Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/_cGYju3D4JTqHaKCFaRCVIyY8aI.roa
File: _cGYju3D4JTqHaKCFaRCVIyY8aI.roa (raw, json)
Hash identifier: ZiieuZW9+Bw6XjxUqBt5up+zhY+b+XbqxGoW+aQpisM=
Subject key identifier: FD:C1:98:8E:ED:C3:E0:94:EA:1D:A2:82:15:A4:42:54:8C:98:F1:A2
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 0198371822B7DF966E3630C2E829348D4F6F
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/_cGYju3D4JTqHaKCFaRCVIyY8aI.roa
Signing time: Wed 23 Jul 2025 11:43:05 +0000
ROA not before: Wed 23 Jul 2025 11:43:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 94.131.8.0/24 maxlen: 24
94.131.10.0/24 maxlen: 24
94.131.13.0/24 maxlen: 24
94.131.14.0/24 maxlen: 24
94.131.96.0/24 maxlen: 24
94.131.104.0/24 maxlen: 24
103.113.69.0/24 maxlen: 24
103.231.72.0/24 maxlen: 24
103.231.73.0/24 maxlen: 24
146.19.170.0/24 maxlen: 24
176.120.67.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
213.159.69.0/24 maxlen: 24
2a09:7c43::/32 maxlen: 32
2a0b:cf43::/32 maxlen: 32
2a11:3803::/32 maxlen: 32
2a11:3c01::/32 maxlen: 32
2a11:4c00::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:7e06::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3086::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 24 Jul 2025 10:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:18:22:b7:df:96:6e:36:30:c2:e8:29:34:8d:4f:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jul 23 11:43:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdc1988eedc3e094ea1da28215a442548c98f1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bd:de:a0:28:40:b3:7f:5a:e9:86:ed:22:cc:
da:be:35:37:e2:0a:fe:1e:72:5f:22:8f:3d:84:c0:
4c:05:fc:10:92:a2:e2:6a:bd:c7:e2:1a:d9:a2:17:
fd:16:4a:15:3f:f2:17:00:7f:86:d6:3f:87:4b:2e:
00:eb:72:92:11:83:2a:94:c5:20:10:a9:82:82:5e:
3b:05:cb:ef:b6:20:73:15:cd:18:12:14:34:d0:eb:
31:b7:34:a1:70:a4:da:31:26:fb:c2:c8:40:a5:60:
74:d6:20:91:75:96:2b:2e:64:06:52:ac:36:a8:22:
08:12:f6:58:e6:ab:93:6c:e3:cb:d3:bb:9e:24:db:
30:58:f9:5a:63:00:6b:17:25:15:91:b8:07:5e:53:
64:fc:69:42:3d:29:07:2d:b3:c1:07:54:81:38:38:
de:5c:62:44:11:66:58:94:bc:0a:79:2b:9c:a2:eb:
09:ed:9d:f5:7f:46:f9:15:62:1c:79:5d:69:ad:49:
3b:33:6e:04:34:74:b9:10:0f:f8:3e:52:24:11:c6:
f5:2d:af:79:8c:8b:61:14:cd:c2:bf:ac:5f:0f:fe:
fa:d0:80:9c:c7:78:41:c8:d3:4d:82:c7:5b:d1:c2:
9e:a0:0a:90:8d:20:71:5b:be:d5:5e:fd:a3:03:aa:
12:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C1:98:8E:ED:C3:E0:94:EA:1D:A2:82:15:A4:42:54:8C:98:F1:A2
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/_cGYju3D4JTqHaKCFaRCVIyY8aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.8.0/24
94.131.10.0/24
94.131.13.0-94.131.14.255
