Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/8y9DXi3qFLzV5EXM0qkumG995hI.roa
File: 8y9DXi3qFLzV5EXM0qkumG995hI.roa (raw, json)
Hash identifier: Z5BEyCgihVn39M3zZW6sTEXdRBPFmEJUe3ZmuGKb+Zk=
Subject key identifier: F3:2F:43:5E:2D:EA:14:BC:D5:E4:45:CC:D2:A9:2E:98:6F:7D:E6:12
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019832D439974BA45CBF478DBC54D93CB0D0
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/8y9DXi3qFLzV5EXM0qkumG995hI.roa
Signing time: Tue 22 Jul 2025 15:50:25 +0000
ROA not before: Tue 22 Jul 2025 15:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52468
IP address blocks: 45.10.106.0/24 maxlen: 24
45.10.107.0/24 maxlen: 24
45.130.160.0/24 maxlen: 24
45.130.161.0/24 maxlen: 24
46.29.28.0/24 maxlen: 24
94.125.137.0/24 maxlen: 24
201.77.48.0/24 maxlen: 24
201.77.53.0/24 maxlen: 24
201.77.55.0/24 maxlen: 24
217.76.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Jul 2025 16:18:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:32:d4:39:97:4b:a4:5c:bf:47:8d:bc:54:d9:3c:b0:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jul 22 15:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f32f435e2dea14bcd5e445ccd2a92e986f7de612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:13:ae:7b:bc:16:2d:ef:04:6f:6f:82:1e:a2:
15:ff:c4:a6:09:9f:02:e3:c7:88:f0:5e:d3:4a:87:
7e:e2:0a:22:02:5e:a2:17:b6:be:56:ed:da:a5:31:
48:13:bb:6b:54:71:38:84:92:ac:d0:dd:2e:23:42:
38:49:78:90:7e:62:27:c4:6c:dc:1a:7e:0f:46:02:
74:7c:8d:8c:6e:5a:ad:9c:f9:57:87:ad:4e:5b:6e:
9a:bb:6c:30:68:cd:51:69:90:ee:52:2e:28:66:6d:
a6:b1:40:03:96:57:ac:1e:b8:e6:e5:b1:80:45:bf:
68:58:5a:a2:37:25:4b:01:1b:94:5c:c2:db:36:03:
55:f1:8d:91:8b:18:ee:b3:57:f4:f8:ef:d5:ec:c7:
50:8a:ca:aa:28:4d:75:ab:b5:96:9b:a6:5f:79:44:
42:28:b2:cc:85:44:ff:86:fe:9c:c4:a7:82:95:14:
7c:23:86:88:20:60:3a:a3:aa:af:64:97:88:05:45:
c2:df:e0:4f:fc:62:95:6e:ce:2f:25:ec:ef:22:98:
48:46:92:09:70:13:cd:56:11:25:93:f3:4e:d8:7e:
da:83:f9:cf:95:70:37:15:a0:a5:1a:ad:1f:72:a1:
78:d3:8d:ff:f4:9e:79:09:99:99:41:46:83:4b:0c:
e0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:2F:43:5E:2D:EA:14:BC:D5:E4:45:CC:D2:A9:2E:98:6F:7D:E6:12
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/8y9DXi3qFLzV5EXM0qkumG995hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.106.0/23
45.130.160.0/23
46.29.28.0/24
94.125.137.0/24
201.77.48.0/24
201.77.53.0/24
201.77.55.0/24
217.76.240.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:ea:0c:7d:24:0c:65:59:4f:54:b6:dd:73:61:87:92:a1:bb:
09:c6:3f:8c:fc:84:8a:6a:17:1c:37:e9:b1:cf:4c:6a:53:ff:
ab:22:96:2f:64:73:98:d9:ea:50:84:7f:32:f8:db:37:55:8e:
3d:84:b9:a6:11:db:6d:ee:0f:c2:65:39:9e:b5:8b:8f:35:8b:
aa:8f:3a:33:3f:b6:01:b4:71:7e:0e:f6:21:79:8e:95:0f:19:
a8:01:b9:4d:be:76:26:6c:26:d6:32:8a:c6:ba:15:22:ec:4d:
b9:ca:e2:92:b1:9a:e9:67:3b:42:a5:c5:ee:5b:7e:3a:df:27:
6a:d6:ff:a4:e2:74:13:b1:05:72:60:2b:ae:96:58:80:6f:c6:
70:f6:77:79:e1:6c:aa:08:31:30:80:b0:f2:dd:23:5a:83:ba:
c9:c5:8d:d0:cd:5e:1c:5f:aa:fb:a9:eb:c2:6b:fd:e1:ce:c9:
5e:e5:07:b5:a1:da:a8:0c:5a:02:00:8e:80:e4:d1:d1:cb:ce:
c2:6a:54:f0:1e:83:df:cd:2f:2b:fa:a9:87:2e:2c:2b:8e:c3:
56:0d:1b:32:08:88:98:72:a6:de:66:10:c9:19:52:55:db:fc:
a0:fa:bd:4f:e5:d1:a4:05:35:34:4b:ee:61:7b:a0:31:5c:bc:
dd:6c:76:96
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZgy1DmXS6Rcv0eNvFTZPLDQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNzIyMTU1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzJmNDM1ZTJkZWExNGJjZDVlNDQ1Y2NkMmE5MmU5ODZmN2RlNjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxOue7wWLe8Eb2+CHqIV/8SmCZ8C
48eI8F7TSod+4goiAl6iF7a+Vu3apTFIE7trVHE4hJKs0N0uI0I4SXiQfmInxGzc
Gn4PRgJ0fI2MblqtnPlXh61OW26au2wwaM1RaZDuUi4oZm2msUADllesHrjm5bGA
Rb9oWFqiNyVLARuUXMLbNgNV8Y2Rixjus1f0+O/V7MdQisqqKE11q7WWm6ZfeURC
KLLMhUT/hv6cxKeClRR8I4aIIGA6o6qvZJeIBUXC3+BP/GKVbs4vJezvIphIRpIJ
cBPNVhElk/NO2H7ag/nPlXA3FaClGq0fcqF4043/9J55CZmZQUaDSwzgnQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPMvQ14t6hS81eRFzNKpLphvfeYSMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvOHk5RFhpM3FGTHpWNUVYTTBxa3VtRzk5NWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBLQpqAwQB
LYKgAwQALh0cAwQAXn2JAwQAyU0wAwQAyU01AwQAyU03AwQA2UzwMA0GCSqGSIb3
DQEBCwUAA4IBAQBK6gx9JAxlWU9Utt1zYYeSobsJxj+M/ISKahccN+mxz0xqU/+r
IpYvZHOY2epQhH8y+Ns3VY49hLmmEdtt7g/CZTmetYuPNYuqjzozP7YBtHF+DvYh
eY6VDxmoAblNvnYmbCbWMorGuhUi7E25yuKSsZrpZztCpcXuW3463ydq1v+k4nQT
sQVyYCuulliAb8Zw9nd54WyqCDEwgLDy3SNag7rJxY3QzV4cX6r7qevCa/3hzsle
5Qe1odqoDFoCAI6A5NHRy87CalTwHoPfzS8r+qmHLiwrjsNWDRsyCIiYcqbeZhDJ
GVJV2/yg+r1P5dGkBTU0S+5he6AxXLzdbHaW
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:25:06 2025 by rpki-client