Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tcvUy47Vikz7oEcbVCBdNXj2hA4.roa
File: tcvUy47Vikz7oEcbVCBdNXj2hA4.roa (raw, json)
Hash identifier: k+mb+71JOAV9a15URriVrABzZ9bqKyrqY/OumYI4gHg=
Subject key identifier: B5:CB:D4:CB:8E:D5:8A:4C:FB:A0:47:1B:54:20:5D:35:78:F6:84:0E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019875364FA222C497D9A680F9F756749022
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tcvUy47Vikz7oEcbVCBdNXj2hA4.roa
Signing time: Mon 04 Aug 2025 13:12:30 +0000
ROA not before: Mon 04 Aug 2025 13:12:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41745
IP address blocks: 31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.12.254.0/24 maxlen: 24
45.14.165.0/24 maxlen: 24
45.81.243.0/24 maxlen: 24
45.88.67.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
85.209.134.0/24 maxlen: 24
93.123.30.0/24 maxlen: 24
94.125.100.0/24 maxlen: 24
94.125.101.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
171.22.30.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
192.145.28.0/24 maxlen: 24
192.145.29.0/24 maxlen: 24
192.145.30.0/24 maxlen: 24
192.145.31.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
193.168.198.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
212.87.220.0/24 maxlen: 24
212.87.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Aug 2025 12:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:36:4f:a2:22:c4:97:d9:a6:80:f9:f7:56:74:90:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 4 13:12:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5cbd4cb8ed58a4cfba0471b54205d3578f6840e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:62:28:14:b0:83:1e:92:f1:1c:d3:ea:dd:f1:
3e:05:10:dc:41:0f:7b:bc:4b:74:d0:65:d3:db:4d:
50:79:5e:30:5d:77:73:08:71:e0:87:e5:7e:78:92:
68:ae:ce:ae:ed:93:8e:9d:2f:99:b0:0f:52:36:d8:
33:be:2b:d6:ed:b8:d0:7a:ed:9d:9f:32:50:b0:e1:
59:2f:46:79:f4:d8:63:12:19:63:64:c5:8b:ca:19:
b8:ee:ac:50:ae:67:36:02:e9:68:bc:d2:29:b2:ea:
03:e8:04:6b:5a:f9:53:28:c7:4a:ed:89:4f:bb:1f:
8a:16:94:6c:6a:e9:b1:8f:80:b5:cd:ab:e6:4e:3a:
95:6c:d4:3c:c6:72:be:4c:dd:8d:6b:1e:42:89:e4:
f5:6a:8f:e1:0d:65:21:5c:d7:5d:e7:93:3f:bb:c3:
81:bc:d3:42:06:f1:24:aa:5f:7c:83:4e:24:7d:bc:
1d:11:aa:7e:d1:48:ce:bb:7d:4f:d5:69:01:02:4f:
9d:c3:6c:0a:80:1c:48:1c:19:a7:a9:14:d2:e1:8d:
ef:d2:c8:06:b4:ba:33:b2:3a:85:86:5f:2d:20:2f:
b3:a3:d0:bf:94:28:b1:76:5d:a5:5d:49:d5:64:2a:
45:03:f3:16:d7:fb:f6:fa:de:0b:93:bc:9e:2c:7a:
33:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:CB:D4:CB:8E:D5:8A:4C:FB:A0:47:1B:54:20:5D:35:78:F6:84:0E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tcvUy47Vikz7oEcbVCBdNXj2hA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.124.0/22
