Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/USe9gHVoh-zk5pjekOHYfUDDWSE.roa
File: USe9gHVoh-zk5pjekOHYfUDDWSE.roa (raw, json)
Hash identifier: a0z/2azIWPw9UfpR8rJj5AZ7oXvFiTFWOrJIOm5rlyU=
Subject key identifier: 51:27:BD:80:75:68:87:EC:E4:E6:98:DE:90:E1:D8:7D:40:C3:59:21
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 0196B01756CEB32A6122C44AE9B29D9179C1
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/USe9gHVoh-zk5pjekOHYfUDDWSE.roa
Signing time: Thu 08 May 2025 13:30:41 +0000
ROA not before: Thu 08 May 2025 13:30:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15576
IP address blocks: 77.95.120.0/21 maxlen: 21
85.118.216.0/21 maxlen: 21
212.103.64.0/19 maxlen: 19
212.103.64.0/24 maxlen: 24
212.103.65.0/24 maxlen: 24
217.11.208.0/20 maxlen: 20
217.146.160.0/20 maxlen: 20
217.146.165.0/24 maxlen: 24
2a00:c38::/32 maxlen: 32
2a00:c38:1a5::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 May 2025 06:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b0:17:56:ce:b3:2a:61:22:c4:4a:e9:b2:9d:91:79:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: May 8 13:30:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5127bd80756887ece4e698de90e1d87d40c35921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c0:c6:a8:d0:c4:10:0f:38:e8:61:e7:62:6e:
4d:03:bc:ab:f8:46:6c:99:bd:04:24:13:35:47:82:
db:59:b1:b0:7e:e0:c0:01:a8:2f:3c:49:61:02:54:
d0:de:88:b4:21:52:00:2b:00:1b:ab:7f:bb:d3:b7:
13:ce:18:75:db:59:99:04:c9:f3:54:eb:81:79:22:
73:7e:52:c5:79:15:fa:ad:f5:3d:54:52:a7:3c:ca:
ff:46:3e:57:3b:d6:74:a2:08:9b:ff:dd:be:91:86:
5d:1c:6e:68:72:c0:a3:66:5e:92:67:23:0e:70:fc:
ea:7e:22:8b:48:7c:3f:95:de:93:6b:f1:da:d8:c8:
86:c2:d6:e0:b1:33:23:9f:57:6d:46:df:76:d1:d8:
b4:e4:2c:17:7e:dc:f7:59:84:dd:69:d9:b5:93:21:
0b:5d:8e:50:4c:30:6c:dc:47:ea:6a:f8:36:d7:65:
0c:87:46:de:a0:fe:ac:57:8b:20:8b:15:ca:d7:00:
c8:17:5c:62:71:ff:5d:05:69:75:28:67:0a:7a:39:
63:87:a9:f5:aa:50:91:90:2d:65:e5:52:2f:53:82:
99:5e:43:28:da:20:b3:ec:15:34:70:9b:3d:df:cc:
b0:44:95:40:be:82:ec:df:ea:53:7c:55:8b:d7:fc:
ae:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:27:BD:80:75:68:87:EC:E4:E6:98:DE:90:E1:D8:7D:40:C3:59:21
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/USe9gHVoh-zk5pjekOHYfUDDWSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/21
85.118.216.0/21
212.103.64.0/19
217.11.208.0/20
217.146.160.0/20
IPv6:
2a00:c38::/32
Signature Algorithm: sha256WithRSAEncryption
81:16:bf:39:de:17:e6:fa:15:b9:c4:91:c3:f5:0d:51:84:93:
b0:ca:2e:12:d0:89:57:00:a1:ce:4c:87:18:94:38:25:65:f7:
23:b0:d1:1d:07:84:a5:01:c9:af:d2:81:42:66:73:4d:32:3b:
5d:32:a2:11:be:f0:2c:99:02:f9:56:59:03:03:e5:ab:7d:d9:
0f:cf:e7:5e:1b:00:ef:81:81:64:92:d6:61:6c:73:3c:7c:99:
b8:18:af:3e:31:58:e6:c2:9c:ca:86:eb:42:3f:04:36:63:a8:
38:c4:40:35:a6:a4:5f:7a:6d:1a:59:90:70:f2:a9:93:a6:ec:
a1:c4:ae:ad:4e:18:69:8c:67:46:9d:0a:25:e6:00:28:8e:84:
ca:bf:e6:4a:21:a4:c5:68:e8:ed:47:05:38:a4:3a:64:77:de:
c6:1e:51:f0:ac:a7:8c:d0:8b:59:c5:40:68:84:51:0e:38:c2:
f9:1f:0a:28:31:62:c9:dd:21:26:5b:00:cb:d2:4d:63:a2:5e:
59:8d:95:2b:05:f1:3f:58:c0:e6:23:0a:b4:87:07:85:c2:9b:
89:95:4b:9a:79:6c:18:14:8e:44:e8:3f:3d:78:ea:fc:fa:6c:
6f:1e:e0:10:90:f2:96:74:55:cc:6e:27:78:c3:3e:9c:46:a5:
fa:db:8e:fe
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZawF1bOsyphIsRK6bKdkXnBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjUwNTA4MTMzMDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTI3YmQ4MDc1Njg4N2VjZTRlNjk4ZGU5MGUxZDg3ZDQwYzM1OTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMDGqNDEEA846GHnYm5NA7yr+EZs
mb0EJBM1R4LbWbGwfuDAAagvPElhAlTQ3oi0IVIAKwAbq3+707cTzhh121mZBMnz
VOuBeSJzflLFeRX6rfU9VFKnPMr/Rj5XO9Z0ogib/92+kYZdHG5ocsCjZl6SZyMO
cPzqfiKLSHw/ld6Ta/Ha2MiGwtbgsTMjn1dtRt920di05CwXftz3WYTdadm1kyEL
XY5QTDBs3Efqavg212UMh0beoP6sV4sgixXK1wDIF1xicf9dBWl1KGcKejljh6n1
qlCRkC1l5VIvU4KZXkMo2iCz7BU0cJs938ywRJVAvoLs3+pTfFWL1/yuaQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFEnvYB1aIfs5OaY3pDh2H1Aw1khMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvVVNlOWdIVm9oLXprNXBqZWtPSFlmVUREV1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTV94AwQD
VXbYAwQF1GdAAwQE2QvQAwQE2ZKgMA0EAgACMAcDBQAqAAw4MA0GCSqGSIb3DQEB
CwUAA4IBAQCBFr853hfm+hW5xJHD9Q1RhJOwyi4S0IlXAKHOTIcYlDglZfcjsNEd
B4SlAcmv0oFCZnNNMjtdMqIRvvAsmQL5VlkDA+WrfdkPz+deGwDvgYFkktZhbHM8
fJm4GK8+MVjmwpzKhutCPwQ2Y6g4xEA1pqRfem0aWZBw8qmTpuyhxK6tThhpjGdG
nQol5gAojoTKv+ZKIaTFaOjtRwU4pDpkd97GHlHwrKeM0ItZxUBohFEOOML5Hwoo
MWLJ3SEmWwDL0k1jol5ZjZUrBfE/WMDmIwq0hweFwpuJlUuaeWwYFI5E6D89eOr8
+mxvHuAQkPKWdFXMbid4wz6cRqX6247+
-----END CERTIFICATE-----
Generated at Sat May 10 08:24:42 2025 by rpki-client