Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/ac5EdpFv5c8apHtX4L0oPx4uUDU.roa
File: ac5EdpFv5c8apHtX4L0oPx4uUDU.roa (raw, json)
Hash identifier: VrUM2A3EYrmiaP9Dv/243lyA0PbcwuBKVUemRNzbobw=
Subject key identifier: 69:CE:44:76:91:6F:E5:CF:1A:A4:7B:57:E0:BD:28:3F:1E:2E:50:35
Certificate issuer: /CN=63082d6d3a1dc501795737537ca74d27a80265a2
Certificate serial: 0196880C9E0278FC18D24905D2CB04C574DA
Authority key identifier: 63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/ac5EdpFv5c8apHtX4L0oPx4uUDU.roa
Signing time: Wed 30 Apr 2025 18:54:10 +0000
ROA not before: Wed 30 Apr 2025 18:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62205
IP address blocks: 79.174.184.0/21 maxlen: 21
91.209.128.0/23 maxlen: 23
91.209.130.0/24 maxlen: 24
139.28.180.0/22 maxlen: 22
139.28.180.0/23 maxlen: 23
139.28.182.0/23 maxlen: 23
178.213.80.0/21 maxlen: 21
178.213.84.0/23 maxlen: 23
185.44.164.0/22 maxlen: 24
185.77.228.0/22 maxlen: 22
185.77.240.0/22 maxlen: 22
2a01:72a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 30 Apr 2025 20:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:88:0c:9e:02:78:fc:18:d2:49:05:d2:cb:04:c5:74:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63082d6d3a1dc501795737537ca74d27a80265a2
Validity
Not Before: Apr 30 18:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69ce4476916fe5cf1aa47b57e0bd283f1e2e5035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:31:58:26:21:99:84:20:ca:e0:1c:4b:49:77:
cc:88:09:4f:e8:c2:be:eb:75:fc:65:c5:46:55:be:
79:75:fe:e7:96:88:df:d3:7e:f6:c4:31:d6:95:fe:
71:b3:8c:18:19:a3:5f:29:65:f4:42:3a:c8:89:3f:
13:92:c6:a3:23:cf:57:8c:c8:07:8c:14:b9:52:b3:
c1:62:a0:a6:08:3a:b3:e2:0c:e5:d7:6b:94:53:7f:
3a:35:ee:2c:9e:c9:66:32:b9:aa:75:47:c9:29:36:
38:0a:51:43:1f:69:5e:65:e7:c1:7e:29:1b:b7:96:
ab:a4:73:8a:e4:81:6f:89:6d:aa:fe:2b:28:b4:fd:
d1:83:55:a2:d7:db:5b:f0:91:42:ce:de:cf:b3:d9:
b2:a1:c7:66:09:2a:df:82:08:06:e7:48:2a:dc:af:
5e:8a:7a:80:1b:19:42:0d:c9:38:66:5d:20:27:d3:
57:5e:c8:2b:9b:24:2e:80:97:f4:65:f9:a1:32:d4:
87:57:da:3c:bf:9a:c9:c9:a4:9a:69:24:b9:ce:d9:
35:91:83:66:b9:f4:5c:b3:31:64:43:31:f4:d0:32:
5f:e7:29:f9:9c:af:c5:ba:60:a2:20:71:b7:84:88:
cc:4a:db:ca:f2:a3:18:f0:5b:8b:b3:94:67:6b:0e:
d6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CE:44:76:91:6F:E5:CF:1A:A4:7B:57:E0:BD:28:3F:1E:2E:50:35
X509v3 Authority Key Identifier:
keyid:63:08:2D:6D:3A:1D:C5:01:79:57:37:53:7C:A7:4D:27:A8:02:65:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwgtbTodxQF5VzdTfKdNJ6gCZaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/ac5EdpFv5c8apHtX4L0oPx4uUDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/97e1e2-567f-414e-9b03-c18ad36a7b30/1/YwgtbTodxQF5VzdTfKdNJ6gCZaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.184.0/21
