Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/3NphM8t3yOo1pQiIlc3aQCTLu6I.roa
File: 3NphM8t3yOo1pQiIlc3aQCTLu6I.roa (raw, json)
Hash identifier: ovn2LMcroUkfYYmKGnQOQHmghnaK39RVBG8DIPfLMtQ=
Subject key identifier: DC:DA:61:33:CB:77:C8:EA:35:A5:08:88:95:CD:DA:40:24:CB:BB:A2
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01960FD21B2AB7D52C285017366E749C52BE
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/3NphM8t3yOo1pQiIlc3aQCTLu6I.roa
Signing time: Mon 07 Apr 2025 10:35:49 +0000
ROA not before: Mon 07 Apr 2025 10:35:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 80.96.18.0/23 maxlen: 23
80.96.70.0/23 maxlen: 24
80.96.100.0/23 maxlen: 23
81.180.108.0/23 maxlen: 23
81.180.139.0/24 maxlen: 24
81.181.162.0/23 maxlen: 23
85.122.60.0/23 maxlen: 23
217.156.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 10:36:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:d2:1b:2a:b7:d5:2c:28:50:17:36:6e:74:9c:52:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 7 10:35:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcda6133cb77c8ea35a5088895cdda4024cbbba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:16:08:d3:a7:2c:6d:36:cf:5d:87:8f:1d:ae:
ae:d8:79:99:c5:9a:e0:61:90:d5:29:c6:44:4b:bd:
60:c3:21:61:ed:29:ac:47:de:73:f2:13:e0:f2:22:
33:02:9b:84:f1:0a:c7:b9:94:9b:aa:a6:6d:b3:36:
b8:df:95:22:1a:f0:89:e9:e5:23:2a:5a:6f:b4:9e:
ce:05:7d:a5:7e:a2:47:b7:8f:7d:ad:f0:2a:a8:df:
d6:4f:63:7e:8b:1c:a7:8d:f1:1b:95:87:80:0b:51:
ff:21:6f:c0:6a:ce:7b:6e:27:22:7f:a6:af:2b:ef:
e6:36:4e:16:41:ac:18:b5:f1:b6:81:bb:91:0c:25:
f8:2f:68:52:fe:ad:6e:24:6b:96:a2:f4:79:55:cc:
af:cb:40:01:f2:8f:cb:72:27:d6:29:bb:80:11:a0:
fe:ab:93:c1:34:b2:fe:0c:91:97:91:df:cf:ba:78:
72:1a:30:ff:58:e0:4b:db:f0:5f:79:fa:53:4d:ed:
f6:aa:79:e5:3a:54:2d:f0:71:34:6c:49:44:35:25:
d9:ad:35:b1:d2:6d:cd:97:8c:06:2a:ba:46:11:74:
27:f0:aa:76:7e:16:1e:28:09:9b:04:81:18:6a:43:
66:ae:8d:a3:23:06:b0:db:7b:15:82:10:d1:34:f9:
45:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DA:61:33:CB:77:C8:EA:35:A5:08:88:95:CD:DA:40:24:CB:BB:A2
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/3NphM8t3yOo1pQiIlc3aQCTLu6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.18.0/23
80.96.70.0/23
80.96.100.0/23
81.180.108.0/23
81.180.139.0/24
81.181.162.0/23
85.122.60.0/23
217.156.32.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:c1:d5:a6:bb:c5:ef:07:6e:ea:ae:a3:b0:a6:ec:82:36:7f:
44:7a:0d:2a:f1:15:35:e0:e5:82:ce:a3:04:d6:71:05:a5:0c:
ae:b8:93:33:a7:95:c8:64:bf:3b:59:57:18:17:aa:23:ed:23:
f8:98:bb:b6:af:77:c4:7d:d7:c5:e4:8a:6d:c3:07:24:cf:6b:
45:af:cf:25:ab:3d:8e:c3:a2:79:85:31:a6:27:63:57:e3:85:
f3:ee:23:b9:9a:3d:26:a2:c9:77:fc:dc:c5:0f:e6:eb:bd:22:
ba:85:58:dc:05:e8:e4:f9:39:e3:50:2c:8f:07:88:44:14:cb:
51:25:ef:ce:5e:55:7a:6e:4c:cd:8a:c8:63:9c:5f:16:71:78:
1c:66:4a:eb:86:5c:0b:e7:12:33:09:ce:93:82:4e:34:0c:da:
55:89:8d:c8:2c:18:75:8a:bb:fd:99:92:11:08:82:6e:aa:9b:
a4:1b:4f:da:92:52:b8:e5:be:47:c0:58:72:d2:f3:c2:45:51:
6f:e8:06:a1:89:ef:e5:e7:22:f4:79:73:91:ba:4d:c3:66:71:
96:59:a4:b5:b5:ae:d7:2f:1a:83:82:ce:25:a5:3b:dd:10:d1:
2e:81:28:eb:67:67:5e:60:c9:43:ae:bc:b8:b8:8b:02:70:f8:
53:3c:3a:64
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZYP0hsqt9UsKFAXNm50nFK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNDA3MTAzNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2RhNjEzM2NiNzdjOGVhMzVhNTA4ODg5NWNkZGE0MDI0Y2JiYmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRYI06csbTbPXYePHa6u2HmZxZrg
YZDVKcZES71gwyFh7SmsR95z8hPg8iIzApuE8QrHuZSbqqZtsza435UiGvCJ6eUj
KlpvtJ7OBX2lfqJHt499rfAqqN/WT2N+ixynjfEblYeAC1H/IW/Aas57bicif6av
K+/mNk4WQawYtfG2gbuRDCX4L2hS/q1uJGuWovR5Vcyvy0AB8o/LcifWKbuAEaD+
q5PBNLL+DJGXkd/PunhyGjD/WOBL2/BfefpTTe32qnnlOlQt8HE0bElENSXZrTWx
0m3Nl4wGKrpGEXQn8Kp2fhYeKAmbBIEYakNmro2jIwaw23sVghDRNPlFdwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNzaYTPLd8jqNaUIiJXN2kAky7uiMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvM05waE04dDN5T28xcFFpSWxjM2FRQ1RMdTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBUGASAwQB
UGBGAwQBUGBkAwQBUbRsAwQAUbSLAwQBUbWiAwQBVXo8AwQA2ZwgMA0GCSqGSIb3
DQEBCwUAA4IBAQCswdWmu8XvB27qrqOwpuyCNn9Eeg0q8RU14OWCzqME1nEFpQyu
uJMzp5XIZL87WVcYF6oj7SP4mLu2r3fEfdfF5Iptwwckz2tFr88lqz2Ow6J5hTGm
J2NX44Xz7iO5mj0mosl3/NzFD+brvSK6hVjcBejk+TnjUCyPB4hEFMtRJe/OXlV6
bkzNishjnF8WcXgcZkrrhlwL5xIzCc6Tgk40DNpViY3ILBh1irv9mZIRCIJuqpuk
G0/aklK45b5HwFhy0vPCRVFv6Aahie/l5yL0eXORuk3DZnGWWaS1ta7XLxqDgs4l
pTvdENEugSjrZ2deYMlDrry4uIsCcPhTPDpk
-----END CERTIFICATE-----
Generated at Sun Apr 27 15:41:28 2025 by rpki-client