45.12.254.0/24
45.14.165.0/24
45.81.243.0/24
45.88.67.0/24
84.21.172.0/24
85.31.45.0/24
85.209.132.0/24
85.209.134.0/24
93.123.30.0/24
94.125.100.0/23
94.156.236.0/24
109.206.241.0/24
171.22.30.0/24
185.246.220.0/24
192.145.28.0/22
193.8.184.0/24
193.47.60.0/24
193.148.58.0/23
193.168.198.0/23
212.87.220.0/24
212.87.223.0/24
Signature Algorithm: sha256WithRSAEncryption
97:c1:0f:18:7f:c0:3f:9d:39:15:86:94:86:9f:ca:f9:02:e1:
7e:49:c4:42:68:a1:76:22:86:69:ca:d9:b5:a1:d8:3e:94:27:
56:8d:4e:b0:60:2e:55:28:dd:58:37:34:45:aa:57:66:f7:4d:
dc:d6:c8:5c:e2:14:4d:be:d8:6c:f1:c3:ff:a1:51:80:85:b1:
08:df:d2:b7:89:fc:b2:63:be:6b:17:ac:83:76:2f:2f:23:d3:
bf:1e:a5:5a:8c:52:03:06:bc:40:f2:2a:36:8f:f6:0f:3c:91:
ca:ac:55:0d:00:61:fc:31:51:1a:c0:88:7c:84:8e:de:af:cd:
f2:fc:79:c0:c8:51:f0:0b:5f:bb:79:d8:34:66:b7:9d:6d:f0:
2d:87:b0:40:22:99:58:ed:60:30:8e:80:33:71:da:fb:92:7a:
1d:98:9a:b8:a7:3e:2f:27:30:33:ee:88:dd:f1:49:28:2f:4e:
ef:32:1b:5c:b1:a0:e2:c6:4c:b1:a7:00:a5:08:4c:7b:1c:70:
a1:25:23:cb:7a:73:d6:6f:8b:e9:4b:af:bb:e6:c9:c6:bd:ce:
95:f8:ef:10:fc:43:b3:a1:15:70:3f:0c:89:03:dd:ea:f8:a7:
5d:a3:22:2a:fb:e2:46:43:0e:f6:2c:51:07:85:e2:38:55:c6:
2b:7d:36:9c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZh1Nk+iIsSX2aaA+fdWdJAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwODA0MTMxMjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWNiZDRjYjhlZDU4YTRjZmJhMDQ3MWI1NDIwNWQzNTc4ZjY4NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWIoFLCDHpLxHNPq3fE+BRDcQQ97
vEt00GXT201QeV4wXXdzCHHgh+V+eJJors6u7ZOOnS+ZsA9SNtgzvivW7bjQeu2d
nzJQsOFZL0Z59NhjEhljZMWLyhm47qxQrmc2AulovNIpsuoD6ARrWvlTKMdK7YlP
ux+KFpRsaumxj4C1zavmTjqVbNQ8xnK+TN2Nax5CieT1ao/hDWUhXNdd55M/u8OB
vNNCBvEkql98g04kfbwdEap+0UjOu31P1WkBAk+dw2wKgBxIHBmnqRTS4Y3v0sgG
tLozsjqFhl8tIC+zo9C/lCixdl2lXUnVZCpFA/MW1/v2+t4Lk7yeLHoz2QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFLXL1MuO1YpM+6BHG1QgXTV49oQOMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdGN2VXk0N1Zpa3o3b0VjYlZDQmROWGoyaEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAIf
qXwDBAAtDP4DBAAtDqUDBAAtUfMDBAAtWEMDBABUFawDBABVHy0DBABV0YQDBABV
0YYDBABdex4DBAFefWQDBABenOwDBABtzvEDBACrFh4DBAC59twDBALAkRwDBADB
CLgDBADBLzwDBAHBlDoDBAHBqMYDBADUV9wDBADUV98wDQYJKoZIhvcNAQELBQAD
ggEBAJfBDxh/wD+dORWGlIafyvkC4X5JxEJooXYihmnK2bWh2D6UJ1aNTrBgLlUo
3Vg3NEWqV2b3TdzWyFziFE2+2Gzxw/+hUYCFsQjf0reJ/LJjvmsXrIN2Ly8j078e
pVqMUgMGvEDyKjaP9g88kcqsVQ0AYfwxURrAiHyEjt6vzfL8ecDIUfALX7t52DRm
t51t8C2HsEAimVjtYDCOgDNx2vuSeh2YmrinPi8nMDPuiN3xSSgvTu8yG1yxoOLG
TLGnAKUITHsccKElI8t6c9Zvi+lLr7vmyca9zpX47xD8Q7OhFXA/DIkD3er4p12j
Iir74kZDDvYsUQeF4jhVxit9Npw=
-----END CERTIFICATE-----
Generated at Sun Aug 31 12:26:25 2025 by rpki-client