Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/_y8r9Ec84ADjc_M6bnnAm5EQlIk.roa
File: _y8r9Ec84ADjc_M6bnnAm5EQlIk.roa (raw, json)
Hash identifier: Qe8T8EVGRTw/xGUOj+/Fuvj/vgvQi1v4bkFUMjTcOwc=
Subject key identifier: FF:2F:2B:F4:47:3C:E0:00:E3:73:F3:3A:6E:79:C0:9B:91:10:94:89
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 0196F188192CE11051DA02A246E787277B9B
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/_y8r9Ec84ADjc_M6bnnAm5EQlIk.roa
Signing time: Wed 21 May 2025 06:29:10 +0000
ROA not before: Wed 21 May 2025 06:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21107
IP address blocks: 62.101.144.0/21 maxlen: 21
81.93.92.0/24 maxlen: 24
89.111.225.0/24 maxlen: 24
94.250.37.0/24 maxlen: 24
94.250.38.0/23 maxlen: 23
94.250.38.0/24 maxlen: 24
94.250.40.0/22 maxlen: 22
94.250.44.0/22 maxlen: 22
94.250.48.0/21 maxlen: 24
94.250.56.0/22 maxlen: 24
94.250.88.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 May 2025 08:23:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:88:19:2c:e1:10:51:da:02:a2:46:e7:87:27:7b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: May 21 06:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff2f2bf4473ce000e373f33a6e79c09b91109489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:75:02:01:42:87:38:d3:5e:9e:7b:ab:4c:14:
16:99:9c:df:d2:ba:72:40:f6:38:b7:64:f3:0f:64:
18:4d:cd:4f:4a:c7:b5:cb:76:c9:a6:e0:0e:d1:6b:
9f:8a:5f:36:54:ec:72:3c:8c:52:f9:18:4b:ea:14:
0f:df:55:00:ad:eb:4e:3f:98:55:f5:d0:55:c1:98:
90:23:2c:65:e4:50:88:76:30:a0:ac:74:b9:d0:92:
55:2f:45:73:3c:5d:a6:59:c8:cd:88:70:d0:52:4b:
fa:37:16:0f:06:2c:7f:a5:13:2d:61:ee:27:1c:5c:
f3:f7:63:fe:28:c5:e0:26:c1:a4:fb:cd:af:02:78:
65:02:a7:96:2b:8c:2f:b7:bf:88:a4:00:6f:12:b6:
d8:47:e4:a1:6d:6d:93:57:73:8f:c6:90:3b:17:f8:
94:ac:3e:c1:f5:5f:47:06:2b:a6:25:48:34:15:de:
f5:6d:4d:2f:21:57:f1:3a:4b:57:5f:07:ba:e7:0a:
c1:b0:3a:d1:18:8a:11:6f:94:60:23:91:5e:6a:02:
b1:6b:8d:b0:88:d0:de:19:72:b3:99:d0:31:0c:e6:
b7:60:ea:32:e7:6d:b1:91:2c:44:f7:45:98:24:d0:
31:24:06:fa:1f:98:e3:ed:a8:20:40:6a:37:4a:2d:
53:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2F:2B:F4:47:3C:E0:00:E3:73:F3:3A:6E:79:C0:9B:91:10:94:89
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/_y8r9Ec84ADjc_M6bnnAm5EQlIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.101.144.0/21
81.93.92.0/24
89.111.225.0/24
94.250.37.0-94.250.59.255
94.250.88.0/21
Signature Algorithm: sha256WithRSAEncryption
58:58:3f:38:80:f4:9c:07:a4:29:6e:bd:28:ba:3e:1a:c1:40:
0a:a2:35:64:61:16:a6:e5:4d:37:c3:c1:e6:00:fc:ce:d1:c8:
dd:c0:63:3b:79:82:79:e0:32:9b:9a:68:64:26:65:4f:6e:b7:
6a:60:68:ce:e6:2d:04:c3:0a:9a:f9:f7:84:ea:39:94:85:bf:
dd:0f:f1:8f:93:1f:a0:45:af:4b:a5:5d:6d:5a:d2:98:dc:09:
37:ef:18:97:81:94:cd:42:72:3d:56:1a:dc:4c:97:fd:70:23:
c6:85:ce:70:10:a3:73:8f:0f:e0:57:78:b2:85:30:8d:a5:fd:
3b:27:5c:5b:80:41:2a:26:cd:f6:13:d6:c4:a7:bd:61:4e:e0:
6c:e8:6e:45:be:7e:fb:10:a3:fc:5c:62:4a:d5:94:fc:7b:69:
2b:7e:29:6f:30:a9:74:94:4b:80:a5:a2:b6:9a:67:94:1a:39:
d1:ce:83:1c:da:99:37:c2:bb:00:87:86:3b:20:ae:fc:c6:8f:
83:db:98:ad:53:d9:ca:37:84:1b:a6:69:bf:93:a9:e3:42:41:
d1:aa:09:fb:f1:ea:23:ac:c6:0f:43:9c:97:6a:03:b4:07:38:
7d:11:7c:b6:7d:89:0d:3a:ba:a5:e9:b2:7f:0b:46:82:77:f1:
a4:d8:36:a7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZbxiBks4RBR2gKiRueHJ3ubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjUwNTIxMDYyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjJmMmJmNDQ3M2NlMDAwZTM3M2YzM2E2ZTc5YzA5YjkxMTA5NDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XUCAUKHONNennurTBQWmZzf0rpy
QPY4t2TzD2QYTc1PSse1y3bJpuAO0Wufil82VOxyPIxS+RhL6hQP31UAretOP5hV
9dBVwZiQIyxl5FCIdjCgrHS50JJVL0VzPF2mWcjNiHDQUkv6NxYPBix/pRMtYe4n
HFzz92P+KMXgJsGk+82vAnhlAqeWK4wvt7+IpABvErbYR+ShbW2TV3OPxpA7F/iU
rD7B9V9HBiumJUg0Fd71bU0vIVfxOktXXwe65wrBsDrRGIoRb5RgI5FeagKxa42w
iNDeGXKzmdAxDOa3YOoy522xkSxE90WYJNAxJAb6H5jj7aggQGo3Si1TKQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP8vK/RHPOAA43PzOm55wJuREJSJMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvX3k4cjlFYzg0QURqY19NNmJubkFtNUVRbElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDPmWQAwQA
UV1cAwQAWW/hMAwDBABe+iUDBAJe+jgDBANe+lgwDQYJKoZIhvcNAQELBQADggEB
AFhYPziA9JwHpCluvSi6PhrBQAqiNWRhFqblTTfDweYA/M7RyN3AYzt5gnngMpua
aGQmZU9ut2pgaM7mLQTDCpr594TqOZSFv90P8Y+TH6BFr0ulXW1a0pjcCTfvGJeB
lM1Ccj1WGtxMl/1wI8aFznAQo3OPD+BXeLKFMI2l/TsnXFuAQSomzfYT1sSnvWFO
4GzobkW+fvsQo/xcYkrVlPx7aSt+KW8wqXSUS4CloraaZ5QaOdHOgxzamTfCuwCH
hjsgrvzGj4PbmK1T2co3hBumab+TqeNCQdGqCfvx6iOsxg9DnJdqA7QHOH0RfLZ9
iQ06uqXpsn8LRoJ38aTYNqc=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:01:45 2025 by rpki-client