94.131.96.0/24
94.131.104.0/24
103.113.69.0/24
103.231.72.0/23
146.19.170.0/24
176.120.67.0/24
185.242.84.0/24
213.159.69.0/24
IPv6:
2a09:7c43::/32
2a0b:cf43::/32
2a11:3803::/32
2a11:3c01::/32
2a11:4c00::/32
2a11:4c04::/32
2a11:7e06::/32
2a14:3081::/32
2a14:3086::/32
Signature Algorithm: sha256WithRSAEncryption
8c:60:8f:f3:60:b3:66:36:7e:28:a3:ed:6c:ea:71:cd:f6:67:
a1:7f:dc:18:6a:97:86:69:81:5f:55:95:24:32:07:90:2f:fd:
9b:fb:fc:f3:09:8d:ca:21:c6:eb:b3:6d:35:91:9b:7f:5c:76:
1f:98:75:68:69:a8:26:03:58:50:c4:78:f4:09:53:b6:bb:48:
b8:2b:93:03:52:c5:e4:09:f7:ad:af:b9:79:d2:d5:a8:76:97:
cd:25:9e:3f:99:eb:c2:9b:59:0c:65:71:b6:f3:09:b5:64:51:
e2:5d:7c:47:0a:e4:5b:50:fe:82:16:e1:5a:ce:a6:4a:d0:e2:
8a:2f:26:2b:3c:36:bc:7f:b0:ec:41:39:e7:cc:36:01:5a:4f:
7d:3f:b7:39:61:38:62:ee:ac:03:fb:39:6c:63:49:a6:1f:1d:
a6:dc:73:20:a5:53:3e:cd:30:1e:f0:81:a8:47:c8:32:22:c6:
f9:a8:b8:a0:b9:6b:dd:96:9b:fd:a6:46:94:ba:85:fc:7a:72:
1f:1a:54:4d:e8:8a:84:72:75:78:dd:9e:11:21:3a:6b:77:e3:
88:18:26:3d:fd:23:17:0c:1b:f6:20:62:4a:1a:62:4f:11:84:
b7:c4:f9:38:5b:8d:0f:15:38:1e:ea:c8:4a:e9:6d:96:63:a3:
06:03:78:7f
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZg3GCK335ZuNjDC6Ck0jU9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwNzIzMTE0MzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGMxOTg4ZWVkYzNlMDk0ZWExZGEyODIxNWE0NDI1NDhjOThmMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur3eoChAs39a6YbtIszavjU34gr+
HnJfIo89hMBMBfwQkqLiar3H4hrZohf9FkoVP/IXAH+G1j+HSy4A63KSEYMqlMUg
EKmCgl47BcvvtiBzFc0YEhQ00OsxtzShcKTaMSb7wshApWB01iCRdZYrLmQGUqw2
qCIIEvZY5quTbOPL07ueJNswWPlaYwBrFyUVkbgHXlNk/GlCPSkHLbPBB1SBODje
XGJEEWZYlLwKeSucousJ7Z31f0b5FWIceV1prUk7M24ENHS5EA/4PlIkEcb1La95
jIthFM3Cv6xfD/760ICcx3hByNNNgsdb0cKeoAqQjSBxW77VXv2jA6oSyQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFP3BmI7tw+CU6h2ighWkQlSMmPGiMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvX2NHWWp1M0Q0SlRxSGFLQ0ZhUkNWSXlZOGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTBQBAIAATBKAwQAXoMI
AwQAXoMKMAwDBABegw0DBABegw4DBABeg2ADBABeg2gDBABncUUDBAFn50gDBACS
E6oDBACweEMDBAC58lQDBADVn0UwRQQCAAIwPwMFACoJfEMDBQAqC89DAwUAKhE4
AwMFACoRPAEDBQAqEUwAAwUAKhFMBAMFACoRfgYDBQAqFDCBAwUAKhQwhjANBgkq
hkiG9w0BAQsFAAOCAQEAjGCP82CzZjZ+KKPtbOpxzfZnoX/cGGqXhmmBX1WVJDIH
kC/9m/v88wmNyiHG67NtNZGbf1x2H5h1aGmoJgNYUMR49AlTtrtIuCuTA1LF5An3
ra+5edLVqHaXzSWeP5nrwptZDGVxtvMJtWRR4l18RwrkW1D+ghbhWs6mStDiii8m
Kzw2vH+w7EE558w2AVpPfT+3OWE4Yu6sA/s5bGNJph8dptxzIKVTPs0wHvCBqEfI
MiLG+ai4oLlr3Zab/aZGlLqF/HpyHxpUTeiKhHJ1eN2eESE6a3fjiBgmPf0jFwwb
9iBiShpiTxGEt8T5OFuNDxU4HurISultlmOjBgN4fw==
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:15:22 2025 by rpki-client