Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/pcc8pncVW2h6UDZxCQwFuqNN3VM.roa
File: pcc8pncVW2h6UDZxCQwFuqNN3VM.roa (raw, json)
Hash identifier: CUCIxHydWvvnf9Fb26z7lqO3LeavA7tMy/IOX+fo5zc=
Subject key identifier: A5:C7:3C:A6:77:15:5B:68:7A:50:36:71:09:0C:05:BA:A3:4D:DD:53
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0195F1CA6BE7BEEB8303734E8CB374301B16
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/pcc8pncVW2h6UDZxCQwFuqNN3VM.roa
Signing time: Tue 01 Apr 2025 14:38:49 +0000
ROA not before: Tue 01 Apr 2025 14:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31500
IP address blocks: 94.124.182.0/24 maxlen: 24
94.124.183.0/24 maxlen: 24
95.140.80.0/24 maxlen: 32
95.140.82.0/24 maxlen: 24
95.140.83.0/24 maxlen: 24
95.140.88.0/24 maxlen: 24
95.140.89.0/24 maxlen: 24
95.140.90.0/24 maxlen: 24
95.140.91.0/24 maxlen: 24
95.140.93.0/24 maxlen: 24
95.140.95.0/24 maxlen: 24
95.161.128.0/24 maxlen: 24
95.161.248.0/21 maxlen: 24
109.239.128.0/24 maxlen: 24
109.239.129.0/24 maxlen: 24
109.239.130.0/24 maxlen: 24
109.239.130.128/25 maxlen: 25
109.239.131.0/24 maxlen: 24
109.239.132.0/24 maxlen: 24
109.239.133.0/24 maxlen: 24
109.239.134.0/24 maxlen: 24
109.239.135.0/24 maxlen: 24
109.239.138.0/24 maxlen: 24
109.239.139.0/24 maxlen: 24
109.239.140.0/24 maxlen: 24
109.239.141.0/24 maxlen: 24
109.239.142.0/24 maxlen: 24
109.239.143.0/24 maxlen: 24
178.18.228.0/24 maxlen: 24
178.18.229.0/24 maxlen: 24
178.18.231.0/24 maxlen: 24
178.18.232.0/24 maxlen: 24
2001:b28::/32 maxlen: 32
2001:b28:4::/48 maxlen: 48
2001:b28:7b0c::/48 maxlen: 48
2001:b28:9999::/48 maxlen: 48
2001:b28:9a9c::/48 maxlen: 48
2001:b28:a451::/48 maxlen: 48
2001:b28:ffff::/48 maxlen: 48
2a03:5f80::/46 maxlen: 46
2a03:5f80:2:10::/64 maxlen: 64
2a03:5f80:8::/46 maxlen: 46
2a03:5f80:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 03 Apr 2025 07:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:ca:6b:e7:be:eb:83:03:73:4e:8c:b3:74:30:1b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Apr 1 14:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5c73ca677155b687a503671090c05baa34ddd53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:be:1f:58:8e:e9:51:db:cf:08:2b:ce:49:42:
a4:c3:37:a3:48:fa:5f:18:91:8e:de:c4:99:2e:65:
4b:57:7c:e5:74:5d:ae:e7:7d:8a:b2:33:d7:2a:07:
31:1b:c6:96:6e:ff:c3:94:a8:e5:b3:89:1f:7c:11:
ae:8c:42:31:1c:ee:4a:03:ad:16:6a:a2:4e:50:1d:
cf:af:47:dc:f5:07:c0:39:ee:8d:ca:79:06:f4:89:
76:18:d8:45:6a:eb:80:25:3b:51:b0:df:3c:b7:3e:
b1:6e:25:55:04:84:aa:74:8a:e5:fd:bb:f3:fd:03:
52:bb:7d:0f:03:f2:8d:66:4d:c2:bc:6b:0a:df:fb:
03:b3:13:a8:a7:dc:60:7c:7d:f2:8a:ba:97:66:43:
5c:5c:34:f9:53:79:06:fb:7b:e3:f0:7e:22:5f:eb:
23:af:d9:85:ab:ee:64:d5:5a:20:51:68:7c:5a:d6:
df:7b:dc:52:3c:95:4f:6b:b3:a2:cc:e8:96:7e:75:
c0:c7:62:33:83:d3:b8:4d:fe:28:96:67:7d:8c:40:
ea:ea:f8:cc:09:b0:8a:ac:d0:88:47:4b:6c:2c:89:
b7:02:99:34:3b:9f:2d:2f:10:57:a3:14:66:ee:e9:
eb:f7:a4:ae:b1:e5:f0:cc:22:86:50:a7:cc:e4:ab:
ac:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C7:3C:A6:77:15:5B:68:7A:50:36:71:09:0C:05:BA:A3:4D:DD:53
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/pcc8pncVW2h6UDZxCQwFuqNN3VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.182.0/23
95.140.80.0/24
95.140.82.0/23
95.140.88.0/22
95.140.93.0/24
95.140.95.0/24
95.161.128.0/24
95.161.248.0/21
109.239.128.0/21
109.239.138.0-109.239.143.255
178.18.228.0/23
178.18.231.0-178.18.232.255
IPv6:
2001:b28::/32
2a03:5f80::/46
2a03:5f80:8::/46
Signature Algorithm: sha256WithRSAEncryption
c6:83:e0:01:a6:ec:a2:a7:c6:6b:3a:3d:94:38:69:cd:02:d1:
b5:cd:18:f9:f4:1e:25:45:32:3c:bb:07:39:7b:14:df:ed:62:
3d:d0:0f:f0:3c:e1:e4:fa:04:b5:44:c1:ff:bb:98:3e:d2:eb:
c3:f6:b9:41:44:ff:60:f6:57:8a:33:86:3e:2a:f4:02:68:11:
e7:71:e8:02:13:af:63:02:d2:9d:b3:cb:30:79:69:54:97:59:
63:63:aa:76:87:b8:c4:5e:db:60:a2:6c:f8:d4:31:42:12:85:
20:3d:6e:87:78:f9:49:9d:c1:b0:3a:d5:ac:31:f4:c3:9b:ca:
19:80:5c:f9:d8:9f:9f:e9:e6:b2:95:62:b5:21:17:44:97:5e:
1c:e8:b5:03:18:82:db:07:d4:55:80:e7:f3:3d:91:06:7e:35:
07:c7:d5:29:b1:46:19:6f:ea:2f:c8:50:ef:46:3b:a7:a3:7d:
83:d9:5f:9c:51:b9:a9:b9:e4:07:64:67:7e:0a:b9:68:1b:ec:
3d:a4:1e:e3:35:26:c3:8a:f8:8b:6d:cb:dc:34:e5:00:89:be:
1e:e3:02:4c:bf:90:f9:0f:c8:34:4e:c8:1b:a0:a9:3a:aa:d2:
66:94:6a:b1:82:21:0b:53:91:77:4f:c4:89:2c:5e:17:d3:ee:
ce:77:93:e3
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZXxymvnvuuDA3NOjLN0MBsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwNDAxMTQzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM3M2NhNjc3MTU1YjY4N2E1MDM2NzEwOTBjMDViYWEzNGRkZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAob4fWI7pUdvPCCvOSUKkwzejSPpf
GJGO3sSZLmVLV3zldF2u532KsjPXKgcxG8aWbv/DlKjls4kffBGujEIxHO5KA60W
aqJOUB3Pr0fc9QfAOe6NynkG9Il2GNhFauuAJTtRsN88tz6xbiVVBISqdIrl/bvz
/QNSu30PA/KNZk3CvGsK3/sDsxOop9xgfH3yirqXZkNcXDT5U3kG+3vj8H4iX+sj
r9mFq+5k1VogUWh8Wtbfe9xSPJVPa7OizOiWfnXAx2Izg9O4Tf4olmd9jEDq6vjM
CbCKrNCIR0tsLIm3Apk0O58tLxBXoxRm7unr96SuseXwzCKGUKfM5KuslQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFKXHPKZ3FVtoelA2cQkMBbqjTd1TMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvcGNjOHBuY1ZXMmg2VURaeENRd0Z1cU5OM1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBeBAIAATBYAwQBXny2
AwQAX4xQAwQBX4xSAwQCX4xYAwQAX4xdAwQAX4xfAwQAX6GAAwQDX6H4AwQDbe+A
MAwDBAFt74oDBARt74ADBAGyEuQwDAMEALIS5wMEALIS6DAfBAIAAjAZAwUAIAEL
KAMHAioDX4AAAAMHAioDX4AACDANBgkqhkiG9w0BAQsFAAOCAQEAxoPgAabsoqfG
azo9lDhpzQLRtc0Y+fQeJUUyPLsHOXsU3+1iPdAP8Dzh5PoEtUTB/7uYPtLrw/a5
QUT/YPZXijOGPir0AmgR53HoAhOvYwLSnbPLMHlpVJdZY2Oqdoe4xF7bYKJs+NQx
QhKFID1uh3j5SZ3BsDrVrDH0w5vKGYBc+difn+nmspVitSEXRJdeHOi1AxiC2wfU
VYDn8z2RBn41B8fVKbFGGW/qL8hQ70Y7p6N9g9lfnFG5qbnkB2Rnfgq5aBvsPaQe
4zUmw4r4i23L3DTlAIm+HuMCTL+Q+Q/INE7IG6CpOqrSZpRqsYIhC1ORd0/EiSxe
F9PuzneT4w==
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:24:11 2025 by rpki-client