Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/CtE5okrUGiumCF-jhkLYhMgpx90.roa
File: CtE5okrUGiumCF-jhkLYhMgpx90.roa (raw, json)
Hash identifier: 9Q3tqUhim0TmboVrJ2go2R9MlehX/gYk9ZPmW56IRX0=
Subject key identifier: 0A:D1:39:A2:4A:D4:1A:2B:A6:08:5F:A3:86:42:D8:84:C8:29:C7:DD
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 0197CFB78D6FB206AA64E5B296301BD3CA5E
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/CtE5okrUGiumCF-jhkLYhMgpx90.roa
Signing time: Thu 03 Jul 2025 09:56:42 +0000
ROA not before: Thu 03 Jul 2025 09:56:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34444
IP address blocks: 84.22.64.0/19 maxlen: 19
84.22.64.0/24 maxlen: 24
84.22.65.0/24 maxlen: 24
84.22.66.0/24 maxlen: 24
84.22.67.0/24 maxlen: 24
84.22.68.0/24 maxlen: 24
84.22.69.0/24 maxlen: 24
84.22.70.0/24 maxlen: 24
84.22.71.0/24 maxlen: 24
84.22.72.0/24 maxlen: 24
84.22.73.0/24 maxlen: 24
84.22.74.0/24 maxlen: 24
84.22.75.0/24 maxlen: 24
84.22.76.0/24 maxlen: 24
84.22.77.0/24 maxlen: 24
84.22.78.0/24 maxlen: 24
84.22.80.0/24 maxlen: 24
84.22.81.0/24 maxlen: 24
84.22.84.0/24 maxlen: 24
84.22.85.0/24 maxlen: 24
84.22.86.0/24 maxlen: 24
195.234.248.0/22 maxlen: 22
213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.229.0/24 maxlen: 24
213.180.230.0/24 maxlen: 24
213.180.240.0/21 maxlen: 24
213.180.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Jul 2025 09:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:b7:8d:6f:b2:06:aa:64:e5:b2:96:30:1b:d3:ca:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jul 3 09:56:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ad139a24ad41a2ba6085fa38642d884c829c7dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e7:35:0e:5e:39:5e:9e:58:aa:fb:a1:13:d6:
56:5c:aa:93:70:ea:c0:a0:41:bd:c4:4e:2e:b5:8a:
0a:05:2a:08:49:c8:ff:43:e2:c7:8e:03:93:e0:91:
aa:fe:af:65:a0:5e:37:9e:8d:d5:e9:67:6b:5c:04:
5c:f0:ff:8f:71:ab:22:1a:8d:c3:01:75:3a:05:5f:
40:17:7d:3f:ee:4f:37:34:cf:71:de:21:04:1e:58:
d1:79:ff:f6:dc:c2:17:d7:d6:48:03:8a:aa:44:0a:
56:07:46:e2:8b:ec:87:f0:e8:36:69:50:f1:93:37:
53:a1:b3:7e:a2:39:0e:de:67:09:07:7d:71:d9:4e:
56:a7:b9:3e:6d:01:5d:70:0c:8a:b1:70:81:95:df:
4a:c4:4b:a8:a0:bf:96:78:fb:2c:a4:b1:1e:60:49:
c4:5f:17:98:08:fc:4c:8e:5d:97:3b:a7:bf:af:b4:
72:99:22:08:e9:fa:62:54:68:88:60:3f:fd:83:26:
d0:2e:9b:bc:ce:7c:40:24:84:c5:80:30:c3:32:8d:
b4:b7:2f:07:7c:ae:ac:69:77:8c:2b:ca:11:56:c3:
1b:66:ab:0f:53:64:97:4a:07:88:19:63:c4:4c:da:
87:1a:a0:2f:30:1b:bf:64:0a:e6:d8:0f:09:d8:9d:
