Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/CFDNJgXgBpt3kthQ-YOQuN9waUk.roa
File: CFDNJgXgBpt3kthQ-YOQuN9waUk.roa (raw, json)
Hash identifier: NUqyHzpiqZSANGy/oTuL6dPzlGTYPC2tjYE8Dy4pTPw=
Subject key identifier: 08:50:CD:26:05:E0:06:9B:77:92:D8:50:F9:83:90:B8:DF:70:69:49
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 019837E9CB5376300224E89EA9283EC0DAF7
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/CFDNJgXgBpt3kthQ-YOQuN9waUk.roa
Signing time: Wed 23 Jul 2025 15:32:05 +0000
ROA not before: Wed 23 Jul 2025 15:32:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59437
IP address blocks: 85.234.64.0/24 maxlen: 24
85.234.66.0/24 maxlen: 24
85.234.67.0/24 maxlen: 24
85.234.84.0/24 maxlen: 24
85.234.86.0/24 maxlen: 24
85.234.91.0/24 maxlen: 24
85.234.94.0/23 maxlen: 23
92.38.143.0/24 maxlen: 24
93.113.170.0/24 maxlen: 24
93.119.168.0/24 maxlen: 24
93.119.169.0/24 maxlen: 24
109.61.121.0/24 maxlen: 24
2a03:90c0:680::/44 maxlen: 44
2a03:90c0:7a0::/44 maxlen: 44
2a03:90c0:7b0::/44 maxlen: 44
Validation: Failed, certificate revoked on Thu 24 Jul 2025 18:56:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:e9:cb:53:76:30:02:24:e8:9e:a9:28:3e:c0:da:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Jul 23 15:32:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0850cd2605e0069b7792d850f98390b8df706949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7b:65:4d:9a:3d:46:93:3b:1f:06:92:e7:ea:
b5:18:cf:41:63:4c:f8:01:0f:6b:29:db:24:17:af:
87:d9:4c:1a:25:d4:8a:06:69:dd:89:f2:f9:ac:2f:
29:23:ad:77:be:c5:6c:7a:a9:90:74:9c:8e:8c:4e:
d2:4b:87:c1:d6:ff:a4:c1:d2:7b:67:3c:fe:e8:d9:
11:3f:99:94:ce:24:bd:39:60:b2:ad:52:94:de:85:
43:11:f1:77:cd:6b:b7:5e:63:8b:b0:4d:ef:c9:cf:
96:ab:55:de:6a:1d:1f:60:53:7e:4d:f1:95:f7:0a:
9e:10:5e:9c:d1:06:59:95:98:e0:a4:63:f3:e7:20:
c2:cd:44:18:73:36:bf:8c:71:1e:28:fc:ea:24:c3:
f7:54:6b:e0:9a:cc:b6:78:cc:00:42:33:fd:b9:37:
1f:65:e2:e2:cc:7b:99:81:86:15:c3:11:22:45:e9:
1d:f8:72:e9:db:9e:49:22:44:49:cd:1f:7a:4d:96:
bb:3f:68:fd:93:a7:3e:61:9a:82:d3:4a:44:90:e1:
6a:16:45:66:94:0b:a4:ad:33:97:31:42:a2:9b:18:
72:f0:43:27:16:f8:30:88:fb:1d:0b:38:5f:e2:8c:
11:37:ec:7a:fa:35:79:32:c2:73:8b:12:16:f4:9f:
e3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:50:CD:26:05:E0:06:9B:77:92:D8:50:F9:83:90:B8:DF:70:69:49
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/CFDNJgXgBpt3kthQ-YOQuN9waUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.64.0/24
85.234.66.0/23
