Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/rFgc42xXsePcGci6Q4Ync6Cs98c.roa
File: rFgc42xXsePcGci6Q4Ync6Cs98c.roa (raw, json)
Hash identifier: wtg2qK9OUAK/ci16viDLpbe31HWj6+KeM9bm4eIgNYA=
Subject key identifier: AC:58:1C:E3:6C:57:B1:E3:DC:19:C8:BA:43:86:27:73:A0:AC:F7:C7
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 0196811F3DE91EFF939F0F417F252B1D193D
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/rFgc42xXsePcGci6Q4Ync6Cs98c.roa
Signing time: Tue 29 Apr 2025 10:37:10 +0000
ROA not before: Tue 29 Apr 2025 10:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5430
IP address blocks: 62.104.0.0/16 maxlen: 16
62.104.16.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.45.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.48.0/23 maxlen: 23
62.104.50.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
89.58.120.0/21 maxlen: 21
194.97.0.0/18 maxlen: 18
194.97.58.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.96.0/24 maxlen: 24
194.97.102.0/24 maxlen: 24
194.97.118.0/24 maxlen: 24
194.97.119.0/24 maxlen: 24
194.97.120.0/23 maxlen: 23
194.97.122.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
195.4.0.0/17 maxlen: 17
195.4.16.0/22 maxlen: 22
195.4.16.0/24 maxlen: 24
195.4.27.0/24 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.176.0/21 maxlen: 24
195.4.176.0/24 maxlen: 24
195.4.178.0/23 maxlen: 23
195.4.216.0/21 maxlen: 21
195.4.224.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Apr 2025 12:10:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:1f:3d:e9:1e:ff:93:9f:0f:41:7f:25:2b:1d:19:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Apr 29 10:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac581ce36c57b1e3dc19c8ba43862773a0acf7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:90:64:af:e3:64:3f:dc:d3:5e:eb:6f:6e:93:
54:fc:05:f6:9f:c6:3c:69:4c:f6:df:32:36:91:ea:
4c:7a:ef:74:79:8c:53:bc:dd:97:48:3e:86:7f:b8:
56:02:a7:4e:20:96:29:13:46:2d:01:6c:fe:bb:1f:
4c:9c:d8:a0:20:dc:1a:4b:26:69:16:2c:69:89:62:
04:c9:98:bf:03:54:59:57:85:3f:1c:99:61:40:2e:
fa:74:18:52:5e:a8:ea:c7:79:c3:25:b0:99:d6:e5:
e4:8f:0e:f7:91:46:73:42:d5:3f:5a:de:99:ec:52:
20:24:dd:59:71:65:91:21:b3:13:f4:5f:9f:b9:a1:
d3:a8:a7:89:e5:bf:37:1b:66:8b:f6:7f:23:c0:99:
4f:42:38:ee:25:7c:6e:6b:4f:cc:d0:f9:1d:56:34:
93:55:13:14:ad:63:6e:b8:a4:54:2b:87:54:ae:98:
66:3f:fb:05:ef:22:b4:a1:dc:76:8e:85:17:16:ca:
35:46:ff:f4:d3:00:3b:03:3c:72:d4:d6:1d:20:32:
3a:22:43:48:5c:c0:97:f3:01:1d:3e:14:5a:bf:0d:
c5:3c:f0:50:0a:c1:81:df:21:b5:85:37:55:c4:06:
7f:b5:a4:b6:ce:de:48:2c:90:61:cb:de:73:fd:aa:
