Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/iy1ottGL8cem7nU9FX6VT3d607E.roa
File: iy1ottGL8cem7nU9FX6VT3d607E.roa (raw, json)
Hash identifier: BWLT+/OIR6CKQL8LPxlqx9hKEV1LiICBufqItyYb2Hg=
Subject key identifier: 8B:2D:68:B6:D1:8B:F1:C7:A6:EE:75:3D:15:7E:95:4F:77:7A:D3:B1
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 01953C62F840200C0E2A8A74FEA131ED0E58
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/iy1ottGL8cem7nU9FX6VT3d607E.roa
Signing time: Tue 25 Feb 2025 09:14:33 +0000
ROA not before: Tue 25 Feb 2025 09:14:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201011
IP address blocks: 2.59.28.0/22 maxlen: 22
5.56.16.0/21 maxlen: 21
31.7.176.0/20 maxlen: 24
31.7.177.0/24 maxlen: 24
80.255.0.0/20 maxlen: 20
81.95.0.0/20 maxlen: 24
82.199.128.0/19 maxlen: 24
82.199.128.0/24 maxlen: 24
82.199.130.0/24 maxlen: 24
82.199.131.0/24 maxlen: 24
82.199.138.0/24 maxlen: 24
82.199.141.0/24 maxlen: 24
82.199.147.0/24 maxlen: 24
82.199.148.0/24 maxlen: 24
82.199.149.0/24 maxlen: 24
82.199.153.0/24 maxlen: 24
82.199.157.0/24 maxlen: 24
82.199.158.0/24 maxlen: 24
82.199.159.0/24 maxlen: 24
83.142.80.0/21 maxlen: 21
92.43.104.0/21 maxlen: 24
185.89.36.0/22 maxlen: 22
193.104.251.0/24 maxlen: 24
195.138.248.0/21 maxlen: 21
195.138.249.0/24 maxlen: 24
195.138.250.0/24 maxlen: 24
2a01:4a0::/29 maxlen: 48
2a01:4a0:b::/48 maxlen: 48
2a01:4a0:e::/48 maxlen: 48
2a01:4a0:17::/48 maxlen: 48
2a01:4a0:30::/48 maxlen: 48
2a01:4a0:38::/48 maxlen: 48
2a01:4a0:42::/48 maxlen: 48
2a01:4a0:43::/48 maxlen: 48
2a01:4a0:45::/48 maxlen: 48
2a01:4a0:46::/48 maxlen: 48
2a01:4a0:47::/48 maxlen: 48
2a01:4a0:48::/48 maxlen: 48
2a01:4a0:50::/48 maxlen: 48
2a01:4a0:56::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Feb 2025 07:42:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:62:f8:40:20:0c:0e:2a:8a:74:fe:a1:31:ed:0e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Feb 25 09:14:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b2d68b6d18bf1c7a6ee753d157e954f777ad3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:db:fb:71:6b:0e:78:eb:aa:4a:ed:c6:d2:6b:
d5:1d:06:62:b3:ba:44:39:57:9a:6e:54:08:a6:3a:
e2:46:40:2b:9d:4c:89:25:64:7a:53:5c:8c:0c:54:
08:71:5a:c5:05:18:80:64:88:46:48:60:e2:18:0b:
41:46:5b:f1:17:d1:49:ed:9f:c5:84:1b:ac:8e:d1:
61:bd:ae:ff:ee:b1:7a:f6:b2:cc:6b:2c:42:a3:de:
02:57:a1:2c:f0:36:ed:f6:12:12:e8:38:f0:5d:f8:
fd:c9:cc:55:ed:1e:ce:16:99:e3:3d:f5:31:3e:f6:
9c:16:85:09:99:ea:99:22:3f:7c:16:77:09:b2:5b:
e2:9d:4d:b5:ab:af:4e:5b:22:3a:60:22:50:82:73:
25:0b:fc:31:9d:9c:df:99:04:73:49:20:82:48:1d:
64:21:ab:70:ca:8e:7c:5b:b6:7e:c2:ac:7e:b8:d3:
76:a1:f6:fa:1c:73:5f:5a:3d:19:59:e0:46:0f:7c:
fb:77:85:1c:06:c9:ee:8b:55:58:74:71:f4:fc:b3:
44:6e:17:52:18:84:ca:9d:39:f7:bd:2a:e2:37:c6:
af:63:24:2b:ee:63:f6:a5:9e:41:3a:90:0c:80:fe:
d5:6e:c3:7f:2f:94:7f:ec:b3:4a:5d:44:5a:cc:81:
