Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/owyYypv5fh-ixeo7oZIg_uzDOaw.roa
File: owyYypv5fh-ixeo7oZIg_uzDOaw.roa (raw, json)
Hash identifier: G2HW1zLKPOXxG+Qo5TaY+O3S5Xms5ewHgN7V0P/zvTc=
Subject key identifier: A3:0C:98:CA:9B:F9:7E:1F:A2:C5:EA:3B:A1:92:20:FE:EC:C3:39:AC
Certificate issuer: /CN=fd261d45319e8375187436da44bf5b9adb044a7f
Certificate serial: 01957FD1F043AA6817DEF20220C324B8646F
Authority key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/owyYypv5fh-ixeo7oZIg_uzDOaw.roa
Signing time: Mon 10 Mar 2025 11:30:19 +0000
ROA not before: Mon 10 Mar 2025 11:30:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8758
IP address blocks: 31.24.8.0/21 maxlen: 24
37.46.144.0/22 maxlen: 24
77.74.96.0/21 maxlen: 24
80.89.208.0/20 maxlen: 24
83.150.0.0/18 maxlen: 24
84.254.80.0/20 maxlen: 24
84.254.96.0/20 maxlen: 24
87.239.200.0/21 maxlen: 24
88.218.24.0/22 maxlen: 24
91.84.64.0/19 maxlen: 24
95.143.48.0/20 maxlen: 24
109.70.112.0/21 maxlen: 24
109.70.115.0/24 maxlen: 24
109.70.116.0/22 maxlen: 24
145.40.192.0/19 maxlen: 24
157.143.0.0/17 maxlen: 24
178.22.104.0/21 maxlen: 24
178.250.130.0/23 maxlen: 24
185.109.164.0/22 maxlen: 24
185.160.244.0/22 maxlen: 24
185.203.132.0/22 maxlen: 24
194.31.128.0/23 maxlen: 24
194.246.118.0/23 maxlen: 24
212.25.0.0/19 maxlen: 24
217.22.128.0/20 maxlen: 24
217.71.240.0/20 maxlen: 24
217.150.224.0/20 maxlen: 24
2001:8e0::/29 maxlen: 32
2a00:10c0::/32 maxlen: 32
2a01:bd00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 01 Apr 2025 13:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7f:d1:f0:43:aa:68:17:de:f2:02:20:c3:24:b8:64:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd261d45319e8375187436da44bf5b9adb044a7f
Validity
Not Before: Mar 10 11:30:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a30c98ca9bf97e1fa2c5ea3ba19220feecc339ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:14:13:6a:7e:26:c1:92:b6:5a:63:1a:e4:5b:
de:9d:45:75:52:27:3b:35:4e:aa:e6:33:24:c8:78:
11:47:0a:46:a2:4f:50:4d:15:55:d8:4e:dd:03:f1:
eb:76:1c:f6:0a:ff:19:24:8d:57:0b:99:86:da:ad:
b6:6b:16:74:02:92:7a:04:22:9f:44:e2:4f:d1:05:
ba:73:c3:cc:8c:f3:23:3b:fc:e1:b5:b9:d3:ac:96:
86:9c:8c:f5:d7:3d:b6:0f:45:bf:1d:9f:4f:91:c4:
53:ce:8f:a6:a1:ad:68:12:47:35:f0:04:39:21:9c:
af:87:41:e4:c1:b2:4e:cf:e0:be:87:ca:8d:d8:71:
26:f0:be:b4:e8:ee:4c:01:7e:f6:f4:9b:45:49:b8:
b4:93:ab:bc:74:50:a0:79:04:8c:ec:7c:17:13:8a:
20:1a:50:e3:f5:a3:2f:fb:fc:d8:e3:4a:50:70:f7:
84:6c:23:67:b3:bb:b1:d4:3f:7d:9d:a4:5a:b2:0d:
b9:dc:8e:27:35:ca:a6:aa:cb:90:ee:ef:56:21:e4:
77:c9:f3:a9:07:07:ca:01:40:3b:75:5e:3e:be:d4:
50:0c:8a:c8:18:64:cc:02:26:e2:b8:a3:42:61:a3:
74:cd:7e:bc:84:ea:6a:b6:11:41:fa:2c:2e:1d:3f:
82:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0C:98:CA:9B:F9:7E:1F:A2:C5:EA:3B:A1:92:20:FE:EC:C3:39:AC
X509v3 Authority Key Identifier:
keyid:FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/owyYypv5fh-ixeo7oZIg_uzDOaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.8.0/21
37.46.144.0/22
77.74.96.0/21