91.209.128.0-91.209.130.255
139.28.180.0/22
178.213.80.0/21
185.44.164.0/22
185.77.228.0/22
185.77.240.0/22
IPv6:
2a01:72a0::/32
Signature Algorithm: sha256WithRSAEncryption
36:c6:0e:0e:f1:a0:4b:7c:e2:b3:af:9c:d0:7d:9f:69:2c:a9:
22:90:35:59:7b:6f:89:08:c2:66:99:f7:24:69:2f:2a:45:92:
e7:23:ab:e6:9b:bd:eb:e1:5f:a3:58:ab:75:d7:a6:f6:a3:47:
c3:ec:8c:9c:fe:65:9c:4a:41:19:d3:58:10:5e:3d:a9:2c:8b:
14:e8:f2:a1:09:ae:66:c2:94:ad:f5:f5:60:2f:4e:a5:7e:bd:
14:7f:a0:44:35:d8:eb:cb:77:89:39:6c:d6:47:fe:f0:8c:4c:
24:f4:cf:ba:51:6c:16:44:cf:df:a3:52:aa:db:4e:7b:62:cc:
a6:04:d4:90:ee:67:48:04:f4:80:20:79:57:d8:a1:ff:1b:e6:
bd:3f:fe:59:30:03:d8:dd:8b:26:dc:51:aa:47:c7:d1:cb:7d:
f4:93:e1:c8:ce:16:f3:ae:25:09:33:24:bc:07:7a:66:df:9a:
d9:bc:f3:22:79:93:e5:05:32:e5:b7:26:22:54:ea:10:68:a6:
02:08:47:37:3b:5f:85:e8:85:2c:3f:61:38:72:4f:4c:db:09:
b1:2e:cc:3e:56:6f:07:7f:ec:1b:69:67:8b:b9:d1:c0:4b:0d:
42:0a:43:e9:28:40:82:ed:66:4b:44:8f:e7:9f:1f:9e:cd:97:
71:e5:d9:e3
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZaIDJ4CePwY0kkF0ssExXTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMDgyZDZkM2ExZGM1MDE3OTU3Mzc1MzdjYTc0ZDI3YTgw
MjY1YTIwHhcNMjUwNDMwMTg1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNlNDQ3NjkxNmZlNWNmMWFhNDdiNTdlMGJkMjgzZjFlMmU1MDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujFYJiGZhCDK4BxLSXfMiAlP6MK+
63X8ZcVGVb55df7nlojf0372xDHWlf5xs4wYGaNfKWX0QjrIiT8TksajI89XjMgH
jBS5UrPBYqCmCDqz4gzl12uUU386Ne4snslmMrmqdUfJKTY4ClFDH2leZefBfikb
t5arpHOK5IFviW2q/isotP3Rg1Wi19tb8JFCzt7Ps9myocdmCSrfgggG50gq3K9e
inqAGxlCDck4Zl0gJ9NXXsgrmyQugJf0ZfmhMtSHV9o8v5rJyaSaaSS5ztk1kYNm
ufRcszFkQzH00DJf5yn5nK/FumCiIHG3hIjMStvK8qMY8FuLs5Rnaw7WzwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFGnORHaRb+XPGqR7V+C9KD8eLlA1MB8GA1UdIwQY
MBaAFGMILW06HcUBeVc3U3ynTSeoAmWiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMt
YzE4YWQzNmE3YjMwLzEvYWM1RWRwRnY1YzhhcEh0WDRMMG9QeDR1VURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85N2UxZTItNTY3Zi00MTRlLTliMDMtYzE4YWQzNmE3YjMw
LzEvWXdndGJUb2R4UUY1VnpkVGZLZE5KNmdDWmFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQDT664MAwD
BAdb0YADBABb0YIDBAKLHLQDBAOy1VADBAK5LKQDBAK5TeQDBAK5TfAwDQQCAAIw
BwMFACoBcqAwDQYJKoZIhvcNAQELBQADggEBADbGDg7xoEt84rOvnNB9n2ksqSKQ
NVl7b4kIwmaZ9yRpLypFkucjq+abvevhX6NYq3XXpvajR8PsjJz+ZZxKQRnTWBBe
PaksixTo8qEJrmbClK319WAvTqV+vRR/oEQ12OvLd4k5bNZH/vCMTCT0z7pRbBZE
z9+jUqrbTntizKYE1JDuZ0gE9IAgeVfYof8b5r0//lkwA9jdiybcUapHx9HLffST
4cjOFvOuJQkzJLwHembfmtm88yJ5k+UFMuW3JiJU6hBopgIIRzc7X4XohSw/YThy
T0zbCbEuzD5Wbwd/7BtpZ4u50cBLDUIKQ+koQILtZktEj+efH57Nl3Hl2eM=
-----END CERTIFICATE-----
Generated at Wed May 14 12:16:22 2025 by rpki-client