Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/iahxjVLEuTrQBnT_x70wFF29Qzo.roa
File: iahxjVLEuTrQBnT_x70wFF29Qzo.roa (raw, json)
Hash identifier: 4DtuRbHhfqQPWekNS4LHT3bHHDA5e5RpddKlWRshYG4=
Subject key identifier: 89:A8:71:8D:52:C4:B9:3A:D0:06:74:FF:C7:BD:30:14:5D:BD:43:3A
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 0197E4F1359C28C63723A26854D037C7DA3E
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/iahxjVLEuTrQBnT_x70wFF29Qzo.roa
Signing time: Mon 07 Jul 2025 12:51:42 +0000
ROA not before: Mon 07 Jul 2025 12:51:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60246
IP address blocks: 80.72.20.0/23 maxlen: 32
80.72.24.0/23 maxlen: 32
85.198.120.0/21 maxlen: 32
92.118.72.0/23 maxlen: 32
95.174.96.0/20 maxlen: 32
95.174.112.0/21 maxlen: 32
95.174.120.0/24 maxlen: 32
95.174.123.0/24 maxlen: 32
95.174.124.0/22 maxlen: 32
178.212.139.0/24 maxlen: 32
178.248.0.0/24 maxlen: 32
185.9.184.0/24 maxlen: 32
185.9.186.0/23 maxlen: 32
185.230.240.0/23 maxlen: 32
185.230.242.0/24 maxlen: 32
2a00:8740::/47 maxlen: 128
2a00:8740:2::/48 maxlen: 128
2a00:8740:10::/47 maxlen: 128
2a00:8740:15::/48 maxlen: 128
2a00:8740:16::/47 maxlen: 128
2a00:8740:18::/45 maxlen: 128
2a00:8740:20::/44 maxlen: 128
2a00:8740:30::/46 maxlen: 128
2a00:8740:34::/47 maxlen: 128
2a00:8740:36::/48 maxlen: 128
2a00:8740:100::/48 maxlen: 128
2a00:8740:110::/47 maxlen: 128
2a00:8740:112::/48 maxlen: 128
2a00:8740:201::/48 maxlen: 128
2a00:8740:ff00::/48 maxlen: 128
Validation: Failed, certificate revoked on Fri 11 Jul 2025 13:46:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e4:f1:35:9c:28:c6:37:23:a2:68:54:d0:37:c7:da:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jul 7 12:51:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89a8718d52c4b93ad00674ffc7bd30145dbd433a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:06:01:d0:78:4e:dd:4b:a3:d9:d8:4d:73:98:
6d:f8:72:ea:de:78:ec:99:2b:7c:38:4c:a9:d7:00:
63:c0:3a:f5:d4:bc:0b:93:10:bd:aa:33:8e:fd:b7:
b3:fd:e5:d1:c5:55:b4:90:11:22:98:bc:84:68:a7:
85:27:6a:8f:74:f3:81:19:fd:75:c9:88:be:e1:aa:
eb:b0:f9:ab:f8:ef:95:7b:41:52:4c:6a:5b:22:47:
b5:fa:d4:8e:7c:41:5b:03:82:55:f7:9d:fe:96:b4:
f3:dc:1a:fc:3c:12:e6:41:41:61:b4:2e:de:14:ce:
27:e1:d0:89:6c:f8:05:81:73:2b:49:6b:24:7a:eb:
ca:4e:24:77:c0:07:47:c6:16:20:99:22:c9:fb:03:
46:d8:7a:4e:0a:77:bf:31:e1:cc:03:28:e6:8d:4c:
27:28:9b:bd:75:9c:4d:30:c1:5d:81:8c:da:75:97:
b9:56:e7:27:1d:32:6f:15:b2:6a:e6:14:90:12:07:
ed:ad:1c:bb:c8:3f:aa:cd:d5:70:7b:69:93:24:0b:
43:a3:9d:a0:73:64:9b:cc:c0:4b:52:7a:01:17:08:
f1:02:2b:4c:57:6f:14:24:f1:1c:1a:c3:db:3c:3c:
85:50:a0:47:bf:15:40:31:1b:68:b0:fb:ee:ca:9c:
b8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A8:71:8D:52:C4:B9:3A:D0:06:74:FF:C7:BD:30:14:5D:BD:43:3A
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/iahxjVLEuTrQBnT_x70wFF29Qzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.20.0/23
