Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/nfvH7lroIMUseUNSF6wuAIyXuCE.roa
File: nfvH7lroIMUseUNSF6wuAIyXuCE.roa (raw, json)
Hash identifier: 7Xb2qWj7WCILwJdrSn5bsOEwnSKzS/IGGJCd9paaU+k=
Subject key identifier: 9D:FB:C7:EE:5A:E8:20:C5:2C:79:43:52:17:AC:2E:00:8C:97:B8:21
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 0195EB96372025CB30EA5B8C24AD9086AC97
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/nfvH7lroIMUseUNSF6wuAIyXuCE.roa
Signing time: Mon 31 Mar 2025 09:44:05 +0000
ROA not before: Mon 31 Mar 2025 09:44:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15683
IP address blocks: 78.27.128.0/18 maxlen: 24
91.196.192.0/22 maxlen: 24
91.203.48.0/22 maxlen: 24
94.45.32.0/21 maxlen: 24
94.45.32.0/22 maxlen: 24
94.45.40.0/21 maxlen: 24
94.45.48.0/21 maxlen: 24
94.45.56.0/22 maxlen: 24
193.222.140.0/24 maxlen: 24
193.243.152.0/23 maxlen: 24
2a01:6d80:2000::/36 maxlen: 48
Validation: Failed, certificate revoked on Mon 31 Mar 2025 10:44:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:96:37:20:25:cb:30:ea:5b:8c:24:ad:90:86:ac:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Mar 31 09:44:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dfbc7ee5ae820c52c79435217ac2e008c97b821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c5:61:7f:9a:9a:00:5a:73:b3:00:88:1f:3d:
57:3a:e7:8a:d3:62:73:8d:d0:da:92:12:f9:29:b5:
55:f1:74:52:8c:5c:4c:68:df:a4:47:29:12:5a:3c:
24:b6:ab:88:67:aa:ce:ef:1a:2e:9a:1f:ec:6e:ae:
73:ce:c6:48:69:6a:28:d9:8d:d2:9b:59:cc:40:d8:
b8:d2:7b:f0:a0:1a:78:4b:75:c9:93:47:cb:4a:12:
f4:50:42:33:22:4d:54:8f:83:d1:60:ac:8f:84:10:
54:9f:84:8e:d8:fb:5a:0e:e9:8e:39:3f:28:ff:a5:
6c:be:bc:5f:b0:97:9d:23:47:18:d2:ae:03:eb:9f:
9d:c8:3b:c5:d9:fc:d4:3c:b5:bb:cd:b1:81:3c:59:
fd:78:7a:ec:b6:8a:c1:e9:ed:fe:83:ed:8d:e2:ad:
b7:23:69:ad:90:7d:68:8e:41:46:f6:30:94:b9:ea:
1d:9e:89:ec:00:1e:0e:e1:c9:d1:fa:40:5a:58:f3:
38:ad:fe:70:a7:81:be:99:d4:08:37:ca:70:4e:f3:
57:8d:f4:de:a6:f6:c3:8a:6a:60:22:3d:a4:a5:60:
7a:72:7b:02:ac:14:44:99:2c:32:da:23:b3:9b:7c:
b4:b0:d5:d8:6b:17:52:73:48:17:34:f6:aa:31:80:
93:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FB:C7:EE:5A:E8:20:C5:2C:79:43:52:17:AC:2E:00:8C:97:B8:21
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/nfvH7lroIMUseUNSF6wuAIyXuCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.27.128.0/18
91.196.192.0/22
