Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3O1slw4S8s760rqqgpcvlkpvrHw.roa
File: 3O1slw4S8s760rqqgpcvlkpvrHw.roa (raw, json)
Hash identifier: nkuwFE+vBOmIobuEEsMSpaa/2L/t7c3sQBzGCcI2zNo=
Subject key identifier: DC:ED:6C:97:0E:12:F2:CE:FA:D2:BA:AA:82:97:2F:96:4A:6F:AC:7C
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01963F5B9D48C6C52D45461A9AA522BFD948
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3O1slw4S8s760rqqgpcvlkpvrHw.roa
Signing time: Wed 16 Apr 2025 16:08:10 +0000
ROA not before: Wed 16 Apr 2025 16:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 194.238.44.0/22 maxlen: 24
194.238.72.0/22 maxlen: 24
194.238.80.0/22 maxlen: 24
194.238.84.0/22 maxlen: 24
194.238.88.0/22 maxlen: 24
213.18.192.0/22 maxlen: 24
213.18.216.0/22 maxlen: 24
217.179.80.0/22 maxlen: 24
217.181.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:5b:9d:48:c6:c5:2d:45:46:1a:9a:a5:22:bf:d9:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 16 16:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dced6c970e12f2cefad2baaa82972f964a6fac7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:76:a1:6d:d9:8b:24:a6:d2:fc:ce:a7:88:14:
43:9c:4a:90:21:db:b2:df:0c:02:ca:d4:f7:66:3a:
42:4d:b1:9a:eb:2b:a4:69:3a:ec:f0:d4:41:b7:da:
56:54:40:19:4a:3b:a2:71:29:14:7e:fb:6d:30:5b:
6a:fd:83:ab:62:59:5e:86:c9:67:d5:20:c3:62:2b:
00:dd:8b:51:96:6d:56:de:5e:26:91:cf:eb:11:7f:
eb:3b:ca:6f:91:5b:0d:dc:f0:35:10:45:7f:f7:28:
d6:96:e6:2d:f4:b5:0e:12:4d:0e:13:7f:37:85:84:
c5:e9:3c:69:e8:b6:d8:00:79:22:da:07:e9:2e:64:
5f:ab:1f:cf:99:05:ac:f0:3b:7d:8f:1e:d5:f3:ea:
9c:1f:16:14:70:65:1b:4b:c6:85:ee:57:14:aa:60:
19:c8:3e:7f:1b:94:2d:ae:47:c7:51:80:23:4f:81:
98:e4:6c:e6:b2:6b:e2:5d:88:3f:78:07:aa:ab:5d:
2a:9b:30:e7:4c:3a:33:32:30:19:78:5c:7f:51:14:
a7:c5:87:93:4a:be:a0:c2:78:51:26:b8:bb:a9:23:
2e:ac:ee:95:24:6d:e1:da:3c:83:95:96:92:18:14:
ab:00:44:74:18:20:02:54:51:53:89:be:e3:2d:c9:
28:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:ED:6C:97:0E:12:F2:CE:FA:D2:BA:AA:82:97:2F:96:4A:6F:AC:7C
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3O1slw4S8s760rqqgpcvlkpvrHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.44.0/22
194.238.72.0/22
194.238.80.0-194.238.91.255
213.18.192.0/22
213.18.216.0/22
217.179.80.0/22
217.181.88.0/22
Signature Algorithm: sha256WithRSAEncryption
60:cb:91:81:f2:d7:cb:97:ce:38:ee:f9:dd:3c:c0:50:17:e0:
92:5c:be:84:cd:b3:81:d0:56:35:0d:e8:44:08:93:51:e0:9f:
42:8b:a0:f7:11:ef:de:99:15:84:46:3b:bb:63:33:eb:e7:6a:
8b:24:54:66:28:c1:a6:50:3a:78:94:74:4e:56:ab:b5:67:7a:
3e:9e:f7:8d:02:91:91:d5:43:87:2b:80:9b:62:bd:21:50:39:
4a:80:6b:a0:83:83:19:f9:e9:4a:de:01:42:b6:f0:08:59:a8:
ac:f8:f6:5a:8d:2e:0e:43:0f:7c:79:64:2d:03:b7:0f:1e:5a:
7d:80:1e:b7:b5:14:72:d9:b1:a4:ba:c1:a4:d9:07:9a:4b:7f:
68:36:01:9a:63:15:31:85:10:81:42:6b:6d:e8:66:57:26:32:
14:f0:8f:7b:9f:c2:18:c2:2a:c4:7e:d0:57:2b:8a:a5:de:03:
98:0d:ce:e6:51:80:ea:70:4b:31:29:06:77:b1:f8:bb:95:e1:
17:50:84:b6:60:93:f9:c6:23:33:10:33:0d:e5:3b:79:19:b3:
d4:aa:d9:bc:f3:22:94:b1:19:e7:94:4e:73:65:0e:10:17:f7:
95:e6:fa:b0:09:43:97:0c:10:a2:8e:19:fb:48:69:d1:51:35:
3d:0e:c0:b4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZY/W51IxsUtRUYamqUiv9lIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDE2MTYwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2VkNmM5NzBlMTJmMmNlZmFkMmJhYWE4Mjk3MmY5NjRhNmZhYzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXahbdmLJKbS/M6niBRDnEqQIduy
3wwCytT3ZjpCTbGa6yukaTrs8NRBt9pWVEAZSjuicSkUfvttMFtq/YOrYllehsln
1SDDYisA3YtRlm1W3l4mkc/rEX/rO8pvkVsN3PA1EEV/9yjWluYt9LUOEk0OE383
hYTF6Txp6LbYAHki2gfpLmRfqx/PmQWs8Dt9jx7V8+qcHxYUcGUbS8aF7lcUqmAZ
yD5/G5QtrkfHUYAjT4GY5GzmsmviXYg/eAeqq10qmzDnTDozMjAZeFx/URSnxYeT
Sr6gwnhRJri7qSMurO6VJG3h2jyDlZaSGBSrAER0GCACVFFTib7jLckozwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNztbJcOEvLO+tK6qoKXL5ZKb6x8MB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvM08xc2x3NFM4czc2MHJxcWdwY3Zsa3B2ckh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCwu4sAwQC
wu5IMAwDBATC7lADBALC7lgDBALVEsADBALVEtgDBALZs1ADBALZtVgwDQYJKoZI
hvcNAQELBQADggEBAGDLkYHy18uXzjju+d08wFAX4JJcvoTNs4HQVjUN6EQIk1Hg
n0KLoPcR796ZFYRGO7tjM+vnaoskVGYowaZQOniUdE5Wq7Vnej6e940CkZHVQ4cr
gJtivSFQOUqAa6CDgxn56UreAUK28AhZqKz49lqNLg5DD3x5ZC0Dtw8eWn2AHre1
FHLZsaS6waTZB5pLf2g2AZpjFTGFEIFCa23oZlcmMhTwj3ufwhjCKsR+0FcriqXe
A5gNzuZRgOpwSzEpBnex+LuV4RdQhLZgk/nGIzMQMw3lO3kZs9Sq2bzzIpSxGeeU
TnNlDhAX95Xm+rAJQ5cMEKKOGftIadFRNT0OwLQ=
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:37:44 2025 by rpki-client