80.72.24.0/23
85.198.120.0/21
92.118.72.0/23
95.174.96.0-95.174.120.255
95.174.123.0-95.174.127.255
178.212.139.0/24
178.248.0.0/24
185.9.184.0/24
185.9.186.0/23
185.230.240.0-185.230.242.255
IPv6:
2a00:8740::-2a00:8740:2:ffff:ffff:ffff:ffff:ffff
2a00:8740:10::/47
2a00:8740:15::-2a00:8740:36:ffff:ffff:ffff:ffff:ffff
2a00:8740:100::/48
2a00:8740:110::-2a00:8740:112:ffff:ffff:ffff:ffff:ffff
2a00:8740:201::/48
2a00:8740:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
a3:c4:b7:16:69:85:a7:0c:db:42:bd:86:37:1b:80:39:27:51:
65:9e:81:71:bc:56:7b:b4:f7:bf:8c:0d:f0:44:74:cc:7d:ad:
1c:ad:ad:a9:81:22:32:b1:f9:7f:dd:af:39:ab:91:3a:dc:8c:
47:45:b3:99:e1:19:e4:89:80:0f:f8:6b:05:e2:d8:c1:f8:a0:
60:36:8c:09:74:d4:36:8d:83:4b:52:73:a8:5a:e5:e5:fa:fd:
bd:78:1e:5e:a2:99:aa:16:51:67:92:df:fb:f7:e6:e2:05:6b:
30:a5:95:7b:cb:20:dc:06:59:26:84:39:ed:dd:5f:6f:2b:86:
c3:ae:e7:0d:d2:18:e9:35:ce:22:3c:61:10:54:cd:34:e0:b8:
09:64:2a:cf:af:09:0b:4d:81:4a:ca:d6:e6:76:13:32:cf:11:
ae:55:a3:95:b9:9c:a5:aa:86:3d:38:ff:7d:28:d9:7b:34:a8:
8c:fb:f9:3b:70:b8:dc:27:34:1d:ca:53:06:70:5c:88:5c:ac:
c2:a7:9d:72:95:1e:f0:c5:0b:5e:45:07:d1:99:9e:4f:ff:a4:
74:9c:89:5f:dc:6d:b2:5b:6b:73:db:56:08:e2:e9:23:73:ba:
08:ed:84:e9:f9:3d:ac:cb:cd:f9:10:33:82:74:5f:e0:d6:01:
e7:06:dd:ed
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZfk8TWcKMY3I6JoVNA3x9o+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjUwNzA3MTI1MTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE4NzE4ZDUyYzRiOTNhZDAwNjc0ZmZjN2JkMzAxNDVkYmQ0MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wYB0HhO3Uuj2dhNc5ht+HLq3njs
mSt8OEyp1wBjwDr11LwLkxC9qjOO/bez/eXRxVW0kBEimLyEaKeFJ2qPdPOBGf11
yYi+4arrsPmr+O+Ve0FSTGpbIke1+tSOfEFbA4JV953+lrTz3Br8PBLmQUFhtC7e
FM4n4dCJbPgFgXMrSWskeuvKTiR3wAdHxhYgmSLJ+wNG2HpOCne/MeHMAyjmjUwn
KJu9dZxNMMFdgYzadZe5VucnHTJvFbJq5hSQEgftrRy7yD+qzdVwe2mTJAtDo52g
c2SbzMBLUnoBFwjxAitMV28UJPEcGsPbPDyFUKBHvxVAMRtosPvuypy4UwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFImocY1SxLk60AZ0/8e9MBRdvUM6MB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvaWFoeGpWTEV1VHJRQm5UX3g3MHdGRjI5UXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDBgBAIAATBaAwQBUEgU
AwQBUEgYAwQDVcZ4AwQBXHZIMAwDBAVfrmADBABfrngwDAMEAF+uewMEB1+uAAME
ALLUiwMEALL4AAMEALkJuAMEAbkJujAMAwQEuebwAwQAuebyMGQEAgACMF4wEAMF
BioAh0ADBwAqAIdAAAIDBwEqAIdAABAwEgMHACoAh0AAFQMHACoAh0AANgMHACoA
h0ABADASAwcEKgCHQAEQAwcAKgCHQAESAwcAKgCHQAIBAwcAKgCHQP8AMA0GCSqG
SIb3DQEBCwUAA4IBAQCjxLcWaYWnDNtCvYY3G4A5J1FlnoFxvFZ7tPe/jA3wRHTM
fa0cra2pgSIysfl/3a85q5E63IxHRbOZ4RnkiYAP+GsF4tjB+KBgNowJdNQ2jYNL
UnOoWuXl+v29eB5eopmqFlFnkt/79+biBWswpZV7yyDcBlkmhDnt3V9vK4bDrucN
0hjpNc4iPGEQVM004LgJZCrPrwkLTYFKytbmdhMyzxGuVaOVuZylqoY9OP99KNl7
NKiM+/k7cLjcJzQdylMGcFyIXKzCp51ylR7wxQteRQfRmZ5P/6R0nIlf3G2yW2tz
21YI4ukjc7oI7YTp+T2sy835EDOCdF/g1gHnBt3t
-----END CERTIFICATE-----
Generated at Fri Jul 25 12:59:50 2025 by rpki-client