Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/owowxoaFI7wcjaiQ5pEoZJSEFXA.roa
File: owowxoaFI7wcjaiQ5pEoZJSEFXA.roa (raw, json)
Hash identifier: /U2/muXJvcsnl3ToYWLDFMBIEixRr+R2l0+POJZrXyA=
Subject key identifier: A3:0A:30:C6:86:85:23:BC:1C:8D:A8:90:E6:91:28:64:94:84:15:70
Certificate issuer: /CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Certificate serial: 019695EDC775EF21A8EFED69C4C8FF4F54DE
Authority key identifier: B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/owowxoaFI7wcjaiQ5pEoZJSEFXA.roa
Signing time: Sat 03 May 2025 11:35:10 +0000
ROA not before: Sat 03 May 2025 11:35:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25459
IP address blocks: 83.172.128.0/21 maxlen: 21
83.172.128.0/22 maxlen: 22
83.172.132.0/23 maxlen: 23
83.172.136.0/24 maxlen: 24
83.172.138.0/23 maxlen: 23
83.172.150.0/23 maxlen: 23
83.172.153.0/24 maxlen: 24
83.172.159.0/24 maxlen: 24
83.172.160.0/22 maxlen: 22
83.172.164.0/23 maxlen: 23
83.172.169.0/24 maxlen: 24
83.172.180.0/22 maxlen: 22
83.172.188.0/23 maxlen: 23
2a02:cec0::/30 maxlen: 30
Validation: Failed, certificate revoked on Fri 09 May 2025 10:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:95:ed:c7:75:ef:21:a8:ef:ed:69:c4:c8:ff:4f:54:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b328fe258a1b9bf6148a6ce0e8a712f18840904c
Validity
Not Before: May 3 11:35:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a30a30c6868523bc1c8da890e691286494841570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d9:4c:65:ff:7a:52:d5:be:94:cf:4d:97:ca:
d1:22:9a:ad:05:e4:d8:d2:4f:e6:3a:c9:2e:a2:7b:
57:15:f0:1b:7d:82:4c:fe:dd:f0:55:d5:ca:03:07:
5a:a5:5a:30:45:e0:87:64:1d:83:42:40:56:7b:3d:
7d:98:0d:14:b3:7e:db:9c:25:71:4c:92:52:be:fc:
8c:bd:f3:70:2a:e5:7f:95:f9:99:b6:ec:8a:20:a1:
b9:a7:07:6b:39:8a:9c:5d:5d:dc:b1:3e:4a:8e:21:
47:4d:ab:ef:af:c1:74:28:62:c4:bf:39:32:76:a8:
4f:02:c5:53:ca:8e:e0:98:d4:c0:ec:f5:c4:73:87:
31:65:a7:51:2f:e0:66:8f:8e:b2:08:ca:14:47:cb:
fc:5c:af:59:a0:63:36:e4:fa:bf:a8:6b:16:9f:bc:
37:09:1e:a7:f8:45:32:eb:5a:3a:64:4c:80:d2:2c:
d8:84:8d:ff:2b:d4:7a:f7:88:86:c0:57:44:db:60:
62:04:63:b8:b3:33:c5:69:53:2d:9a:08:3b:6e:4a:
86:df:40:d7:48:c9:bb:3b:3d:aa:02:21:39:b7:4a:
b0:2e:02:4d:77:81:53:1a:8d:45:fb:59:4b:3e:7c:
b7:7c:d1:11:30:41:b9:f7:31:86:3a:6b:f8:c5:ca:
fa:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0A:30:C6:86:85:23:BC:1C:8D:A8:90:E6:91:28:64:94:84:15:70
X509v3 Authority Key Identifier:
keyid:B3:28:FE:25:8A:1B:9B:F6:14:8A:6C:E0:E8:A7:12:F1:88:40:90:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syj-JYobm_YUimzg6KcS8YhAkEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/owowxoaFI7wcjaiQ5pEoZJSEFXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a188bc-deee-42ec-8289-ed84a0058a9f/1/syj-JYobm_YUimzg6KcS8YhAkEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.172.128.0-83.172.136.255
