Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/yPgzXDYW5eZyIEYe_uC8JweF4Is.roa
File: yPgzXDYW5eZyIEYe_uC8JweF4Is.roa (raw, json)
Hash identifier: KV9FpAFGVn3ZEU79wNJyjnFjAnc43p5Thb1yViB5RWA=
Subject key identifier: C8:F8:33:5C:36:16:E5:E6:72:20:46:1E:FE:E0:BC:27:07:85:E0:8B
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 0194228DC89B32BC25A3F11BAD693DF39A40
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/yPgzXDYW5eZyIEYe_uC8JweF4Is.roa
Signing time: Wed 01 Jan 2025 15:48:24 +0000
ROA not before: Wed 01 Jan 2025 15:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207375
IP address blocks: 31.14.180.0/23 maxlen: 23
31.14.182.0/24 maxlen: 24
37.156.69.0/24 maxlen: 24
37.156.70.0/24 maxlen: 24
84.247.44.0/23 maxlen: 25
85.204.109.0/24 maxlen: 24
86.105.24.0/24 maxlen: 24
86.105.232.0/24 maxlen: 24
86.107.186.0/23 maxlen: 23
89.32.171.0/24 maxlen: 24
89.32.240.0/21 maxlen: 21
89.33.17.0/24 maxlen: 24
89.33.30.0/24 maxlen: 24
89.33.65.0/24 maxlen: 24
89.35.34.0/24 maxlen: 24
89.35.76.0/24 maxlen: 24
89.35.88.0/24 maxlen: 24
89.35.91.0/24 maxlen: 24
89.35.163.0/24 maxlen: 24
89.35.248.0/24 maxlen: 24
89.37.40.0/24 maxlen: 24
89.46.40.0/23 maxlen: 23
89.47.176.0/23 maxlen: 23
89.47.178.0/24 maxlen: 24
89.47.180.0/23 maxlen: 23
89.47.182.0/24 maxlen: 24
93.113.72.0/21 maxlen: 21
176.223.144.0/20 maxlen: 20
188.211.172.0/22 maxlen: 22
188.212.157.0/24 maxlen: 24
188.213.86.0/23 maxlen: 23
188.240.70.0/24 maxlen: 24
2a00:bba0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Mar 2025 18:55:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:c8:9b:32:bc:25:a3:f1:1b:ad:69:3d:f3:9a:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Jan 1 15:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8f8335c3616e5e67220461efee0bc270785e08b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:25:bd:7a:ff:98:90:db:5c:50:84:b7:36:7a:
87:94:3d:3b:9b:b4:08:75:ce:81:ed:b4:f0:6f:69:
c9:f7:12:04:f2:ba:d2:7e:0f:82:f2:8a:b1:5a:04:
05:80:b6:06:b1:1b:8d:00:be:3d:26:3f:89:56:dc:
e0:ee:24:09:c6:91:33:a8:45:62:61:1c:4d:a9:8d:
1d:c4:30:78:fb:43:37:d9:5c:cb:af:02:90:5c:e0:
8c:d9:ac:fc:17:19:df:6b:49:20:2a:f4:6a:8e:94:
53:1d:e5:cf:52:a6:26:9b:c9:47:c3:01:a3:23:32:
25:bd:1e:3c:4a:bc:fc:05:61:87:1c:7f:42:35:c5:
57:7e:3f:95:54:bc:3d:98:d7:48:b0:20:ae:e4:11:
5e:a8:45:39:dc:c3:41:15:7f:96:41:29:ae:19:f1:
37:3e:7a:50:4c:48:5b:b0:df:83:11:7b:7d:d1:65:
a9:b1:e5:51:5d:ac:f9:f9:f6:e5:7a:1a:27:4f:12:
bd:36:43:b2:f3:9c:60:ec:d7:3e:c6:a1:00:0e:c3:
31:5d:bd:bf:03:46:f6:cf:51:5c:df:1b:7f:f7:7a:
d5:6b:d1:e3:18:96:56:88:0a:f4:d3:e0:04:29:7a:
78:97:19:64:1a:48:a6:21:b6:c1:ba:dc:7a:15:73:
32:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F8:33:5C:36:16:E5:E6:72:20:46:1E:FE:E0:BC:27:07:85:E0:8B
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/yPgzXDYW5eZyIEYe_uC8JweF4Is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0-31.14.182.255
37.156.69.0-37.156.70.255
84.247.44.0/23
