Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/PtEfHrGVmTPHFsLAGRVK9OunTCY.roa
File: PtEfHrGVmTPHFsLAGRVK9OunTCY.roa (raw, json)
Hash identifier: Nyd4XEIPrlUl9zAj2Hrosz/iQ6t6OgGWIQZ0a1sMNvo=
Subject key identifier: 3E:D1:1F:1E:B1:95:99:33:C7:16:C2:C0:19:15:4A:F4:EB:A7:4C:26
Certificate issuer: /CN=83bce35561f541bda97e777e6879a1d704e7b42f
Certificate serial: 01979D20D295E6E50FB0E2DBFDE42CF95F8C
Authority key identifier: 83:BC:E3:55:61:F5:41:BD:A9:7E:77:7E:68:79:A1:D7:04:E7:B4:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/PtEfHrGVmTPHFsLAGRVK9OunTCY.roa
Signing time: Mon 23 Jun 2025 14:11:03 +0000
ROA not before: Mon 23 Jun 2025 14:11:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3259
IP address blocks: 31.44.208.0/20 maxlen: 20
31.44.208.0/24 maxlen: 24
31.44.209.0/24 maxlen: 24
31.44.210.0/24 maxlen: 24
31.44.211.0/24 maxlen: 24
31.44.212.0/24 maxlen: 24
31.44.213.0/24 maxlen: 24
31.44.216.0/24 maxlen: 24
31.44.217.0/24 maxlen: 24
31.44.218.0/24 maxlen: 24
31.44.219.0/24 maxlen: 24
31.44.220.0/22 maxlen: 22
45.156.132.0/22 maxlen: 22
194.5.108.0/22 maxlen: 24
194.5.108.0/24 maxlen: 24
194.5.109.0/24 maxlen: 24
194.5.110.0/24 maxlen: 24
194.5.111.0/24 maxlen: 24
194.5.112.0/21 maxlen: 21
194.5.112.0/24 maxlen: 24
194.5.113.0/24 maxlen: 24
194.5.114.0/24 maxlen: 24
194.5.115.0/24 maxlen: 24
194.5.116.0/24 maxlen: 24
194.5.117.0/24 maxlen: 24
194.5.118.0/24 maxlen: 24
194.5.119.0/24 maxlen: 24
194.5.120.0/22 maxlen: 22
194.5.120.0/24 maxlen: 24
194.5.121.0/24 maxlen: 24
194.5.122.0/24 maxlen: 24
194.5.123.0/24 maxlen: 24
194.5.124.0/23 maxlen: 23
194.5.124.0/24 maxlen: 24
194.5.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Jun 2025 13:30:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9d:20:d2:95:e6:e5:0f:b0:e2:db:fd:e4:2c:f9:5f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83bce35561f541bda97e777e6879a1d704e7b42f
Validity
Not Before: Jun 23 14:11:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ed11f1eb1959933c716c2c019154af4eba74c26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:46:06:de:f8:c1:21:02:d1:c0:12:8e:72:65:
2a:da:8f:f5:2b:cf:02:f8:05:4b:a5:6a:85:05:a4:
3a:32:74:bd:9b:86:7b:55:77:8e:34:00:18:0f:7f:
b5:29:1f:d5:15:7f:3c:18:c4:13:04:95:2d:35:74:
c8:df:6c:a3:cb:45:c0:fd:7f:c6:0f:6a:00:08:1a:
b9:b6:f1:89:fa:e5:f3:25:33:74:4c:68:f5:31:ec:
97:54:4d:13:8a:66:c7:03:40:09:75:35:4b:01:ae:
b4:a3:a7:37:0b:a8:5d:c1:94:ed:3b:c3:86:e9:d9:
f0:79:b9:68:37:47:75:e8:2e:4c:05:32:02:fb:4a:
db:bb:96:30:60:c7:c9:1c:2f:c6:43:10:1a:c1:47:
ea:d4:3c:9b:18:27:3c:c2:76:ee:13:5a:29:80:56:
84:a8:ef:85:19:ae:56:8b:b0:c2:46:12:c0:75:c5:
94:ad:dd:88:2f:6b:43:a0:65:f7:04:83:3a:e5:f8:
7d:16:0d:81:2c:3e:8f:2d:83:42:4b:6a:15:07:3a:
c2:a1:ff:db:35:70:b0:d3:9e:bc:0c:1b:59:1d:e7:
8b:f1:94:d9:33:07:6a:df:ad:d4:78:11:f1:9c:6e:
98:eb:98:e4:2f:ce:e2:f8:de:c7:15:22:22:d5:3b:
ee:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:D1:1F:1E:B1:95:99:33:C7:16:C2:C0:19:15:4A:F4:EB:A7:4C:26