85.234.84.0/24
85.234.86.0/24
85.234.91.0/24
85.234.94.0/23
92.38.143.0/24
93.113.170.0/24
93.119.168.0/23
109.61.121.0/24
IPv6:
2a03:90c0:680::/44
2a03:90c0:7a0::/43
Signature Algorithm: sha256WithRSAEncryption
62:1a:3e:d7:5b:66:a6:17:28:37:f0:99:56:06:8f:e1:2d:9a:
f1:61:02:95:b2:48:e0:92:68:91:70:0f:64:18:f4:b8:ef:ee:
11:68:43:8e:48:7e:91:ce:75:dc:a8:29:de:29:4b:b0:68:90:
25:82:f6:46:d6:dd:d6:82:b3:f4:cc:d5:69:9e:cb:c6:c4:e8:
0a:29:df:3a:0d:a6:52:e1:64:b4:a3:97:c6:72:a4:7d:8e:54:
31:a9:b8:f9:c9:46:6b:12:8f:e9:d2:14:88:a1:e2:1e:9b:45:
c4:40:4e:35:d6:f8:69:91:97:a8:3a:3e:7f:6e:5d:d7:0d:de:
c9:0b:86:05:53:07:da:ac:6a:41:04:1f:fa:bd:3c:26:b8:2b:
0a:e4:eb:77:a5:3f:b3:0e:70:45:98:f8:25:4c:83:18:c0:33:
5b:1c:8b:88:66:a4:f4:0a:48:7e:5d:38:a1:c8:7b:3e:b6:97:
10:15:24:12:85:aa:c2:ae:4a:b3:54:c9:4a:46:53:f5:23:0a:
d5:38:62:58:74:40:fd:aa:1b:30:aa:fa:1c:fd:3d:7c:4e:5c:
c9:73:14:de:68:ad:7e:5a:28:ec:c6:37:da:e1:a5:fc:82:f8:
28:db:e8:e6:ab:a8:05:47:aa:aa:5f:60:95:66:a4:6a:c4:48:
ad:6f:95:f7
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZg36ctTdjACJOieqSg+wNr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjUwNzIzMTUzMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUwY2QyNjA1ZTAwNjliNzc5MmQ4NTBmOTgzOTBiOGRmNzA2OTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXtlTZo9RpM7HwaS5+q1GM9BY0z4
AQ9rKdskF6+H2UwaJdSKBmndifL5rC8pI613vsVseqmQdJyOjE7SS4fB1v+kwdJ7
Zzz+6NkRP5mUziS9OWCyrVKU3oVDEfF3zWu3XmOLsE3vyc+Wq1Xeah0fYFN+TfGV
9wqeEF6c0QZZlZjgpGPz5yDCzUQYcza/jHEeKPzqJMP3VGvgmsy2eMwAQjP9uTcf
ZeLizHuZgYYVwxEiRekd+HLp255JIkRJzR96TZa7P2j9k6c+YZqC00pEkOFqFkVm
lAukrTOXMUKimxhy8EMnFvgwiPsdCzhf4owRN+x6+jV5MsJzixIW9J/jyQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFAhQzSYF4Aabd5LYUPmDkLjfcGlJMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvQ0ZETkpnWGdCcHQza3RoUS1ZT1F1Tjl3YVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBCBAIAATA8AwQAVepAAwQB
VepCAwQAVepUAwQAVepWAwQAVepbAwQBVepeAwQAXCaPAwQAXXGqAwQBXXeoAwQA
bT15MBgEAgACMBIDBwQqA5DABoADBwUqA5DAB6AwDQYJKoZIhvcNAQELBQADggEB
AGIaPtdbZqYXKDfwmVYGj+EtmvFhApWySOCSaJFwD2QY9Ljv7hFoQ45IfpHOddyo
Kd4pS7BokCWC9kbW3daCs/TM1Wmey8bE6Aop3zoNplLhZLSjl8ZypH2OVDGpuPnJ
RmsSj+nSFIih4h6bRcRATjXW+GmRl6g6Pn9uXdcN3skLhgVTB9qsakEEH/q9PCa4
Kwrk63elP7MOcEWY+CVMgxjAM1sci4hmpPQKSH5dOKHIez62lxAVJBKFqsKuSrNU
yUpGU/UjCtU4Ylh0QP2qGzCq+hz9PXxOXMlzFN5orX5aKOzGN9rhpfyC+Cjb6Oar
qAVHqqpfYJVmpGrESK1vlfc=
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:16:52 2025 by rpki-client