
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/3dOa92bgHPnIAIzXjvAmarmL-4U.roa
File: 3dOa92bgHPnIAIzXjvAmarmL-4U.roa (raw, json)
Hash identifier: vnTp7HMqtRp87Zwwh92npvKMDHZWY68rGcS6kR5fI+g=
Subject key identifier: DD:D3:9A:F7:66:E0:1C:F9:C8:00:8C:D7:8E:F0:26:6A:B9:8B:FB:85
Certificate issuer: /CN=cc777a08a4564548b518ec3864b341e1fa5225ea
Certificate serial: 0195666BDCEFCE256115479139A6ABD342C3
Authority key identifier: CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/3dOa92bgHPnIAIzXjvAmarmL-4U.roa
Signing time: Wed 05 Mar 2025 13:08:19 +0000
ROA not before: Wed 05 Mar 2025 13:08:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202779
IP address blocks: 91.201.220.0/22 maxlen: 24
91.201.220.0/24 maxlen: 24
91.201.221.0/24 maxlen: 24
91.201.222.0/24 maxlen: 24
185.154.156.0/22 maxlen: 24
185.154.156.0/24 maxlen: 24
185.154.157.0/24 maxlen: 24
185.154.158.0/24 maxlen: 24
185.154.159.0/24 maxlen: 24
213.173.96.0/19 maxlen: 24
213.173.96.0/23 maxlen: 23
213.173.99.0/24 maxlen: 24
213.244.248.0/21 maxlen: 24
213.244.248.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 13:15:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:6b:dc:ef:ce:25:61:15:47:91:39:a6:ab:d3:42:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc777a08a4564548b518ec3864b341e1fa5225ea
Validity
Not Before: Mar 5 13:08:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddd39af766e01cf9c8008cd78ef0266ab98bfb85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:75:af:46:75:a2:72:d4:0d:66:ce:97:a2:2f:
15:4b:ba:da:ff:f5:4f:c3:ba:2b:89:ec:b2:ff:61:
1c:21:9b:55:fd:0f:d9:c0:6f:91:eb:c2:b3:ac:4e:
05:b7:13:ab:f9:f1:62:79:60:e2:f7:2d:91:01:24:
ec:57:d8:b8:7a:53:9d:fb:a4:94:1d:97:fe:d6:0b:
3d:fa:5f:9d:6a:9e:02:3f:ce:90:5d:ae:fa:33:f3:
b6:fb:ef:b7:76:7c:33:80:1b:8b:32:af:94:60:92:
23:e8:a8:34:c3:db:93:f1:04:ac:79:1f:5a:40:c8:
b2:d9:34:7e:d3:a3:b2:0d:da:d9:4c:f1:a1:62:06:
80:1f:a1:a4:44:cd:ba:f5:e8:dd:80:10:da:11:d4:
ef:c3:04:cb:3f:03:a9:78:fa:e0:9d:60:8d:41:2c:
45:f1:4c:1a:e6:c6:cd:32:12:56:58:5e:c4:5a:c9:
c3:8b:6b:12:1d:f8:fe:27:50:11:75:f6:4e:ae:c7:
e8:7b:5d:3f:aa:3a:4f:d2:92:02:43:f9:b4:12:cc:
76:35:96:96:ae:bf:26:7c:5e:02:02:9f:5b:3e:56:
d2:12:e0:f4:7b:cf:92:1b:f4:f2:ce:4f:5d:6d:78:
05:4a:fe:b5:f0:af:4b:6f:97:eb:17:33:26:1d:fe:
7f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D3:9A:F7:66:E0:1C:F9:C8:00:8C:D7:8E:F0:26:6A:B9:8B:FB:85
X509v3 Authority Key Identifier:
keyid:CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/3dOa92bgHPnIAIzXjvAmarmL-4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.220.0/22
185.154.156.0/22
