Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8ccFdJdnMYx1NVSwb2GIAl86je8.roa
File: 8ccFdJdnMYx1NVSwb2GIAl86je8.roa (raw, json)
Hash identifier: nLVBZbFogqcm7hA/eK5E5tlKPOZHHvkOhUGMJwiVX48=
Subject key identifier: F1:C7:05:74:97:67:31:8C:75:35:54:B0:6F:61:88:02:5F:3A:8D:EF
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01963F3AA716CE0E059DC94365ECF56D8AAA
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8ccFdJdnMYx1NVSwb2GIAl86je8.roa
Signing time: Wed 16 Apr 2025 15:32:10 +0000
ROA not before: Wed 16 Apr 2025 15:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 5.83.153.0/24 maxlen: 24
77.90.33.0/24 maxlen: 24
77.90.49.0/24 maxlen: 24
85.93.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 19:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:3a:a7:16:ce:0e:05:9d:c9:43:65:ec:f5:6d:8a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 16 15:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1c705749767318c753554b06f6188025f3a8def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e8:41:d2:c0:04:36:fc:61:b0:32:fe:70:41:
3e:0d:2e:c8:50:b5:ea:de:4b:0b:82:b0:cc:14:6b:
dc:d1:c7:03:53:ad:3b:93:88:ab:37:d1:58:5c:5a:
2f:dd:10:d0:ef:4a:b7:ba:64:4f:b2:29:ee:34:4b:
69:f2:62:14:7e:56:67:03:bd:88:a2:07:3e:fb:d5:
90:7a:44:08:dc:1c:ec:20:f0:aa:10:42:4f:e2:f1:
75:21:48:e8:57:90:55:df:2c:30:74:ec:fe:ac:a4:
ae:e0:a2:e4:bc:08:e9:7b:c7:82:83:b6:55:fd:58:
16:0b:b4:37:93:67:ec:66:ce:ba:24:81:cc:64:a8:
7c:d7:33:a8:a7:f2:ba:2d:0d:fb:ea:3b:f1:9f:85:
7c:9a:d8:2b:21:53:36:ca:8e:8c:9c:1f:e6:d3:13:
3a:74:a2:dd:ce:12:a5:67:d2:a7:b6:9a:37:b0:26:
b4:1d:94:9f:7d:90:0e:14:b9:b7:27:9e:bb:67:c3:
dc:97:be:8b:ae:5b:f4:f5:c3:a5:a9:0f:72:43:bd:
bc:1e:0e:2a:28:34:41:0f:5e:75:f7:66:6e:1c:40:
1a:ca:bb:21:c0:67:71:6f:cc:88:4d:b9:40:f4:e6:
08:f9:20:13:52:a6:bc:e7:77:ed:81:1e:06:ad:e7:
3b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C7:05:74:97:67:31:8C:75:35:54:B0:6F:61:88:02:5F:3A:8D:EF
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8ccFdJdnMYx1NVSwb2GIAl86je8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.153.0/24
77.90.33.0/24
77.90.49.0/24
85.93.21.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:d3:a7:1e:82:35:1b:e7:e8:ad:73:c8:61:27:e6:34:5e:46:
44:88:2f:0f:8d:3a:97:7a:11:14:80:c7:8b:4d:82:05:66:15:
5d:a5:75:07:29:0e:21:3a:28:36:f4:67:4c:0d:ce:0f:73:bc:
87:02:39:1f:61:c6:69:5b:9b:88:f1:7a:2e:71:ec:ee:c6:03:
e9:55:8d:7e:13:3a:15:a6:fc:89:52:19:84:48:93:88:95:f2:
9c:16:8d:ef:a1:a0:6a:d9:d4:11:45:08:a9:4e:20:95:e3:78:
95:83:ef:22:67:3f:ad:17:19:27:72:b1:e3:7b:ba:b7:87:93:
43:e1:fc:e3:b9:12:1d:54:ff:d7:01:79:56:eb:ae:8b:1d:fa:
72:b6:91:8b:8f:41:60:87:1a:ae:5d:f9:34:1a:44:52:e8:e2:
3b:2e:dc:38:c3:9d:f0:99:02:f2:4e:0b:03:61:19:9f:e5:69:
0e:98:b8:3f:47:d6:16:cf:ce:55:d5:9d:59:c0:be:83:53:ac:
53:b0:39:0d:39:33:cc:2a:32:c0:d7:05:85:86:54:56:3e:f2:
6b:70:6f:1b:34:15:55:b4:37:94:c0:8a:ca:cc:73:4e:7d:f5:
1d:db:09:8f:d1:21:79:a4:1b:bb:25:a0:d9:c5:3c:a8:d3:09:
51:73:ea:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZY/OqcWzg4FnclDZez1bYqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDE2MTUzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWM3MDU3NDk3NjczMThjNzUzNTU0YjA2ZjYxODgwMjVmM2E4ZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+hB0sAENvxhsDL+cEE+DS7IULXq
3ksLgrDMFGvc0ccDU607k4irN9FYXFov3RDQ70q3umRPsinuNEtp8mIUflZnA72I
ogc++9WQekQI3BzsIPCqEEJP4vF1IUjoV5BV3ywwdOz+rKSu4KLkvAjpe8eCg7ZV
/VgWC7Q3k2fsZs66JIHMZKh81zOop/K6LQ376jvxn4V8mtgrIVM2yo6MnB/m0xM6
dKLdzhKlZ9Kntpo3sCa0HZSffZAOFLm3J567Z8Pcl76Lrlv09cOlqQ9yQ728Hg4q
KDRBD15192ZuHEAayrshwGdxb8yITblA9OYI+SATUqa853ftgR4Grec7wwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPHHBXSXZzGMdTVUsG9hiAJfOo3vMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvOGNjRmRKZG5NWXgxTlZTd2IyR0lBbDg2amU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABVOZAwQA
TVohAwQATVoxAwQAVV0VMA0GCSqGSIb3DQEBCwUAA4IBAQAs06cegjUb5+itc8hh
J+Y0XkZEiC8PjTqXehEUgMeLTYIFZhVdpXUHKQ4hOig29GdMDc4Pc7yHAjkfYcZp
W5uI8XoucezuxgPpVY1+EzoVpvyJUhmESJOIlfKcFo3voaBq2dQRRQipTiCV43iV
g+8iZz+tFxkncrHje7q3h5ND4fzjuRIdVP/XAXlW666LHfpytpGLj0FghxquXfk0
GkRS6OI7Ltw4w53wmQLyTgsDYRmf5WkOmLg/R9YWz85V1Z1ZwL6DU6xTsDkNOTPM
KjLA1wWFhlRWPvJrcG8bNBVVtDeUwIrKzHNOffUd2wmP0SF5pBu7JaDZxTyo0wlR
c+pJ
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:02:27 2025 by rpki-client