Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ikNzlFCg96-Pr9IWSeZqCOIOP8A.roa
File: ikNzlFCg96-Pr9IWSeZqCOIOP8A.roa (raw, json)
Hash identifier: gvZVC0GcsICuV0nzylKCKdJeyftNBLD0qSELgXV7MhY=
Subject key identifier: 8A:43:73:94:50:A0:F7:AF:8F:AF:D2:16:49:E6:6A:08:E2:0E:3F:C0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019753877DB90661A28FE10C7F037DD9E90C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ikNzlFCg96-Pr9IWSeZqCOIOP8A.roa
Signing time: Mon 09 Jun 2025 07:11:17 +0000
ROA not before: Mon 09 Jun 2025 07:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
193.124.206.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
195.133.195.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 10 Jun 2025 08:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:87:7d:b9:06:61:a2:8f:e1:0c:7f:03:7d:d9:e9:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 9 07:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a43739450a0f7af8fafd21649e66a08e20e3fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:48:dc:5b:99:31:36:3e:ab:e9:8d:8d:cc:d8:
6b:aa:7d:f0:6f:3a:49:53:98:e5:c1:55:39:81:c1:
41:9b:fe:7a:1a:03:df:d5:f4:f8:09:ef:9a:51:d9:
a5:01:d4:f0:b1:b2:c9:f3:0d:13:9e:61:69:cd:dd:
c2:04:e3:54:2b:4c:bc:0a:57:ff:2e:f9:1d:cc:3b:
ea:7e:8e:d2:5f:23:16:5c:ea:7f:71:0d:48:4b:ab:
30:2b:d3:02:9d:24:8c:43:3e:e7:61:ec:bd:3c:6a:
a7:fd:ba:a5:40:b2:50:12:c8:51:a4:d6:31:3e:d8:
87:a9:c7:61:a3:ce:1b:9e:46:37:23:10:7a:f6:4d:
d1:fc:48:cd:80:80:87:f1:b5:6d:d5:14:5d:8f:88:
0d:76:32:17:bc:5e:17:61:13:05:c7:25:2b:84:bb:
90:14:53:92:12:bd:af:df:16:47:dd:79:ad:b3:0e:
25:b9:1c:48:cb:c3:f1:b3:28:a9:00:f9:0e:f0:a2:
c8:81:ea:a4:30:1c:9c:88:96:50:12:57:f3:d0:2d:
ea:72:4d:24:39:11:4a:bf:62:ac:fb:5c:29:63:9b:
b5:e0:51:1a:a9:78:40:c7:83:fd:9d:10:4a:dc:1e:
03:10:7d:04:83:ec:39:aa:c9:fc:f4:86:79:9a:11:
f3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:43:73:94:50:A0:F7:AF:8F:AF:D2:16:49:E6:6A:08:E2:0E:3F:C0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ikNzlFCg96-Pr9IWSeZqCOIOP8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
193.124.206.0/24
194.58.155.0/24
194.87.53.0/24
194.87.119.0/24
194.87.169.0/24
194.87.179.0/24
194.135.24.0/24
195.133.24.0/23
195.133.29.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
195.133.195.0/24
212.192.241.0/24
212.193.0.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
48:ec:3b:f8:4c:8d:56:b8:4c:db:f5:8e:b5:99:bb:1e:b3:c0:
cc:fb:75:f2:bd:60:7c:47:09:17:81:99:e0:b8:76:41:5c:12:
f2:37:b6:69:61:89:93:07:54:e4:93:8b:05:83:95:e9:83:6b:
93:03:17:98:ad:cf:2b:00:13:2c:03:19:80:f0:83:86:0e:2f:
fb:8c:72:03:b7:fe:bd:3d:00:fd:e0:65:32:74:9b:8a:ee:38:
97:d3:1a:46:22:85:5f:b0:ee:7b:74:c0:f4:81:23:ba:dd:68:
a0:6e:26:8d:51:f4:e9:e1:fd:80:06:31:8a:a5:c2:61:17:71:
37:ce:a6:31:9a:a6:7f:a1:81:50:c7:2b:84:3f:30:15:1a:d6:
19:1a:40:a4:a3:48:dc:09:05:6b:27:3d:49:da:7c:2d:1f:f2:
4c:aa:9e:5b:8e:a9:a1:7d:2a:99:0a:7d:5c:56:ff:32:94:15:
c2:ca:0d:e5:ea:36:78:83:10:33:c9:28:5a:f2:01:f3:d2:46:
30:62:d3:a6:97:c3:e2:e8:ec:f6:aa:03:83:bc:be:ac:f8:a5:
76:1c:fd:78:53:19:f7:e7:f6:76:09:c4:00:af:bf:3c:c6:d0:
1f:e0:7b:3e:6b:73:de:a5:0f:e8:2d:6a:15:b0:27:4b:17:05:
a2:37:98:db
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAZdTh325BmGij+EMfwN92ekMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNjA5MDcxMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQzNzM5NDUwYTBmN2FmOGZhZmQyMTY0OWU2NmEwOGUyMGUzZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykjcW5kxNj6r6Y2NzNhrqn3wbzpJ
U5jlwVU5gcFBm/56GgPf1fT4Ce+aUdmlAdTwsbLJ8w0TnmFpzd3CBONUK0y8Clf/
LvkdzDvqfo7SXyMWXOp/cQ1IS6swK9MCnSSMQz7nYey9PGqn/bqlQLJQEshRpNYx
PtiHqcdho84bnkY3IxB69k3R/EjNgICH8bVt1RRdj4gNdjIXvF4XYRMFxyUrhLuQ
FFOSEr2v3xZH3Xmtsw4luRxIy8PxsyipAPkO8KLIgeqkMByciJZQElfz0C3qck0k
ORFKv2Ks+1wpY5u14FEaqXhAx4P9nRBK3B4DEH0Eg+w5qsn89IZ5mhHzBQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFIpDc5RQoPevj6/SFknmagjiDj/AMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaWtOemxGQ2c5Ni1QcjlJV1NlWnFDT0lPUDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBsBAIAATBmAwQAwXwH
AwQAwXzOAwQAwjqbAwQAwlc1AwQAwld3AwQAwlepAwQAwlezAwQAwocYAwQBw4UY
AwQAw4UdAwQBw4UoAwQBw4UyAwQBw4VcAwQAw4XDAwQA1MDxAwQA1MEAAwQB1MEa
MBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEASOw7+EyN
VrhM2/WOtZm7HrPAzPt18r1gfEcJF4GZ4Lh2QVwS8je2aWGJkwdU5JOLBYOV6YNr
kwMXmK3PKwATLAMZgPCDhg4v+4xyA7f+vT0A/eBlMnSbiu44l9MaRiKFX7Due3TA
9IEjut1ooG4mjVH06eH9gAYxiqXCYRdxN86mMZqmf6GBUMcrhD8wFRrWGRpApKNI
3AkFayc9Sdp8LR/yTKqeW46poX0qmQp9XFb/MpQVwsoN5eo2eIMQM8koWvIB89JG
MGLTppfD4ujs9qoDg7y+rPildhz9eFMZ9+f2dgnEAK+/PMbQH+B7Pmtz3qUP6C1q
FbAnSxcFojeY2w==
-----END CERTIFICATE-----
Generated at Tue Jun 17 08:58:55 2025 by rpki-client