Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/7SnZMPE9BVBh2HnF4EEy5QQyJRQ.roa
File: 7SnZMPE9BVBh2HnF4EEy5QQyJRQ.roa (raw, json)
Hash identifier: 0x3mR3vNzKZd7xIsQjJwRKJKJEjihbhSiV3rfr3ovCs=
Subject key identifier: ED:29:D9:30:F1:3D:05:50:61:D8:79:C5:E0:41:32:E5:04:32:25:14
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 01959D79F447C84513928C55A2535EE7C413
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/7SnZMPE9BVBh2HnF4EEy5QQyJRQ.roa
Signing time: Sun 16 Mar 2025 05:42:50 +0000
ROA not before: Sun 16 Mar 2025 05:42:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35042
IP address blocks: 88.214.25.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
185.55.240.0/22 maxlen: 22
193.24.208.0/22 maxlen: 22
193.24.208.0/23 maxlen: 23
193.24.210.0/24 maxlen: 24
194.24.160.0/24 maxlen: 24
2a00:1910::/32 maxlen: 32
2a00:1911::/32 maxlen: 32
2a00:1912::/32 maxlen: 32
2a00:1913::/32 maxlen: 32
2a09:8700::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Mar 2025 21:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9d:79:f4:47:c8:45:13:92:8c:55:a2:53:5e:e7:c4:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Mar 16 05:42:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed29d930f13d055061d879c5e04132e504322514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e4:59:1e:ff:4b:bd:3b:84:f8:d7:ca:e4:a0:
93:1f:f8:ba:7d:ac:9f:f2:c4:40:de:7e:29:d7:81:
ba:13:ac:69:30:64:1d:df:f5:52:87:cc:31:f7:b4:
37:43:2c:35:0f:20:81:d9:65:f9:14:1a:c9:9c:b1:
fe:8c:02:12:cd:f5:a0:eb:54:ae:2a:df:af:b0:34:
65:25:20:eb:e7:3b:fa:76:f4:40:1f:b9:65:e1:87:
b9:39:02:e8:3a:6a:27:0a:7d:b2:57:c7:78:08:22:
c7:43:eb:e4:03:91:56:8b:89:61:52:79:09:c3:5a:
0d:7a:0b:39:de:e2:70:5a:e8:8d:a1:00:b4:83:72:
84:6f:9b:45:dd:53:ab:10:8c:52:31:8f:68:8b:af:
aa:57:88:41:eb:4c:e1:d6:44:3d:e0:fc:73:ba:ba:
87:8b:62:ce:6a:5f:5f:fa:2b:d5:22:fc:a2:56:ee:
35:8f:02:a4:1e:c3:ce:9f:56:7d:0b:7b:82:05:ba:
d0:fa:80:f4:cb:47:82:de:e7:6d:24:c8:c8:b7:5f:
ac:27:11:e4:fc:a7:23:08:f2:c1:ea:16:07:ad:3f:
f9:e3:40:68:b9:30:46:e5:96:04:87:cc:59:65:f8:
b9:69:d4:ee:9e:86:11:08:98:1f:7f:11:4e:90:49:
45:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:29:D9:30:F1:3D:05:50:61:D8:79:C5:E0:41:32:E5:04:32:25:14
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/7SnZMPE9BVBh2HnF4EEy5QQyJRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0/24
91.228.101.0/24
185.55.240.0/22
193.24.208.0/22
194.24.160.0/24
IPv6:
2a00:1910::/30
2a09:8700::/32
Signature Algorithm: sha256WithRSAEncryption
43:1e:cf:e0:ef:1f:51:9e:ec:2c:55:d8:10:51:cc:e3:84:51:
3e:96:40:24:b7:3d:93:b4:38:bd:ce:4b:d2:a8:cc:a0:7f:bd:
73:26:2b:0d:9f:a3:3f:a2:a6:35:85:c1:8a:c1:87:4a:c2:02:
60:0b:4f:3f:3e:b0:5f:23:6c:04:2e:86:86:dc:94:61:3b:e7:
22:aa:c9:a5:49:23:47:4d:9f:8b:85:5e:e2:a5:57:bc:a1:e5:
c6:09:c8:21:b6:53:d9:d3:d0:a6:d9:49:eb:e6:47:be:96:19:
cf:44:2c:c4:0d:d2:77:26:2b:fe:ac:56:22:fc:b4:fb:4c:10:
5f:96:10:20:37:ab:cc:fd:5b:ff:5e:4a:e5:38:2e:63:d1:78:
b3:cb:8f:0b:03:15:bb:dc:61:72:da:38:f0:8f:41:76:10:18:
a8:de:c9:fd:87:63:bc:f7:4f:82:bd:c3:4c:2f:39:2d:6a:8a:
09:3f:16:a2:ce:ef:1e:47:ca:67:93:f3:26:6a:90:cb:b0:6e:
1b:08:8a:2f:fb:c0:30:5b:80:ab:e3:40:eb:86:3f:af:f5:d4:
ac:fd:b1:ea:82:7c:c1:9c:ab:28:be:7f:00:48:7b:ca:d1:a6:
36:51:5c:2c:d5:1e:80:63:c6:bb:45:c4:47:5c:41:2f:24:c2:
74:c9:50:84
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZWdefRHyEUTkoxVolNe58QTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjUwMzE2MDU0MjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDI5ZDkzMGYxM2QwNTUwNjFkODc5YzVlMDQxMzJlNTA0MzIyNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+RZHv9LvTuE+NfK5KCTH/i6fayf
8sRA3n4p14G6E6xpMGQd3/VSh8wx97Q3Qyw1DyCB2WX5FBrJnLH+jAISzfWg61Su
Kt+vsDRlJSDr5zv6dvRAH7ll4Ye5OQLoOmonCn2yV8d4CCLHQ+vkA5FWi4lhUnkJ
w1oNegs53uJwWuiNoQC0g3KEb5tF3VOrEIxSMY9oi6+qV4hB60zh1kQ94PxzurqH
i2LOal9f+ivVIvyiVu41jwKkHsPOn1Z9C3uCBbrQ+oD0y0eC3udtJMjIt1+sJxHk
/KcjCPLB6hYHrT/540BouTBG5ZYEh8xZZfi5adTunoYRCJgffxFOkElFPwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFO0p2TDxPQVQYdh5xeBBMuUEMiUUMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvN1NuWk1QRTlCVkJoMkhuRjRFRXk1UVF5SlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQAWNYZAwQA
W+RlAwQCuTfwAwQCwRjQAwQAwhigMBQEAgACMA4DBQIqABkQAwUAKgmHADANBgkq
hkiG9w0BAQsFAAOCAQEAQx7P4O8fUZ7sLFXYEFHM44RRPpZAJLc9k7Q4vc5L0qjM
oH+9cyYrDZ+jP6KmNYXBisGHSsICYAtPPz6wXyNsBC6GhtyUYTvnIqrJpUkjR02f
i4Ve4qVXvKHlxgnIIbZT2dPQptlJ6+ZHvpYZz0QsxA3SdyYr/qxWIvy0+0wQX5YQ
IDerzP1b/15K5TguY9F4s8uPCwMVu9xhcto48I9BdhAYqN7J/YdjvPdPgr3DTC85
LWqKCT8Wos7vHkfKZ5PzJmqQy7BuGwiKL/vAMFuAq+NA64Y/r/XUrP2x6oJ8wZyr
KL5/AEh7ytGmNlFcLNUegGPGu0XER1xBLyTCdMlQhA==
-----END CERTIFICATE-----
Generated at Wed Jun 18 15:21:44 2025 by rpki-client