Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/rcXBNttkCN9ucz-CG4BKu0x_DaA.roa
File: rcXBNttkCN9ucz-CG4BKu0x_DaA.roa (raw, json)
Hash identifier: SJByGTVzrBD24wq+7U6n5Slzx+PsYlVup4M9/akSlBs=
Subject key identifier: AD:C5:C1:36:DB:64:08:DF:6E:73:3F:82:1B:80:4A:BB:4C:7F:0D:A0
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019739A053AD1B453DBCF4A3702BD736F4A7
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/rcXBNttkCN9ucz-CG4BKu0x_DaA.roa
Signing time: Wed 04 Jun 2025 06:28:17 +0000
ROA not before: Wed 04 Jun 2025 06:28:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6739
IP address blocks: 2.152.0.0/14 maxlen: 17
2.152.0.0/16 maxlen: 16
2.154.0.0/16 maxlen: 16
2.154.192.0/18 maxlen: 18
5.40.0.0/16 maxlen: 16
62.42.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
62.82.0.0/15 maxlen: 16
62.100.96.0/19 maxlen: 19
62.101.160.0/19 maxlen: 19
62.174.0.0/15 maxlen: 19
80.174.0.0/16 maxlen: 17
80.224.0.0/16 maxlen: 16
81.60.0.0/15 maxlen: 18
81.184.0.0/16 maxlen: 16
81.202.0.0/15 maxlen: 15
82.158.0.0/15 maxlen: 16
82.213.128.0/18 maxlen: 18
83.173.128.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
84.127.229.0/24 maxlen: 24
85.219.0.0/17 maxlen: 17
85.251.0.0/16 maxlen: 17
89.140.0.0/16 maxlen: 17
95.39.0.0/16 maxlen: 19
185.128.128.0/22 maxlen: 24
194.106.0.0/19 maxlen: 19
194.140.128.0/18 maxlen: 18
194.149.192.0/19 maxlen: 19
212.21.224.0/19 maxlen: 19
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
212.78.128.0/19 maxlen: 19
212.79.128.0/19 maxlen: 19
212.95.192.0/19 maxlen: 19
212.97.160.0/19 maxlen: 19
212.183.192.0/18 maxlen: 18
213.37.0.0/16 maxlen: 16
213.201.0.0/17 maxlen: 17
213.227.0.0/18 maxlen: 18
213.231.64.0/18 maxlen: 18
213.254.64.0/18 maxlen: 18
2a02:a800::/26 maxlen: 26
Validation: Failed, certificate revoked on Mon 09 Jun 2025 05:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:39:a0:53:ad:1b:45:3d:bc:f4:a3:70:2b:d7:36:f4:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 4 06:28:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adc5c136db6408df6e733f821b804abb4c7f0da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e1:a4:66:18:56:2d:99:7e:d0:7b:38:34:7c:
25:24:12:28:6a:a1:59:ab:45:0a:7e:85:3a:33:71:
5b:2a:e9:7a:53:f9:bf:ab:13:94:16:e3:95:58:df:
fe:22:bf:72:e7:1b:95:1f:e4:b4:ec:ea:ea:3c:96:
e8:26:21:5b:6b:3a:2d:5e:a4:95:5e:62:89:ca:74:
16:c1:27:09:84:83:36:0a:a1:5c:bf:a3:9a:53:0b:
f1:9f:30:ea:28:59:9f:5f:b0:f4:55:15:75:a9:a2:
dc:70:5d:16:d3:3c:84:57:3d:ab:78:35:12:de:1d:
74:73:83:4d:eb:a9:a5:86:29:ab:77:5a:30:7d:6b:
56:f4:cb:87:90:d9:2d:6d:34:c2:11:32:1f:c3:ce:
78:d8:ac:cf:e6:60:a6:26:ce:10:35:42:2c:1d:cd:
ad:3d:64:a7:8c:bb:bf:8b:f8:a0:64:6b:40:d5:37:
b6:a4:fe:eb:f9:a1:7d:81:9b:61:68:97:52:e0:34:
c9:c6:fd:80:e0:8b:a2:c6:f5:f3:fd:01:31:4c:46:
ee:13:34:bb:a9:72:54:b7:22:08:81:38:65:b2:97:
82:39:04:dc:17:2c:73:b6:d9:a1:16:c6:29:c9:ab:
50:7e:25:92:7d:5b:69:b9:26:92:41:f2:e5:bb:e2:
