Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PDz1wY6HV7D5X4VecgQvtIqelUs.roa
File: PDz1wY6HV7D5X4VecgQvtIqelUs.roa (raw, json)
Hash identifier: PS+TK23czTkIWewamhuqWhbQO36VYXaG58KhueMRkHc=
Subject key identifier: 3C:3C:F5:C1:8E:87:57:B0:F9:5F:85:5E:72:04:2F:B4:8A:9E:95:4B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196B42B7BC0D260BA3B6910B4713450A3C5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PDz1wY6HV7D5X4VecgQvtIqelUs.roa
Signing time: Fri 09 May 2025 08:31:10 +0000
ROA not before: Fri 09 May 2025 08:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 192.124.173.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 May 2025 07:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:2b:7b:c0:d2:60:ba:3b:69:10:b4:71:34:50:a3:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 9 08:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c3cf5c18e8757b0f95f855e72042fb48a9e954b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e8:2b:df:57:90:bc:53:ed:4d:db:22:62:0f:
5b:9d:5a:79:8b:60:fe:ce:0d:8f:6f:5f:2d:53:32:
be:b1:2c:48:9c:04:07:20:fb:55:51:a0:17:c0:12:
e3:ba:fa:08:24:18:ae:73:89:89:1a:c3:ca:b7:3f:
bb:9d:49:7d:70:44:43:25:a3:bd:f2:ec:d6:df:4e:
5a:2b:7b:17:8d:95:6f:7e:e8:15:14:43:06:81:6d:
b5:f6:17:65:14:a0:27:e8:6c:0f:3e:41:df:2f:8a:
bc:a2:3b:a6:25:6e:63:33:32:ad:b9:79:03:2b:d1:
04:82:f6:71:f5:4f:f8:ea:03:eb:fb:48:b5:c3:87:
7c:10:34:d9:16:a8:dc:f0:92:97:2a:65:00:5a:76:
55:60:fd:13:ef:2c:c8:ba:ac:90:55:ac:47:25:6d:
1b:e2:ac:1e:27:5e:b9:36:45:26:d8:a3:63:5e:b1:
29:01:91:d9:c9:2c:9e:54:fb:39:41:9d:57:38:6d:
f0:68:b5:bd:51:6e:06:76:44:be:f7:66:8d:e7:a5:
35:8f:62:6e:1f:41:5a:ed:96:d6:ec:18:8a:df:d0:
bf:90:09:9b:12:aa:fe:2f:e7:2b:ed:05:95:6c:70:
8e:e9:c5:11:a4:e6:c5:75:c6:b0:5d:aa:0d:73:3e:
3b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3C:F5:C1:8E:87:57:B0:F9:5F:85:5E:72:04:2F:B4:8A:9E:95:4B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PDz1wY6HV7D5X4VecgQvtIqelUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
193.124.7.0/24
194.58.155.0/24
194.87.53.0/24
194.87.119.0/24
194.87.169.0/24
194.87.179.0/24
195.133.24.0/23
195.133.29.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
67:3d:d6:62:4f:27:57:5a:d3:5d:63:a2:e5:6a:a2:b0:d6:f7:
71:07:06:57:75:2f:f2:32:c3:d4:15:17:80:33:cd:ab:ad:4a:
d0:69:72:e1:65:7e:5e:5d:83:6f:2b:bf:45:48:f4:8f:b1:b5:
78:bd:a8:32:bf:1f:46:2a:59:3f:27:9f:d6:da:95:9d:74:b1:
86:c9:61:e7:0f:cd:6b:63:e9:72:4a:86:ee:ed:d5:e3:8c:cb:
d7:fb:f4:b6:0a:ce:33:94:c1:40:e9:d8:4f:24:15:d0:75:d7:
ff:15:1e:aa:fc:04:5b:12:ae:46:e8:6f:8b:84:b7:b2:de:c5:
5e:4c:a2:75:3a:ff:04:3f:55:33:f3:68:10:ae:27:1b:14:e8:
78:ff:4a:fc:c6:8f:4e:3f:9a:97:1b:02:0e:80:04:84:a3:a5:
00:db:fb:61:2f:b0:4d:71:53:2c:78:e8:2d:eb:21:a8:dc:55:
95:e6:f8:16:7b:e6:2f:90:8b:35:f0:f7:eb:90:88:51:89:4a:
ff:cf:ec:83:1b:a6:2d:05:38:b8:31:ab:09:04:4c:33:3f:16:
9a:a1:52:8a:34:1b:83:c1:0d:17:11:fe:19:4f:45:32:e9:07:
10:f8:3b:39:83:83:8a:13:0c:fa:29:1e:97:29:27:48:0f:84:
26:16:88:0c
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZa0K3vA0mC6O2kQtHE0UKPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTA5MDgzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNjZjVjMThlODc1N2IwZjk1Zjg1NWU3MjA0MmZiNDhhOWU5NTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+gr31eQvFPtTdsiYg9bnVp5i2D+
zg2Pb18tUzK+sSxInAQHIPtVUaAXwBLjuvoIJBiuc4mJGsPKtz+7nUl9cERDJaO9
8uzW305aK3sXjZVvfugVFEMGgW219hdlFKAn6GwPPkHfL4q8ojumJW5jMzKtuXkD
K9EEgvZx9U/46gPr+0i1w4d8EDTZFqjc8JKXKmUAWnZVYP0T7yzIuqyQVaxHJW0b
4qweJ165NkUm2KNjXrEpAZHZySyeVPs5QZ1XOG3waLW9UW4GdkS+92aN56U1j2Ju
H0Fa7ZbW7BiK39C/kAmbEqr+L+cr7QWVbHCO6cURpObFdcawXaoNcz47bQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFDw89cGOh1ew+V+FXnIEL7SKnpVLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUER6MXdZNkhWN0Q1WDRWZWNnUXZ0SXFlbFVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAMB8rQME
AMF8BwMEAMI6mwMEAMJXNQMEAMJXdwMEAMJXqQMEAMJXswMEAcOFGAMEAMOFHQME
AcOFKAMEAcOFMgMEAcOFXAMEANTA8QMEAdTBGjAUBAIAAjAOAwUDKgFXwAMFAyoM
/0AwDQYJKoZIhvcNAQELBQADggEBAGc91mJPJ1da011jouVqorDW93EHBld1L/Iy
w9QVF4AzzautStBpcuFlfl5dg28rv0VI9I+xtXi9qDK/H0YqWT8nn9balZ10sYbJ
YecPzWtj6XJKhu7t1eOMy9f79LYKzjOUwUDp2E8kFdB11/8VHqr8BFsSrkbob4uE
t7LexV5MonU6/wQ/VTPzaBCuJxsU6Hj/SvzGj04/mpcbAg6ABISjpQDb+2EvsE1x
Uyx46C3rIajcVZXm+BZ75i+QizXw9+uQiFGJSv/P7IMbpi0FOLgxqwkETDM/Fpqh
Uoo0G4PBDRcR/hlPRTLpBxD4OzmDg4oTDPopHpcpJ0gPhCYWiAw=
-----END CERTIFICATE-----
Generated at Mon Jun 16 18:51:36 2025 by rpki-client