Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/M0DdZbztfQhuDxXaCD5RdhAutR0.roa
File: M0DdZbztfQhuDxXaCD5RdhAutR0.roa (raw, json)
Hash identifier: snKHIFvUhg+1cr8EEcN5Q4V9wBdZDUcInzBWtj0JROc=
Subject key identifier: 33:40:DD:65:BC:ED:7D:08:6E:0F:15:DA:08:3E:51:76:10:2E:B5:1D
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 01956718E5EE69D4267E1E4C48EE6DFF56F9
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/M0DdZbztfQhuDxXaCD5RdhAutR0.roa
Signing time: Wed 05 Mar 2025 16:17:19 +0000
ROA not before: Wed 05 Mar 2025 16:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 31.178.0.0/15 maxlen: 15
31.178.0.0/16 maxlen: 16
31.179.0.0/16 maxlen: 16
31.186.192.0/19 maxlen: 19
31.187.0.0/18 maxlen: 18
31.187.0.0/19 maxlen: 19
31.187.32.0/19 maxlen: 19
77.236.0.0/19 maxlen: 19
77.236.0.0/20 maxlen: 20
77.236.16.0/20 maxlen: 20
81.18.192.0/20 maxlen: 20
81.18.192.0/21 maxlen: 21
81.18.200.0/21 maxlen: 21
81.18.208.0/20 maxlen: 20
81.18.208.0/21 maxlen: 21
81.18.216.0/21 maxlen: 21
83.144.64.0/18 maxlen: 18
83.144.64.0/19 maxlen: 19
83.144.96.0/19 maxlen: 19
83.175.176.0/21 maxlen: 21
83.175.184.0/21 maxlen: 21
84.10.0.0/16 maxlen: 16
84.10.0.0/17 maxlen: 17
84.10.128.0/17 maxlen: 17
85.222.0.0/17 maxlen: 17
85.222.0.0/18 maxlen: 18
85.222.64.0/18 maxlen: 18
87.206.0.0/15 maxlen: 15
87.206.0.0/16 maxlen: 16
87.207.0.0/16 maxlen: 16
89.64.0.0/12 maxlen: 12
89.64.0.0/13 maxlen: 13
89.72.0.0/13 maxlen: 13
91.150.192.0/19 maxlen: 19
91.150.192.0/20 maxlen: 20
91.150.208.0/20 maxlen: 20
92.244.32.0/19 maxlen: 19
92.244.32.0/20 maxlen: 20
92.244.48.0/20 maxlen: 20
94.75.64.0/18 maxlen: 18
94.75.64.0/19 maxlen: 19
94.75.96.0/19 maxlen: 19
94.172.0.0/16 maxlen: 16
94.172.0.0/17 maxlen: 17
94.172.128.0/17 maxlen: 17
95.158.64.0/18 maxlen: 18
178.73.0.0/18 maxlen: 18
178.73.0.0/19 maxlen: 19
178.73.32.0/19 maxlen: 19
188.93.160.0/21 maxlen: 21
188.93.160.0/22 maxlen: 22
188.93.164.0/22 maxlen: 22
193.47.158.0/23 maxlen: 23
193.47.160.0/24 maxlen: 24
194.187.40.0/22 maxlen: 22
195.34.208.0/22 maxlen: 22
212.76.32.0/19 maxlen: 19
212.76.32.0/20 maxlen: 20
212.76.48.0/20 maxlen: 20
213.134.160.0/19 maxlen: 19
213.134.160.0/20 maxlen: 20
213.134.176.0/20 maxlen: 20
2001:4050::/32 maxlen: 32
2001:4050::/33 maxlen: 33
2001:4050:8000::/33 maxlen: 33
2a02:a300::/27 maxlen: 27
2a02:a300::/28 maxlen: 28
2a02:a310::/28 maxlen: 28
Validation: Failed, certificate revoked on Tue 11 Mar 2025 12:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:18:e5:ee:69:d4:26:7e:1e:4c:48:ee:6d:ff:56:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Mar 5 16:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3340dd65bced7d086e0f15da083e5176102eb51d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:92:3e:d9:f7:37:36:20:85:89:ec:ef:1c:96:
ec:84:b7:4b:f7:9c:83:78:0c:4c:e1:20:a9:ab:25:
3d:11:cf:e7:38:5e:c4:98:09:5c:de:28:2b:34:5e:
1b:43:ca:2e:29:04:04:15:57:9c:ed:01:6e:40:82:
02:85:b3:54:06:67:a9:b8:f1:1e:97:27:37:16:f9:
20:30:49:11:40:88:5e:b4:95:e6:e7:09:46:fc:a4:
90:5b:e0:e5:66:81:a2:85:0f:d1:b8:50:db:61:16:
f1:f2:49:7c:7b:75:c9:4b:9f:40:98:01:d8:99:f5:
4e:4c:59:fe:20:9d:d3:f1:fd:d5:f9:cf:00:ef:82:
2a:a1:7a:b1:b8:cc:95:06:0a:0d:45:a9:be:51:f2:
97:cd:de:12:40:a4:56:0d:b3:25:cc:13:58:94:88:
