Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tfuIYDgmso_wBYxIaqD83gYhf6A.roa
File: tfuIYDgmso_wBYxIaqD83gYhf6A.roa (raw, json)
Hash identifier: /vtgOGdUo6RJjzTX5WZui31wNTC76FU4sHN/kx//wNo=
Subject key identifier: B5:FB:88:60:38:26:B2:8F:F0:05:8C:48:6A:A0:FC:DE:06:21:7F:A0
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 0197F3D4F2766B1CF7B5B4C9C6E45ED82B41
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tfuIYDgmso_wBYxIaqD83gYhf6A.roa
Signing time: Thu 10 Jul 2025 10:15:08 +0000
ROA not before: Thu 10 Jul 2025 10:15:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61272
IP address blocks: 85.206.160.0/22 maxlen: 32
85.206.164.0/22 maxlen: 32
85.206.166.58/32 maxlen: 32
85.206.168.0/22 maxlen: 32
85.206.172.0/22 maxlen: 32
85.206.240.0/22 maxlen: 32
88.119.160.0/21 maxlen: 32
88.119.168.0/24 maxlen: 32
88.119.169.0/24 maxlen: 32
88.119.170.0/24 maxlen: 32
88.119.171.0/24 maxlen: 32
88.119.173.0/24 maxlen: 32
88.119.174.0/24 maxlen: 32
88.119.175.0/24 maxlen: 32
91.216.163.0/24 maxlen: 32
185.25.48.0/22 maxlen: 32
185.64.104.0/22 maxlen: 32
213.252.230.0/24 maxlen: 32
213.252.231.0/24 maxlen: 32
213.252.232.0/24 maxlen: 32
213.252.233.0/24 maxlen: 32
213.252.238.0/24 maxlen: 32
2a04:2180::/32 maxlen: 64
2a04:2181:c010::/48 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
2a04:2181:c012::/48 maxlen: 64
Validation: Failed, certificate revoked on Wed 16 Jul 2025 07:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:d4:f2:76:6b:1c:f7:b5:b4:c9:c6:e4:5e:d8:2b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Jul 10 10:15:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5fb88603826b28ff0058c486aa0fcde06217fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:cd:99:b2:a0:f4:af:8a:13:18:72:22:35:40:
e7:f6:a9:1c:b7:c8:c1:92:9e:56:b1:5c:58:52:ef:
f9:b6:ba:23:a0:f5:8e:69:4d:d7:cd:fe:de:0a:a7:
59:e6:dd:78:36:ef:54:30:96:f6:e8:92:47:92:7d:
24:64:6a:0a:d1:26:d2:33:9d:f7:03:36:a3:83:46:
50:db:06:99:de:01:9b:d8:73:2d:ad:d9:29:b9:86:
0d:a3:45:5c:62:b4:5b:a4:c4:38:4e:d1:36:d8:3c:
b4:c5:d8:db:57:9c:34:34:a6:ba:90:b3:fc:6a:21:
60:2f:40:b5:fe:62:71:30:64:b8:d2:55:69:8d:4a:
3e:cd:e1:09:2d:1f:4b:bc:75:62:5c:f3:ed:6e:d4:
82:d9:88:b9:dd:20:31:bd:a8:2b:c2:73:ba:94:e4:
f6:dd:e0:f5:75:11:6f:2a:6e:a0:d9:77:aa:8b:bf:
68:5c:69:86:21:a3:72:9c:5f:19:47:b2:61:12:68:
76:e6:65:6f:12:f3:c3:0c:ea:c7:00:ba:6e:af:95:
09:09:6f:0a:72:15:53:13:09:10:1d:34:d0:bd:d2:
33:aa:2f:38:dd:93:37:a0:8f:fa:72:de:1f:dd:d1:
57:01:6c:4a:42:22:10:c5:aa:c7:33:3f:09:4b:7c:
50:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FB:88:60:38:26:B2:8F:F0:05:8C:48:6A:A0:FC:DE:06:21:7F:A0
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tfuIYDgmso_wBYxIaqD83gYhf6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.160.0/20
