Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/IMCXlUTocnP6LWCCx7gfztxQNcc.roa
File: IMCXlUTocnP6LWCCx7gfztxQNcc.roa (raw, json)
Hash identifier: +XHnIPHSKBflFi/9H98lirNDAUIYQTBC6I0oSezZ3zU=
Subject key identifier: 20:C0:97:95:44:E8:72:73:FA:2D:60:82:C7:B8:1F:CE:DC:50:35:C7
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 0196B4C54955C4B3C6D664235832321C2CC4
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/IMCXlUTocnP6LWCCx7gfztxQNcc.roa
Signing time: Fri 09 May 2025 11:19:10 +0000
ROA not before: Fri 09 May 2025 11:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43733
IP address blocks: 46.130.0.0/16 maxlen: 16
46.130.0.0/17 maxlen: 17
46.130.128.0/17 maxlen: 17
46.130.255.0/24 maxlen: 24
83.139.24.0/21 maxlen: 21
83.139.24.0/22 maxlen: 22
83.139.24.0/23 maxlen: 23
83.139.28.0/22 maxlen: 22
83.139.32.0/22 maxlen: 22
185.36.36.0/22 maxlen: 22
185.36.36.0/24 maxlen: 24
217.76.0.0/20 maxlen: 20
217.76.0.0/21 maxlen: 21
217.76.0.0/24 maxlen: 24
217.76.1.0/24 maxlen: 24
217.76.2.0/24 maxlen: 24
217.76.8.0/21 maxlen: 21
2a00:1f28::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 10 May 2025 20:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:c5:49:55:c4:b3:c6:d6:64:23:58:32:32:1c:2c:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: May 9 11:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20c0979544e87273fa2d6082c7b81fcedc5035c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a8:b6:78:f7:04:71:93:1c:7c:88:2d:06:ff:
9f:9b:f2:ae:c6:51:21:20:27:99:4d:fd:70:3b:0c:
8f:de:49:fd:80:b5:5d:59:36:5b:2b:23:a8:f6:9c:
e1:4d:52:32:52:17:75:a5:5c:f1:bf:ad:94:66:43:
69:65:c2:0e:a5:0b:c7:8e:ec:a4:d8:f9:81:3d:88:
76:9b:89:3f:a9:ed:3e:d3:2e:ae:89:aa:23:bf:f5:
3f:e9:e4:d4:ce:60:49:86:51:72:8a:50:ec:7c:26:
80:ca:d5:cd:32:62:62:a8:bc:9f:ba:e3:e0:6f:b7:
08:20:c0:bd:46:69:1f:56:88:cc:e9:2c:62:97:3e:
3c:2b:dd:d3:46:e0:36:8a:17:fe:91:dc:2f:f7:fd:
f1:14:22:42:ac:b2:44:d9:55:41:1d:e4:93:59:b1:
64:2f:0e:75:a5:6c:75:e9:cb:b8:e3:1e:36:1b:d5:
e1:3b:7d:30:d8:ec:03:46:b3:55:df:1a:f4:26:1d:
07:a3:9e:5c:c0:7f:87:69:2b:8e:79:a8:fe:b9:f2:
7c:67:67:4b:d6:58:8d:60:ce:01:3f:b1:7d:f2:f2:
4b:97:2d:c2:9f:fa:6a:3b:a5:51:e7:77:4d:8d:0b:
b0:92:e4:b7:8e:cd:3d:c4:1e:9a:62:a1:e4:f9:c0:
2b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C0:97:95:44:E8:72:73:FA:2D:60:82:C7:B8:1F:CE:DC:50:35:C7