fd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2D:68:B6:D1:8B:F1:C7:A6:EE:75:3D:15:7E:95:4F:77:7A:D3:B1
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/iy1ottGL8cem7nU9FX6VT3d607E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.28.0/22
5.56.16.0/21
31.7.176.0/20
80.255.0.0/20
81.95.0.0/20
82.199.128.0/19
83.142.80.0/21
92.43.104.0/21
185.89.36.0/22
193.104.251.0/24
195.138.248.0/21
IPv6:
2a01:4a0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:e4:f0:27:cc:ce:a9:df:83:4b:df:54:d6:41:ea:6f:7a:20:
b9:b8:05:66:0d:64:50:7c:e2:15:5a:e4:93:bc:c4:3e:cc:93:
6f:a7:80:ce:a5:10:56:ea:e5:61:8a:2d:20:b0:2c:ce:a5:f0:
83:54:d3:5b:c9:99:75:e1:d6:9e:ee:32:a6:30:0b:9d:85:fa:
f1:7b:63:c0:25:36:fb:17:a9:3b:49:6c:ac:f3:db:d5:09:39:
8a:7f:eb:cd:c9:e0:6b:b3:89:0e:ab:1b:53:f4:97:8d:72:22:
df:cd:97:a9:e9:a2:e4:91:f8:b2:e4:f1:87:3d:3a:65:56:ad:
49:94:a5:80:6b:3e:a5:e3:f2:e2:4c:0a:b9:18:8a:16:63:b0:
52:c8:b3:ee:28:a1:00:e6:fd:84:fb:2e:60:25:0e:b6:77:b4:
10:29:cc:6a:9c:bd:6d:99:69:43:67:44:ff:9c:3c:48:83:57:
c2:04:2a:dc:f9:e6:4f:8c:5e:e1:8d:1a:a7:eb:a8:f3:2f:22:
62:79:9b:1c:56:1a:42:64:77:cc:ca:aa:80:db:fc:7f:5b:6f:
a2:04:5b:d2:eb:0f:b1:87:5e:51:f4:87:86:9b:a8:ae:bf:d0:
f4:79:3e:b3:fd:69:75:d5:cc:ac:57:ad:a2:5f:97:1d:fd:59:
58:13:b0:66
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZU8YvhAIAwOKop0/qEx7Q5YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Yjc1YjY0ZDVkYTE3ZDcwYmJhYmQ4MTFhMzlhNjAyZGRh
Zjk2M2EwHhcNMjUwMjI1MDkxNDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjJkNjhiNmQxOGJmMWM3YTZlZTc1M2QxNTdlOTU0Zjc3N2FkM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdv7cWsOeOuqSu3G0mvVHQZis7pE
OVeablQIpjriRkArnUyJJWR6U1yMDFQIcVrFBRiAZIhGSGDiGAtBRlvxF9FJ7Z/F
hBusjtFhva7/7rF69rLMayxCo94CV6Es8Dbt9hIS6DjwXfj9ycxV7R7OFpnjPfUx
PvacFoUJmeqZIj98FncJslvinU21q69OWyI6YCJQgnMlC/wxnZzfmQRzSSCCSB1k
Iatwyo58W7Z+wqx+uNN2ofb6HHNfWj0ZWeBGD3z7d4UcBsnui1VYdHH0/LNEbhdS
GITKnTn3vSriN8avYyQr7mP2pZ5BOpAMgP7VbsN/L5R/7LNKXURazIH9ywIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFIstaLbRi/HHpu51PRV+lU93etOxMB8GA1UdIwQY
MBaAFKm3W2TV2hfXC7q9gRo5pgLdr5Y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUt
OWIxMTgwNGVjZDM5LzEvaXkxb3R0R0w4Y2VtN25VOUZYNlZUM2Q2MDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9kYTg1ZTctYTQ1Mi00YjFkLWI1YWUtOWIxMTgwNGVjZDM5
LzEvcWJkYlpOWGFGOWNMdXIyQkdqbW1BdDJ2bGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQCAjscAwQD
BTgQAwQEHwewAwQEUP8AAwQEUV8AAwQFUseAAwQDU45QAwQDXCtoAwQCuVkkAwQA
wWj7AwQDw4r4MA0EAgACMAcDBQMqAQSgMA0GCSqGSIb3DQEBCwUAA4IBAQAN5PAn
zM6p34NL31TWQepveiC5uAVmDWRQfOIVWuSTvMQ+zJNvp4DOpRBW6uVhii0gsCzO
pfCDVNNbyZl14dae7jKmMAudhfrxe2PAJTb7F6k7SWys89vVCTmKf+vNyeBrs4kO
qxtT9JeNciLfzZep6aLkkfiy5PGHPTplVq1JlKWAaz6l4/LiTAq5GIoWY7BSyLPu
KKEA5v2E+y5gJQ62d7QQKcxqnL1tmWlDZ0T/nDxIg1fCBCrc+eZPjF7hjRqn66jz
LyJieZscVhpCZHfMyqqA2/x/W2+iBFvS6w+xh15R9IeGm6iuv9D0eT6z/Wl11cys
V62iX5cd/VlYE7Bm
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:30:50 2025 by rpki-client