85.206.240.0/22
88.119.160.0-88.119.171.255
88.119.173.0-88.119.175.255
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
213.252.230.0-213.252.233.255
213.252.238.0/24
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
50:7d:b7:ff:ad:c3:76:b4:fd:4a:3d:50:d9:89:b3:b4:1b:73:
ba:82:77:a6:5d:6c:6e:49:72:50:2b:f8:d1:ab:ed:60:b4:0d:
50:db:9c:99:be:e3:84:01:f3:2f:0f:e4:21:47:5b:64:1a:48:
25:d6:d1:d3:28:15:83:08:31:c8:e9:0d:a0:fd:dd:17:6d:56:
8d:4d:d8:ad:c2:3f:03:13:10:77:1b:23:7c:b1:93:70:2d:ee:
c2:8c:41:ef:12:73:05:7f:39:29:60:02:c1:29:d3:5f:e7:8d:
f9:86:cc:05:73:dd:ac:2b:be:4e:53:dc:cb:7e:8c:7d:2b:01:
6f:5e:d4:af:6b:0d:3c:54:94:fe:a8:b3:91:55:dc:76:d1:71:
84:7d:c6:16:90:2f:43:5c:f0:f7:66:52:15:2c:64:97:a2:40:
d5:f0:38:94:42:49:d0:f7:12:2d:75:d0:de:31:00:0c:0e:b6:
16:cb:a8:4f:5c:42:69:d6:ac:59:47:74:79:e2:2c:61:bb:a9:
fe:b3:64:21:04:f5:78:9b:33:e5:c0:7c:67:dc:5b:63:2c:b8:
ff:98:9d:70:a9:60:6d:3a:d2:c5:8e:ab:26:eb:2e:99:61:2f:
b0:6c:e7:54:4e:8c:05:57:0f:be:de:36:a0:eb:e1:54:0b:4a:
88:2b:a6:28
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZfz1PJ2axz3tbTJxuRe2CtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmVhNzM1OTIyMWMxYjc3ZDZjYzAwNmY3YjY3MDZhOWE5
MDgyOTkwHhcNMjUwNzEwMTAxNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWZiODg2MDM4MjZiMjhmZjAwNThjNDg2YWEwZmNkZTA2MjE3ZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6M2ZsqD0r4oTGHIiNUDn9qkct8jB
kp5WsVxYUu/5trojoPWOaU3Xzf7eCqdZ5t14Nu9UMJb26JJHkn0kZGoK0SbSM533
Azajg0ZQ2waZ3gGb2HMtrdkpuYYNo0VcYrRbpMQ4TtE22Dy0xdjbV5w0NKa6kLP8
aiFgL0C1/mJxMGS40lVpjUo+zeEJLR9LvHViXPPtbtSC2Yi53SAxvagrwnO6lOT2
3eD1dRFvKm6g2Xeqi79oXGmGIaNynF8ZR7JhEmh25mVvEvPDDOrHALpur5UJCW8K
chVTEwkQHTTQvdIzqi843ZM3oI/6ct4f3dFXAWxKQiIQxarHMz8JS3xQwQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFLX7iGA4JrKP8AWMSGqg/N4GIX+gMB8GA1UdIwQY
MBaAFLZupzWSIcG3fWzABve2cGqakIKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMt
Njk5ODM1YzkyYmZlLzEvdGZ1SVlEZ21zb193Qll4SWFxRDgzZ1loZjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMtNjk5ODM1YzkyYmZl
LzEvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwVAQCAAEwTgMEBFXOoAME
AlXO8DAMAwQFWHegAwQCWHeoMAwDBABYd60DBARYd6ADBABb2KMDBAK5GTADBAK5
QGgwDAMEAdX85gMEAdX86AMEANX87jAhBAIAAjAbAwUAKgQhgDASAwcEKgQhgcAQ
AwcAKgQhgcASMA0GCSqGSIb3DQEBCwUAA4IBAQBQfbf/rcN2tP1KPVDZibO0G3O6
gnemXWxuSXJQK/jRq+1gtA1Q25yZvuOEAfMvD+QhR1tkGkgl1tHTKBWDCDHI6Q2g
/d0XbVaNTditwj8DExB3GyN8sZNwLe7CjEHvEnMFfzkpYALBKdNf5435hswFc92s
K75OU9zLfox9KwFvXtSvaw08VJT+qLORVdx20XGEfcYWkC9DXPD3ZlIVLGSXokDV
8DiUQknQ9xItddDeMQAMDrYWy6hPXEJp1qxZR3R54ixhu6n+s2QhBPV4mzPlwHxn
3FtjLLj/mJ1wqWBtOtLFjqsm6y6ZYS+wbOdUTowFVw++3jag6+FUC0qIK6Yo
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:51:43 2025 by rpki-client