0a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C5:C1:36:DB:64:08:DF:6E:73:3F:82:1B:80:4A:BB:4C:7F:0D:A0
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/rcXBNttkCN9ucz-CG4BKu0x_DaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.174.0.0/15
80.174.0.0/16
80.224.0.0/16
81.60.0.0/15
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.173.128.0/18
84.120.0.0/13
85.219.0.0/17
85.251.0.0/16
89.140.0.0/16
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
IPv6:
2a02:a800::/26
Signature Algorithm: sha256WithRSAEncryption
38:f7:81:8c:cd:82:0c:b6:d6:4c:18:5c:c4:53:04:8b:c0:9b:
63:86:80:71:2f:78:27:e5:70:32:92:e5:94:61:c2:50:e0:86:
91:83:b6:e1:a8:e9:a2:10:a9:70:f9:1f:18:64:e0:98:bf:4e:
92:7b:5e:71:7b:d3:61:58:04:b6:79:0a:77:e3:0c:5b:70:a2:
93:f7:d2:f6:7d:c2:fe:d6:28:bc:09:2f:4e:2b:32:df:35:10:
20:64:54:a2:59:48:cf:75:83:6c:06:8e:66:68:d3:42:c6:30:
20:1f:96:cf:63:ef:fe:14:61:69:b7:6a:c7:7e:1d:d4:ca:2e:
2e:cb:78:65:a6:23:e5:80:03:ce:b7:ba:ae:a9:48:76:ff:9a:
49:69:dc:84:9a:ea:7c:72:ed:ec:08:cc:0a:73:94:4a:1d:e6:
47:27:0d:55:de:27:1e:6c:14:f1:15:37:0a:57:f1:d4:95:71:
fd:b4:e6:bc:bf:d4:5e:e2:64:6c:08:05:30:87:00:b0:4c:f8:
98:b2:8e:0d:13:e4:e3:4f:d4:52:b1:5f:6c:f3:a6:c0:c5:8b:
ac:de:00:29:68:7a:31:82:92:67:dc:eb:3c:f5:ff:2b:27:26:
dd:20:46:42:d6:22:cd:5c:e4:a1:7b:26:72:86:3e:73:90:b1:
0f:26:15:90
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAZc5oFOtG0U9vPSjcCvXNvSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwNjA0MDYyODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGM1YzEzNmRiNjQwOGRmNmU3MzNmODIxYjgwNGFiYjRjN2YwZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouGkZhhWLZl+0Hs4NHwlJBIoaqFZ
q0UKfoU6M3FbKul6U/m/qxOUFuOVWN/+Ir9y5xuVH+S07OrqPJboJiFbazotXqSV
XmKJynQWwScJhIM2CqFcv6OaUwvxnzDqKFmfX7D0VRV1qaLccF0W0zyEVz2reDUS
3h10c4NN66mlhimrd1owfWtW9MuHkNktbTTCETIfw8542KzP5mCmJs4QNUIsHc2t
PWSnjLu/i/igZGtA1Te2pP7r+aF9gZthaJdS4DTJxv2A4IuixvXz/QExTEbuEzS7
qXJUtyIIgThlspeCOQTcFyxzttmhFsYpyatQfiWSfVtpuSaSQfLlu+IK1wIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFK3FwTbbZAjfbnM/ghuASrtMfw2gMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvcmNYQk50dGtDTjl1Y3otQ0c0Qkt1MHhfRGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgdsEAgABMIHUAwMC
ApgDAwAFKAMDAT4qAwMAPjkwCgMDAD5RAwMCPlADBAU+ZGADBAU+ZaADAwE+rgMD
AFCuAwMAUOADAwFRPAMDAFG4AwMBUcoDAwFSngMEBlLVgAMEBlOtgAMDA1R4AwQH
VdsAAwMAVfsDAwBZjAMDAF8nAwQCuYCAAwQFwmoAAwQGwoyAAwQFwpXAAwQF1BXg
AwQF1CjgAwQF1E6AAwQF1E+AAwQF1F/AAwQF1GGgAwQG1LfAAwMA1SUDBAfVyQAD
BAbV4wADBAbV50ADBAbV/kAwDQQCAAIwBwMFBioCqAAwDQYJKoZIhvcNAQELBQAD
ggEBADj3gYzNggy21kwYXMRTBIvAm2OGgHEveCflcDKS5ZRhwlDghpGDtuGo6aIQ
qXD5Hxhk4Ji/TpJ7XnF702FYBLZ5CnfjDFtwopP30vZ9wv7WKLwJL04rMt81ECBk
VKJZSM91g2wGjmZo00LGMCAfls9j7/4UYWm3asd+HdTKLi7LeGWmI+WAA863uq6p
SHb/mklp3ISa6nxy7ewIzApzlEod5kcnDVXeJx5sFPEVNwpX8dSVcf205ry/1F7i
ZGwIBTCHALBM+Jiyjg0T5ONP1FKxX2zzpsDFi6zeACloejGCkmfc6zz1/ysnJt0g
RkLWIs1c5KF7JnKGPnOQsQ8mFZA=
-----END CERTIFICATE-----
Generated at Tue Jun 17 11:12:58 2025 by rpki-client