3c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D1:39:A2:4A:D4:1A:2B:A6:08:5F:A3:86:42:D8:84:C8:29:C7:DD
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/CtE5okrUGiumCF-jhkLYhMgpx90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.64.0/19
195.234.248.0/22
213.180.225.0-213.180.226.255
213.180.228.0-213.180.230.255
213.180.240.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:f7:3f:da:e3:1a:3b:fc:0b:6e:02:ec:2d:6e:72:d8:8f:e5:
12:7f:00:2d:6f:61:cb:35:82:55:b6:18:d0:7d:f0:2e:6b:d3:
11:35:b1:49:54:a0:31:49:2d:d5:ae:93:18:af:33:44:0b:da:
9d:cd:a8:8a:b9:ca:ab:6c:d7:0c:66:9d:5f:e6:64:48:c7:4d:
18:fc:aa:f9:66:d9:fa:84:ea:ed:9d:cf:2b:5f:bc:bf:13:a5:
a8:d5:b1:11:0a:14:69:9c:d8:77:83:76:7f:6e:da:a4:62:bf:
93:e1:ca:8e:9d:21:b7:13:03:1d:6b:b5:19:d9:a1:a3:d5:b1:
94:26:1c:41:a6:91:59:1d:76:aa:e4:85:c8:ee:c9:f3:9d:ff:
bf:27:e8:3d:29:ee:a1:4c:f5:f5:20:ba:2e:54:03:bf:98:6d:
9f:d7:e8:3a:e7:38:26:bd:d8:4b:b1:60:d9:0b:79:04:36:24:
2a:94:59:6b:c7:b5:2c:fc:cf:55:e9:db:17:76:1e:c5:48:7e:
b7:cc:c5:c1:36:1c:10:81:a9:5f:b9:33:b9:d4:56:f6:8c:f8:
01:2a:1a:78:1a:0d:ee:74:29:76:7d:7d:cb:1e:1a:c4:d4:4a:
92:00:13:bb:c3:a9:98:8d:57:1c:cd:49:69:af:10:4a:c6:6e:
b8:89:29:42
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZfPt41vsgaqZOWyljAb08peMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwNzAzMDk1NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQxMzlhMjRhZDQxYTJiYTYwODVmYTM4NjQyZDg4NGM4MjljN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsec1Dl45Xp5YqvuhE9ZWXKqTcOrA
oEG9xE4utYoKBSoIScj/Q+LHjgOT4JGq/q9loF43no3V6WdrXARc8P+PcasiGo3D
AXU6BV9AF30/7k83NM9x3iEEHljRef/23MIX19ZIA4qqRApWB0bii+yH8Og2aVDx
kzdTobN+ojkO3mcJB31x2U5Wp7k+bQFdcAyKsXCBld9KxEuooL+WePsspLEeYEnE
XxeYCPxMjl2XO6e/r7RymSII6fpiVGiIYD/9gybQLpu8znxAJITFgDDDMo20ty8H
fK6saXeMK8oRVsMbZqsPU2SXSgeIGWPETNqHGqAvMBu/ZArm2A8J2J08XQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFArROaJK1Borpghfo4ZC2ITIKcfdMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvQ3RFNW9rclVHaXVtQ0YtamhrTFloTWdweDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQFVBZAAwQC
w+r4MAwDBADVtOEDBADVtOIwDAMEAtW05AMEANW05gMEA9W08DANBgkqhkiG9w0B
AQsFAAOCAQEALvc/2uMaO/wLbgLsLW5y2I/lEn8ALW9hyzWCVbYY0H3wLmvTETWx
SVSgMUkt1a6TGK8zRAvanc2oirnKq2zXDGadX+ZkSMdNGPyq+WbZ+oTq7Z3PK1+8
vxOlqNWxEQoUaZzYd4N2f27apGK/k+HKjp0htxMDHWu1Gdmho9WxlCYcQaaRWR12
quSFyO7J853/vyfoPSnuoUz19SC6LlQDv5htn9foOuc4Jr3YS7Fg2Qt5BDYkKpRZ
a8e1LPzPVenbF3YexUh+t8zFwTYcEIGpX7kzudRW9oz4ASoaeBoN7nQpdn19yx4a
xNRKkgATu8OpmI1XHM1Jaa8QSsZuuIkpQg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:33:13 2025 by rpki-client