X509v3 Authority Key Identifier:
keyid:83:BC:E3:55:61:F5:41:BD:A9:7E:77:7E:68:79:A1:D7:04:E7:B4:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/PtEfHrGVmTPHFsLAGRVK9OunTCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/g7zjVWH1Qb2pfnd-aHmh1wTntC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.208.0/20
45.156.132.0/22
194.5.108.0-194.5.125.255
Signature Algorithm: sha256WithRSAEncryption
95:8d:ad:ad:81:05:71:19:0d:a9:7e:2a:21:29:2a:e8:9d:0b:
31:60:79:0a:60:7c:a4:39:1c:60:6d:05:02:95:a0:05:4b:5c:
27:bc:6c:47:43:53:cd:d3:f7:7e:93:91:0b:21:14:3c:04:bf:
1a:f9:f6:49:9e:7e:36:54:5e:fa:fd:ab:91:41:88:0b:90:82:
c1:2a:27:a5:24:c2:f4:cf:a7:db:dc:2a:db:57:35:52:08:07:
c9:7f:88:27:55:f4:fd:46:dc:8e:ad:69:bc:b9:7e:32:ab:2c:
14:37:60:04:25:60:fe:af:45:5d:f4:f9:25:95:39:bc:53:d0:
49:aa:87:c4:f9:09:26:63:33:64:4e:97:7c:b2:0c:14:f0:55:
32:73:cc:53:97:04:4c:f5:dc:98:cf:0d:22:0a:e6:b5:9d:2b:
b6:fc:5a:4a:51:1e:f9:ba:d1:f5:4f:50:2f:6a:c2:02:5d:e0:
07:1e:be:26:1c:77:73:b9:53:65:58:5c:30:ee:a1:d6:13:ff:
47:74:6b:47:6c:63:fe:f6:3e:d6:cf:ee:6e:ce:03:a1:ce:cc:
e8:1e:f0:91:45:78:6f:b3:ba:96:a0:d4:f1:63:a0:20:08:15:
18:2b:04:2d:b7:70:3e:04:26:98:73:80:37:5d:d8:fb:b4:16:
58:85:55:b6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZedINKV5uUPsOLb/eQs+V+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYmNlMzU1NjFmNTQxYmRhOTdlNzc3ZTY4NzlhMWQ3MDRl
N2I0MmYwHhcNMjUwNjIzMTQxMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWQxMWYxZWIxOTU5OTMzYzcxNmMyYzAxOTE1NGFmNGViYTc0YzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokYG3vjBIQLRwBKOcmUq2o/1K88C
+AVLpWqFBaQ6MnS9m4Z7VXeONAAYD3+1KR/VFX88GMQTBJUtNXTI32yjy0XA/X/G
D2oACBq5tvGJ+uXzJTN0TGj1MeyXVE0TimbHA0AJdTVLAa60o6c3C6hdwZTtO8OG
6dnwebloN0d16C5MBTIC+0rbu5YwYMfJHC/GQxAawUfq1DybGCc8wnbuE1opgFaE
qO+FGa5Wi7DCRhLAdcWUrd2IL2tDoGX3BIM65fh9Fg2BLD6PLYNCS2oVBzrCof/b
NXCw0568DBtZHeeL8ZTZMwdq363UeBHxnG6Y65jkL87i+N7HFSIi1TvuEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD7RHx6xlZkzxxbCwBkVSvTrp0wmMB8GA1UdIwQY
MBaAFIO841Vh9UG9qX53fmh5odcE57QvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzd6alZXSDFRYjJwZm5kLWFIbWgxd1RudEM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNTA2NGItN2E1YS00Yzc0LTg3NDMt
ZmQ4NjYwYzRmZDZlLzEvUHRFZkhyR1ZtVFBIRnNMQUdSVks5T3VuVENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNTA2NGItN2E1YS00Yzc0LTg3NDMtZmQ4NjYwYzRmZDZl
LzEvZzd6alZXSDFRYjJwZm5kLWFIbWgxd1RudEM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEHyzQAwQC
LZyEMAwDBALCBWwDBAHCBXwwDQYJKoZIhvcNAQELBQADggEBAJWNra2BBXEZDal+
KiEpKuidCzFgeQpgfKQ5HGBtBQKVoAVLXCe8bEdDU83T936TkQshFDwEvxr59kme
fjZUXvr9q5FBiAuQgsEqJ6UkwvTPp9vcKttXNVIIB8l/iCdV9P1G3I6taby5fjKr
LBQ3YAQlYP6vRV30+SWVObxT0Emqh8T5CSZjM2ROl3yyDBTwVTJzzFOXBEz13JjP
DSIK5rWdK7b8WkpRHvm60fVPUC9qwgJd4AceviYcd3O5U2VYXDDuodYT/0d0a0ds
Y/72PtbP7m7OA6HOzOge8JFFeG+zupag1PFjoCAIFRgrBC23cD4EJphzgDdd2Pu0
FliFVbY=
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:45:40 2025 by rpki-client