
7b:73:7a:5c:d8:67:69:0d:58:cc:aa:e3:f6:81:0e:
bb:23:70:6d:b9:c0:9c:00:9b:d7:98:a0:27:cf:68:
f8:0a:98:a4:ff:90:0f:33:dd:9a:23:79:40:fb:37:
1a:c2:50:eb:d9:3b:1c:e1:98:61:ab:82:71:df:4a:
2d:a4:12:63:f3:f4:ab:ec:3b:76:26:6b:d2:e6:61:
1e:4f:f9:54:63:e7:4c:f3:2e:3b:58:c1:52:24:b7:
82:de:80:22:e8:df:aa:a0:d3:86:67:93:f4:37:fc:
99:42:6b:e5:ec:fc:02:7c:06:77:a2:96:6a:cd:ab:
70:b8:c5:56:c0:4f:e7:0c:23:94:9c:2d:c2:79:46:
68:48:71:d7:34:3c:b9:e9:83:12:21:9b:3f:f9:fe:
80:85:b1:4c:c8:c1:22:ef:c2:0c:6c:4a:8f:f4:87:
d5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B3:02:FA:E0:AC:EE:C9:55:14:66:40:2F:B4:DC:96:C1:E9:FE:0E
X509v3 Authority Key Identifier:
keyid:03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/AbMC-uCs7slVFGZAL7TclsHp_g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.193.0/24
185.115.205.0/24
192.35.206.0/24
198.135.220.0/24
212.11.93.0/24
212.104.211.0/24
IPv6:
2a0c:a300::/29
2a12:ea80::/29
Signature Algorithm: sha256WithRSAEncryption
1b:08:14:94:ea:b0:bb:04:84:7a:89:01:0b:02:da:05:8d:f9:
a2:71:bb:99:ba:80:81:b1:ef:f7:4d:03:b4:a9:b2:31:7b:4d:
de:6a:d8:32:a3:2e:59:4c:d1:16:7d:a3:04:75:66:e7:c6:d3:
9e:0a:c3:1b:a4:34:26:34:bf:26:a9:04:3d:35:68:ca:9d:5e:
11:93:ce:e4:07:c5:f0:dd:bc:21:3e:9d:64:54:7b:9a:a1:4c:
b4:e1:2b:9c:04:d7:bb:9d:52:f0:05:e5:37:b8:f1:5c:9a:32:
8d:18:a2:5a:a0:45:c8:ec:87:92:12:2e:f5:59:4e:66:f5:f9:
69:d9:8d:bb:8f:d1:77:fd:33:70:6f:06:8c:4b:80:ca:5b:17:
a5:76:d9:29:d9:e0:72:73:fe:0c:38:1c:28:86:c3:ec:e7:61:
0d:5e:e5:c8:b6:0d:b8:9f:6e:42:09:66:bf:68:4d:f9:c2:85:
7d:f8:42:37:e6:b7:68:fd:94:7f:a3:3a:03:33:0c:4d:10:70:
55:ba:ee:ce:0a:06:e6:67:ed:4f:1d:8c:3d:85:a4:b2:c8:54:
ca:bb:17:48:a8:ca:9a:0a:dc:79:10:37:8d:c3:c3:48:8b:36:
34:1f:5d:07:68:1d:74:79:d7:4e:8b:35:d7:2d:0a:57:0e:7f:
c3:b6:1b:d4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZZfmRYZrHeFlYCAZnn30mC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzODRlODhmYjc5YTM3NzZjYjA1ODNlMmI2N2EwYmVjNmRm
YzY4YjgwHhcNMjUwNDIyMjIyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWIzMDJmYWUwYWNlZWM5NTUxNDY2NDAyZmI0ZGM5NmMxZTlmZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx281ql6yrfqybpHxe67aTQhruFHI
+PYtXKYT6h5R5Aurv9u8Rtb4FuUx/iXmgRTlQ9t8LvymltaD6gK0XPszjCGu6Mnh
0gUex5+qMoEkMeO6L9NMTHquYS97c3pc2GdpDVjMquP2gQ67I3BtucCcAJvXmKAn
z2j4Cpik/5APM92aI3lA+zcawlDr2Tsc4Zhhq4Jx30otpBJj8/Sr7Dt2JmvS5mEe
T/lUY+dM8y47WMFSJLeC3oAi6N+qoNOGZ5P0N/yZQmvl7PwCfAZ3opZqzatwuMVW
wE/nDCOUnC3CeUZoSHHXNDy56YMSIZs/+f6AhbFMyMEi78IMbEqP9IfVzwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAGzAvrgrO7JVRRmQC+03JbB6f4OMB8GA1UdIwQY
MBaAFAOE6I+3mjd2ywWD4rZ6C+xt/Gi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMt
MzMzYTM4NGQ0MTdkLzEvQWJNQy11Q3M3c2xWRkdaQUw3VGNsc0hwX2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMtMzMzYTM4NGQ0MTdk
LzEvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQAsHbBAwQA
uXPNAwQAwCPOAwQAxofcAwQA1AtdAwQA1GjTMBQEAgACMA4DBQMqDKMAAwUDKhLq
gDANBgkqhkiG9w0BAQsFAAOCAQEAGwgUlOqwuwSEeokBCwLaBY35onG7mbqAgbHv
900DtKmyMXtN3mrYMqMuWUzRFn2jBHVm58bTngrDG6Q0JjS/JqkEPTVoyp1eEZPO
5AfF8N28IT6dZFR7mqFMtOErnATXu51S8AXlN7jxXJoyjRiiWqBFyOyHkhIu9VlO
ZvX5admNu4/Rd/0zcG8GjEuAylsXpXbZKdngcnP+DDgcKIbD7OdhDV7lyLYNuJ9u
Qglmv2hN+cKFffhCN+a3aP2Uf6M6AzMMTRBwVbruzgoG5mftTx2MPYWksshUyrsX
SKjKmgrceRA3jcPDSIs2NB9dB2gddHnXTos11y0KVw5/w7Yb1A==
-----END CERTIFICATE-----
Generated at Tue May 13 20:44:10 2025 by rpki-client