Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/FSFxJq-IjGjAS9Uhp3cexfZQN1M.roa
File: FSFxJq-IjGjAS9Uhp3cexfZQN1M.roa (raw, json)
Hash identifier: CyGcwLedHZeT5JUiMc33CTzjpVO57rDT9d06L2crXv0=
Subject key identifier: 15:21:71:26:AF:88:8C:68:C0:4B:D5:21:A7:77:1E:C5:F6:50:37:53
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 0197C04739EB2AF0E4686136DE32018E53E7
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/FSFxJq-IjGjAS9Uhp3cexfZQN1M.roa
Signing time: Mon 30 Jun 2025 09:59:42 +0000
ROA not before: Mon 30 Jun 2025 09:59:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 84.22.64.0/24 maxlen: 24
84.22.65.0/24 maxlen: 24
84.22.66.0/24 maxlen: 24
84.22.67.0/24 maxlen: 24
84.22.68.0/24 maxlen: 24
84.22.69.0/24 maxlen: 24
84.22.70.0/24 maxlen: 24
84.22.71.0/24 maxlen: 24
84.22.72.0/24 maxlen: 24
84.22.73.0/24 maxlen: 24
84.22.74.0/24 maxlen: 24
84.22.75.0/24 maxlen: 24
84.22.76.0/24 maxlen: 24
84.22.77.0/24 maxlen: 24
84.22.78.0/24 maxlen: 24
84.22.79.0/24 maxlen: 24
84.22.80.0/24 maxlen: 24
84.22.81.0/24 maxlen: 24
84.22.84.0/24 maxlen: 24
84.22.86.0/24 maxlen: 24
128.140.128.0/20 maxlen: 20
185.23.96.0/23 maxlen: 23
185.23.99.0/24 maxlen: 24
213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.229.0/24 maxlen: 24
213.180.230.0/24 maxlen: 24
213.180.247.0/24 maxlen: 24
213.180.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 03 Jul 2025 10:37:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:47:39:eb:2a:f0:e4:68:61:36:de:32:01:8e:53:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jun 30 09:59:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15217126af888c68c04bd521a7771ec5f6503753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:90:7c:05:fb:e6:f9:20:7c:fc:f3:09:59:e7:
b8:d2:c5:e1:01:fc:ee:8f:35:75:1c:88:ab:7b:b4:
ad:d3:bf:b2:9b:25:c1:6f:7a:27:ad:11:54:aa:5c:
ad:13:33:af:06:a4:08:4d:da:e4:f0:a3:92:19:34:
6a:5d:cf:5d:55:43:51:39:3c:36:3f:17:f0:39:3a:
74:92:91:8a:16:b1:f8:46:9e:29:e4:67:cd:f5:7c:
12:1d:2b:a4:25:e5:21:3f:7e:7f:7e:6d:8c:fb:2f:
28:8b:d8:28:bd:f3:56:b2:00:80:50:20:ac:af:2c:
bd:c1:e1:46:b1:3e:8e:e8:68:c0:4b:f0:46:e1:f3:
94:84:16:2f:cf:47:aa:c7:dc:54:f7:aa:01:b2:70:
e3:6a:70:ac:78:26:7d:ce:45:4d:da:9d:92:51:43:
aa:70:bc:7f:9c:d4:5f:a9:3a:e1:5f:15:fe:9c:99:
0b:e1:cd:5a:c5:0e:5f:98:c7:b0:87:ad:96:ea:40:
28:e0:c0:c8:00:57:2c:ca:ca:18:1f:0a:71:31:34:
c4:89:5c:f7:e9:62:56:ca:9e:ca:9d:29:4e:ee:bc:
af:6f:49:a5:fb:08:ee:d9:20:d7:f7:c1:f2:33:02:
d2:0e:c7:b8:5b:9c:26:02:bc:63:a5:47:ae:f1:b1:
50:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:21:71:26:AF:88:8C:68:C0:4B:D5:21:A7:77:1E:C5:F6:50:37:53
