Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/XpnHifTD8tZkiiLNtKNcouzj_q8.roa
File: XpnHifTD8tZkiiLNtKNcouzj_q8.roa (raw, json)
Hash identifier: dfrWKnF8ZWfYIDslMiPEBOGNyMwphNxvuYUIKjNNzR8=
Subject key identifier: 5E:99:C7:89:F4:C3:F2:D6:64:8A:22:CD:B4:A3:5C:A2:EC:E3:FE:AF
Certificate issuer: /CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Certificate serial: 0196FCDF00451CF63C151DAD4B10B3FB8E7A
Authority key identifier: A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/XpnHifTD8tZkiiLNtKNcouzj_q8.roa
Signing time: Fri 23 May 2025 11:19:54 +0000
ROA not before: Fri 23 May 2025 11:19:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202678
IP address blocks: 46.31.78.0/24 maxlen: 24
46.31.79.0/24 maxlen: 24
185.17.113.0/24 maxlen: 24
185.17.114.0/24 maxlen: 24
185.17.115.0/24 maxlen: 24
185.73.200.0/24 maxlen: 24
185.73.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 11:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:df:00:45:1c:f6:3c:15:1d:ad:4b:10:b3:fb:8e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76dd9dad75877f7d28d14e08dc55b1330bd13b7
Validity
Not Before: May 23 11:19:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e99c789f4c3f2d6648a22cdb4a35ca2ece3feaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:55:95:38:64:81:63:ec:61:48:8d:f7:ef:5b:
b2:cb:6a:5b:40:e7:c3:48:1a:cb:b1:9f:83:7b:29:
5c:12:88:34:81:01:d1:bf:61:74:d0:17:2a:22:b7:
aa:a0:3f:a3:25:37:53:1d:e4:8a:69:e3:65:4b:b7:
7d:5c:68:f6:b4:fe:0c:18:8d:c2:f0:88:6d:4d:5e:
5d:7a:a5:a0:41:22:3b:e5:77:db:c8:f6:f3:67:63:
2a:23:5f:9b:31:0d:4d:48:00:ac:f7:b2:b1:26:41:
a5:64:85:7d:20:47:2b:aa:82:6e:c6:74:25:31:5c:
c5:7e:39:6f:45:86:61:13:9d:41:b3:6a:0f:45:46:
ad:5d:87:e1:55:20:b8:00:1f:5a:2d:0d:ef:b4:f2:
be:d6:d7:15:7d:e6:e0:70:dd:8f:a1:d0:5b:07:04:
04:90:2c:76:18:ff:d3:eb:7b:bb:c1:d3:86:37:35:
fb:81:25:d3:59:d7:6d:32:42:e7:94:0c:3f:8e:e1:
44:6d:fa:46:17:0f:f4:91:3c:66:3d:3b:c8:ac:19:
7c:42:de:38:b0:f4:0a:0b:8f:6b:e7:5d:a1:a5:16:
cb:0a:e6:2f:f3:41:10:29:b3:9c:f9:f0:1f:55:3a:
a8:da:bc:97:c4:15:4a:a7:d1:3e:28:4c:2d:6f:8a:
a9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:99:C7:89:F4:C3:F2:D6:64:8A:22:CD:B4:A3:5C:A2:EC:E3:FE:AF
X509v3 Authority Key Identifier:
keyid:A7:6D:D9:DA:D7:58:77:F7:D2:8D:14:E0:8D:C5:5B:13:30:BD:13:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p23Z2tdYd_fSjRTgjcVbEzC9E7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/XpnHifTD8tZkiiLNtKNcouzj_q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d00889-e5ca-4090-a6a4-2ac6ff75beb0/1/p23Z2tdYd_fSjRTgjcVbEzC9E7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.78.0/23