91.203.48.0/22
94.45.32.0-94.45.59.255
193.222.140.0/24
193.243.152.0/23
IPv6:
2a01:6d80:2000::/36
Signature Algorithm: sha256WithRSAEncryption
78:fa:a3:0b:95:04:a5:d4:41:58:0e:92:e8:db:32:8e:7a:db:
e4:87:0f:f6:06:46:9a:df:b9:da:14:15:69:8e:00:5e:0d:24:
c1:5d:7e:c1:f8:b9:7c:cb:95:a0:97:de:88:1c:1d:b7:0a:61:
95:54:81:cd:a4:00:77:c6:ee:1a:0c:97:2c:8e:0d:b9:37:55:
ae:71:b2:fa:9f:9e:fe:a9:84:9a:cd:f3:63:80:8c:8a:eb:6b:
2d:3d:1d:b6:eb:8d:78:9f:36:94:07:b7:5b:d6:9f:e8:f6:13:
e9:dd:72:52:23:21:77:ae:c5:7b:e6:52:b2:24:57:ac:51:f4:
e3:37:ca:97:cf:2c:1f:d0:ee:c7:f5:57:ca:9b:3b:0c:c4:7b:
e4:de:5a:2e:8b:28:36:5c:4d:14:8a:64:05:c8:48:22:5c:63:
ec:75:7f:60:fc:2c:54:cd:37:46:cd:90:b9:d4:64:90:80:dc:
15:37:56:52:5e:b6:4d:2b:e6:41:21:51:53:63:7e:e4:f9:00:
31:dd:89:d4:90:d5:be:95:6f:ef:74:23:6e:9f:2b:a2:c8:39:
f1:c9:8b:5a:cb:cd:f0:0f:5d:80:51:8f:b4:a2:8f:5c:fe:67:
19:76:88:80:c6:a8:26:5c:e9:45:a6:05:de:ab:a8:1a:1f:aa:
97:8f:39:da
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZXrljcgJcsw6luMJK2QhqyXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwMzMxMDk0NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGZiYzdlZTVhZTgyMGM1MmM3OTQzNTIxN2FjMmUwMDhjOTdiODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMVhf5qaAFpzswCIHz1XOueK02Jz
jdDakhL5KbVV8XRSjFxMaN+kRykSWjwktquIZ6rO7xoumh/sbq5zzsZIaWoo2Y3S
m1nMQNi40nvwoBp4S3XJk0fLShL0UEIzIk1Uj4PRYKyPhBBUn4SO2PtaDumOOT8o
/6VsvrxfsJedI0cY0q4D65+dyDvF2fzUPLW7zbGBPFn9eHrstorB6e3+g+2N4q23
I2mtkH1ojkFG9jCUueodnonsAB4O4cnR+kBaWPM4rf5wp4G+mdQIN8pwTvNXjfTe
pvbDimpgIj2kpWB6cnsCrBREmSwy2iOzm3y0sNXYaxdSc0gXNPaqMYCT9wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJ37x+5a6CDFLHlDUhesLgCMl7ghMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvbmZ2SDdscm9JTVVzZVVOU0Y2d3VBSXlYdUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAyBAIAATAsAwQGThuAAwQC
W8TAAwQCW8swMAwDBAVeLSADBAJeLTgDBADB3owDBAHB85gwDgQCAAIwCAMGBCoB
bYAgMA0GCSqGSIb3DQEBCwUAA4IBAQB4+qMLlQSl1EFYDpLo2zKOetvkhw/2Bkaa
37naFBVpjgBeDSTBXX7B+Ll8y5Wgl96IHB23CmGVVIHNpAB3xu4aDJcsjg25N1Wu
cbL6n57+qYSazfNjgIyK62stPR226414nzaUB7db1p/o9hPp3XJSIyF3rsV75lKy
JFesUfTjN8qXzywf0O7H9VfKmzsMxHvk3louiyg2XE0UimQFyEgiXGPsdX9g/CxU
zTdGzZC51GSQgNwVN1ZSXrZNK+ZBIVFTY37k+QAx3YnUkNW+lW/vdCNunyuiyDnx
yYtay83wD12AUY+0oo9c/mcZdoiAxqgmXOlFpgXeq6gaH6qXjzna
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:26:16 2025 by rpki-client