213.173.96.0/19
213.244.248.0/21
Signature Algorithm: sha256WithRSAEncryption
0f:a5:ea:18:30:73:32:72:f8:fd:33:0d:a2:91:2c:28:fd:b0:
4e:f4:19:54:a7:5c:43:44:46:e8:3d:29:34:2e:5a:b2:da:3e:
32:3e:d2:26:66:df:2a:2d:35:28:4f:d1:80:b7:29:04:07:7d:
51:61:b2:e8:f5:ce:b8:4c:37:e9:cb:bc:bd:02:9f:d2:8d:28:
db:eb:c6:e8:a2:08:fa:b1:1d:d6:7e:35:fe:4b:a1:43:b0:06:
24:66:e8:4a:f7:75:5b:a4:75:39:d1:3e:f6:29:d7:0c:9a:49:
60:9c:6b:86:96:c0:04:65:d4:2f:66:93:9e:3c:8b:31:ad:67:
77:9f:22:a9:e5:4e:6e:9b:f8:e8:0f:ef:d9:1c:e7:35:8f:69:
bb:b0:b2:20:e4:e6:cc:14:1b:2a:7d:31:07:90:37:2a:83:14:
5e:3a:4a:ac:2c:39:68:7e:15:1c:32:33:b6:66:96:18:ca:c8:
ee:e8:23:57:7d:07:d6:f8:df:5c:57:78:b3:9f:a3:e7:d5:71:
e7:07:32:99:0d:35:7c:09:40:f1:29:3d:b8:e8:97:c7:d3:e9:
90:8d:08:2a:3d:3d:a6:e4:54:7e:ac:6f:76:85:b2:b3:28:25:
83:1e:d8:55:7e:32:f2:31:ea:d2:5b:60:fd:42:b9:19:4c:26:
2c:2d:0a:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVma9zvziVhFUeROaar00LDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzc3YTA4YTQ1NjQ1NDhiNTE4ZWMzODY0YjM0MWUxZmE1
MjI1ZWEwHhcNMjUwMzA1MTMwODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQzOWFmNzY2ZTAxY2Y5YzgwMDhjZDc4ZWYwMjY2YWI5OGJmYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHWvRnWictQNZs6Xoi8VS7ra//VP
w7orieyy/2EcIZtV/Q/ZwG+R68KzrE4FtxOr+fFieWDi9y2RASTsV9i4elOd+6SU
HZf+1gs9+l+dap4CP86QXa76M/O2+++3dnwzgBuLMq+UYJIj6Kg0w9uT8QSseR9a
QMiy2TR+06OyDdrZTPGhYgaAH6GkRM269ejdgBDaEdTvwwTLPwOpePrgnWCNQSxF
8Uwa5sbNMhJWWF7EWsnDi2sSHfj+J1ARdfZOrsfoe10/qjpP0pICQ/m0Esx2NZaW
rr8mfF4CAp9bPlbSEuD0e8+SG/Tyzk9dbXgFSv618K9Lb5frFzMmHf5/IwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN3Tmvdm4Bz5yACM147wJmq5i/uFMB8GA1UdIwQY
MBaAFMx3egikVkVItRjsOGSzQeH6UiXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhkNkNLUldSVWkxR093NFpMTkI0ZnBTSmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hNzJhNGItMDY5My00ZDFiLTliZmMt
NzY3YjBjYzgwYzA4LzEvM2RPYTkyYmdIUG5JQUl6WGp2QW1hcm1MLTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hNzJhNGItMDY5My00ZDFiLTliZmMtNzY3YjBjYzgwYzA4
LzEvekhkNkNLUldSVWkxR093NFpMTkI0ZnBTSmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8ncAwQC
uZqcAwQF1a1gAwQD1fT4MA0GCSqGSIb3DQEBCwUAA4IBAQAPpeoYMHMycvj9Mw2i
kSwo/bBO9BlUp1xDREboPSk0Llqy2j4yPtImZt8qLTUoT9GAtykEB31RYbLo9c64
TDfpy7y9Ap/SjSjb68boogj6sR3WfjX+S6FDsAYkZuhK93VbpHU50T72KdcMmklg
nGuGlsAEZdQvZpOePIsxrWd3nyKp5U5um/joD+/ZHOc1j2m7sLIg5ObMFBsqfTEH
kDcqgxReOkqsLDlofhUcMjO2ZpYYysju6CNXfQfW+N9cV3izn6Pn1XHnBzKZDTV8
CUDxKT246JfH0+mQjQgqPT2m5FR+rG92hbKzKCWDHthVfjLyMerSW2D9QrkZTCYs
LQqm
-----END CERTIFICATE-----
Generated at Thu Jun 12 23:13:16 2025 by rpki-client