Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-5bM3Fin2G-lONEZr9ecypgsESA.roa
File: 1-5bM3Fin2G-lONEZr9ecypgsESA.roa (raw, json)
Hash identifier: KUtVtK86x5EdLrjQhTEko3hR+Rd5K8R2BW1GV44YKDY=
Subject key identifier: FB:96:CC:DC:58:A7:D8:6F:A5:38:D1:19:AF:D7:9C:CA:98:2C:11:20
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0195EB715CDDACC19A605FCEF5224D3AC59F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-5bM3Fin2G-lONEZr9ecypgsESA.roa
Signing time: Mon 31 Mar 2025 09:03:49 +0000
ROA not before: Mon 31 Mar 2025 09:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 06 Apr 2025 17:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:71:5c:dd:ac:c1:9a:60:5f:ce:f5:22:4d:3a:c5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 31 09:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb96ccdc58a7d86fa538d119afd79cca982c1120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:3e:5a:fd:8b:8b:17:8e:23:4e:f9:1b:2d:3a:
e3:e7:d0:b8:62:99:85:a3:7c:46:e0:94:e2:ef:67:
6f:fd:df:d4:60:de:f1:1d:56:bf:c9:1c:a8:1f:0e:
4e:27:13:72:ca:70:a0:98:de:9d:f2:08:b6:b5:b6:
57:29:27:d5:d6:1e:f1:f9:a9:20:c3:fe:91:a8:64:
a9:69:f6:9f:b0:47:79:9f:52:54:ab:91:cb:cc:33:
56:75:18:d6:74:be:8f:e0:40:8e:56:4e:a6:ab:0f:
50:90:28:f9:88:c1:c0:38:02:3b:b7:88:7e:8e:50:
19:db:c3:90:c1:40:e2:75:9e:f9:fe:a0:41:16:e4:
9b:39:80:33:5f:7d:a7:9e:4a:d3:1b:71:16:b5:cb:
ed:ca:c0:94:52:84:1d:70:d2:31:d3:23:8d:20:2b:
16:08:b2:84:8c:30:5e:bb:99:3b:f5:49:f1:9c:41:
64:68:69:1d:fd:98:f5:cc:ad:73:d3:d7:b8:38:d8:
1c:a4:02:83:dd:25:4c:f0:e0:a4:da:fb:26:e8:ee:
1b:b0:d0:54:b9:48:e8:6b:96:95:3a:1a:f8:03:f0:
5f:2d:6c:5f:26:5c:31:58:92:5a:09:a3:7c:f8:3c:
a9:dc:ed:48:41:a2:d1:12:7e:1c:9d:1a:25:46:8c:
fb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:96:CC:DC:58:A7:D8:6F:A5:38:D1:19:AF:D7:9C:CA:98:2C:11:20
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-5bM3Fin2G-lONEZr9ecypgsESA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.82.0/24
185.199.54.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.220.248.0/24
185.220.250.0/23
185.222.28.0/24
185.223.78.0/24
185.223.80.0/24
185.225.0.0/23
185.225.3.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
193.8.112.0-193.8.114.255
193.58.146.0/23
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:dd:f5:af:a4:ea:b8:1f:bb:d1:f5:02:50:b2:48:d0:8c:7e:
cf:f8:52:8f:2f:55:fb:f3:49:26:69:c6:ed:cb:fe:7c:7e:e0:
e5:49:36:4c:6a:f2:8d:8b:0d:63:cd:e9:ca:36:24:52:4a:a0:
ff:a5:a1:ea:cf:6c:5e:4d:15:f8:c4:1a:9b:9b:8b:43:3f:b4:
d7:f9:c4:ff:f4:d6:fe:f4:f1:17:a4:5e:9d:eb:e0:9f:ca:1f:
06:e2:e5:53:99:f0:66:74:0e:74:fd:04:f1:92:0c:f4:9b:ce:
ae:cd:a1:72:09:44:fd:d0:4a:19:2b:f0:5f:4e:b4:9f:76:f7:
84:9f:18:b7:59:4f:9a:67:30:91:f0:58:ef:6e:b3:f2:85:14:
91:c1:a7:ed:94:ae:63:e8:f4:b3:b9:d2:43:47:18:e3:1e:8c:
70:69:45:70:b6:a8:bd:c5:04:37:ff:bb:52:a5:3d:00:48:85:
a3:5c:21:61:94:4e:41:ae:1c:df:d2:34:80:b8:fe:9b:4c:fe:
9f:b7:bc:b0:13:a7:40:81:5c:ac:78:18:a3:01:03:16:ad:a6:
da:83:d0:3c:08:cd:99:ea:67:f1:20:c5:d2:d1:28:0d:b3:8f:
81:b1:78:71:9f:e8:6b:68:1b:64:f4:68:9b:76:a2:ce:e3:3f:
f3:03:47:d2
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZXrcVzdrMGaYF/O9SJNOsWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMzMxMDkwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjk2Y2NkYzU4YTdkODZmYTUzOGQxMTlhZmQ3OWNjYTk4MmMxMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9z5a/YuLF44jTvkbLTrj59C4YpmF
o3xG4JTi72dv/d/UYN7xHVa/yRyoHw5OJxNyynCgmN6d8gi2tbZXKSfV1h7x+akg
w/6RqGSpafafsEd5n1JUq5HLzDNWdRjWdL6P4ECOVk6mqw9QkCj5iMHAOAI7t4h+
jlAZ28OQwUDidZ75/qBBFuSbOYAzX32nnkrTG3EWtcvtysCUUoQdcNIx0yONICsW
CLKEjDBeu5k79UnxnEFkaGkd/Zj1zK1z09e4ONgcpAKD3SVM8OCk2vsm6O4bsNBU
uUjoa5aVOhr4A/BfLWxfJlwxWJJaCaN8+Dyp3O1IQaLREn4cnRolRoz7lwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFPuWzNxYp9hvpTjRGa/XnMqYLBEgMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS01Yk0zRmluMkctbE9ORVpyOWVjeXBnc0VTQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUwgZIwgY8EAgABMIGIAwQA
uX5SAwQAucc2AwQAudEmMAwDBAC50UkDBAK50UgDBAC50ukDBAC51mwDBAC52hQD
BAC53PgDBAG53PoDBAC53hwDBAC5304DBAC531ADBAG54QADBAC54QMDBAG545ID
BAC55EsDBAC56M4wDAMEBMEIcAMEAMEIcgMEAcE6kgMEAMJMrDANBgkqhkiG9w0B
AQsFAAOCAQEALt31r6TquB+70fUCULJI0Ix+z/hSjy9V+/NJJmnG7cv+fH7g5Uk2
TGryjYsNY83pyjYkUkqg/6Wh6s9sXk0V+MQam5uLQz+01/nE//TW/vTxF6Renevg
n8ofBuLlU5nwZnQOdP0E8ZIM9JvOrs2hcglE/dBKGSvwX060n3b3hJ8Yt1lPmmcw
kfBY726z8oUUkcGn7ZSuY+j0s7nSQ0cY4x6McGlFcLaovcUEN/+7UqU9AEiFo1wh
YZROQa4c39I0gLj+m0z+n7e8sBOnQIFcrHgYowEDFq2m2oPQPAjNmepn8SDF0tEo
DbOPgbF4cZ/oa2gbZPRom3aizuM/8wNH0g==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:41:10 2025 by rpki-client