Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/oafCqQuWMsHzAK_vFo1ucOSYMV0.roa
File: oafCqQuWMsHzAK_vFo1ucOSYMV0.roa (raw, json)
Hash identifier: FzvwaT9AspKrOqqbYuYEBZhNPnQamBsF84GykDoi0eA=
Subject key identifier: A1:A7:C2:A9:0B:96:32:C1:F3:00:AF:EF:16:8D:6E:70:E4:98:31:5D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01973B40E467344272EF39FAE354AD2EBAB7
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/oafCqQuWMsHzAK_vFo1ucOSYMV0.roa
Signing time: Wed 04 Jun 2025 14:03:17 +0000
ROA not before: Wed 04 Jun 2025 14:03:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.5.64.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Jun 2025 08:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:40:e4:67:34:42:72:ef:39:fa:e3:54:ad:2e:ba:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 4 14:03:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1a7c2a90b9632c1f300afef168d6e70e498315d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c0:6a:5d:73:19:38:4e:42:b4:26:7c:7f:88:
d8:ec:16:d7:fc:fc:6b:3b:21:21:88:25:9a:9a:08:
a9:55:4b:43:ea:fe:41:5c:99:63:2b:31:b8:67:f1:
31:cc:29:90:6a:88:04:d0:6c:ef:72:9b:44:c3:1f:
1b:ae:e9:5d:a6:30:39:10:c9:f8:70:aa:9a:08:27:
c0:94:3d:92:ea:1b:a3:4b:41:08:ca:f4:d8:65:9d:
65:86:c6:23:95:a4:a8:9a:9f:1f:35:c9:54:a6:d0:
9c:4c:67:23:5a:1e:31:80:92:35:50:04:27:fc:43:
e7:13:03:1c:12:ea:94:55:aa:ed:bf:ab:18:20:71:
73:1b:62:03:ff:de:40:6c:d8:ed:02:60:f3:6d:5b:
1b:53:e9:3f:d2:cd:02:37:79:99:fa:db:9b:03:1d:
c5:9a:04:7f:ff:1b:77:07:34:cc:67:8b:43:0c:03:
bb:97:0c:e1:3b:ad:15:01:2f:c7:a7:08:74:d0:40:
42:0d:6b:42:81:00:3f:e7:34:d6:7d:04:82:a3:e4:
3d:2e:0f:9a:2f:d7:a3:0b:d5:71:73:e8:ab:65:d6:
89:c4:a7:78:ca:c9:26:81:09:11:3f:49:ab:54:29:
53:2f:5d:6b:a6:b5:28:68:26:fe:b3:c0:06:6e:fb:
46:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A7:C2:A9:0B:96:32:C1:F3:00:AF:EF:16:8D:6E:70:E4:98:31:5D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/oafCqQuWMsHzAK_vFo1ucOSYMV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.126.82.0/24
185.199.54.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0/24
185.209.75.0/24
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.222.28.0/23
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.226.104.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
185.246.112.0/24
193.8.112.0/23
193.58.146.0/23
194.5.64.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:2d:c8:ce:16:7f:08:2a:7e:89:a3:53:59:fc:a8:d5:53:08:
7a:4b:39:82:d5:33:26:dc:8b:71:b3:bf:08:96:cc:26:c0:c0:
e2:6c:40:53:d9:89:45:03:6c:28:c5:92:ee:8d:04:f1:b5:9b:
7b:9d:0a:ba:11:95:94:30:b0:43:5e:7a:bc:ee:b1:51:6f:88:
d7:f4:cb:3e:57:5b:22:22:31:05:a1:4c:6a:f1:39:54:73:af:
3e:0b:2f:17:91:cc:98:9d:52:7f:b3:de:b3:79:c5:86:7f:dc:
6a:dd:45:2c:fd:3f:ef:87:d7:44:3d:2d:50:f2:06:62:e5:9e:
6e:b5:ec:0d:d5:15:bb:7c:87:a1:b2:61:f7:dd:c2:a8:60:32:
0c:ba:e2:e8:51:f9:97:f1:80:ad:bb:11:e8:0f:80:d6:e9:f6:
5b:51:b0:a2:2a:c2:4a:c3:3b:dd:21:69:f0:54:e8:25:85:84:
c7:25:90:c5:56:25:0b:02:d2:77:16:cd:10:58:57:4f:f2:b9:
a3:10:17:f6:f8:1e:16:6c:85:25:7c:19:93:47:4c:20:36:44:
af:f3:4d:02:75:56:1c:c5:93:37:5b:89:bb:02:85:5a:93:23:
23:5f:63:54:ed:ee:07:c1:63:62:42:fd:64:48:22:52:4d:91:
36:ad:17:22
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZc7QORnNEJy7zn641StLrq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNjA0MTQwMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWE3YzJhOTBiOTYzMmMxZjMwMGFmZWYxNjhkNmU3MGU0OTgzMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycBqXXMZOE5CtCZ8f4jY7BbX/Pxr
OyEhiCWamgipVUtD6v5BXJljKzG4Z/ExzCmQaogE0GzvcptEwx8bruldpjA5EMn4
cKqaCCfAlD2S6hujS0EIyvTYZZ1lhsYjlaSomp8fNclUptCcTGcjWh4xgJI1UAQn
/EPnEwMcEuqUVartv6sYIHFzG2ID/95AbNjtAmDzbVsbU+k/0s0CN3mZ+tubAx3F
mgR//xt3BzTMZ4tDDAO7lwzhO60VAS/Hpwh00EBCDWtCgQA/5zTWfQSCo+Q9Lg+a
L9ejC9Vxc+irZdaJxKd4yskmgQkRP0mrVClTL11rprUoaCb+s8AGbvtGuQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFKGnwqkLljLB8wCv7xaNbnDkmDFdMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvb2FmQ3FRdVdNc0h6QUtfdkZvMXVjT1NZTVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAt
WhEDBAC5flIDBAC5xzYDBAC5zvsDBAC50SYDBAC50UkDBAC50UsDBAC50ukDBAC5
1mwDBAC52hQDBAC52mUDBAG53PoDBAG53hwDBAC535sDBAG54QADBAC54QMDBAC5
4mgDBAG545IDBAC55EsDBAC56M4DBAC59nADBAHBCHADBAHBOpIDBADCBUADBADC
TKkDBADCTKwDBADCfEUwDQYJKoZIhvcNAQELBQADggEBACotyM4WfwgqfomjU1n8
qNVTCHpLOYLVMybci3GzvwiWzCbAwOJsQFPZiUUDbCjFku6NBPG1m3udCroRlZQw
sENeerzusVFviNf0yz5XWyIiMQWhTGrxOVRzrz4LLxeRzJidUn+z3rN5xYZ/3Grd
RSz9P++H10Q9LVDyBmLlnm617A3VFbt8h6GyYffdwqhgMgy64uhR+ZfxgK27EegP
gNbp9ltRsKIqwkrDO90hafBU6CWFhMclkMVWJQsC0ncWzRBYV0/yuaMQF/b4HhZs
hSV8GZNHTCA2RK/zTQJ1VhzFkzdbibsChVqTIyNfY1Tt7gfBY2JC/WRIIlJNkTat
FyI=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:19:28 2025 by rpki-client