Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/1-j9qqCfdAHscTHK40hSOa_Rvk7k.roa
File: 1-j9qqCfdAHscTHK40hSOa_Rvk7k.roa (raw, json)
Hash identifier: Y0SsdQfhSjIoZvwmlYen4W5pS6o+o8MYqaceGRSOvzQ=
Subject key identifier: FA:3F:6A:A8:27:DD:00:7B:1C:4C:72:B8:D2:14:8E:6B:F4:6F:93:B9
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01960FD046EEC573A890E23C1AF904A21A54
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/1-j9qqCfdAHscTHK40hSOa_Rvk7k.roa
Signing time: Mon 07 Apr 2025 10:33:49 +0000
ROA not before: Mon 07 Apr 2025 10:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34304
IP address blocks: 80.96.99.0/24 maxlen: 24
80.96.106.0/24 maxlen: 24
81.180.172.0/23 maxlen: 23
81.180.252.0/23 maxlen: 23
81.181.173.0/24 maxlen: 24
85.122.84.0/24 maxlen: 24
194.102.217.0/24 maxlen: 24
217.156.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 10:39:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:d0:46:ee:c5:73:a8:90:e2:3c:1a:f9:04:a2:1a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 7 10:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa3f6aa827dd007b1c4c72b8d2148e6bf46f93b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:16:ba:11:ed:73:0d:e6:c8:1b:a4:2d:32:9e:
c9:41:4b:87:f5:bb:25:48:97:a8:ca:15:02:2b:2c:
35:83:f0:d9:ca:3f:1c:c7:df:6f:a4:6e:f5:41:2f:
d9:7a:01:10:72:17:65:46:38:d2:a8:3e:8d:6c:06:
c6:40:92:c9:6c:ca:fd:15:be:92:76:1f:2f:5b:90:
aa:d3:6a:d0:3d:15:eb:d5:77:12:a0:8f:10:eb:a1:
64:6b:65:f0:48:db:dc:2a:2a:f6:8a:40:7a:4a:f1:
6d:d7:b5:e9:54:4b:12:ee:62:0f:79:c8:9c:62:7e:
67:14:5d:e7:fa:b3:52:03:e1:9a:e9:ce:ec:4f:e9:
74:ef:02:57:c8:2f:8d:56:c8:aa:19:eb:68:6e:68:
67:80:d2:7c:8c:13:32:30:50:34:1b:57:b7:10:46:
7c:fe:f6:d5:31:c6:6f:a1:31:7a:cd:24:22:dc:79:
ec:92:d6:c8:c5:92:36:9c:f6:66:16:bc:d8:f3:b1:
4f:69:9f:eb:01:af:63:67:db:a1:0f:5f:f6:1d:1c:
b3:2d:96:4b:f3:98:25:17:ba:18:1a:87:8e:ad:df:
82:c5:8f:93:74:18:9a:57:ad:1c:e4:98:72:e4:a6:
13:07:a0:a2:e6:8f:54:5a:d2:67:57:43:a2:9c:a8:
e1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3F:6A:A8:27:DD:00:7B:1C:4C:72:B8:D2:14:8E:6B:F4:6F:93:B9
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/1-j9qqCfdAHscTHK40hSOa_Rvk7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.99.0/24
80.96.106.0/24
81.180.172.0/23
81.180.252.0/23
81.181.173.0/24
85.122.84.0/24
194.102.217.0/24
217.156.91.0/24
Signature Algorithm: sha256WithRSAEncryption
11:05:f4:d5:10:a5:45:dc:29:68:db:ca:2c:53:d0:67:d8:0c:
ac:bc:5b:3c:19:85:f5:d0:e8:2a:f0:93:82:3a:17:92:87:fb:
6c:a3:53:9e:98:44:d6:f2:2f:3b:ec:3a:cb:93:71:06:33:12:
b5:6f:e3:7e:9f:9b:07:de:da:a2:75:3b:39:a4:96:0f:04:33:
f1:cc:87:94:04:e1:9d:00:19:d4:55:8c:b1:86:2d:19:87:ff:
20:ad:27:ce:8f:18:fb:56:1d:88:fe:fc:38:d9:56:2c:02:3c:
ed:d5:08:ff:1a:04:d5:d4:66:6a:39:b7:3c:63:9f:50:cb:46:
3a:14:74:c8:1d:32:8a:8e:39:22:51:21:3e:94:84:2c:98:7e:
32:bb:c8:31:55:50:44:0a:69:46:fe:f9:2f:dd:14:9e:e9:11:
a5:d8:8b:3c:98:88:09:2a:80:61:40:54:92:c5:ef:bd:d7:06:
cf:04:03:82:80:78:aa:32:1a:16:7a:56:de:d4:bb:0e:d6:42:
bf:a5:7e:ea:a9:04:92:ae:39:ec:83:a9:24:dc:36:98:8f:30:
29:87:39:17:59:ad:b5:3b:af:2b:83:57:bc:51:d9:d3:ab:2b:
bc:80:54:c5:2d:54:d4:3f:fa:0b:61:a1:41:07:ca:d1:9d:38:
5d:5b:10:76
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZYP0EbuxXOokOI8GvkEohpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNDA3MTAzMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTNmNmFhODI3ZGQwMDdiMWM0YzcyYjhkMjE0OGU2YmY0NmY5M2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ba6Ee1zDebIG6QtMp7JQUuH9bsl
SJeoyhUCKyw1g/DZyj8cx99vpG71QS/ZegEQchdlRjjSqD6NbAbGQJLJbMr9Fb6S
dh8vW5Cq02rQPRXr1XcSoI8Q66Fka2XwSNvcKir2ikB6SvFt17XpVEsS7mIPecic
Yn5nFF3n+rNSA+Ga6c7sT+l07wJXyC+NVsiqGetobmhngNJ8jBMyMFA0G1e3EEZ8
/vbVMcZvoTF6zSQi3HnsktbIxZI2nPZmFrzY87FPaZ/rAa9jZ9uhD1/2HRyzLZZL
85glF7oYGoeOrd+CxY+TdBiaV60c5Jhy5KYTB6Ci5o9UWtJnV0OinKjhmwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPo/aqgn3QB7HExyuNIUjmv0b5O5MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvMS1qOXFxQ2ZkQUhzY1RISzQwaFNPYV9Sdms3ay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVk
Yi8xL01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBJBggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFBgYwME
AFBgagMEAVG0rAMEAVG0/AMEAFG1rQMEAFV6VAMEAMJm2QMEANmcWzANBgkqhkiG
9w0BAQsFAAOCAQEAEQX01RClRdwpaNvKLFPQZ9gMrLxbPBmF9dDoKvCTgjoXkof7
bKNTnphE1vIvO+w6y5NxBjMStW/jfp+bB97aonU7OaSWDwQz8cyHlAThnQAZ1FWM
sYYtGYf/IK0nzo8Y+1YdiP78ONlWLAI87dUI/xoE1dRmajm3PGOfUMtGOhR0yB0y
io45IlEhPpSELJh+MrvIMVVQRAppRv75L90UnukRpdiLPJiICSqAYUBUksXvvdcG
zwQDgoB4qjIaFnpW3tS7DtZCv6V+6qkEkq457IOpJNw2mI8wKYc5F1mttTuvK4NX
vFHZ06srvIBUxS1U1D/6C2GhQQfK0Z04XVsQdg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:36:24 2025 by rpki-client