Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3iECCS7xG7D4H5zE_uB9nKhlWFE.roa
File: 3iECCS7xG7D4H5zE_uB9nKhlWFE.roa (raw, json)
Hash identifier: 6535Z6KqavkgWObPdKNIf7QpcZKL0MGe+WwqoC5mbnM=
Subject key identifier: DE:21:02:09:2E:F1:1B:B0:F8:1F:9C:C4:FE:E0:7D:9C:A8:65:58:51
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01966383971DCD6878B31F12A5F2B0D1C937
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3iECCS7xG7D4H5zE_uB9nKhlWFE.roa
Signing time: Wed 23 Apr 2025 16:38:10 +0000
ROA not before: Wed 23 Apr 2025 16:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.171.240.0/22 maxlen: 24
194.238.78.0/24 maxlen: 24
194.238.79.0/24 maxlen: 24
213.18.220.0/22 maxlen: 24
213.18.224.0/20 maxlen: 24
213.18.245.0/24 maxlen: 24
217.177.0.0/21 maxlen: 24
217.177.32.0/24 maxlen: 24
217.179.56.0/22 maxlen: 24
217.179.72.0/22 maxlen: 24
217.179.220.0/22 maxlen: 24
217.180.12.0/24 maxlen: 24
217.180.13.0/24 maxlen: 24
217.180.14.0/24 maxlen: 24
217.180.20.0/24 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.38.0/24 maxlen: 24
217.180.45.0/24 maxlen: 24
217.180.46.0/24 maxlen: 24
217.180.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Apr 2025 07:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:63:83:97:1d:cd:68:78:b3:1f:12:a5:f2:b0:d1:c9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 23 16:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de2102092ef11bb0f81f9cc4fee07d9ca8655851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b8:54:7e:49:04:60:5b:ce:16:2a:c1:a4:dd:
62:3c:f7:94:17:a2:e8:3c:d7:48:55:df:1f:1e:2c:
32:cd:d8:04:83:fa:75:50:98:0e:c0:9e:0f:d9:20:
01:dc:d5:a5:e3:20:12:45:30:ea:10:0b:13:59:2e:
c6:65:99:13:57:1f:cc:7f:23:21:e8:aa:78:ec:05:
d4:8a:7a:5c:9a:ae:86:ff:99:0d:45:a2:b0:c2:9b:
11:07:9e:2c:89:51:fb:01:12:36:21:9f:3f:fe:c5:
1f:b9:47:e3:17:0e:fb:a0:82:a9:55:62:ee:93:ef:
82:49:ca:31:7b:a1:77:ec:62:ef:ce:e8:eb:66:c5:
0a:24:b0:87:6a:a2:ba:b7:6a:f4:a2:36:31:ba:8d:
11:ac:6a:34:93:34:da:00:7d:bd:4e:37:78:e7:99:
59:66:e1:98:43:93:db:5c:c1:3e:23:88:a3:d8:68:
c7:e6:cc:42:76:d3:b4:3c:f6:e8:5e:d7:47:b7:a4:
53:c3:9b:8e:78:af:42:26:2b:81:e0:4a:c1:8d:74:
d9:b5:98:0a:cb:92:9d:4f:93:1a:67:f3:26:91:db:
0c:50:1e:74:1d:22:9a:e8:09:67:95:6d:75:fd:83:
1d:3f:82:2a:94:9b:76:67:a2:86:20:31:35:b4:cb:
fb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:21:02:09:2E:F1:1B:B0:F8:1F:9C:C4:FE:E0:7D:9C:A8:65:58:51
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/3iECCS7xG7D4H5zE_uB9nKhlWFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.240.0/22
194.238.78.0/23