66:e8:13:f1:90:03:e9:49:f4:f2:7b:ca:3e:bb:37:
4c:68:e2:97:f3:53:88:ce:dc:03:48:f4:8f:61:40:
1b:98:d2:cd:71:ff:67:a2:04:0b:63:30:b6:45:f8:
b0:66:c4:78:b9:5a:50:d8:05:6b:0a:93:83:b0:dd:
fe:34:2a:9f:e5:25:27:cb:14:ef:81:e7:0d:01:35:
5e:54:cc:f3:b7:57:68:2a:bd:6f:f4:f5:68:99:e8:
6e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:40:DD:65:BC:ED:7D:08:6E:0F:15:DA:08:3E:51:76:10:2E:B5:1D
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/M0DdZbztfQhuDxXaCD5RdhAutR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
31.187.0.0/18
77.236.0.0/19
81.18.192.0/19
83.144.64.0/18
83.175.176.0/20
84.10.0.0/16
85.222.0.0/17
87.206.0.0/15
89.64.0.0/12
91.150.192.0/19
92.244.32.0/19
94.75.64.0/18
94.172.0.0/16
95.158.64.0/18
178.73.0.0/18
188.93.160.0/21
193.47.158.0-193.47.160.255
194.187.40.0/22
195.34.208.0/22
212.76.32.0/19
213.134.160.0/19
IPv6:
2001:4050::/32
2a02:a300::/27
Signature Algorithm: sha256WithRSAEncryption
46:96:ec:7d:b8:18:08:93:c2:e5:60:2a:92:d0:3b:d1:50:20:
61:7b:fa:e0:94:15:45:e6:6f:00:19:e4:85:e8:59:5e:2a:49:
b2:a0:31:ea:be:5b:7c:3e:56:4d:21:18:a1:bf:02:a7:de:1b:
d3:36:29:12:29:87:0c:5a:80:b2:8d:51:59:8c:0d:c3:db:c3:
ed:7d:6e:2b:71:b5:40:f3:99:9d:ef:8c:58:ea:e7:73:8e:f4:
8e:f4:4b:5e:c5:8f:7a:b8:c8:31:c1:29:ef:ac:3d:72:da:d7:
10:48:c0:91:fe:26:e0:82:a0:ed:4c:3e:63:b7:19:43:a1:37:
43:c9:8d:c7:61:87:2b:5e:45:74:b0:eb:06:65:42:8c:16:a5:
a7:20:54:99:08:17:de:d2:48:ad:dc:72:6d:75:33:c9:34:79:
e9:ca:2b:9d:db:3a:59:63:2a:15:63:a0:31:7a:e1:59:7b:bc:
f1:07:5f:ed:24:68:2c:0d:8b:08:a6:bc:6b:e3:7c:2b:50:4d:
31:a2:8e:be:68:15:cd:57:ea:77:25:40:14:a9:86:d9:e0:11:
f2:4d:f6:88:ec:ec:54:c9:c3:38:6b:7d:e0:0e:5a:8b:13:6f:
27:0d:60:33:e5:34:a5:96:ef:16:fe:5b:42:c0:9c:8e:eb:b9:
4a:37:94:6f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZVnGOXuadQmfh5MSO5t/1b5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMzA1MTYxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQwZGQ2NWJjZWQ3ZDA4NmUwZjE1ZGEwODNlNTE3NjEwMmViNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8pI+2fc3NiCFiezvHJbshLdL95yD
eAxM4SCpqyU9Ec/nOF7EmAlc3igrNF4bQ8ouKQQEFVec7QFuQIIChbNUBmepuPEe
lyc3FvkgMEkRQIhetJXm5wlG/KSQW+DlZoGihQ/RuFDbYRbx8kl8e3XJS59AmAHY
mfVOTFn+IJ3T8f3V+c8A74IqoXqxuMyVBgoNRam+UfKXzd4SQKRWDbMlzBNYlIhm
6BPxkAPpSfTye8o+uzdMaOKX81OIztwDSPSPYUAbmNLNcf9nogQLYzC2RfiwZsR4
uVpQ2AVrCpODsN3+NCqf5SUnyxTvgecNATVeVMzzt1doKr1v9PVomehuYwIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFDNA3WW87X0Ibg8V2gg+UXYQLrUdMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvTTBEZFpienRmUWh1RHhYYUNENVJkaEF1dFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBlAQCAAEwgY0DAwEf
sgMEBR+6wAMEBh+7AAMEBU3sAAMEBVESwAMEBlOQQAMEBFOvsAMDAFQKAwQHVd4A
AwMBV84DAwRZQAMEBVuWwAMEBVz0IAMEBl5LQAMDAF6sAwQGX55AAwQGskkAAwQD
vF2gMAwDBAHBL54DBADBL6ADBALCuygDBALDItADBAXUTCADBAXVhqAwFAQCAAIw
DgMFACABQFADBQUqAqMAMA0GCSqGSIb3DQEBCwUAA4IBAQBGlux9uBgIk8LlYCqS
0DvRUCBhe/rglBVF5m8AGeSF6FleKkmyoDHqvlt8PlZNIRihvwKn3hvTNikSKYcM
WoCyjVFZjA3D28PtfW4rcbVA85md74xY6udzjvSO9EtexY96uMgxwSnvrD1y2tcQ
SMCR/ibggqDtTD5jtxlDoTdDyY3HYYcrXkV0sOsGZUKMFqWnIFSZCBfe0kit3HJt
dTPJNHnpyiud2zpZYyoVY6AxeuFZe7zxB1/tJGgsDYsIprxr43wrUE0xoo6+aBXN
V+p3JUAUqYbZ4BHyTfaI7OxUycM4a33gDlqLE28nDWAz5TSllu8W/ltCwJyO67lK
N5Rv
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:02:50 2025 by rpki-client