83.172.138.0/23
83.172.150.0/23
83.172.153.0/24
83.172.159.0-83.172.165.255
83.172.169.0/24
83.172.180.0/22
83.172.188.0/23
IPv6:
2a02:cec0::/30
Signature Algorithm: sha256WithRSAEncryption
66:af:7f:ce:e2:ab:b6:7b:d1:3e:a0:15:34:30:d9:b1:2f:d8:
6a:c8:a5:7c:ab:fe:01:f7:4a:df:13:d2:24:20:f9:cc:a1:7a:
d1:3a:f7:3f:bf:bb:0b:de:22:32:d5:c4:16:71:07:4c:f3:39:
9d:b7:cb:ab:ed:e0:bb:9b:63:dd:51:c8:9f:9f:7d:77:20:d5:
f7:2e:e0:b3:ad:a3:a2:b7:d9:86:9c:ce:b3:42:c0:cf:9a:41:
af:0f:ec:7d:12:a7:6e:97:d9:d2:dd:5e:52:a6:4d:4c:f8:cb:
7d:6a:93:52:01:94:c0:16:cf:84:38:dd:7d:07:77:36:8b:46:
33:12:91:f3:e8:3f:78:b0:00:52:28:f3:5a:3f:9d:6a:54:2c:
60:52:a1:c8:5e:50:e4:6e:de:a3:f7:81:f7:b5:3f:c2:a1:d2:
af:58:c9:db:8e:57:78:8d:55:40:1f:a8:39:aa:66:d4:52:d8:
f5:00:1a:cb:8f:43:e9:09:83:ec:70:af:5c:62:b0:e4:b9:87:
e1:3b:45:75:e2:2e:c5:3a:fa:d0:48:26:c8:2f:3b:80:86:38:
22:da:f8:ed:40:6b:c0:19:00:69:6c:d4:37:d0:fd:a9:88:16:
aa:36:0c:e5:4b:1c:c5:00:cc:9c:dc:c4:38:8c:e9:27:4a:4c:
72:b4:22:b4
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZaV7cd17yGo7+1pxMj/T1TeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMjhmZTI1OGExYjliZjYxNDhhNmNlMGU4YTcxMmYxODg0
MDkwNGMwHhcNMjUwNTAzMTEzNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBhMzBjNjg2ODUyM2JjMWM4ZGE4OTBlNjkxMjg2NDk0ODQxNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9lMZf96UtW+lM9Nl8rRIpqtBeTY
0k/mOskuontXFfAbfYJM/t3wVdXKAwdapVowReCHZB2DQkBWez19mA0Us37bnCVx
TJJSvvyMvfNwKuV/lfmZtuyKIKG5pwdrOYqcXV3csT5KjiFHTavvr8F0KGLEvzky
dqhPAsVTyo7gmNTA7PXEc4cxZadRL+Bmj46yCMoUR8v8XK9ZoGM25Pq/qGsWn7w3
CR6n+EUy61o6ZEyA0izYhI3/K9R694iGwFdE22BiBGO4szPFaVMtmgg7bkqG30DX
SMm7Oz2qAiE5t0qwLgJNd4FTGo1F+1lLPny3fNERMEG59zGGOmv4xcr6MwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFKMKMMaGhSO8HI2okOaRKGSUhBVwMB8GA1UdIwQY
MBaAFLMo/iWKG5v2FIps4OinEvGIQJBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODkt
ZWQ4NGEwMDU4YTlmLzEvb3dvd3hvYUZJN3djamFpUTVwRW9aSlNFRlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hMTg4YmMtZGVlZS00MmVjLTgyODktZWQ4NGEwMDU4YTlm
LzEvc3lqLUpZb2JtX1lVaW16ZzZLY1M4WWhBa0V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAdTrIAD
BABTrIgDBAFTrIoDBAFTrJYDBABTrJkwDAMEAFOsnwMEAVOspAMEAFOsqQMEAlOs
tAMEAVOsvDANBAIAAjAHAwUCKgLOwDANBgkqhkiG9w0BAQsFAAOCAQEAZq9/zuKr
tnvRPqAVNDDZsS/YasilfKv+AfdK3xPSJCD5zKF60Tr3P7+7C94iMtXEFnEHTPM5
nbfLq+3gu5tj3VHIn599dyDV9y7gs62jorfZhpzOs0LAz5pBrw/sfRKnbpfZ0t1e
UqZNTPjLfWqTUgGUwBbPhDjdfQd3NotGMxKR8+g/eLAAUijzWj+dalQsYFKhyF5Q
5G7eo/eB97U/wqHSr1jJ245XeI1VQB+oOapm1FLY9QAay49D6QmD7HCvXGKw5LmH
4TtFdeIuxTr60EgmyC87gIY4Itr47UBrwBkAaWzUN9D9qYgWqjYM5UscxQDMnNzE
OIzpJ0pMcrQitA==
-----END CERTIFICATE-----
Generated at Mon May 12 13:35:09 2025 by rpki-client