Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/o8tX-VqahNfLFXV4bTkuFoVSCsw.roa
File: o8tX-VqahNfLFXV4bTkuFoVSCsw.roa (raw, json)
Hash identifier: z+qB9oBrAHJJCVuj0U+D9Bwi9ptaWGV3MRViIPm/E+M=
Subject key identifier: A3:CB:57:F9:5A:9A:84:D7:CB:15:75:78:6D:39:2E:16:85:52:0A:CC
Certificate issuer: /CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Certificate serial: 019721B22EDF9305D5FBD6EB637B92C2E131
Authority key identifier: B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/o8tX-VqahNfLFXV4bTkuFoVSCsw.roa
Signing time: Fri 30 May 2025 14:56:54 +0000
ROA not before: Fri 30 May 2025 14:56:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393559
IP address blocks: 185.230.180.0/22 maxlen: 24
185.230.181.0/24 maxlen: 24
2a13:d00::/29 maxlen: 48
2a13:d00:cf00::/40 maxlen: 48
2a13:d00:cf8b::/48 maxlen: 48
2a13:d00:cf8c::/48 maxlen: 48
2a13:d00:cf8d::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 06:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:21:b2:2e:df:93:05:d5:fb:d6:eb:63:7b:92:c2:e1:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Validity
Not Before: May 30 14:56:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3cb57f95a9a84d7cb1575786d392e1685520acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d9:f7:90:61:b4:4c:ef:d0:19:45:2c:27:ae:
bd:04:1d:0c:aa:ce:ea:45:fc:27:40:2f:53:93:c2:
d7:fa:e4:06:d2:07:a8:81:9b:9b:6a:39:e9:ad:93:
d5:6a:8c:ce:d0:c6:72:0e:55:65:08:1b:ce:74:75:
94:07:54:db:28:8f:86:0f:42:3b:60:21:a0:a9:ff:
f3:16:65:0a:93:17:e6:ea:0e:df:58:0d:8f:10:a6:
51:73:6f:86:33:ed:05:6a:0a:1c:fc:43:98:c3:cf:
6a:cf:9c:b2:b2:8a:5f:68:a9:dc:c0:04:5a:1f:eb:
ea:39:64:a1:c5:c8:17:df:e9:22:bc:7e:ac:eb:01:
79:01:02:4f:f2:e0:da:f9:d8:ed:7e:cd:31:2e:1d:
d4:f1:cd:55:5c:f8:65:80:3b:8c:03:99:80:6a:27:
82:50:02:95:6e:49:1e:17:d1:c6:93:a5:e0:a8:14:
bf:ba:c1:51:1e:5d:ca:36:5c:d8:98:69:b3:b4:13:
07:9b:8f:e3:f0:43:11:6f:40:0b:94:9e:30:e9:02:
7b:cc:dd:93:7e:a4:0e:74:79:67:c8:9d:aa:54:32:
a3:48:6f:31:0d:7c:ea:22:e9:c6:da:43:f0:40:60:
b5:25:90:79:36:cc:4a:9f:80:4f:45:4f:c0:eb:8e:
ad:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CB:57:F9:5A:9A:84:D7:CB:15:75:78:6D:39:2E:16:85:52:0A:CC
X509v3 Authority Key Identifier:
keyid:B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/o8tX-VqahNfLFXV4bTkuFoVSCsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.180.0/22
IPv6:
2a13:d00::/29
Signature Algorithm: sha256WithRSAEncryption
12:e5:17:f0:4a:2f:91:8b:1c:c5:49:99:f3:3e:81:cc:ff:64:
be:8f:10:95:15:b5:2b:5b:0a:18:a6:13:fd:66:23:0c:63:3a:
77:fa:9f:26:f3:85:bf:58:00:07:a4:1a:d7:bc:e9:94:98:57:
9d:e2:c3:7e:6c:1a:a8:57:6c:fe:4e:9a:a1:5f:70:a5:e9:06:
75:66:94:ce:a8:b5:b4:6c:b0:90:a6:ad:e0:e7:28:4a:c9:63:
d5:36:7b:26:39:26:08:82:cd:7f:74:a4:8b:97:01:a6:a5:64:
52:ae:9d:7e:7e:ac:fe:7d:a4:5e:28:76:30:76:bc:00:8b:52:
8c:c0:e4:85:bd:1a:30:03:f8:de:e6:75:02:36:b0:17:b8:6a:
16:25:23:3d:73:10:11:20:8b:c1:aa:c9:50:a6:45:6d:2c:04:
f7:e2:5c:49:05:5f:00:93:73:7e:ad:8b:e2:9f:78:5b:ff:18:
0a:dd:52:58:f7:e9:f5:91:76:37:82:a7:d3:23:3a:5e:d4:46:
55:da:7f:46:2b:aa:38:80:18:36:0f:59:2a:46:83:35:21:4b:
f3:0e:d9:d4:50:fd:df:ea:d5:7e:9b:40:cb:db:bc:85:fa:b8:
57:85:85:74:b1:c3:d9:a9:f9:e4:2a:34:d6:14:ec:cf:cf:06:
a3:cc:04:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZchsi7fkwXV+9brY3uSwuExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OWJkODRkYTE3OTk3Y2JiMjg2YWY5MDIyYWIyZTA1YmEw
OGI0NDIwHhcNMjUwNTMwMTQ1NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NiNTdmOTVhOWE4NGQ3Y2IxNTc1Nzg2ZDM5MmUxNjg1NTIwYWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dn3kGG0TO/QGUUsJ669BB0Mqs7q
RfwnQC9Tk8LX+uQG0geogZubajnprZPVaozO0MZyDlVlCBvOdHWUB1TbKI+GD0I7
YCGgqf/zFmUKkxfm6g7fWA2PEKZRc2+GM+0Fagoc/EOYw89qz5yysopfaKncwARa
H+vqOWShxcgX3+kivH6s6wF5AQJP8uDa+djtfs0xLh3U8c1VXPhlgDuMA5mAaieC
UAKVbkkeF9HGk6XgqBS/usFRHl3KNlzYmGmztBMHm4/j8EMRb0ALlJ4w6QJ7zN2T
fqQOdHlnyJ2qVDKjSG8xDXzqIunG2kPwQGC1JZB5NsxKn4BPRU/A646tLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKPLV/lamoTXyxV1eG05LhaFUgrMMB8GA1UdIwQY
MBaAFLSb2E2heZfLsoavkCKrLgW6CLRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2It
MGM5MDliZjViZTRkLzEvbzh0WC1WcWFoTmZMRlhWNGJUa3VGb1ZTQ3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2ItMGM5MDliZjViZTRk
LzEvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuea0MA0E
AgACMAcDBQMqEw0AMA0GCSqGSIb3DQEBCwUAA4IBAQAS5RfwSi+RixzFSZnzPoHM
/2S+jxCVFbUrWwoYphP9ZiMMYzp3+p8m84W/WAAHpBrXvOmUmFed4sN+bBqoV2z+
TpqhX3Cl6QZ1ZpTOqLW0bLCQpq3g5yhKyWPVNnsmOSYIgs1/dKSLlwGmpWRSrp1+
fqz+faReKHYwdrwAi1KMwOSFvRowA/je5nUCNrAXuGoWJSM9cxARIIvBqslQpkVt
LAT34lxJBV8Ak3N+rYvin3hb/xgK3VJY9+n1kXY3gqfTIzpe1EZV2n9GK6o4gBg2
D1kqRoM1IUvzDtnUUP3f6tV+m0DL27yF+rhXhYV0scPZqfnkKjTWFOzPzwajzATK
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:05:43 2025 by rpki-client