7a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:58:1C:E3:6C:57:B1:E3:DC:19:C8:BA:43:86:27:73:A0:AC:F7:C7
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/rFgc42xXsePcGci6Q4Ync6Cs98c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.58.120.0/21
194.97.0.0/18
194.97.96.0/19
194.97.160.0/19
195.4.0.0/17
195.4.176.0/21
195.4.216.0-195.4.255.255
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
10:77:23:91:70:d9:66:47:13:32:ed:53:c0:de:ef:6e:ce:0e:
7b:1b:a7:f4:c5:55:35:e3:93:7c:b1:02:11:ef:f2:16:ad:62:
fc:08:ed:ae:a2:c1:a4:fc:b2:08:8a:ac:34:20:96:79:5f:a5:
e9:4d:63:19:c7:97:4f:3a:cb:9e:f6:bf:c7:cb:bb:c9:53:54:
93:f7:da:5b:b1:73:8d:e6:a6:8d:39:c0:15:dd:18:ad:22:7b:
d3:0d:38:03:64:f9:b0:50:09:3b:3c:b0:ac:0c:6f:12:3b:f6:
8a:d9:7c:06:40:0c:27:62:9f:56:9c:d6:bf:40:48:a1:19:67:
bf:97:a3:c8:b3:f8:5f:c0:f8:0a:31:df:95:d3:2d:4f:a0:be:
01:16:74:21:c1:8f:49:f3:22:05:e4:cd:44:ce:c5:bf:ba:7a:
ac:ed:c2:df:28:d3:1b:9c:3c:8c:44:6b:7b:79:61:0c:30:bc:
70:d3:ae:90:61:03:7f:ae:fc:3b:ea:9b:e9:4d:33:a3:39:3b:
8d:b4:57:38:d8:7d:9b:57:2c:08:fe:ab:e0:ea:e5:1e:a8:85:
d5:dc:89:c4:dc:9b:aa:b6:5d:f2:f6:fd:2c:7f:13:2d:4d:9d:
2c:93:c5:3b:eb:c2:a0:20:72:f2:ed:90:95:88:54:f4:ce:2a:
7e:f2:38:56
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZaBHz3pHv+Tnw9BfyUrHRk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjUwNDI5MTAzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU4MWNlMzZjNTdiMWUzZGMxOWM4YmE0Mzg2Mjc3M2EwYWNmN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JBkr+NkP9zTXutvbpNU/AX2n8Y8
aUz23zI2kepMeu90eYxTvN2XSD6Gf7hWAqdOIJYpE0YtAWz+ux9MnNigINwaSyZp
FixpiWIEyZi/A1RZV4U/HJlhQC76dBhSXqjqx3nDJbCZ1uXkjw73kUZzQtU/Wt6Z
7FIgJN1ZcWWRIbMT9F+fuaHTqKeJ5b83G2aL9n8jwJlPQjjuJXxua0/M0PkdVjST
VRMUrWNuuKRUK4dUrphmP/sF7yK0odx2joUXFso1Rv/00wA7Azxy1NYdIDI6IkNI
XMCX8wEdPhRavw3FPPBQCsGB3yG1hTdVxAZ/taS2zt5ILJBhy95z/ap6/QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKxYHONsV7Hj3BnIukOGJ3OgrPfHMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvckZnYzQyeFhzZVBjR2NpNlE0WW5jNkNzOThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwMAPmgDBANZ
OngDBAbCYQADBAXCYWADBAXCYaADBAfDBAADBAPDBLAwCwMEA8ME2AMDAMMEMA0E
AgACMAcDBQAgAQdIMA0GCSqGSIb3DQEBCwUAA4IBAQAQdyORcNlmRxMy7VPA3u9u
zg57G6f0xVU145N8sQIR7/IWrWL8CO2uosGk/LIIiqw0IJZ5X6XpTWMZx5dPOsue
9r/Hy7vJU1ST99pbsXON5qaNOcAV3RitInvTDTgDZPmwUAk7PLCsDG8SO/aK2XwG
QAwnYp9WnNa/QEihGWe/l6PIs/hfwPgKMd+V0y1PoL4BFnQhwY9J8yIF5M1EzsW/
unqs7cLfKNMbnDyMRGt7eWEMMLxw066QYQN/rvw76pvpTTOjOTuNtFc42H2bVywI
/qvg6uUeqIXV3InE3Juqtl3y9v0sfxMtTZ0sk8U768KgIHLy7ZCViFT0zip+8jhW
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:57:30 2025 by rpki-client