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/FSFxJq-IjGjAS9Uhp3cexfZQN1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.64.0-84.22.81.255
84.22.84.0/24
84.22.86.0/24
128.140.128.0/20
185.23.96.0/23
185.23.99.0/24
213.180.225.0-213.180.226.255
213.180.228.0-213.180.230.255
213.180.247.0/24
213.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:67:c9:5c:31:75:de:9c:1c:cb:90:d4:4b:27:b1:8e:89:e9:
dc:85:ec:63:87:44:1c:5b:30:2a:d2:d4:38:6a:c7:ba:72:aa:
5f:18:64:71:13:59:2f:8e:39:3c:e9:0b:a0:1f:94:dc:cb:94:
c8:95:81:d8:63:cf:f0:41:40:11:b6:b1:4a:3e:43:3d:17:c0:
7b:de:5f:29:30:75:31:7b:2e:8a:4d:03:a7:e1:9a:1c:85:c9:
07:f7:f5:2e:7f:5f:99:b5:38:1b:46:6f:a8:7c:28:03:7e:93:
a7:8b:cd:ba:13:db:91:40:02:39:5e:2f:5b:c9:e6:cc:5d:d3:
6a:2f:03:d5:98:48:40:40:6c:4a:7f:63:54:3a:19:d5:f7:dc:
03:dc:24:d3:a3:f1:8c:c0:7a:66:60:0a:a5:e7:b6:84:b2:0b:
a1:6a:97:35:45:41:5e:07:25:bc:3e:77:06:9c:9c:79:57:9f:
8d:08:64:b4:72:2a:2c:46:5c:60:71:d7:e4:14:ae:2b:80:37:
ca:f1:14:c9:0e:b6:b4:41:5c:d6:49:b8:01:c0:56:cc:68:b0:
69:80:ee:c1:80:8e:fb:fb:83:f9:90:0b:29:42:dd:3b:f9:5e:
76:25:ff:2b:31:f8:bf:12:30:57:29:a7:04:d2:35:b9:18:6b:
25:00:12:fa
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZfARznrKvDkaGE23jIBjlPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwNjMwMDk1OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTIxNzEyNmFmODg4YzY4YzA0YmQ1MjFhNzc3MWVjNWY2NTAzNzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5B8Bfvm+SB8/PMJWee40sXhAfzu
jzV1HIire7St07+ymyXBb3onrRFUqlytEzOvBqQITdrk8KOSGTRqXc9dVUNROTw2
PxfwOTp0kpGKFrH4Rp4p5GfN9XwSHSukJeUhP35/fm2M+y8oi9govfNWsgCAUCCs
ryy9weFGsT6O6GjAS/BG4fOUhBYvz0eqx9xU96oBsnDjanCseCZ9zkVN2p2SUUOq
cLx/nNRfqTrhXxX+nJkL4c1axQ5fmMewh62W6kAo4MDIAFcsysoYHwpxMTTEiVz3
6WJWyp7KnSlO7ryvb0ml+wju2SDX98HyMwLSDse4W5wmArxjpUeu8bFQCwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFBUhcSaviIxowEvVIad3HsX2UDdTMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvRlNGeEpxLUlqR2pBUzlVaHAzY2V4ZlpRTjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUMAwDBAZUFkAD
BAFUFlADBABUFlQDBABUFlYDBASAjIADBAG5F2ADBAC5F2MwDAMEANW04QMEANW0
4jAMAwQC1bTkAwQA1bTmAwQA1bT3AwQC1bT8MA0GCSqGSIb3DQEBCwUAA4IBAQA/
Z8lcMXXenBzLkNRLJ7GOienchexjh0QcWzAq0tQ4ase6cqpfGGRxE1kvjjk86Qug
H5Tcy5TIlYHYY8/wQUARtrFKPkM9F8B73l8pMHUxey6KTQOn4ZochckH9/Uuf1+Z
tTgbRm+ofCgDfpOni826E9uRQAI5Xi9byebMXdNqLwPVmEhAQGxKf2NUOhnV99wD
3CTTo/GMwHpmYAql57aEsguhapc1RUFeByW8PncGnJx5V5+NCGS0ciosRlxgcdfk
FK4rgDfK8RTJDra0QVzWSbgBwFbMaLBpgO7BgI77+4P5kAspQt07+V52Jf8rMfi/
EjBXKacE0jW5GGslABL6
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:27:46 2025 by rpki-client