Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7bed63-406e-405c-a7f0-7cd9c3baba25/1/_DGSW6ISlKGlEgVlKm7YWvxy2c0.roa
File: _DGSW6ISlKGlEgVlKm7YWvxy2c0.roa (raw, json)
Hash identifier: CZvmrrgeZ0Pqux/Jo+rhG7S0LEndCwP1VJ0arMKJ9pg=
Subject key identifier: FC:31:92:5B:A2:12:94:A1:A5:12:05:65:2A:6E:D8:5A:FC:72:D9:CD
Certificate issuer: /CN=24c96d386d7cf59a990d3994f0df8493dfca49b3
Certificate serial: 01977726252A9E8E7CA80C6914B9EB728852
Authority key identifier: 24:C9:6D:38:6D:7C:F5:9A:99:0D:39:94:F0:DF:84:93:DF:CA:49:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMltOG189ZqZDTmU8N-Ek9_KSbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7bed63-406e-405c-a7f0-7cd9c3baba25/1/_DGSW6ISlKGlEgVlKm7YWvxy2c0.roa
Signing time: Mon 16 Jun 2025 05:11:17 +0000
ROA not before: Mon 16 Jun 2025 05:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8193
IP address blocks: 195.158.0.0/19 maxlen: 19
195.158.1.0/24 maxlen: 24
195.158.12.0/24 maxlen: 24
195.158.22.0/24 maxlen: 24
195.158.23.0/24 maxlen: 24
213.230.64.0/18 maxlen: 18
213.230.72.0/23 maxlen: 23
213.230.74.0/23 maxlen: 23
213.230.76.0/23 maxlen: 23
213.230.78.0/23 maxlen: 23
213.230.80.0/23 maxlen: 23
213.230.82.0/23 maxlen: 23
213.230.86.0/23 maxlen: 23
213.230.86.0/24 maxlen: 24
213.230.87.0/24 maxlen: 24
213.230.88.0/23 maxlen: 23
213.230.92.0/23 maxlen: 23
213.230.92.0/24 maxlen: 24
213.230.93.0/24 maxlen: 24
213.230.100.0/23 maxlen: 23
213.230.102.0/23 maxlen: 23
213.230.109.0/24 maxlen: 24
213.230.112.0/23 maxlen: 23
213.230.114.0/23 maxlen: 23
213.230.116.0/23 maxlen: 23
213.230.118.0/23 maxlen: 23
213.230.125.0/24 maxlen: 24
2a05:45c0::/32 maxlen: 32
2a05:45c1::/32 maxlen: 32
2a05:45c1::/48 maxlen: 48
2a05:45c2::/36 maxlen: 36
2a05:45c2:1000::/36 maxlen: 36
2a05:45c2:2000::/36 maxlen: 36
2a05:45c2:3000::/36 maxlen: 36
2a05:45c2:4000::/36 maxlen: 36
2a05:45c2:5000::/36 maxlen: 36
2a05:45c2:6000::/36 maxlen: 36
2a05:45c2:7000::/36 maxlen: 36
2a05:45c2:8000::/36 maxlen: 36
2a05:45c5::/32 maxlen: 32
2a05:45c5:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 17 Jun 2025 06:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:26:25:2a:9e:8e:7c:a8:0c:69:14:b9:eb:72:88:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24c96d386d7cf59a990d3994f0df8493dfca49b3
Validity
Not Before: Jun 16 05:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc31925ba21294a1a51205652a6ed85afc72d9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ee:17:02:15:8f:6d:65:07:87:0e:d7:1d:9e:
72:fe:32:16:49:5a:ba:13:3f:76:75:09:1e:ac:60:
e0:73:56:70:ac:3b:43:bf:37:77:22:94:1c:36:be:
f2:94:26:e8:c3:20:15:5a:fd:22:c6:6b:a3:6e:84:
67:87:66:59:b9:8a:81:3b:92:24:1e:5b:5a:50:09:
fe:84:87:b6:40:6c:72:72:fb:4b:f1:b5:0b:0d:28:
cb:a8:15:7e:79:74:1e:45:d4:76:a4:d2:40:f1:dc:
6b:3a:e8:c8:da:67:2a:3e:0f:9c:a6:28:f2:6c:a9:
d9:48:1d:df:8e:b6:32:b4:27:e0:87:2b:de:37:c5:
5b:ab:22:38:45:b9:d1:15:22:d8:bb:32:89:d6:a7:
e4:83:0a:bd:03:02:ac:12:cf:b3:58:bc:94:b9:c9:
21:fe:25:4c:3b:9d:1e:92:7f:44:e6:cc:5f:c6:59:
1d:71:ef:2f:32:37:9d:24:10:1d:0b:35:c9:d9:c9:
83:02:59:f9:7e:b1:c2:30:3b:f5:10:c4:c9:ee:c5:
0d:f9:e9:de:af:a9:bd:65:f4:1f:97:eb:a4:fd:9b:
47:00:bc:02:7b:30:40:0f:52:07:c3:75:e3:02:3f:
05:74:1c:28:fc:02:4e:7c:ac:b0:a1:1a:07:a7:32:
c1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:31:92:5B:A2:12:94:A1:A5:12:05:65:2A:6E:D8:5A:FC:72:D9:CD
X509v3 Authority Key Identifier:
keyid:24:C9:6D:38:6D:7C:F5:9A:99:0D:39:94:F0:DF:84:93:DF:CA:49:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMltOG189ZqZDTmU8N-Ek9_KSbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7bed63-406e-405c-a7f0-7cd9c3baba25/1/_DGSW6ISlKGlEgVlKm7YWvxy2c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7bed63-406e-405c-a7f0-7cd9c3baba25/1/JMltOG189ZqZDTmU8N-Ek9_KSbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.158.0.0/19
213.230.64.0/18
IPv6:
2a05:45c0::-2a05:45c2:8fff:ffff:ffff:ffff:ffff:ffff
2a05:45c5::/32
Signature Algorithm: sha256WithRSAEncryption
26:a3:96:0b:01:69:6e:5c:0f:d0:29:ac:6d:e7:f4:31:8d:27:
ea:de:9b:1d:94:86:9d:c5:6c:e9:2f:47:c8:45:d4:e3:df:19:
ee:db:20:50:5f:e9:98:3f:5a:e9:b7:20:96:0b:35:2c:b3:f4:
1c:4c:0e:f9:19:5e:67:31:60:31:41:b8:d8:cf:56:6f:19:71:
a6:85:84:7f:e1:4e:9b:04:76:33:db:5e:1c:a0:69:f7:e9:46:
d3:db:be:0e:35:1b:42:72:b4:81:2b:c7:9a:eb:15:06:36:7f:
e0:d9:07:92:dc:94:80:7a:65:dd:56:4e:94:83:21:bb:8e:a4:
5a:cf:04:15:d7:37:b2:bb:10:53:4a:f4:92:aa:7a:bb:bb:47:
81:2f:9b:65:94:f7:23:1c:b6:12:d1:30:d8:63:63:4f:f7:b7:
61:39:56:c9:79:b6:77:b3:47:3e:c2:dd:85:82:18:c7:f7:22:
ef:dc:db:d9:cd:34:ed:37:5c:4e:db:79:24:c6:fc:7c:ff:c7:
ae:34:3e:c8:5e:3f:e8:1b:1a:51:d0:1e:45:24:fe:6f:5b:9e:
d0:64:63:88:f1:f2:2e:61:e0:f2:18:65:a3:0f:b8:d9:b4:8b:
ea:76:e4:d0:db:65:96:95:85:cc:9e:b6:71:1d:a9:41:77:73:
6d:5d:c0:24
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZd3JiUqno58qAxpFLnrcohSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Yzk2ZDM4NmQ3Y2Y1OWE5OTBkMzk5NGYwZGY4NDkzZGZj
YTQ5YjMwHhcNMjUwNjE2MDUxMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzMxOTI1YmEyMTI5NGExYTUxMjA1NjUyYTZlZDg1YWZjNzJkOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O4XAhWPbWUHhw7XHZ5y/jIWSVq6
Ez92dQkerGDgc1ZwrDtDvzd3IpQcNr7ylCbowyAVWv0ixmujboRnh2ZZuYqBO5Ik
HltaUAn+hIe2QGxycvtL8bULDSjLqBV+eXQeRdR2pNJA8dxrOujI2mcqPg+cpijy
bKnZSB3fjrYytCfghyveN8VbqyI4RbnRFSLYuzKJ1qfkgwq9AwKsEs+zWLyUuckh
/iVMO50ekn9E5sxfxlkdce8vMjedJBAdCzXJ2cmDAln5frHCMDv1EMTJ7sUN+ene
r6m9ZfQfl+uk/ZtHALwCezBAD1IHw3XjAj8FdBwo/AJOfKywoRoHpzLB4wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPwxkluiEpShpRIFZSpu2Fr8ctnNMB8GA1UdIwQY
MBaAFCTJbThtfPWamQ05lPDfhJPfykmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk1sdE9HMTg5WnFaRFRtVThOLUVrOV9LU2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83YmVkNjMtNDA2ZS00MDVjLWE3ZjAt
N2NkOWMzYmFiYTI1LzEvX0RHU1c2SVNsS0dsRWdWbEttN1lXdnh5MmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83YmVkNjMtNDA2ZS00MDVjLWE3ZjAtN2NkOWMzYmFiYTI1
LzEvSk1sdE9HMTg5WnFaRFRtVThOLUVrOV9LU2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDASBAIAATAMAwQFw54AAwQG
1eZAMB4EAgACMBgwDwMFBioFRcADBgQqBUXCgAMFACoFRcUwDQYJKoZIhvcNAQEL
BQADggEBACajlgsBaW5cD9AprG3n9DGNJ+remx2Uhp3FbOkvR8hF1OPfGe7bIFBf
6Zg/Wum3IJYLNSyz9BxMDvkZXmcxYDFBuNjPVm8ZcaaFhH/hTpsEdjPbXhygaffp
RtPbvg41G0JytIErx5rrFQY2f+DZB5LclIB6Zd1WTpSDIbuOpFrPBBXXN7K7EFNK
9JKqeru7R4Evm2WU9yMcthLRMNhjY0/3t2E5Vsl5tnezRz7C3YWCGMf3Iu/c29nN
NO03XE7beSTG/Hz/x640PsheP+gbGlHQHkUk/m9bntBkY4jx8i5h4PIYZaMPuNm0
i+p25NDbZZaVhcyetnEdqUF3c21dwCQ=
-----END CERTIFICATE-----
Generated at Wed Jun 18 05:22:37 2025 by rpki-client