85.204.109.0/24
86.105.24.0/24
86.105.232.0/24
86.107.186.0/23
89.32.171.0/24
89.32.240.0/21
89.33.17.0/24
89.33.30.0/24
89.33.65.0/24
89.35.34.0/24
89.35.76.0/24
89.35.88.0/24
89.35.91.0/24
89.35.163.0/24
89.35.248.0/24
89.37.40.0/24
89.46.40.0/23
89.47.176.0-89.47.178.255
89.47.180.0-89.47.182.255
93.113.72.0/21
176.223.144.0/20
188.211.172.0/22
188.212.157.0/24
188.213.86.0/23
188.240.70.0/24
IPv6:
2a00:bba0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:81:b3:d4:20:75:bd:4d:17:21:56:a5:38:54:0a:0e:d5:66:
77:e3:62:77:69:80:cd:7d:a3:ed:9e:96:f1:36:b6:c4:3c:ef:
2d:e9:12:8d:0b:db:b2:aa:c3:54:1d:2e:00:bf:57:63:5f:2e:
01:49:b8:f0:b0:21:3b:36:fd:d4:64:c6:9b:c8:33:79:40:7a:
30:59:b6:a9:13:ca:38:0f:a7:52:f6:f5:09:e5:92:0d:b5:5a:
e9:ea:86:25:03:91:fd:93:5b:62:d6:b4:e9:eb:06:e6:c2:7d:
56:ba:6c:fb:8c:d8:bb:aa:2e:78:04:60:3a:04:ff:6d:3e:da:
d3:02:aa:5f:ea:67:c4:b8:21:43:37:fd:9a:09:0e:de:8d:30:
02:d8:9a:9d:6b:d4:5c:59:d2:d7:9b:4c:ed:3a:ae:9b:e5:9c:
35:a3:53:92:73:0a:93:a9:51:80:06:d5:2c:95:4d:06:37:cc:
a2:c2:fb:11:12:d5:83:4b:9c:b7:ec:82:11:b4:45:a2:da:b3:
c7:23:d1:b0:06:7c:da:58:51:1d:ca:48:12:b6:1c:da:6f:31:
f7:dc:7b:39:9f:35:5c:35:79:b7:51:6a:74:67:d2:6e:ba:43:
74:a6:06:38:c8:24:43:e4:aa:a4:50:b2:0b:d6:cd:15:f4:8f:
e1:ae:6b:7b
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAZQijcibMrwlo/EbrWk985pAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjUwMTAxMTU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGY4MzM1YzM2MTZlNWU2NzIyMDQ2MWVmZWUwYmMyNzA3ODVlMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iW9ev+YkNtcUIS3NnqHlD07m7QI
dc6B7bTwb2nJ9xIE8rrSfg+C8oqxWgQFgLYGsRuNAL49Jj+JVtzg7iQJxpEzqEVi
YRxNqY0dxDB4+0M32VzLrwKQXOCM2az8Fxnfa0kgKvRqjpRTHeXPUqYmm8lHwwGj
IzIlvR48Srz8BWGHHH9CNcVXfj+VVLw9mNdIsCCu5BFeqEU53MNBFX+WQSmuGfE3
PnpQTEhbsN+DEXt90WWpseVRXaz5+fblehonTxK9NkOy85xg7Nc+xqEADsMxXb2/
A0b2z1Fc3xt/93rVa9HjGJZWiAr00+AEKXp4lxlkGkimIbbButx6FXMyFQIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFMj4M1w2FuXmciBGHv7gvCcHheCLMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEveVBnelhEWVc1ZVp5SUVZZV91QzhKd2VGNElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH0BggrBgEFBQcBBwEB/wSB5DCB4TCBzwQCAAEwgcgwDAME
Ah8OtAMEAB8OtjAMAwQAJZxFAwQAJZxGAwQBVPcsAwQAVcxtAwQAVmkYAwQAVmno
AwQBVmu6AwQAWSCrAwQDWSDwAwQAWSERAwQAWSEeAwQAWSFBAwQAWSMiAwQAWSNM
AwQAWSNYAwQAWSNbAwQAWSOjAwQAWSP4AwQAWSUoAwQBWS4oMAwDBARZL7ADBABZ
L7IwDAMEAlkvtAMEAFkvtgMEA11xSAMEBLDfkAMEArzTrAMEALzUnQMEAbzVVgME
ALzwRjANBAIAAjAHAwUAKgC7oDANBgkqhkiG9w0BAQsFAAOCAQEALIGz1CB1vU0X
IValOFQKDtVmd+Nid2mAzX2j7Z6W8Ta2xDzvLekSjQvbsqrDVB0uAL9XY18uAUm4
8LAhOzb91GTGm8gzeUB6MFm2qRPKOA+nUvb1CeWSDbVa6eqGJQOR/ZNbYta06esG
5sJ9Vrps+4zYu6oueARgOgT/bT7a0wKqX+pnxLghQzf9mgkO3o0wAtianWvUXFnS
15tM7Tqum+WcNaNTknMKk6lRgAbVLJVNBjfMosL7ERLVg0uct+yCEbRFotqzxyPR
sAZ82lhRHcpIErYc2m8x99x7OZ81XDV5t1FqdGfSbrpDdKYGOMgkQ+SqpFCyC9bN
FfSP4a5rew==
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:03:53 2025 by rpki-client