Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/TlolwU0uCMbKCIeAy2dowi4uEj4.roa
File: TlolwU0uCMbKCIeAy2dowi4uEj4.roa (raw, json)
Hash identifier: fA34ASiS2JD4LirLsxauFeJc2YglpM8qpXYGbOj8x80=
Subject key identifier: 4E:5A:25:C1:4D:2E:08:C6:CA:08:87:80:CB:67:68:C2:2E:2E:12:3E
Certificate issuer: /CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Certificate serial: 01980E258CA45C23EDAFBB7ECD2724BC25AD
Authority key identifier: BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/TlolwU0uCMbKCIeAy2dowi4uEj4.roa
Signing time: Tue 15 Jul 2025 12:53:18 +0000
ROA not before: Tue 15 Jul 2025 12:53:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 93.94.32.0/24 maxlen: 24
93.174.64.0/21 maxlen: 24
158.58.136.0/21 maxlen: 24
185.84.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Jul 2025 14:04:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:25:8c:a4:5c:23:ed:af:bb:7e:cd:27:24:bc:25:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Validity
Not Before: Jul 15 12:53:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e5a25c14d2e08c6ca088780cb6768c22e2e123e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:02:f4:51:1a:f5:fe:ef:6e:e9:e3:fb:39:07:
df:e0:f2:b6:ec:57:2d:77:aa:d0:93:58:75:95:c5:
9f:21:4c:96:0a:ed:80:7f:83:40:7a:49:7f:5d:2f:
60:2d:85:60:14:0d:a1:a6:19:c0:8d:18:27:ba:48:
69:9e:62:3f:ef:e2:4d:60:24:0d:83:d2:2c:d8:6e:
13:72:1e:61:08:90:de:a2:9d:d9:0c:12:30:9d:8e:
5e:cf:7a:ae:4a:5a:0d:e3:63:e3:38:e2:36:f4:da:
03:ab:03:e1:cf:b7:79:c4:c8:48:e9:65:cd:07:23:
87:ac:fb:4b:d8:c2:49:e3:60:cd:38:e6:b2:80:29:
18:af:7f:f7:5f:f3:cb:e4:75:c0:d9:50:f5:2d:22:
b0:2b:3b:f5:c4:63:da:68:a2:b5:f7:ed:09:54:79:
5e:87:5f:98:58:91:89:bb:6c:49:60:4f:eb:2d:25:
e8:26:08:f7:e0:8e:42:13:c6:2d:17:1c:9e:2f:32:
6f:3f:b8:02:d7:4d:15:a8:68:14:51:d6:c8:00:62:
68:7b:4b:4a:4b:81:03:bf:0f:66:06:6a:6a:6c:42:
40:7c:bf:81:c3:34:49:d7:f2:5a:c9:17:72:ce:d7:
63:13:2f:68:8b:9a:77:fa:9a:9a:d9:d8:3f:b4:b3:
c3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5A:25:C1:4D:2E:08:C6:CA:08:87:80:CB:67:68:C2:2E:2E:12:3E
X509v3 Authority Key Identifier:
keyid:BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/TlolwU0uCMbKCIeAy2dowi4uEj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.32.0/24
93.174.64.0/21
158.58.136.0/21
185.84.176.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:07:74:6c:e5:82:ef:00:ff:10:99:b2:83:7c:64:c4:bb:45:
f3:d4:49:f1:b4:4c:c2:59:69:0b:af:e2:d1:12:66:f9:2d:1e:
1c:40:73:0e:f4:04:27:f1:a3:6e:d6:b0:8d:cc:34:61:59:9e:
8a:5a:ff:94:5a:57:48:68:75:2a:e0:d7:66:8c:4f:5f:58:98:
94:1c:3a:51:a5:23:94:6e:0f:e4:1b:95:89:2a:e3:3b:66:c5:
f1:7f:c2:96:f6:b6:d0:59:06:75:88:6d:8a:e3:72:89:f6:d6:
38:f0:f5:47:3d:69:4e:28:d1:49:b0:ee:4d:fc:20:af:92:e2:
27:60:9b:04:c8:17:31:fe:fb:20:27:79:64:5e:15:ce:6a:f2:
37:de:44:d1:68:f3:5a:95:e8:dd:c2:7e:06:25:cf:8f:b8:b3:
f8:75:78:31:83:b9:db:a5:ef:45:2e:5a:ed:1e:79:28:a3:bd:
fa:96:8e:c7:23:de:ed:94:14:74:80:ce:5f:c2:b8:ab:08:5f:
18:4e:02:9e:94:88:39:7d:0b:d1:12:f4:88:b2:1b:43:ec:bf:
6f:f5:0b:3f:b9:58:1c:21:8a:7d:12:21:b1:80:47:dd:da:16:
63:6d:1a:9d:a6:4b:65:1f:c5:63:a2:9a:bf:45:2c:20:68:03:
29:f8:a7:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgOJYykXCPtr7t+zSckvCWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODg4NDlhMmViNWU5ZGQ1NzFhOGU3NDNiZWQ3Yjk1MTNk
N2ExMjEwHhcNMjUwNzE1MTI1MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVhMjVjMTRkMmUwOGM2Y2EwODg3ODBjYjY3NjhjMjJlMmUxMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwL0URr1/u9u6eP7OQff4PK27Fct
d6rQk1h1lcWfIUyWCu2Af4NAekl/XS9gLYVgFA2hphnAjRgnukhpnmI/7+JNYCQN
g9Is2G4Tch5hCJDeop3ZDBIwnY5ez3quSloN42PjOOI29NoDqwPhz7d5xMhI6WXN
ByOHrPtL2MJJ42DNOOaygCkYr3/3X/PL5HXA2VD1LSKwKzv1xGPaaKK19+0JVHle
h1+YWJGJu2xJYE/rLSXoJgj34I5CE8YtFxyeLzJvP7gC100VqGgUUdbIAGJoe0tK
S4EDvw9mBmpqbEJAfL+BwzRJ1/JayRdyztdjEy9oi5p3+pqa2dg/tLPDQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE5aJcFNLgjGygiHgMtnaMIuLhI+MB8GA1UdIwQY
MBaAFL+IhJoutendVxqOdDvte5UT16EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYt
MjM3MzliNWZkODRjLzEvVGxvbHdVMHVDTWJLQ0llQXkyZG93aTR1RWo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYtMjM3MzliNWZkODRj
LzEvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXV4gAwQD
Xa5AAwQDnjqIAwQCuVSwMA0GCSqGSIb3DQEBCwUAA4IBAQCKB3Rs5YLvAP8QmbKD
fGTEu0Xz1EnxtEzCWWkLr+LREmb5LR4cQHMO9AQn8aNu1rCNzDRhWZ6KWv+UWldI
aHUq4NdmjE9fWJiUHDpRpSOUbg/kG5WJKuM7ZsXxf8KW9rbQWQZ1iG2K43KJ9tY4
8PVHPWlOKNFJsO5N/CCvkuInYJsEyBcx/vsgJ3lkXhXOavI33kTRaPNalejdwn4G
Jc+PuLP4dXgxg7nbpe9FLlrtHnkoo736lo7HI97tlBR0gM5fwrirCF8YTgKelIg5
fQvREvSIshtD7L9v9Qs/uVgcIYp9EiGxgEfd2hZjbRqdpktlH8Vjopq/RSwgaAMp
+KeJ
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:20:17 2025 by rpki-client