Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/S8bTGYJ0cxLl30FEtA-H780zzBU.roa
File: S8bTGYJ0cxLl30FEtA-H780zzBU.roa (raw, json)
Hash identifier: YnvQMnkYUeDGrPJdYP+G/Iwu0XmTS47dChm4WGuJZvQ=
Subject key identifier: 4B:C6:D3:19:82:74:73:12:E5:DF:41:44:B4:0F:87:EF:CD:33:CC:15
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0197A751B97C82F7449DE64A9F46A4CD054D
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/S8bTGYJ0cxLl30FEtA-H780zzBU.roa
Signing time: Wed 25 Jun 2025 13:40:40 +0000
ROA not before: Wed 25 Jun 2025 13:40:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198154
IP address blocks: 89.44.242.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
109.122.241.0/24 maxlen: 24
109.122.249.0/24 maxlen: 24
109.122.254.0/23 maxlen: 24
188.212.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Jun 2025 14:37:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:51:b9:7c:82:f7:44:9d:e6:4a:9f:46:a4:cd:05:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jun 25 13:40:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4bc6d31982747312e5df4144b40f87efcd33cc15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f4:5c:55:14:18:b1:9f:77:a3:28:1b:4d:19:
b3:a6:e2:e1:d0:4c:bf:b8:50:b6:f6:bc:35:20:89:
aa:04:f8:1a:d3:89:99:4d:80:14:e7:b2:b3:95:23:
73:f4:b6:c3:40:d1:da:2d:b3:d9:0b:71:d1:99:3c:
a2:6c:b8:2e:66:d2:43:3a:fa:8d:31:26:2c:58:d7:
95:4d:93:87:5f:6c:9c:fb:dc:c3:ad:23:2a:b7:1f:
61:31:27:7b:33:06:68:1d:0c:d5:f6:98:13:b5:f6:
78:8f:1b:46:97:62:8f:29:9b:ce:df:2e:16:e5:81:
cd:68:98:47:9f:db:7f:3a:4b:35:da:ba:b4:b1:47:
91:6d:61:c9:30:1c:9b:93:bc:27:cf:22:d6:0a:2a:
20:ec:d6:3b:ba:f3:3e:34:d5:2d:35:0b:50:ee:a4:
07:b6:f2:ea:c1:0d:99:a7:4e:5d:f8:a3:e3:9f:3e:
7b:07:aa:ef:74:0c:f4:4b:15:7b:23:85:50:d6:36:
59:4f:a8:f6:37:c9:cf:3f:d5:ad:53:e6:f3:9a:13:
db:f7:7b:de:af:5e:a3:3f:c4:68:e8:08:b7:dd:66:
2a:0b:3c:76:8f:e4:b2:33:2e:19:bb:c3:1d:fb:ae:
f1:c9:5f:8f:af:d8:80:04:1e:2d:09:7c:44:89:b4:
26:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C6:D3:19:82:74:73:12:E5:DF:41:44:B4:0F:87:EF:CD:33:CC:15
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/S8bTGYJ0cxLl30FEtA-H780zzBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.242.0/24
89.46.217.0/24
109.122.241.0/24
109.122.249.0/24
109.122.254.0/23
188.212.99.0/24
Signature Algorithm: sha256WithRSAEncryption
98:2f:50:3c:52:87:fd:19:cb:20:ad:7e:7f:ae:bb:37:89:bd:
00:50:0a:16:db:b4:81:d1:19:d0:e9:f7:be:9d:62:32:ab:27:
c0:a8:e8:9d:2e:28:b9:9b:e5:60:d2:b4:28:97:f4:c2:a4:2e:
99:35:5f:0d:6a:70:02:7e:10:b4:19:ad:d4:69:a3:d2:ee:c6:
5c:ab:f2:05:0d:0e:25:eb:cf:cd:31:bd:a0:76:4e:6e:47:fd:
e3:0d:d6:ce:f6:fe:f0:a0:80:a5:de:95:37:b9:53:5c:d7:3a:
36:fc:91:97:08:fb:d1:05:4f:50:ea:40:66:d0:99:34:9e:7a:
6b:da:c4:d5:b8:dd:59:4a:12:03:bb:4c:5c:4f:c2:6a:db:27:
a3:72:a3:8e:8d:ee:48:34:d8:51:ec:61:5a:fc:71:1c:d5:39:
87:eb:e0:0e:3d:ab:3f:11:ad:70:2e:b9:b0:a6:57:6f:51:ad:
9c:40:ea:aa:dd:0d:7e:65:6d:ea:ad:a9:f9:fc:be:41:b9:4b:
cf:2d:88:5e:95:74:f9:5a:6f:50:d6:cf:bd:63:ad:48:94:ad:
29:46:af:0b:dc:c2:8e:3b:f1:e1:07:ee:1f:f2:9f:52:34:75:
a6:2e:b2:82:58:84:ba:65:c7:6c:5b:02:a6:41:2c:37:8b:8e:
e5:e9:bd:3f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZenUbl8gvdEneZKn0akzQVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwNjI1MTM0MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmM2ZDMxOTgyNzQ3MzEyZTVkZjQxNDRiNDBmODdlZmNkMzNjYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfRcVRQYsZ93oygbTRmzpuLh0Ey/
uFC29rw1IImqBPga04mZTYAU57KzlSNz9LbDQNHaLbPZC3HRmTyibLguZtJDOvqN
MSYsWNeVTZOHX2yc+9zDrSMqtx9hMSd7MwZoHQzV9pgTtfZ4jxtGl2KPKZvO3y4W
5YHNaJhHn9t/Oks12rq0sUeRbWHJMBybk7wnzyLWCiog7NY7uvM+NNUtNQtQ7qQH
tvLqwQ2Zp05d+KPjnz57B6rvdAz0SxV7I4VQ1jZZT6j2N8nPP9WtU+bzmhPb93ve
r16jP8Ro6Ai33WYqCzx2j+SyMy4Zu8Md+67xyV+Pr9iABB4tCXxEibQmwwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEvG0xmCdHMS5d9BRLQPh+/NM8wVMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvUzhiVEdZSjBjeExsMzBGRXRBLUg3ODB6ekJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSzyAwQA
WS7ZAwQAbXrxAwQAbXr5AwQBbXr+AwQAvNRjMA0GCSqGSIb3DQEBCwUAA4IBAQCY
L1A8Uof9GcsgrX5/rrs3ib0AUAoW27SB0RnQ6fe+nWIyqyfAqOidLii5m+Vg0rQo
l/TCpC6ZNV8NanACfhC0Ga3UaaPS7sZcq/IFDQ4l68/NMb2gdk5uR/3jDdbO9v7w
oICl3pU3uVNc1zo2/JGXCPvRBU9Q6kBm0Jk0nnpr2sTVuN1ZShIDu0xcT8Jq2yej
cqOOje5INNhR7GFa/HEc1TmH6+AOPas/Ea1wLrmwpldvUa2cQOqq3Q1+ZW3qran5
/L5BuUvPLYhelXT5Wm9Q1s+9Y61IlK0pRq8L3MKOO/HhB+4f8p9SNHWmLrKCWIS6
ZcdsWwKmQSw3i47l6b0/
-----END CERTIFICATE-----
Generated at Sun Jul 27 11:57:55 2025 by rpki-client