213.18.220.0-213.18.239.255
213.18.245.0/24
217.177.0.0/21
217.177.32.0/24
217.179.56.0/22
217.179.72.0/22
217.179.220.0/22
217.180.12.0-217.180.14.255
217.180.20.0/24
217.180.22.0/23
217.180.38.0/24
217.180.45.0-217.180.46.255
217.180.59.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:c1:25:5c:e6:18:94:c7:5c:50:12:1e:11:02:19:e8:2d:17:
b6:66:4a:69:5b:5b:dd:16:cb:a5:96:40:37:c1:a2:05:9e:fe:
2d:4c:40:b8:24:d3:b5:0f:3b:3b:44:bb:eb:c1:72:ae:8a:65:
eb:04:a2:f9:db:c1:94:7d:09:15:87:92:c0:65:b8:26:c6:ef:
10:cd:42:33:4c:83:a1:cf:0b:d3:b6:82:3b:c7:0f:d5:b9:04:
56:c6:87:ed:c7:31:f0:e0:47:d3:3b:9b:17:5a:72:73:6a:07:
88:cb:8e:c5:a1:80:5a:68:98:4e:57:57:bc:42:49:da:aa:3d:
9e:b8:1b:10:7d:d5:11:ac:07:6b:15:e5:22:33:63:d6:27:45:
76:47:c7:a5:b7:ff:58:43:59:30:96:f7:50:fd:e2:6d:43:3d:
77:96:c0:d7:c6:52:b5:d7:c9:4c:c1:ea:cb:59:50:77:58:30:
86:ae:5c:c0:8b:41:81:70:dc:f1:9d:52:13:f4:bd:59:b1:ce:
c7:9f:a1:89:4c:d4:d9:5e:c9:09:95:a9:c6:94:c6:ff:54:fa:
9c:57:77:ed:e8:29:0d:f0:1e:29:24:95:c0:2c:28:c8:03:b2:
b3:eb:61:53:cb:74:e0:27:9d:71:3a:55:0e:c7:b9:79:79:33:
ca:d5:2a:3e
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZZjg5cdzWh4sx8SpfKw0ck3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDIzMTYzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTIxMDIwOTJlZjExYmIwZjgxZjljYzRmZWUwN2Q5Y2E4NjU1ODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7hUfkkEYFvOFirBpN1iPPeUF6Lo
PNdIVd8fHiwyzdgEg/p1UJgOwJ4P2SAB3NWl4yASRTDqEAsTWS7GZZkTVx/MfyMh
6Kp47AXUinpcmq6G/5kNRaKwwpsRB54siVH7ARI2IZ8//sUfuUfjFw77oIKpVWLu
k++CScoxe6F37GLvzujrZsUKJLCHaqK6t2r0ojYxuo0RrGo0kzTaAH29Tjd455lZ
ZuGYQ5PbXME+I4ij2GjH5sxCdtO0PPboXtdHt6RTw5uOeK9CJiuB4ErBjXTZtZgK
y5KdT5MaZ/MmkdsMUB50HSKa6AlnlW11/YMdP4IqlJt2Z6KGIDE1tMv7gwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFN4hAgku8Ruw+B+cxP7gfZyoZVhRMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvM2lFQ0NTN3hHN0Q0SDV6RV91QjluS2hsV0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAj6r8AME
AcLuTjAMAwQC1RLcAwQE1RLgAwQA1RL1AwQD2bEAAwQA2bEgAwQC2bM4AwQC2bNI
AwQC2bPcMAwDBALZtAwDBADZtA4DBADZtBQDBAHZtBYDBADZtCYwDAMEANm0LQME
ANm0LgMEANm0OzANBgkqhkiG9w0BAQsFAAOCAQEATsElXOYYlMdcUBIeEQIZ6C0X
tmZKaVtb3RbLpZZAN8GiBZ7+LUxAuCTTtQ87O0S768Fyropl6wSi+dvBlH0JFYeS
wGW4JsbvEM1CM0yDoc8L07aCO8cP1bkEVsaH7ccx8OBH0zubF1pyc2oHiMuOxaGA
WmiYTldXvEJJ2qo9nrgbEH3VEawHaxXlIjNj1idFdkfHpbf/WENZMJb3UP3ibUM9
d5bA18ZStdfJTMHqy1lQd1gwhq5cwItBgXDc8Z1SE/S9WbHOx5+hiUzU2V7JCZWp
xpTG/1T6nFd37egpDfAeKSSVwCwoyAOys+thU8t04CedcTpVDse5eXkzytUqPg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:47:00 2025 by rpki-client