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/IMCXlUTocnP6LWCCx7gfztxQNcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.130.0.0/16
83.139.24.0-83.139.35.255
185.36.36.0/22
217.76.0.0/20
IPv6:
2a00:1f28::/32
Signature Algorithm: sha256WithRSAEncryption
0d:8b:1f:c8:03:15:a4:0e:2e:c2:c7:92:d7:f0:d0:b3:e1:51:
e3:c4:31:08:0e:a7:2a:48:f7:fb:c2:80:50:e9:ab:73:6b:d7:
49:cf:3b:64:4f:13:78:42:59:54:ab:5e:a2:44:1a:2f:b4:da:
d4:eb:46:5d:3f:27:5e:ca:ba:b3:11:ce:fa:42:61:74:19:40:
0c:ed:24:0e:71:97:5d:a9:c0:4d:56:43:89:8f:c4:7f:83:5d:
06:56:80:9e:f2:6d:2b:a9:eb:1e:c7:3a:b1:da:ca:23:7f:e9:
d1:96:d6:8a:fa:54:6f:5f:ee:d5:dd:fe:08:0d:88:63:41:9e:
33:32:ee:ba:2b:95:68:ae:cf:ff:f9:85:2c:4a:c0:26:db:9f:
ec:fa:79:96:49:ff:ff:34:28:06:e0:78:dc:e5:53:5e:ea:98:
02:6f:52:99:15:fd:85:eb:c8:95:31:6c:62:65:e6:89:25:10:
18:67:f8:c9:48:8f:6d:95:1f:00:18:c2:3e:01:2d:66:0a:b7:
f2:af:cf:a1:81:c9:ee:d7:22:71:1d:b9:c4:67:d6:76:53:8a:
5c:43:dd:59:77:6d:3c:a3:f9:2d:1c:f4:1f:4c:a7:1a:df:d6:
32:59:de:78:46:1a:e2:36:50:7f:ec:07:f2:63:78:3e:ff:ff:
73:01:0c:97
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZa0xUlVxLPG1mQjWDIyHCzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjUwNTA5MTExOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGMwOTc5NTQ0ZTg3MjczZmEyZDYwODJjN2I4MWZjZWRjNTAzNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKi2ePcEcZMcfIgtBv+fm/KuxlEh
ICeZTf1wOwyP3kn9gLVdWTZbKyOo9pzhTVIyUhd1pVzxv62UZkNpZcIOpQvHjuyk
2PmBPYh2m4k/qe0+0y6uiaojv/U/6eTUzmBJhlFyilDsfCaAytXNMmJiqLyfuuPg
b7cIIMC9RmkfVojM6Sxilz48K93TRuA2ihf+kdwv9/3xFCJCrLJE2VVBHeSTWbFk
Lw51pWx16cu44x42G9XhO30w2OwDRrNV3xr0Jh0Ho55cwH+HaSuOeaj+ufJ8Z2dL
1liNYM4BP7F98vJLly3Cn/pqO6VR53dNjQuwkuS3js09xB6aYqHk+cArdQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCDAl5VE6HJz+i1ggse4H87cUDXHMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvSU1DWGxVVG9jblA2TFdDQ3g3Z2Z6dHhRTmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwMALoIwDAME
A1OLGAMEAlOLIAMEArkkJAMEBNlMADANBAIAAjAHAwUAKgAfKDANBgkqhkiG9w0B
AQsFAAOCAQEADYsfyAMVpA4uwseS1/DQs+FR48QxCA6nKkj3+8KAUOmrc2vXSc87
ZE8TeEJZVKteokQaL7Ta1OtGXT8nXsq6sxHO+kJhdBlADO0kDnGXXanATVZDiY/E
f4NdBlaAnvJtK6nrHsc6sdrKI3/p0ZbWivpUb1/u1d3+CA2IY0GeMzLuuiuVaK7P
//mFLErAJtuf7Pp5lkn//zQoBuB43OVTXuqYAm9SmRX9hevIlTFsYmXmiSUQGGf4
yUiPbZUfABjCPgEtZgq38q/PoYHJ7tcicR25xGfWdlOKXEPdWXdtPKP5LRz0H0yn
Gt/WMlneeEYa4jZQf+wH8mN4Pv//cwEMlw==
-----END CERTIFICATE-----
Generated at Wed May 14 21:06:32 2025 by rpki-client