185.17.113.0-185.17.115.255
185.73.200.0/24
185.73.203.0/24
Signature Algorithm: sha256WithRSAEncryption
14:a3:79:e6:15:a3:c1:b8:f1:fe:dc:88:c6:44:33:68:ae:91:
94:de:8a:e9:ec:fe:db:b5:64:e4:93:17:ea:03:fc:1a:42:ef:
47:98:a8:e4:5f:83:1d:6b:3e:d3:0b:20:e1:03:2e:9b:03:71:
0e:2d:05:d4:0b:33:c9:c3:fd:e0:f4:51:68:72:56:df:8d:a5:
45:46:f3:06:6a:f8:8b:02:b8:2c:e9:45:fc:42:0e:ca:ae:22:
aa:25:bd:26:de:54:06:28:76:1b:10:35:ac:61:0c:98:d2:4d:
bd:4b:bc:dd:46:a1:e8:09:52:42:6a:52:01:56:44:fa:40:ec:
0a:f8:3a:ca:05:ea:0f:c0:28:49:ca:d0:97:0a:ba:4e:3d:b0:
cb:1a:2b:90:4d:31:c0:fe:3e:a2:91:59:28:c1:1a:ca:4c:26:
71:36:f5:5c:b6:0d:d9:ae:1c:48:50:8a:c0:66:82:3f:36:f3:
0a:49:5b:da:71:df:0f:c2:96:ec:7b:ab:f2:ac:1b:71:37:aa:
13:a5:97:ca:3e:7c:44:ce:9f:d0:92:12:95:bd:02:76:2d:e8:
fc:95:70:b7:d5:9d:9a:6e:13:db:e7:2c:f5:35:77:18:9d:64:
ad:8c:63:20:54:3a:77:8e:37:00:15:20:e8:e5:aa:d8:97:e3:
f4:3b:a2:82
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZb83wBFHPY8FR2tSxCz+456MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmRkOWRhZDc1ODc3ZjdkMjhkMTRlMDhkYzU1YjEzMzBi
ZDEzYjcwHhcNMjUwNTIzMTExOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTk5Yzc4OWY0YzNmMmQ2NjQ4YTIyY2RiNGEzNWNhMmVjZTNmZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlWVOGSBY+xhSI3371uyy2pbQOfD
SBrLsZ+DeylcEog0gQHRv2F00BcqIreqoD+jJTdTHeSKaeNlS7d9XGj2tP4MGI3C
8IhtTV5deqWgQSI75XfbyPbzZ2MqI1+bMQ1NSACs97KxJkGlZIV9IEcrqoJuxnQl
MVzFfjlvRYZhE51Bs2oPRUatXYfhVSC4AB9aLQ3vtPK+1tcVfebgcN2PodBbBwQE
kCx2GP/T63u7wdOGNzX7gSXTWddtMkLnlAw/juFEbfpGFw/0kTxmPTvIrBl8Qt44
sPQKC49r512hpRbLCuYv80EQKbOc+fAfVTqo2ryXxBVKp9E+KEwtb4qpmQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF6Zx4n0w/LWZIoizbSjXKLs4/6vMB8GA1UdIwQY
MBaAFKdt2drXWHf30o0U4I3FWxMwvRO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQt
MmFjNmZmNzViZWIwLzEvWHBuSGlmVEQ4dFpraWlMTnRLTmNvdXpqX3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMDA4ODktZTVjYS00MDkwLWE2YTQtMmFjNmZmNzViZWIw
LzEvcDIzWjJ0ZFlkX2ZTalJUZ2pjVmJFekM5RTdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLh9OMAwD
BAC5EXEDBAK5EXADBAC5ScgDBAC5ScswDQYJKoZIhvcNAQELBQADggEBABSjeeYV
o8G48f7ciMZEM2iukZTeiuns/tu1ZOSTF+oD/BpC70eYqORfgx1rPtMLIOEDLpsD
cQ4tBdQLM8nD/eD0UWhyVt+NpUVG8wZq+IsCuCzpRfxCDsquIqolvSbeVAYodhsQ
NaxhDJjSTb1LvN1GoegJUkJqUgFWRPpA7Ar4OsoF6g/AKEnK0JcKuk49sMsaK5BN
McD+PqKRWSjBGspMJnE29Vy2DdmuHEhQisBmgj828wpJW9px3w/Clux7q/KsG3E3
qhOll8o+fETOn9CSEpW9AnYt6PyVcLfVnZpuE9vnLPU1dxidZK2MYyBUOneONwAV
IOjlqtiX4/Q7ooI=
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:35:33 2025 by rpki-client