80.89.208.0/20
83.150.0.0/18
84.254.80.0-84.254.111.255
87.239.200.0/21
88.218.24.0/22
91.84.64.0/19
95.143.48.0/20
109.70.112.0/21
145.40.192.0/19
157.143.0.0/17
178.22.104.0/21
178.250.130.0/23
185.109.164.0/22
185.160.244.0/22
185.203.132.0/22
194.31.128.0/23
194.246.118.0/23
212.25.0.0/19
217.22.128.0/20
217.71.240.0/20
217.150.224.0/20
IPv6:
2001:8e0::/29
2a00:10c0::/32
2a01:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
1b:e6:ab:b6:1c:8b:a3:31:95:11:42:ba:c3:b0:b8:6d:3c:b5:
17:05:2e:b4:f7:2b:cb:a5:26:ff:85:88:ec:bf:0f:8c:f6:e3:
9e:93:86:e5:30:91:98:7e:64:64:b9:e5:bb:28:d2:b4:19:8f:
da:9b:8b:e9:c4:6e:c0:87:ba:31:32:11:de:05:82:84:10:94:
1d:c3:87:ef:57:90:2d:bd:30:a3:d4:b0:5b:19:4c:3a:2a:dd:
0c:4d:13:46:ca:63:f6:61:fb:a9:24:07:8d:ce:d2:ed:e1:83:
04:9d:e6:83:36:e0:49:4c:aa:76:ab:23:a7:e7:71:cb:4c:71:
d0:5a:b9:cb:ff:2f:9f:95:a6:47:9f:ca:61:04:24:ba:63:f3:
26:24:40:35:c6:04:10:41:77:b3:d7:08:89:d0:f0:aa:2e:15:
68:88:18:8c:ea:27:9a:c9:f8:33:22:1e:66:06:84:cc:24:e7:
28:98:f1:a5:ff:27:ae:2b:42:7f:57:70:15:1a:93:4c:e7:ef:
f0:42:84:f7:94:9a:31:e7:e7:68:d2:ee:5b:ea:51:8d:52:40:
ee:6c:44:5c:4d:a3:a0:9d:54:dc:f4:6a:df:28:57:d0:b8:a1:
bd:fa:23:de:a8:08:46:6f:8b:0d:72:31:c7:f8:c0:a4:87:43:
c6:2c:3d:3b
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZV/0fBDqmgX3vICIMMkuGRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjYxZDQ1MzE5ZTgzNzUxODc0MzZkYTQ0YmY1YjlhZGIw
NDRhN2YwHhcNMjUwMzEwMTEzMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBjOThjYTliZjk3ZTFmYTJjNWVhM2JhMTkyMjBmZWVjYzMzOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBQTan4mwZK2WmMa5FvenUV1Uic7
NU6q5jMkyHgRRwpGok9QTRVV2E7dA/Hrdhz2Cv8ZJI1XC5mG2q22axZ0ApJ6BCKf
ROJP0QW6c8PMjPMjO/zhtbnTrJaGnIz11z22D0W/HZ9PkcRTzo+moa1oEkc18AQ5
IZyvh0HkwbJOz+C+h8qN2HEm8L606O5MAX729JtFSbi0k6u8dFCgeQSM7HwXE4og
GlDj9aMv+/zY40pQcPeEbCNns7ux1D99naRasg253I4nNcqmqsuQ7u9WIeR3yfOp
BwfKAUA7dV4+vtRQDIrIGGTMAibiuKNCYaN0zX68hOpqthFB+iwuHT+COQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFKMMmMqb+X4fosXqO6GSIP7swzmsMB8GA1UdIwQY
MBaAFP0mHUUxnoN1GHQ22kS/W5rbBEp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQt
ZWI1MDkzYjIzMWMxLzEvb3d5WXlwdjVmaC1peGVvN29aSWdfdXpET2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQtZWI1MDkzYjIzMWMx
LzEvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBnwQCAAEwgZgDBAMf
GAgDBAIlLpADBANNSmADBARQWdADBAZTlgAwDAMEBFT+UAMEBFT+YAMEA1fvyAME
AljaGAMEBVtUQAMEBF+PMAMEA21GcAMEBZEowAMEB52PAAMEA7IWaAMEAbL6ggME
ArltpAMEArmg9AMEArnLhAMEAcIfgAMEAcL2dgMEBdQZAAMEBNkWgAMEBNlH8AME
BNmW4DAbBAIAAjAVAwUDIAEI4AMFACoAEMADBQAqAb0AMA0GCSqGSIb3DQEBCwUA
A4IBAQAb5qu2HIujMZURQrrDsLhtPLUXBS609yvLpSb/hYjsvw+M9uOek4blMJGY
fmRkueW7KNK0GY/am4vpxG7Ah7oxMhHeBYKEEJQdw4fvV5AtvTCj1LBbGUw6Kt0M
TRNGymP2YfupJAeNztLt4YMEneaDNuBJTKp2qyOn53HLTHHQWrnL/y+flaZHn8ph
BCS6Y/MmJEA1xgQQQXez1wiJ0PCqLhVoiBiM6ieayfgzIh5mBoTMJOcomPGl/yeu
K0J/V3AVGpNM5+/wQoT3lJox5+do0u5b6lGNUkDubERcTaOgnVTc9GrfKFfQuKG9
+iPeqAhGb4sNcjHH+MCkh0PGLD07
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:38:41 2025 by rpki-client