Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/egSxbcMS8N4JhKVSf9eEDe2tVLc.roa
File: egSxbcMS8N4JhKVSf9eEDe2tVLc.roa (raw, json)
Hash identifier: sdw9vJnfo9Hidgus6BKfASvqTTv8RZZce+6xbdlIsgU=
Subject key identifier: 7A:04:B1:6D:C3:12:F0:DE:09:84:A5:52:7F:D7:84:0D:ED:AD:54:B7
Certificate issuer: /CN=3a839936aeeff288678e772633020fa259bd9cf2
Certificate serial: 0196FC68E6290F54B68786D37A43DD4AF935
Authority key identifier: 3A:83:99:36:AE:EF:F2:88:67:8E:77:26:33:02:0F:A2:59:BD:9C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OoOZNq7v8ohnjncmMwIPolm9nPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/egSxbcMS8N4JhKVSf9eEDe2tVLc.roa
Signing time: Fri 23 May 2025 09:10:55 +0000
ROA not before: Fri 23 May 2025 09:10:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214917
IP address blocks: 188.95.68.0/24 maxlen: 24
2a12:ff00::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 30 May 2025 01:17:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:68:e6:29:0f:54:b6:87:86:d3:7a:43:dd:4a:f9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a839936aeeff288678e772633020fa259bd9cf2
Validity
Not Before: May 23 09:10:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a04b16dc312f0de0984a5527fd7840dedad54b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:97:e3:e8:81:73:7c:fb:55:5e:13:ad:66:8d:
6f:a6:5b:21:f0:2a:a4:7a:6b:41:a2:e1:2a:be:73:
1f:b9:5d:cd:08:73:1c:96:30:1a:bf:ec:9f:39:51:
7a:6d:ee:79:57:d9:51:a3:77:39:8c:a1:f2:5a:2e:
4f:67:45:fb:4a:02:54:86:fb:34:9f:4b:8a:b1:42:
48:45:63:1d:e4:65:80:98:fe:aa:59:88:f7:61:0d:
1a:a6:b4:67:75:0f:a7:1e:72:be:0c:db:a0:e6:1a:
1f:06:56:a8:7b:1d:2c:55:c3:62:d3:eb:ed:3e:2a:
75:ee:5f:3f:45:47:3e:1b:a8:45:3a:35:89:f6:0a:
fb:eb:b7:c6:9f:77:d9:5d:cf:49:f5:f1:d1:c4:14:
b4:7f:58:0f:61:cf:53:d1:c1:d8:0c:72:05:f4:dd:
61:e4:aa:ed:04:98:de:45:4c:53:89:d0:de:e5:fd:
44:3f:0c:99:2c:66:bc:f7:16:ce:93:74:8a:d2:9a:
c4:f0:5b:dd:fe:5f:68:e6:6d:b3:eb:fd:12:32:6b:
8b:75:c1:25:69:c7:aa:37:4d:f2:90:3b:f5:01:d3:
cc:a6:5c:7d:67:3a:e0:0d:de:33:ec:6c:ed:09:98:
fa:e0:4d:8a:5a:50:28:76:d2:f8:51:52:ae:92:76:
48:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:04:B1:6D:C3:12:F0:DE:09:84:A5:52:7F:D7:84:0D:ED:AD:54:B7
X509v3 Authority Key Identifier:
keyid:3A:83:99:36:AE:EF:F2:88:67:8E:77:26:33:02:0F:A2:59:BD:9C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoOZNq7v8ohnjncmMwIPolm9nPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/egSxbcMS8N4JhKVSf9eEDe2tVLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/OoOZNq7v8ohnjncmMwIPolm9nPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.68.0/24
