Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/B-3vVlBbE_2nNum3VwpvQ-tvGj4.roa
File: B-3vVlBbE_2nNum3VwpvQ-tvGj4.roa (raw, json)
Hash identifier: jUAezFqXGcBFjU8lgqdjFgv5sDkENba3l+sV0XsNaxE=
Subject key identifier: 07:ED:EF:56:50:5B:13:FD:A7:36:E9:B7:57:0A:6F:43:EB:6F:1A:3E
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019739A0541E59B2AD4989CA13953901E935
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/B-3vVlBbE_2nNum3VwpvQ-tvGj4.roa
Signing time: Wed 04 Jun 2025 06:28:17 +0000
ROA not before: Wed 04 Jun 2025 06:28:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12430
IP address blocks: 2.152.0.0/14 maxlen: 17
2.152.0.0/16 maxlen: 16
2.154.0.0/16 maxlen: 16
2.154.192.0/18 maxlen: 18
5.40.0.0/16 maxlen: 16
62.42.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
62.82.0.0/15 maxlen: 16
62.100.96.0/19 maxlen: 19
62.101.160.0/19 maxlen: 19
62.117.128.0/17 maxlen: 17
62.174.0.0/15 maxlen: 19
80.174.0.0/16 maxlen: 17
80.224.0.0/16 maxlen: 16
81.60.0.0/15 maxlen: 18
81.172.0.0/17 maxlen: 17
81.184.0.0/16 maxlen: 16
81.202.0.0/15 maxlen: 15
82.158.0.0/15 maxlen: 16
82.213.128.0/18 maxlen: 18
83.138.192.0/18 maxlen: 18
83.173.128.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
84.127.229.0/24 maxlen: 24
85.219.0.0/17 maxlen: 17
85.251.0.0/16 maxlen: 17
89.140.0.0/16 maxlen: 16
89.141.0.0/16 maxlen: 16
95.39.0.0/16 maxlen: 19
185.128.128.0/22 maxlen: 24
194.106.0.0/19 maxlen: 19
194.140.128.0/18 maxlen: 18
194.149.192.0/19 maxlen: 19
212.21.224.0/19 maxlen: 19
212.22.32.0/19 maxlen: 20
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
212.78.128.0/19 maxlen: 19
212.79.128.0/19 maxlen: 19
212.95.192.0/19 maxlen: 19
212.97.160.0/19 maxlen: 19
212.122.96.0/19 maxlen: 19
212.183.192.0/18 maxlen: 18
213.37.0.0/16 maxlen: 16
213.201.0.0/17 maxlen: 17
213.227.0.0/18 maxlen: 18
213.231.64.0/18 maxlen: 18
213.254.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 09 Jun 2025 05:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:39:a0:54:1e:59:b2:ad:49:89:ca:13:95:39:01:e9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 4 06:28:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07edef56505b13fda736e9b7570a6f43eb6f1a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:60:27:7e:c1:7f:2a:69:ad:20:9b:79:30:05:
b7:50:dc:cd:6a:05:1a:6c:f5:b9:88:e3:38:31:b2:
0e:a7:6e:14:55:e5:8f:56:c9:b2:5f:e5:b9:5e:6d:
eb:51:d4:3f:20:8d:90:2f:81:ef:79:95:ad:5f:3c:
6d:79:b1:22:0c:83:49:c1:76:78:da:82:7b:0b:d4:
87:ca:5f:3a:30:7e:9e:71:72:02:f1:e8:e0:a9:76:
3a:6d:69:88:ef:b3:ae:36:10:ea:9e:dd:69:a1:8a:
49:a0:97:ee:63:7d:6b:2f:06:b5:78:c3:aa:19:a6:
9c:98:5d:ab:4f:d4:12:9d:b0:fc:31:0d:ab:e0:de:
ee:d1:62:f8:ec:60:7b:b9:6e:2f:f3:0f:d9:48:0d:
64:72:35:da:89:89:a9:ed:c1:49:7b:33:46:8a:c9:
7a:a0:f8:d7:1b:36:7b:45:a5:40:e3:87:cd:79:8d:
b9:3e:2e:99:9e:06:bd:c6:ee:d1:c3:e6:26:23:cb:
49:8f:f1:4d:d3:ba:9b:46:fc:07:64:3e:97:79:f9:
d2:c0:d4:53:80:f4:fa:3c:4b:09:be:64:60:97:71:
0c:6a:c0:e4:85:6b:c0:62:2b:38:28:58:c9:f5:7b:
78:89:de:d6:01:cb:c3:bb:ed:03:dc:87:01:be:1e:
32:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:ED:EF:56:50:5B:13:FD:A7:36:E9:B7:57:0A:6F:43:EB:6F:1A:3E
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/B-3vVlBbE_2nNum3VwpvQ-tvGj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.117.128.0/17
62.174.0.0/15
80.174.0.0/16
80.224.0.0/16
81.60.0.0/15
81.172.0.0/17
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.138.192.0/18
83.173.128.0/18
84.120.0.0/13
85.219.0.0/17
85.251.0.0/16
89.140.0.0/15
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.22.32.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.122.96.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8a:6b:7d:f4:dc:b5:dc:e1:24:08:22:b0:9f:f2:e2:c4:0f:ab:
4e:bd:56:d5:81:7e:0f:4a:0c:0f:4e:f3:f5:81:d3:e4:51:a7:
06:25:da:4a:01:fd:d7:84:d0:ee:07:b6:46:a7:90:c7:7a:9a:
44:ed:cc:92:c6:91:b2:8c:c8:29:d7:40:e4:82:84:0b:fc:db:
7c:1d:ba:89:61:3e:f6:d7:6c:01:42:b1:41:1f:b5:49:37:f5:
24:4f:52:25:52:3e:38:02:51:65:11:ee:78:e2:81:45:0c:f4:
9c:3b:ac:42:b5:5f:09:fd:23:43:53:fe:7e:9e:e4:c5:a1:d2:
c7:70:85:a5:6f:5a:9e:34:b2:4e:90:2c:32:82:14:20:cb:87:
42:16:cf:e6:27:af:da:30:20:76:a4:d6:d2:a7:b7:9a:2a:5a:
a4:72:16:6a:fd:54:f1:07:40:54:eb:9e:af:9b:14:a8:f7:fa:
47:e7:de:54:52:d8:82:05:6d:d9:0b:02:36:43:bd:d4:5a:95:
2b:e9:34:76:9f:6a:eb:74:5d:ed:92:21:11:b8:b3:5a:70:40:
b6:11:ed:27:5c:98:bd:c2:9d:5d:d9:27:ed:66:47:ea:a1:58:
7f:32:88:48:cd:c5:9f:88:5b:20:58:0b:a5:23:30:5b:c7:b6:
f1:57:37:b2
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZc5oFQeWbKtSYnKE5U5Aek1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwNjA0MDYyODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2VkZWY1NjUwNWIxM2ZkYTczNmU5Yjc1NzBhNmY0M2ViNmYxYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GAnfsF/KmmtIJt5MAW3UNzNagUa
bPW5iOM4MbIOp24UVeWPVsmyX+W5Xm3rUdQ/II2QL4HveZWtXzxtebEiDINJwXZ4
2oJ7C9SHyl86MH6ecXIC8ejgqXY6bWmI77OuNhDqnt1poYpJoJfuY31rLwa1eMOq
GaacmF2rT9QSnbD8MQ2r4N7u0WL47GB7uW4v8w/ZSA1kcjXaiYmp7cFJezNGisl6
oPjXGzZ7RaVA44fNeY25Pi6Znga9xu7Rw+YmI8tJj/FN07qbRvwHZD6XefnSwNRT
gPT6PEsJvmRgl3EMasDkhWvAYis4KFjJ9Xt4id7WAcvDu+0D3IcBvh4y2QIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFAft71ZQWxP9pzbpt1cKb0Prbxo+MB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvQi0zdlZsQmJFXzJuTnVtM1Z3cHZRLXR2R2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwMC
ApgDAwAFKAMDAT4qAwMAPjkwCgMDAD5RAwMCPlADBAU+ZGADBAU+ZaADBAc+dYAD
AwE+rgMDAFCuAwMAUOADAwFRPAMEB1GsAAMDAFG4AwMBUcoDAwFSngMEBlLVgAME
BlOKwAMEBlOtgAMDA1R4AwQHVdsAAwMAVfsDAwFZjAMDAF8nAwQCuYCAAwQFwmoA
AwQGwoyAAwQFwpXAAwQF1BXgAwQF1BYgAwQF1CjgAwQF1E6AAwQF1E+AAwQF1F/A
AwQF1GGgAwQF1HpgAwQG1LfAAwMA1SUDBAfVyQADBAbV4wADBAbV50ADBAbV/kAw
DQYJKoZIhvcNAQELBQADggEBAIprffTctdzhJAgisJ/y4sQPq069VtWBfg9KDA9O
8/WB0+RRpwYl2koB/deE0O4HtkankMd6mkTtzJLGkbKMyCnXQOSChAv823wduolh
PvbXbAFCsUEftUk39SRPUiVSPjgCUWUR7njigUUM9Jw7rEK1Xwn9I0NT/n6e5MWh
0sdwhaVvWp40sk6QLDKCFCDLh0IWz+Ynr9owIHak1tKnt5oqWqRyFmr9VPEHQFTr
nq+bFKj3+kfn3lRS2IIFbdkLAjZDvdRalSvpNHafaut0Xe2SIRG4s1pwQLYR7Sdc
mL3CnV3ZJ+1mR+qhWH8yiEjNxZ+IWyBYC6UjMFvHtvFXN7I=
-----END CERTIFICATE-----
Generated at Mon Jun 16 18:32:55 2025 by rpki-client