Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sFluGW7EsJXPPhg0Ms9uBEmfoLc.roa
File: sFluGW7EsJXPPhg0Ms9uBEmfoLc.roa (raw, json)
Hash identifier: Wx5BI5XWCvnE3bCzOLEY+CXquL/q4SbcTn8sKKYN45c=
Subject key identifier: B0:59:6E:19:6E:C4:B0:95:CF:3E:18:34:32:CF:6E:04:49:9F:A0:B7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01961ED18E62EBD9EC980A264CA5F2D38968
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sFluGW7EsJXPPhg0Ms9uBEmfoLc.roa
Signing time: Thu 10 Apr 2025 08:29:32 +0000
ROA not before: Thu 10 Apr 2025 08:29:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 62.76.238.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
194.58.36.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 10 Apr 2025 15:59:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1e:d1:8e:62:eb:d9:ec:98:0a:26:4c:a5:f2:d3:89:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 10 08:29:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0596e196ec4b095cf3e183432cf6e04499fa0b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:56:db:d6:29:3f:47:fa:81:36:57:9a:46:e8:
48:8f:c2:78:94:be:38:af:d8:df:ac:e4:1e:94:27:
62:0d:36:ef:bc:b0:e4:f9:c8:38:86:25:34:bb:6d:
53:11:ac:f3:ec:d4:d9:81:53:07:c4:36:e7:45:15:
77:88:f8:56:a9:62:74:78:1c:e8:08:c2:44:19:08:
0c:4c:57:91:3f:cd:31:65:06:e7:eb:0b:f9:75:66:
70:ef:0b:69:17:2e:a2:ef:f4:f4:41:38:48:9f:dc:
58:0e:24:37:3a:93:f0:48:2a:86:8c:41:46:d6:5f:
ac:2e:9b:07:ff:63:1f:ff:91:e4:13:a2:b5:36:73:
76:08:72:50:e7:3f:4f:b1:e4:c8:51:ac:5d:f6:f3:
ee:ae:df:09:64:6f:46:f0:eb:99:5e:85:cf:16:22:
b3:92:24:78:e0:15:8b:50:f8:95:e7:ef:11:b1:e8:
3e:61:8b:42:77:a7:fe:e4:d9:09:d4:fd:fc:8f:ce:
13:ca:cf:67:28:e8:bf:b7:04:2d:0d:52:86:f2:23:
b0:d3:8d:8d:13:32:7b:53:e4:f6:4e:0f:88:d2:dd:
77:31:21:65:de:cb:ba:8c:84:28:58:84:69:27:f4:
31:63:1b:c5:8f:db:58:6f:6b:ea:03:38:61:07:de:
68:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:59:6E:19:6E:C4:B0:95:CF:3E:18:34:32:CF:6E:04:49:9F:A0:B7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/sFluGW7EsJXPPhg0Ms9uBEmfoLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.238.0/24
193.108.112.0/24
193.124.7.0/24
193.124.44.0/24
194.58.36.0/24
194.58.155.0/24
194.58.223.0/24
194.87.53.0/24
194.87.119.0/24
194.87.126.0/24
194.87.162.0/24
194.87.169.0/24
194.87.179.0/24
195.133.9.0/24
195.133.24.0/23
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
5f:ab:b7:72:9c:6a:b5:8b:f2:8e:68:45:22:69:8f:ad:da:0e:
6e:f3:76:22:7b:68:b2:7b:1c:d6:f3:ce:53:62:01:dd:c7:9e:
c5:cd:ac:9b:02:08:79:12:5a:ac:99:07:90:29:a3:76:4b:42:
4e:7a:55:79:e7:ff:98:01:8a:af:0e:ac:7e:97:2d:da:25:df:
70:0e:1e:28:43:51:b2:dd:19:be:35:99:3d:5b:da:7a:b3:a4:
1c:5b:50:8f:91:00:c9:c4:a5:d0:25:35:c3:e7:22:1e:bf:ba:
59:7f:2c:e7:0c:1e:0a:b2:b5:60:dd:45:9b:cd:a3:a5:4e:04:
2b:c5:a2:06:a9:4b:4e:7f:8a:62:a8:1e:cd:1a:41:34:55:2c:
b8:77:6d:e6:2c:8b:98:61:4f:41:4f:e3:92:4b:d0:8c:fe:71:
0f:aa:a5:61:6a:c7:93:16:f6:cc:e7:b0:63:1d:dc:a8:6a:07:
3e:08:62:58:90:db:35:80:8e:cc:1f:f5:79:6a:83:2b:14:5f:
80:d7:a2:1c:5f:af:78:b5:99:cf:8b:eb:5a:e5:d1:63:e8:08:
01:3d:8c:c2:2b:e3:3c:2c:19:ec:66:91:d7:85:e6:36:ee:de:
44:29:43:53:cd:3f:53:cd:30:21:4b:cd:2f:55:f4:e9:40:46:
cc:43:f1:4a
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZYe0Y5i69nsmAomTKXy04loMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNDEwMDgyOTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDU5NmUxOTZlYzRiMDk1Y2YzZTE4MzQzMmNmNmUwNDQ5OWZhMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Fbb1ik/R/qBNleaRuhIj8J4lL44
r9jfrOQelCdiDTbvvLDk+cg4hiU0u21TEazz7NTZgVMHxDbnRRV3iPhWqWJ0eBzo
CMJEGQgMTFeRP80xZQbn6wv5dWZw7wtpFy6i7/T0QThIn9xYDiQ3OpPwSCqGjEFG
1l+sLpsH/2Mf/5HkE6K1NnN2CHJQ5z9PseTIUaxd9vPurt8JZG9G8OuZXoXPFiKz
kiR44BWLUPiV5+8Rseg+YYtCd6f+5NkJ1P38j84Tys9nKOi/twQtDVKG8iOw042N
EzJ7U+T2Tg+I0t13MSFl3su6jIQoWIRpJ/QxYxvFj9tYb2vqAzhhB95o7wIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFLBZbhluxLCVzz4YNDLPbgRJn6C3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvc0ZsdUdXN0VzSlhQUGhnME1zOXVCRW1mb0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljB+BAIAATB4AwQAPkzu
AwQAwWxwAwQAwXwHAwQAwXwsAwQAwjokAwQAwjqbAwQAwjrfAwQAwlc1AwQAwld3
AwQAwld+AwQAwleiAwQAwlepAwQAwlezAwQAw4UJAwQBw4UYAwQBw4UoAwQBw4Uy
AwQBw4VcAwQA1MDxAwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG
9w0BAQsFAAOCAQEAX6u3cpxqtYvyjmhFImmPrdoObvN2Intosnsc1vPOU2IB3cee
xc2smwIIeRJarJkHkCmjdktCTnpVeef/mAGKrw6sfpct2iXfcA4eKENRst0ZvjWZ
PVvaerOkHFtQj5EAycSl0CU1w+ciHr+6WX8s5wweCrK1YN1Fm82jpU4EK8WiBqlL
Tn+KYqgezRpBNFUsuHdt5iyLmGFPQU/jkkvQjP5xD6qlYWrHkxb2zOewYx3cqGoH
PghiWJDbNYCOzB/1eWqDKxRfgNeiHF+veLWZz4vrWuXRY+gIAT2MwivjPCwZ7GaR
14XmNu7eRClDU80/U80wIUvNL1X06UBGzEPxSg==
-----END CERTIFICATE-----
Generated at Tue Jun 17 15:39:29 2025 by rpki-client