IPv6:
2a12:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
45:d8:4d:11:18:f3:56:f6:e6:38:de:d4:ea:c3:9e:a2:70:b3:
47:1e:bc:60:34:d0:41:0c:9a:7d:5b:94:fc:66:c8:11:f4:93:
a7:a6:ab:31:c9:df:66:14:55:cd:50:58:19:04:d1:c6:5d:71:
b3:ea:ec:5d:a9:9d:78:5b:2b:3e:b8:81:dc:66:f7:26:3f:c3:
aa:3f:d1:5d:5a:95:d0:81:36:75:f2:bf:6f:b6:75:c1:f0:98:
d5:97:58:3a:3c:e7:c1:9e:4e:1b:a5:6c:76:e7:19:9f:6c:28:
bb:26:9d:52:8f:72:6d:06:e0:7d:c9:5f:14:7d:42:70:9c:6c:
c5:41:a8:56:d5:54:2c:40:2c:f5:41:d0:42:90:c6:d5:1d:12:
44:c4:4d:38:5a:c3:1e:7f:e7:3a:8f:b2:de:42:9f:4d:22:36:
50:96:4e:6e:ef:14:aa:c8:0a:4d:43:4c:00:46:b5:e0:66:fc:
a3:a0:03:d0:e2:53:f2:2f:14:7a:39:4f:56:48:89:bd:51:bd:
12:98:e3:83:51:75:e1:05:06:c7:ac:ca:c3:4f:cc:5f:67:1e:
b6:d9:eb:96:01:79:3b:46:ec:79:96:59:27:16:e6:3f:c4:fa:
2f:29:ab:e6:66:f1:b4:9c:1e:b5:0d:a5:b0:24:62:5a:db:4a:
4c:f5:49:5f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZb8aOYpD1S2h4bTekPdSvk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODM5OTM2YWVlZmYyODg2NzhlNzcyNjMzMDIwZmEyNTli
ZDljZjIwHhcNMjUwNTIzMDkxMDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTA0YjE2ZGMzMTJmMGRlMDk4NGE1NTI3ZmQ3ODQwZGVkYWQ1NGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZfj6IFzfPtVXhOtZo1vplsh8Cqk
emtBouEqvnMfuV3NCHMcljAav+yfOVF6be55V9lRo3c5jKHyWi5PZ0X7SgJUhvs0
n0uKsUJIRWMd5GWAmP6qWYj3YQ0aprRndQ+nHnK+DNug5hofBlaoex0sVcNi0+vt
Pip17l8/RUc+G6hFOjWJ9gr767fGn3fZXc9J9fHRxBS0f1gPYc9T0cHYDHIF9N1h
5KrtBJjeRUxTidDe5f1EPwyZLGa89xbOk3SK0prE8Fvd/l9o5m2z6/0SMmuLdcEl
aceqN03ykDv1AdPMplx9ZzrgDd4z7GztCZj64E2KWlAodtL4UVKuknZI3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHoEsW3DEvDeCYSlUn/XhA3trVS3MB8GA1UdIwQY
MBaAFDqDmTau7/KIZ453JjMCD6JZvZzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29PWk5xN3Y4b2huam5jbU13SVBvbG05blBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81YzY3NDUtNzY4ZS00ZDYxLWI2MDQt
ODM1ZjRlMzcyODNjLzEvZWdTeGJjTVM4TjRKaEtWU2Y5ZUVEZTJ0VkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81YzY3NDUtNzY4ZS00ZDYxLWI2MDQtODM1ZjRlMzcyODNj
LzEvT29PWk5xN3Y4b2huam5jbU13SVBvbG05blBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAvF9EMA0E
AgACMAcDBQMqEv8AMA0GCSqGSIb3DQEBCwUAA4IBAQBF2E0RGPNW9uY43tTqw56i
cLNHHrxgNNBBDJp9W5T8ZsgR9JOnpqsxyd9mFFXNUFgZBNHGXXGz6uxdqZ14Wys+
uIHcZvcmP8OqP9FdWpXQgTZ18r9vtnXB8JjVl1g6POfBnk4bpWx25xmfbCi7Jp1S
j3JtBuB9yV8UfUJwnGzFQahW1VQsQCz1QdBCkMbVHRJExE04WsMef+c6j7LeQp9N
IjZQlk5u7xSqyApNQ0wARrXgZvyjoAPQ4lPyLxR6OU9WSIm9Ub0SmOODUXXhBQbH
rMrDT8xfZx622euWAXk7Rux5llknFuY/xPovKavmZvG0nB61DaWwJGJa20pM9Ulf
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:04:25 2025 by rpki-client